best-offer-no1.com/tesler2
185.142.239.209301 Moved Permanently 162 B URL HTTP/1.1 best-offer-no1.com/tesler2
IP 185.142.239.209:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET /tesler2 HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 08 Sep 2022 06:15:11 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://best-offer-no1.com/tesler2
Strict-Transport-Security: max-age=63072000
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 08 Sep 2022 05:38:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: acjaQbskjZdvnu2Vhl0YLOGAOjXttQ5TytOrHJcjBxwIApd8qlmrgA==
Age: 2229
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6013
Expires: Thu, 08 Sep 2022 07:55:24 GMT
Date: Thu, 08 Sep 2022 06:15:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gO4aELhHK4dd7rAUojs8O6KGPbeMiShN-us0fql0kosgI5zbrmkhWw==
age: 8917
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 06:15:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7b4b5b7266763dda26d04ef8901efc8
cb6ca0bc81c4aac821fada38f74be309eea94fe7
9f71bd0f5f530cfe0bdaecabf4bb6650db5ad7c9a3a92e688dbb8c6e6d7bed86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9F71BD0F5F530CFE0BDAECABF4BB6650DB5AD7C9A3A92E688DBB8C6E6D7BED86"
Last-Modified: Thu, 08 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 08 Sep 2022 12:15:12 GMT
Date: Thu, 08 Sep 2022 06:15:12 GMT
Connection: keep-alive
best-offer-no1.com/tesler2
185.142.239.209301 Moved Permanently 162 B URL HTTP/1.1 best-offer-no1.com/tesler2
IP 185.142.239.209:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET /tesler2 HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 08 Sep 2022 06:15:12 GMT
Content-Type: text/html
Content-Length: 162
Location: https://best-offer-no1.com/tesler2/
Connection: keep-alive
X-Server: igor
PX-X-Request-Id: 194d4eb4620f1d5e4a1d8d86e3438ec0
PX-IPTimestamp: 1662046186 1662617515 1662615713
best-offer-no1.com/tesler2/
185.142.239.209302 Found 0 B URL HTTP/1.1 best-offer-no1.com/tesler2/
IP 185.142.239.209:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /tesler2/ HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 08 Sep 2022 06:15:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: en/index.php
X-Upstream: evlampi-***ko
X-Server: igor
PX-X-Request-Id: d8b2b1dd6e2ea504f821a9194d9c0865
PX-IPTimestamp: 1662046186 1662617515 1662615713
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 08 Sep 2022 05:38:18 GMT
Cache-Control: max-age=3600
Expires: Thu, 08 Sep 2022 06:13:35 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DSghNOql9STJppCZ1KGNG7fK6vS1g3Q6BlET5xYgl07l5VV_56U9TQ==
Age: 2214
best-offer-no1.com/tesler2/en/index.php
185.142.239.209200 OK 7.6 kB URL HTTP/1.1 best-offer-no1.com/tesler2/en/index.php
IP 185.142.239.209:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (312)
Hash 012683163f7c7bf98b7de7d639446492
e13bdf2bb35f81e05cb36d7fa550c9dcee717e59
a136eac4b7c2e8c2d6c4064c8e4b1ad88fd79fe8e2ee6420c6a707192dd2a9c4
Analyzer Verdict Alert fortinet Phishing
GET /tesler2/en/index.php HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: intgrtn_language=en; expires=Sat, 08-Oct-2022 06:15:12 GMT; Max-Age=2592000; path=/tesler2/
X-Upstream: evlampi-***ko
Content-Encoding: gzip
X-Server: igor
PX-X-Request-Id: 0b37b0e2474e62c9e61861ec2d013809
PX-IPTimestamp: 1662046186 1662617515 1662615713
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a81b0f5b5d11bf95fc176833b2f6e808
5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5
8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6537
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 06:15:12 GMT
Last-Modified: Thu, 08 Sep 2022 04:26:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
best-offer-no1.com/tesler2/css/styles.css
185.142.239.209200 OK 10 kB URL HTTP/1.1 best-offer-no1.com/tesler2/css/styles.css
IP 185.142.239.209:0
File type ASCII text, with very long lines (2589)
Hash 09fec3f13be987f295a8675dfeeb1702
c2ed4472543a6871c95a6cf7ef26cf2827035707
6a14a4d8f007adde44c6b766c1fc7a84ad5cac481fe499d643c34a521483c9c8
GET /tesler2/css/styles.css HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:12 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-ce50"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: e4e8979cecad2b5fa472b972aa687c7e
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 06:15:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
