gla.ge/old/enG/
91.239.207.24302 Found 0 B IP 91.239.207.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /old/enG/ HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 21 Jan 2023 09:18:03 GMT
Server: Apache/2
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: gla.ge
Set-Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd; path=/
Last-Modified: Wed, 05 Oct 2022 09:23:27 GMT
Location: http://gla.ge/
Expires: 0
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8428
Expires: Sat, 21 Jan 2023 11:38:46 GMT
Date: Sat, 21 Jan 2023 09:18:18 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15448
Expires: Sat, 21 Jan 2023 13:35:46 GMT
Date: Sat, 21 Jan 2023 09:18:18 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3258
Expires: Sat, 21 Jan 2023 10:12:36 GMT
Date: Sat, 21 Jan 2023 09:18:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 08:34:43 GMT
content-type: application/json
age: 2615
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HmQrMFqAL3rz0CdI5sHQaAg0PDoo7AdaH4UAsaW88uEQlVye8U0/M31LKuP1NUZ15gLMh0ybpsE=
x-amz-request-id: 0ZY61XP35NM6WXRG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 08:46:44 GMT
age: 1894
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
gla.ge/
91.239.207.24200 OK 3.5 kB IP 91.239.207.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (515)
Hash 2060c7ce212ae7bc1adf5e027306ed23
fdda7c10d9c44e1b202ed70cbd8979d853da33e9
e02a688bcce5710cad078497cdf603c5a2ed9ff4bd8052bfb7b76e21b5ae5515
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:03 GMT
Server: Apache/2
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: gla.ge
Last-Modified: Wed, 05 Oct 2022 09:23:27 GMT
Expires: 0
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Content-Length: 3474
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 09:18:18 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bccd1fe14275d3bb56418297e502cd10
cdf19d2a4099ada369589fc7aa7021f9b30302aa
801e8b57b77806d98fe23b8421a8fdba9f1138827cc320cb5dcc986161aa7ca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 09:18:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gla.ge/Theme/Styles/CSS/FR/swiper-bundle.min.css?v=0.1
91.239.207.24200 OK 4.1 kB URL HTTP/1.1 gla.ge/Theme/Styles/CSS/FR/swiper-bundle.min.css?v=0.1
IP 91.239.207.24:0
File type ASCII text, with very long lines (13425)
Hash 08c62b81e0b7229d411aca68b77fd621
dd7324c9345664df8e8fc8199eb7952b7debca9e
649a9c0970163f92d38551e8c760598e4921a1796fd07e4553f7f8f952e8c380
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Theme/Styles/CSS/FR/swiper-bundle.min.css?v=0.1 HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gla.ge/
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:03 GMT
Server: Apache/2
Last-Modified: Tue, 22 Dec 2020 18:11:42 GMT
ETag: "3572-5b71181b4f380-gzip"
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Content-Length: 4133
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/css
www.googletagmanager.com/gtag/js?id=G-4L91D0PM01
172.217.21.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-4L91D0PM01
IP 172.217.21.168:0
File type ASCII text, with very long lines (19574)
Hash 395e91ed4eacafac4e5cbb719a111303
badbefea75d31a19c755827089d36f7b068bc2bb
86467452ca417c06178d7dd729d71abe55ae0d4d231eefb3808cf988b2717bf2
GET /gtag/js?id=G-4L91D0PM01 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gla.ge/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 21 Jan 2023 09:18:18 GMT
expires: Sat, 21 Jan 2023 09:18:18 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77201
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bccd1fe14275d3bb56418297e502cd10
cdf19d2a4099ada369589fc7aa7021f9b30302aa
801e8b57b77806d98fe23b8421a8fdba9f1138827cc320cb5dcc986161aa7ca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 09:18:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gla.ge/Theme/Styles/CSS/FR/slider.css?v=0.1
91.239.207.24200 OK 641 B URL HTTP/1.1 gla.ge/Theme/Styles/CSS/FR/slider.css?v=0.1
IP 91.239.207.24:0
File type ASCII text, with very long lines (1805), with no line terminators
Hash e928361633979b0491d28e6976ff56b4
51e6be1b903826dfd8e24672a04711c6a19af58b