best-offer-no1.com/tesler2/css/all.min.css
185.142.239.209200 OK 12 kB URL HTTP/1.1 best-offer-no1.com/tesler2/css/all.min.css
IP 185.142.239.209:0
Hash f6a3fddfabab9f1a3cf3a2af19db9396
5b1b8a776597b4d3120c90bec6039368c7b525d4
c7321fd841ab871fe59b5d9bf53c86bc5020502cb3d412344478f22d3a2f8206
GET /tesler2/css/all.min.css HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:12 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-1180a"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: dfed5d3cdcd0fbb844fb026608ac9fc8
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/js/videojs/video-js.css
185.142.239.209200 OK 10 kB URL HTTP/1.1 best-offer-no1.com/tesler2/js/videojs/video-js.css
IP 185.142.239.209:0
File type ASCII text, with very long lines (5636)
Hash 2e9194db7b65da701663fd1550133a11
7bf10315530baed441c2ee0b991b31cb6bf80dd9
56c5f03204b6696a155965ca54b64f190413e020a36841c11bdc8ebf5f17ffde
GET /tesler2/js/videojs/video-js.css HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:12 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-9ed4"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: b52db2fca6a9b514fc1dcc3e3c113a03
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 06:15:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
best-offer-no1.com/tesler2/js/bluebird.min.js
185.142.239.209200 OK 22 kB URL HTTP/1.1 best-offer-no1.com/tesler2/js/bluebird.min.js
IP 185.142.239.209:0
File type ASCII text, with very long lines (32044), with escape sequences
Hash 6eb2e564843b2a4c087aa4a4ddb0b5d6
0cff5e922b5f2a999f5c885330b19774528ae421
f75e4f90003fc4e877ee7c7ecd2f2716ddf634df7c75b39b70f1f415f741d885
Analyzer Verdict Alert fortinet Phishing
GET /tesler2/js/bluebird.min.js HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-12b3f"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: 7dcc34f3609b03a7b2e3587d4d6c84c1
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
push.services.mozilla.com/
52.35.74.102101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.74.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OsIwbxOE+qy6KmbcEMDmeg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rS9xNwLN2Bxu06jLtiyNt9auyYI=
best-offer-no1.com/tesler2/js/videojs/video.js
185.142.239.209200 OK 335 kB URL HTTP/1.1 best-offer-no1.com/tesler2/js/videojs/video.js
IP 185.142.239.209:0
File type ASCII text, with very long lines (491)
Size 335 kB (335015 bytes)
Hash f20c3ec01ad7639d73154c9dee322a28
d0d30875dd51f800fa4ec2f6f26950c446541784
5b66dfe285931127decd3ab1c38da42a6975a05f513ad9b2de126018ec73f7b0
Analyzer Verdict Alert fortinet Phishing
GET /tesler2/js/videojs/video.js HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-173a79"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: c12981f275e7ffdc29f73d0ae1db655e
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/css/intgrtn.css
185.142.239.209200 OK 1.0 kB URL HTTP/1.1 best-offer-no1.com/tesler2/css/intgrtn.css
IP 185.142.239.209:0
Hash 33ebe2488c329793f92881c13e1e33d8
eb999cd53246446566cc5b69e64600d5b30cee20
110b7a415a43fb01f2836dc597ae9faa6512b10a3deb3fad3df9ae0e341852a4
GET /tesler2/css/intgrtn.css HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Cookie: intgrtn_language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-1514"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: 3762350a4b13a91270ab396e2152da6d
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/img/logo.png
185.142.239.209200 OK 1.7 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/logo.png
IP 185.142.239.209:0
File type PNG image data, 245 x 80, 8-bit colormap, non-interlaced\012- data
Hash 0a8c2c0795dac435b5a6134f94095262
70d34839d8bb6c7060ac82488d42f53585ea3a05
3ce0200875965ada605039243768e653fa7d2209ce93d6c0b8e330c7bbd78301
GET /tesler2/img/logo.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-67c"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: af9fff7ce2aa4b3528413f27c7ca7af8
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/img/ggl.png
185.142.239.209200 OK 3.8 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/ggl.png
IP 185.142.239.209:0
File type PNG image data, 413 x 122, 8-bit colormap, non-interlaced\012- data
Hash 1dace915af7bfb5152904d0b9fb048fa
3ba570fda644205812704fb68afe758b1fd59f6b
b64ecd3632207b51972b82588babf76bcbe0ea17e61195f3a8a9b5b7d5da09b6
GET /tesler2/img/ggl.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-e91"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: 2a60825d48b455e60756daba89411c03
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/img/App-1.jpg
185.142.239.209200 OK 12 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/App-1.jpg
IP 185.142.239.209:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 477x259, components 3\012- data
Hash 92395690318f62633236f6dc4482baf6
d732a7e30a7a9b0781b499f7c54aad976d19aa68
8a1f49bc96a81d3348dbe8be1b3aa81333d3edb3d532b10a28ccd6470d379214
GET /tesler2/img/App-1.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-3057"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: 1696966fe94650c9a0b5c196ef36fedc
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/img/apple.png
185.142.239.209200 OK 2.2 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/apple.png
IP 185.142.239.209:0
File type PNG image data, 200 x 73, 8-bit colormap, non-interlaced\012- data
Hash b3165ad0b9b9398a3d9745d557387bb6
84127e8e192fd30d23282537c2c64fc90fb78eb4
1541d72fe5174bda316892a26361636da4df50189a86ee62d06ccd039d4082d3
GET /tesler2/img/apple.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-891"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: 448279dc09a103dc9adbe9ab5019c06f
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/js/scripts_i.js
185.142.239.209200 OK 48 kB URL HTTP/1.1 best-offer-no1.com/tesler2/js/scripts_i.js
IP 185.142.239.209:0
File type Unicode text, UTF-8 text, with very long lines (65449)
Hash 1a87fc8ea044b566c701903c6ab57776
fa48f753333f54ab6aaaaa756ca8328896be4b36
3facc65cc1d32faa5e4f4163152b9472c47aea6a997075705423be42d871c1e4
Analyzer Verdict Alert fortinet Phishing
GET /tesler2/js/scripts_i.js HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Cookie: intgrtn_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-21bfa"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: a90fb3426b24a484817a6c379ae22a06
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/img/bg.jpg
185.142.239.209200 OK 64 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/bg.jpg
IP 185.142.239.209:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1173, components 3\012- data
Hash 46c4e86aa0e4c4577ddd8c00be2b3126
3db0f57d0d45e7828f83de415030cef13e071e9f
88e08b71f3787dda1ac4b75c1293ddda9d916d1a862dc6efd8f13339ee513366
GET /tesler2/img/bg.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/css/styles.css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-1046d"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: 3476a3164284e54fe62676cf230d9310
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/img/images-1.jpg
185.142.239.209200 OK 7.3 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/images-1.jpg
IP 185.142.239.209:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.15.0.81154240 0x5caa32d6", progressive, precision 8, 275x183, components 3\012- data
Hash 0ea31a534a513ea93a73c329a576fb7c
8f3ce9a3e4dc607a754c7465287ecc24ec8effe3
a54fac14e0237d9456afab6e842e8a18db9d9304e72b0d7fb45b46a7d88af188
GET /tesler2/img/images-1.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/css/styles.css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-1cbd"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: 5844dae8d242d387e42e7dd17a6a2656
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/img/images.jpg
185.142.239.209200 OK 8.7 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/images.jpg
IP 185.142.239.209:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.15.0.81154240 0x0536c97b", progressive, precision 8, 259x194, components 3\012- data
Hash e57643aa3ceb8b6804e2b8458782d70a
6695c2d867f5151be2d5833f16f75685556d088b
ee165f69b66466477960b4b27baa14ef05add96fe655d1b777a839a47052919b
GET /tesler2/img/images.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/css/styles.css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-2278"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: 81e3df57c74a269de1eb4f6dacae3a05
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/img/webcam_selfie_thingy_something_by_smashingthenew-d79t6tb.jpg
185.142.239.209200 OK 18 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/webcam_selfie_thingy_something_by_smashingthenew-d79t6tb.jpg
IP 185.142.239.209:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x333, components 3\012- data
Hash ba008073e49ef258ed40d01516b71cf2