576ca73efe57ee7b9f4bf5f6a7e13dc524dd5ba62e7c1066d6fa7522cdc6b883
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Theme/Styles/CSS/FR/slider.css?v=0.1 HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gla.ge/
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:03 GMT
Server: Apache/2
Last-Modified: Tue, 07 Jun 2022 11:21:27 GMT
ETag: "70d-5e0d9ca1d5bc0-gzip"
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Content-Length: 641
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/css
gla.ge/Theme/Styles/CSS/FR/mobile.css?v=0.1
91.239.207.24200 OK 50 B URL HTTP/1.1 gla.ge/Theme/Styles/CSS/FR/mobile.css?v=0.1
IP 91.239.207.24:0
File type ASCII text, with no line terminators
Hash b8132fd4908463163b4c5396eeaf3748
e1288d92a57ed251efb80f4aeed8d2b965a77ae1
c436714e6d1376d0a8dbc5667f0744ffd3891885740e8f383aca3257a08601d2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Theme/Styles/CSS/FR/mobile.css?v=0.1 HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gla.ge/
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:03 GMT
Server: Apache/2
Last-Modified: Thu, 04 Mar 2021 13:05:04 GMT
ETag: "32-5bcb59dacc000"
Accept-Ranges: bytes
Content-Length: 50
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Vary: User-Agent
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/css
gla.ge/Theme/Styles/CSS/FR/eng.css?v=0.1
91.239.207.24200 OK 6.8 kB URL HTTP/1.1 gla.ge/Theme/Styles/CSS/FR/eng.css?v=0.1
IP 91.239.207.24:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 38a5d7bff5e687386023e0699bd7c9d8
bd8bc8f67061db991dfa2097313b9212fdfbbbec
da34a6f5cf454566c33b1e2c717b0c6aaced927317ae370640c821a7e169e77a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Theme/Styles/CSS/FR/eng.css?v=0.1 HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gla.ge/
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:03 GMT
Server: Apache/2
Last-Modified: Tue, 07 Jun 2022 11:16:58 GMT
ETag: "11b40-5e0d9ba14be80-gzip"
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Content-Length: 6816
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/css
gla.ge/Theme/Styles/CSS/FR/fonts.css?v=0.1
91.239.207.24200 OK 881 B URL HTTP/1.1 gla.ge/Theme/Styles/CSS/FR/fonts.css?v=0.1
IP 91.239.207.24:0
File type ASCII text, with very long lines (9312), with no line terminators
Hash 0a5ecf6ed116f4388d2d508e41763cd9
7726541b141fe49098f13b164be63ef85cc1bcae
7c926286d6ab97b92e8aaefd7c31568e2cafb5d2e4b355aef16ee0a3e4e0a876
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Theme/Styles/CSS/FR/fonts.css?v=0.1 HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gla.ge/
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:03 GMT
Server: Apache/2
Last-Modified: Tue, 07 Jun 2022 11:18:18 GMT
ETag: "2460-5e0d9bed97280-gzip"
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Content-Length: 881
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: text/css
gla.ge/Theme/Scripts/JS/FR/app.js?v=0.1
91.239.207.24200 OK 2.5 kB URL HTTP/1.1 gla.ge/Theme/Scripts/JS/FR/app.js?v=0.1
IP 91.239.207.24:0
File type ASCII text, with CRLF line terminators
Hash 9e3a76d844aac68c20de32b5989a8c05
97c0f183ad93f0d87d2bdbc8cbe73a9deb0e6501
92d61d8648c32ce914ed2df6812843aa19848bcf10dbfc6489bea6bed86d0beb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Theme/Scripts/JS/FR/app.js?v=0.1 HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gla.ge/
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:03 GMT
Server: Apache/2
Last-Modified: Sat, 06 Mar 2021 06:26:45 GMT
ETag: "2b4b-5bcd848ddb340-gzip"
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Content-Length: 2481
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: application/javascript
gla.ge/Theme/Styles/CSS/FR/root.css?v=0.1
91.239.207.24200 OK 322 B URL HTTP/1.1 gla.ge/Theme/Styles/CSS/FR/root.css?v=0.1
IP 91.239.207.24:0
File type ASCII text, with very long lines (554), with no line terminators
Hash a08f112db154ae28b26f3bf5b68dfa5b
c6495d5863365d231bce923c1b55921c6fd97c60
128fee09c19c29d982a5f2e21bdaadbc7abb121df0ff933cdc61c5b0e08eeefa
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Theme/Styles/CSS/FR/root.css?v=0.1 HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gla.ge/