b6883ea75b5640ba80034902f0155bd82b2cfbd2
7d1e2d42c57b9abd04d51fe8d8966df21b0d8e7242c38870e03b0023c4200dcf
GET /tesler2/img/webcam_selfie_thingy_something_by_smashingthenew-d79t6tb.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/css/styles.css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-47ba"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: c628fbfc3aa208aca50911fee03d21e0
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
fonts.googleapis.com/css2?family=Montserrat:wght@500&display=swap
142.250.74.10200 OK 14 kB URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@500&display=swap
IP 142.250.74.10:0
Hash 33417c26445f21fcc8d1682a93fae09c
b584693bddf880e0e4c8632594ad829a3c202184
8b86cf7d8dab00ffc4e1da515fd6601ee6cfff7ccddf67b41c3f4f88c6c1f392
GET /css2?family=Montserrat:wght@500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Sep 2022 06:15:12 GMT
date: Thu, 08 Sep 2022 06:15:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
best-offer-no1.com/tesler2/img/lenovo-yoga-tablet2-133-webcam.jpg
185.142.239.209200 OK 16 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/lenovo-yoga-tablet2-133-webcam.jpg
IP 185.142.239.209:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 675x380, components 3\012- data
Hash 8a323efdae3ee4b892c019f7bc22ac4a
b4cb0e2b253b636d19b7c97b4ab934f4c42a7a73
18f45e1927ac077bcfc68a22b6b1a62ba186fa79694b3bcc4205dc97d2161f43
GET /tesler2/img/lenovo-yoga-tablet2-133-webcam.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/css/styles.css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-402c"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: 78e9c1641624d5c4e9846d67c163468e
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 06:15:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12820, version 1.0\012- data
Hash 3f2f6d9e64a95a40ea5dedfc91f42a95
9cd9f5a2f86f1d42390141d91619a0aa41a276b7
ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://best-offer-no1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 06:05:47 GMT
expires: Fri, 08 Sep 2023 06:05:47 GMT
cache-control: public, max-age=31536000
age: 566
last-modified: Mon, 11 Jul 2022 18:56:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
best-offer-no1.com/tesler2/img/Takingasneakywebcamselfieatworkforadmin_b2902ebf6f9d2adf5899542ba6d47f42.jpg
185.142.239.209200 OK 10 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/Takingasneakywebcamselfieatworkforadmin_b2902ebf6f9d2adf5899542ba6d47f42.jpg
IP 185.142.239.209:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x281, components 3\012- data
Hash 971cdec87f299035d42f07056f1ac481
a2f34ade105396ce13625391a53cb8f8f6e23a73
103113f0a617684d09cc6129e0f1c4b40faebb0f8c88862acfd22deb97ae0d6a
GET /tesler2/img/Takingasneakywebcamselfieatworkforadmin_b2902ebf6f9d2adf5899542ba6d47f42.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/css/styles.css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-28d2"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: ac9f3eee0d579ac454030c06aa002a69
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/img/dell-selfie.jpg
185.142.239.209200 OK 24 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/dell-selfie.jpg
IP 185.142.239.209:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 675x380, components 3\012- data
Hash e0d5e5ec71023a545d56318741eb4c9c
47c9a85a22cf7c995f841090b2eb88ec8620884f
b1b8b6bfb9d606985257a64480de6acaf7f2a3924de27943815f59e94e392bae
GET /tesler2/img/dell-selfie.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/css/styles.css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-5f58"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: d64cf78b7d1bb753642e1c48fcdeeb9d
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/img/Security-Security-Checked-icon.png
185.142.239.209200 OK 2.1 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/Security-Security-Checked-icon.png
IP 185.142.239.209:0
File type PNG image data, 512 x 512, 1-bit colormap, non-interlaced\012- data
Hash 6d48657b0443496b074a8438c6cfd15e
9b09a1ac29546966781788bef983cd7cb7baa51e
18f443c5a7f4a97383d1f72c92ae7cf5df0f034aaec196d6a1696bca4dd1aa2c
GET /tesler2/img/Security-Security-Checked-icon.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/css/styles.css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-83c"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: b6fcdea00ac3015373396d3007970c64
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/img/computer-5.png
185.142.239.209200 OK 1.4 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/computer-5.png
IP 185.142.239.209:0
File type PNG image data, 512 x 512, 4-bit colormap, non-interlaced\012- data
Hash 8ffde50c78b5ae924331ac161b8446aa
4c9438c61cfb7b3d2d4d3c1daedcc1007a22ce58
fc8b5c0201829a9da997e8f4d903f6384cef78fcd429c14dedbd506610c34cd1
GET /tesler2/img/computer-5.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/css/styles.css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-697"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: 65a456d6057cd5277445b2623245b5c9
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/img/coins.png
185.142.239.209200 OK 3.0 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/coins.png
IP 185.142.239.209:0
File type PNG image data, 512 x 512, 1-bit colormap, non-interlaced\012- data
Hash 9402ce044ecd19505725bba499f5a588
9e8e0de39958b775425e30f6062ed68080fe1868
51f6a792534b3458b594b830689956e0098e7e8bda1c657e26e1ed5bc6fd7405
GET /tesler2/img/coins.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/css/styles.css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-ba8"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: 332aa9494445a5880b9eef656136333f
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 06:15:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
best-offer-no1.com/tesler2/img/skylanders_tech_icon_by_omniferious-d4j6186.png
185.142.239.209200 OK 2.0 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/skylanders_tech_icon_by_omniferious-d4j6186.png
IP 185.142.239.209:0
File type PNG image data, 200 x 200, 4-bit colormap, non-interlaced\012- data
Hash 7d7795be381cf3386ec876f38adc66a1
4b8d4c91aa8dc400115d0e72dd35211f0bf05f66
a88261d36032ec16de8dfcd67605d646256371871d7e4c38e943d6bf922d2aea
GET /tesler2/img/skylanders_tech_icon_by_omniferious-d4j6186.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/css/styles.css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-7ae"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: 2dd94141390a3f6b4aa43c88bbb376ce
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/img/shutterstock_146023874.jpg
185.142.239.209200 OK 18 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/shutterstock_146023874.jpg
IP 185.142.239.209:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x331, components 3\012- data
Hash 2cd9af55c3e515601e241f54e3829f3a
e28cb2b8307cae1c04cb5ac34c654331e566d7ac
cd46948e28a21a5cd64ac10fa7ffa3d29e897e3b90fd73348db3443ca2527597
GET /tesler2/img/shutterstock_146023874.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/css/styles.css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-4727"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: cb1edcd8ed506d9fd918f089e023fed5
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/img/102398372-google-nasdaq.1910x1000.jpg
185.142.239.209200 OK 44 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/102398372-google-nasdaq.1910x1000.jpg
IP 185.142.239.209:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x419, components 3\012- data
Hash d973323926b57646105ac14ff41060bd
b185fe06b899778495c232d1b9b24d53f60b9be5
af4ae129a79f89262843a1ac95829c1d7e7e207e0554482b22aa4f9374a63053
GET /tesler2/img/102398372-google-nasdaq.1910x1000.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/css/styles.css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-ab96"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: f5107cdbf5f5cdf1f3a4c7d1d28d5526
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/img/800x-1.jpg
185.142.239.209200 OK 53 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/800x-1.jpg
IP 185.142.239.209:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x533, components 3\012- data
Hash 4545a17fb6dffc118d8effb9b8dea61c
f7e602d6f7a6bb75bdd9672113a74ba15e5264d2
0fde00b68b6abb713d4cea0c7425589e27eb5a5a96c40cec8d708ef20e845a73
GET /tesler2/img/800x-1.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/css/styles.css
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-d049"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: 44ec6d36066fad6c0b5de4842758d3cb
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/intgrtn/api/v1/integration/sdk.js?v=120228862