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:03 GMT
Server: Apache/2
Last-Modified: Tue, 07 Jun 2022 11:20:45 GMT
ETag: "22a-5e0d9c79c7d40-gzip"
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Content-Length: 322
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/css
gla.ge/Theme/Scripts/JS/FR/swiper-bundle.min.js?v=0.1
91.239.207.24200 OK 37 kB URL HTTP/1.1 gla.ge/Theme/Scripts/JS/FR/swiper-bundle.min.js?v=0.1
IP 91.239.207.24:0
File type ASCII text, with very long lines (65279)
Hash 11bde40916083912ce60efa836013d10
66dd7902a513880c5e078884c44d7c538d33a881
df305f5cc60c4992284e12f8ca6cb7f85447e3eb474ff131f335340128781eda
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Theme/Scripts/JS/FR/swiper-bundle.min.js?v=0.1 HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gla.ge/
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:03 GMT
Server: Apache/2
Last-Modified: Tue, 22 Dec 2020 18:12:14 GMT
ETag: "22232-5b711839d3b80-gzip"
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Content-Length: 36964
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: application/javascript
gla.ge/Theme/Styles/Images/FR/logo.png
91.239.207.24200 OK 2.7 kB URL HTTP/1.1 gla.ge/Theme/Styles/Images/FR/logo.png
IP 91.239.207.24:0
File type PNG image data, 90 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash 47d724c0d1b9fa6726a3a90952d476d7
5d09a25a7032e91f252418efb6340cc22d9d1de3
77fb89bf9c57f8d48ba0c8a735656f17451dc168adb3ee02d809e78761cb8a10
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Theme/Styles/Images/FR/logo.png HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gla.ge/
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:04 GMT
Server: Apache/2
Last-Modified: Sat, 28 Nov 2020 20:13:06 GMT
ETag: "ab3-5b53067acf880"
Accept-Ranges: bytes
Content-Length: 2739
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 09:17:29 GMT
age: 50
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
gla.ge/Theme/Styles/Images/FR/circle.png
91.239.207.24200 OK 554 B URL HTTP/1.1 gla.ge/Theme/Styles/Images/FR/circle.png
IP 91.239.207.24:0
File type PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d49b240c3a386e2b2501c614a40d51c
67732147d8a923ffdd8e9d723583257c4f4677ef
cf3d6f66ada50b0ae030eccf9e91b240b7751e009ad2251153f496ce5dc245c5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Theme/Styles/Images/FR/circle.png HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gla.ge/Theme/Styles/CSS/FR/eng.css?v=0.1
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd; _ga_4L91D0PM01=GS1.1.1674292698.1.0.1674292698.0.0.0; _ga=GA1.1.1948412283.1674292698
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:04 GMT
Server: Apache/2
Last-Modified: Sat, 28 Nov 2020 20:10:02 GMT
ETag: "22a-5b5305cb55a80"
Accept-Ranges: bytes
Content-Length: 554
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
gla.ge/Theme/Styles/Images/FR/svg/in.svg
91.239.207.24200 OK 828 B URL HTTP/1.1 gla.ge/Theme/Styles/Images/FR/svg/in.svg
IP 91.239.207.24:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e3560536a083e3112300ffd46937dde7
8315b150b43b7189191553ad2f928a7c699162c3
1c225cc072ee2b073297670617ab1fc35cff10461b747e07c1be569f6583fb88
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Theme/Styles/Images/FR/svg/in.svg HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gla.ge/Theme/Styles/CSS/FR/eng.css?v=0.1
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd; _ga_4L91D0PM01=GS1.1.1674292698.1.0.1674292698.0.0.0; _ga=GA1.1.1948412283.1674292698
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:04 GMT
Server: Apache/2
Last-Modified: Sat, 14 Nov 2020 13:54:36 GMT
ETag: "5e4-5b4117c469f00-gzip"
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Content-Length: 828
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
gla.ge/Theme/Styles/Images/FR/svg/fb.svg
91.239.207.24200 OK 691 B URL HTTP/1.1 gla.ge/Theme/Styles/Images/FR/svg/fb.svg
IP 91.239.207.24:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9dfd7b78df70c051b670e9e622698553
473b948df826f8ba67a6e613d5db2ac9e9716c0f
9ec209a5682757281807a99dc23bfb2bb595c12e9a8e4d68d8ff270f9cc347ac