185.142.239.209200 OK 41 kB URL HTTP/1.1 best-offer-no1.com/intgrtn/api/v1/integration/sdk.js?v=120228862
IP 185.142.239.209:0
Hash 680a0ea22c3aa6a17809b316afb10131
d714b0ec7d1ec1377c38eb12ed68c08ca18acea5
1d9492ef5cb94615461b45cce8a7fc44408b8158fb67aae6d83764cbcd6ae42b
Analyzer Verdict Alert fortinet Phishing
GET /intgrtn/api/v1/integration/sdk.js?v=120228862 HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 13:28:20 GMT
Vary: Accept-Encoding
ETag: W/"63189c74-5f3f2"
Expires: Fri, 08 Sep 2023 06:15:13 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
X-Server: igor
PX-X-Request-Id: a5b386f30e2e40a1cb371a668dc69dac
PX-IPTimestamp: 1662046186 1662617515 1662615713
PX-Cache-Status: MISS
best-offer-no1.com/tesler2/img/video-index.jpg
185.142.239.209200 OK 73 kB URL HTTP/1.1 best-offer-no1.com/tesler2/img/video-index.jpg
IP 185.142.239.209:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3\012- data
Hash 1d577d8d73e81438af1ef9609b9270c2
0af6ce504c9708704a841169dca2e9891d25f24b
45b1621e9ee42bd5a71b30b362a51af00f96da64452fc3417210879cbf59ded0
GET /tesler2/img/video-index.jpg HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-12037"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: b3cd53ccae5c68eeefb001cdb770b0d9
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/intgrtn/api/v1/integration/sdk.css?v=2.63.2
185.142.239.209200 OK 8.2 kB URL HTTP/1.1 best-offer-no1.com/intgrtn/api/v1/integration/sdk.css?v=2.63.2
IP 185.142.239.209:0
Hash f8d2693bbce48cb3c19117b0d43e9cc4
5a4ed5df84262978776ee5fd1d2418ebde6f08ba
0ec8d1ead3f977cf5f4421c42570d18ac80796c2ccbc6b855af7c68e3470b922
GET /intgrtn/api/v1/integration/sdk.css?v=2.63.2 HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 12:03:08 GMT
Vary: Accept-Encoding
ETag: W/"62e7c0fc-1344e"
Expires: Tue, 01 Aug 2023 12:25:39 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
X-Server: igor
PX-X-Request-Id: b5511c362e7baf7a3287159ed6a4b71d
PX-IPTimestamp: 1662046186 1662617515 1662615713
PX-Cache-Status: HIT
best-offer-no1.com/tesler2/img/favicon.png
185.142.239.209200 OK 509 B URL HTTP/1.1 best-offer-no1.com/tesler2/img/favicon.png
IP 185.142.239.209:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 3187c8264085954f70650cc0b8786f32
a502966780c4682516bd54d717ad194b69018975
9b75bbcb1d36898dabf6a408bb62c986bc02dd72fdfdd797208429115a792b44
GET /tesler2/img/favicon.png HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Cookie: intgrtn_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Jul 2022 06:15:38 GMT
ETag: W/"62d64c0a-1e6"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: 47155a9d50d35ef60050e6b887844620
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Encoding: gzip
best-offer-no1.com/tesler2/media/video-en.mp4
185.142.239.209206 Partial Content 18 kB URL HTTP/1.1 best-offer-no1.com/tesler2/media/video-en.mp4
IP 185.142.239.209:0
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Hash cd83de786f1a48444948d441d6a58319
deaa2dd9cf00d19ddf20edf6f2728368e755cabf
871bd229467c057b1dd9a028420a928bc0af586caf20251baa97965fe06122b5
Analyzer Verdict Alert fortinet Phishing
GET /tesler2/media/video-en.mp4 HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Cookie: intgrtn_language=en
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Server: nginx
Date: Thu, 08 Sep 2022 06:15:13 GMT
Content-Type: video/mp4
Content-Length: 346761177
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 12:49:42 GMT
ETag: "610d2fe6-14ab27d9"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: igor
PX-X-Request-Id: 08050a264094b667984a5a45b7e02d73
PX-IPTimestamp: 1662046186 1662617515 1662615713
Content-Range: bytes 0-346761176/346761177
best-offer-no1.com/intgrtn/api/v1/projects/agreements.php?type=4
185.142.239.209200 OK 1.8 kB URL HTTP/1.1 best-offer-no1.com/intgrtn/api/v1/projects/agreements.php?type=4
IP 185.142.239.209:0
File type JSON data\012- , ASCII text, with very long lines (4165), with no line terminators
Hash f60b4d4fa641aa39f38cd93886eaaa42
5d3b561bdc643550d05a1e10c335e43180b4ea86
8436a40d1f4ec38a99476322c1ecdd09a95527c82af1a8b663743ab6edea91e9
Analyzer Verdict Alert fortinet Phishing
GET /intgrtn/api/v1/projects/agreements.php?type=4 HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://best-offer-no1.com/tesler2/en/index.php
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:14 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: igor
PX-X-Request-Id: 59f67d5cf20421c9179826317018f262
PX-IPTimestamp: 1662046186 1662617515 1662615713
best-offer-no1.com/intgrtn/api/v1/projects/details.php?&language=en
185.142.239.209200 OK 6.4 kB URL HTTP/1.1 best-offer-no1.com/intgrtn/api/v1/projects/details.php?&language=en
IP 185.142.239.209:0
File type JSON data\012- , ASCII text, with very long lines (44597), with no line terminators
Hash e7288276a148d7f548e7970487d4e948
daf32d5d97388e9460a2671578a077b153872ad9
347d16164e872ce7c4e83e38891a255f12de86606f8285d9e6d24822c7d995d7
GET /intgrtn/api/v1/projects/details.php?&language=en HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://best-offer-no1.com/tesler2/en/index.php
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:14 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: igor
PX-X-Request-Id: ed948a370c2becd15895c6845208909d
PX-IPTimestamp: 1662046186 1662617515 1662615713
best-offer-no1.com/intgrtn/api/v1/projects/agreements.php?type=4
185.142.239.209200 OK 1.8 kB URL HTTP/1.1 best-offer-no1.com/intgrtn/api/v1/projects/agreements.php?type=4
IP 185.142.239.209:0
File type JSON data\012- , ASCII text, with very long lines (4164), with no line terminators
Hash dcbbb454a94fccab5aee3e6ac7fbdb11
509f024d54ca1346839718b5c105fc8abebdd596
c866217111305d39af799712aa6944f55bbb07d278aaff3076591d296e0663ae
Analyzer Verdict Alert fortinet Phishing
GET /intgrtn/api/v1/projects/agreements.php?type=4 HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://best-offer-no1.com/tesler2/en/index.php
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:14 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: igor
PX-X-Request-Id: 5bb58c13d5a0b93a671fbc719798e755
PX-IPTimestamp: 1662046186 1662617515 1662615713
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4160
Expires: Thu, 08 Sep 2022 07:24:34 GMT
Date: Thu, 08 Sep 2022 06:15:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4160
Expires: Thu, 08 Sep 2022 07:24:34 GMT
Date: Thu, 08 Sep 2022 06:15:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4160
Expires: Thu, 08 Sep 2022 07:24:34 GMT
Date: Thu, 08 Sep 2022 06:15:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4160
Expires: Thu, 08 Sep 2022 07:24:34 GMT
Date: Thu, 08 Sep 2022 06:15:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4160
Expires: Thu, 08 Sep 2022 07:24:34 GMT
Date: Thu, 08 Sep 2022 06:15:14 GMT
Connection: keep-alive
best-offer-no1.com/intgrtn/api/v1/events/add.php
185.142.239.209200 OK 161 B URL HTTP/1.1 best-offer-no1.com/intgrtn/api/v1/events/add.php
IP 185.142.239.209:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ef541d3b564dee7d46566b2939c50f83
f270049b8489b4442fc9f8d1a36a44ede41b551c
fc86263d353ba77a0f9e21bce9fbc60258b53297227ef4f399b98b8a9be567a1
Analyzer Verdict Alert fortinet Phishing
POST /intgrtn/api/v1/events/add.php HTTP/1.1
Host: best-offer-no1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://best-offer-no1.com/tesler2/en/index.php
Content-Length: 30
Origin: https://best-offer-no1.com
Connection: keep-alive
Referer: https://best-offer-no1.com/tesler2/en/index.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 06:15:14 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://best-offer-no1.com
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: igor
PX-X-Request-Id: 3882d93e04b691b071760c1b506c754d
PX-IPTimestamp: 1662046186 1662617515 1662615713
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca5b5d4ac26d97b5729a30ecdc688bc
3e633bc6c4ab9adfe84899e5209d73bef1d097eb
2c8275d1819d933f86df9685b76aea030842ba5a341c59ea88ffd2da99a5a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7885
x-amzn-requestid: 305dc6b7-eb3d-40ad-af89-8b60be935637
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThE3DIAMFRtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-7c0b58644e26de7f27c5b388;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ry2D03udnweYHan_7KhC9IDhT01g9_73G40Fa10BdIX21tgK0Cgjiw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:48:35 GMT
etag: "3e633bc6c4ab9adfe84899e5209d73bef1d097eb"
content-type: image/jpeg
age: 30399
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a39739-e855-4625-859f-7e2fed3d2511.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a39739-e855-4625-859f-7e2fed3d2511.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9ca2de4e61d1aae73da7d13ad3ec727
15cefe1e2be8ad63e40cfe02c2f5f8c59af015ad
911550bc2b8e4c4aad215692361fe494275002f89faa9eae2e2fc2664da1107c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a39739-e855-4625-859f-7e2fed3d2511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12107
x-amzn-requestid: 9ea883d8-b844-49d0-8651-67124d2c0852
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgHANIAMF5rQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-137ad22c52baa6fb04ae190d;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: P5OHHQ3YLSEkmgy4GUF6SfbGkPlrVxokjSQuZLVstQDT1DpLDtGEvg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:03:47 GMT
age: 29487
etag: "15cefe1e2be8ad63e40cfe02c2f5f8c59af015ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08c16db0-fc0c-4dde-ae07-9586e9adb562.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08c16db0-fc0c-4dde-ae07-9586e9adb562.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f691eddbd9502201c90f81568f4f63fc
6ed123d7a797b7eb52a34e87c79aa8562bede4e1
6d2b6ff8acdc63829050d68084997737ac8cbbe52aba6189ab8908f7dcb800b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08c16db0-fc0c-4dde-ae07-9586e9adb562.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9255
x-amzn-requestid: f4092ba2-d141-44cf-8e0e-a4ee46b397ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThFAeoAMFUPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-4ee1ceb30135f4e1763e98b9;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: A60P-w4aO0T7up7sTYS72sWYlUao4cCXXE7B3QAv5Zy8-zDbIUWCeQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:44:32 GMT
age: 30642
etag: "6ed123d7a797b7eb52a34e87c79aa8562bede4e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0564fe6-5557-4644-ba02-30e6de571e27.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0564fe6-5557-4644-ba02-30e6de571e27.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 786824349d0ac6933b5beb4a10ce9cc7
63e6e7d760e736c45ca4778111ea8e61eb13edd6
4aea707f67116f423b68bd19e946b167b48c920693663f2b7b270c86947bffdb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0564fe6-5557-4644-ba02-30e6de571e27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7923
x-amzn-requestid: 657663ba-b3e9-4a84-9186-3f13ad230765
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9VsGsQoAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f57-6fc934984bba83fe1b91056f;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: WSGEVR0aSN0fgOzZ7GRMqgQ7z8UqIJ72nRk4_T2-C7ViLZgDMIEcDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:28:23 GMT
age: 28011
etag: "63e6e7d760e736c45ca4778111ea8e61eb13edd6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a07d553b6441514870ed7e9e989a29a7
98c145b9326d1e6036fa9089d87a25232dd45b0b
373a586b596016baeb8de98022207c25af24c099c06077edbdfd837cffc31a0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7492
x-amzn-requestid: 2c5e9ff3-c7a4-4a8f-96bf-74f0ca5d9137
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9dOHguIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f87-70dbe6532b1a241e6dbe729e;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 6mfdlMHJozdykr4faiijvUuJPXVrJGU_n0MxJgCrZ-uWWdejGYfiAQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 020978022b22df6352245f09cfbc410c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:33:06 GMT
age: 27728
etag: "98c145b9326d1e6036fa9089d87a25232dd45b0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ee600c8-d25e-4cb3-93cb-f1970d300d9c.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ee600c8-d25e-4cb3-93cb-f1970d300d9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c316fd8a538a8c998ef49d399e9b0692
1fbcbd73de88723e5a42ec1ecb131b94deb1c88e
1a34abee1bf6b76733ba2ca97a5c053b67bd6cd48f6953fc53798c77385cd781
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ee600c8-d25e-4cb3-93cb-f1970d300d9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8643
x-amzn-requestid: 663e595c-db96-40aa-af51-7628b4c536fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDkkoFTvIAMFimw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317b483-7a2d96f41413f89f1fc3acb4;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 20:58:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CZ1qUdeqBSDB3XHDy6QYWptdZ1aFWLSBTYwWwOvec0H0-m921E5s_g==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:05:02 GMT
age: 29412
etag: "1fbcbd73de88723e5a42ec1ecb131b94deb1c88e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2