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Theme/Styles/Images/FR/svg/fb.svg HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gla.ge/Theme/Styles/CSS/FR/eng.css?v=0.1
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd; _ga_4L91D0PM01=GS1.1.1674292698.1.0.1674292698.0.0.0; _ga=GA1.1.1948412283.1674292698
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:04 GMT
Server: Apache/2
Last-Modified: Sat, 14 Nov 2020 13:54:16 GMT
ETag: "4ad-5b4117b157200-gzip"
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Content-Length: 691
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bdb8a13dfce39d6e151a9ef185a772a1
037a680510f9dbce3c7cc3c0f9115fd587dbcd1d
98c8b7f269b9aad73b73fd946788ebfd7a4d7afbdd5347b56c67f73b947f5ff6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2616
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 09:18:19 GMT
Last-Modified: Sat, 21 Jan 2023 08:34:43 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
gla.ge/Theme/Styles/Fonts/FR/Roboto-Bold.woff2
91.239.207.24200 OK 66 kB URL HTTP/1.1 gla.ge/Theme/Styles/Fonts/FR/Roboto-Bold.woff2
IP 91.239.207.24:0
File type Web Open Font Format (Version 2), TrueType, length 65972, version 1.0\012- data
Hash f3a02e2578bee50e620e515912278bc9
168e9a9e4690ec3437a6a3087dd2f76fadc47888
4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Theme/Styles/Fonts/FR/Roboto-Bold.woff2 HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gla.ge/Theme/Styles/CSS/FR/fonts.css?v=0.1
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd; _ga_4L91D0PM01=GS1.1.1674292698.1.0.1674292698.0.0.0; _ga=GA1.1.1948412283.1674292698
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:04 GMT
Server: Apache/2
Last-Modified: Sat, 21 Nov 2020 16:44:12 GMT
ETag: "101b4-5b4a0abb3af00"
Accept-Ranges: bytes
Content-Length: 65972
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/x-font-woff2
gla.ge/Theme/Styles/Fonts/FR/Quicksand-Bold.woff2
91.239.207.24200 OK 32 kB URL HTTP/1.1 gla.ge/Theme/Styles/Fonts/FR/Quicksand-Bold.woff2
IP 91.239.207.24:0
File type Web Open Font Format (Version 2), TrueType, length 31740, version 1.0\012- data
Hash c7c2abc4d9a1456fcb2206ae855fc352
55cb0a93c6aff97ab11b30059fa11f586622f581
e47a0f0823ce768911bfc8f3100d3199236d3b496cc25caed336209fdaa44484
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Theme/Styles/Fonts/FR/Quicksand-Bold.woff2 HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gla.ge/Theme/Styles/CSS/FR/fonts.css?v=0.1
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd; _ga_4L91D0PM01=GS1.1.1674292698.1.0.1674292698.0.0.0; _ga=GA1.1.1948412283.1674292698
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:04 GMT
Server: Apache/2
Last-Modified: Sat, 21 Nov 2020 16:44:12 GMT
ETag: "7bfc-5b4a0abb3af00"
Accept-Ranges: bytes
Content-Length: 31740
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/x-font-woff2
gla.ge/Theme/Styles/Fonts/FR/Roboto-Regular.woff2
91.239.207.24200 OK 66 kB URL HTTP/1.1 gla.ge/Theme/Styles/Fonts/FR/Roboto-Regular.woff2
IP 91.239.207.24:0
File type Web Open Font Format (Version 2), TrueType, length 65916, version 1.0\012- data
Hash 9feb0110b6dff9ee2b9ebd17f7a1aee6
90bbe308a02d7cda492e3beb1a6091809b8f35c8
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Theme/Styles/Fonts/FR/Roboto-Regular.woff2 HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gla.ge/Theme/Styles/CSS/FR/fonts.css?v=0.1
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd; _ga_4L91D0PM01=GS1.1.1674292698.1.0.1674292698.0.0.0; _ga=GA1.1.1948412283.1674292698
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:04 GMT
Server: Apache/2
Last-Modified: Sat, 21 Nov 2020 16:44:18 GMT
ETag: "1017c-5b4a0ac0f3c80"
Accept-Ranges: bytes
Content-Length: 65916
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: application/x-font-woff2
gla.ge/Theme/Styles/Fonts/FR/Quicksand-Medium.woff2
91.239.207.24200 OK 33 kB URL HTTP/1.1 gla.ge/Theme/Styles/Fonts/FR/Quicksand-Medium.woff2
IP 91.239.207.24:0
File type Web Open Font Format (Version 2), TrueType, length 32944, version 1.0\012- data
Hash c8c277c3a3d5b49db693ef5b26b89ac7
14beb63971acd651b33ecdafb66151f30ab3301f
b28186e19ba03f1683fcb70d0b159e57c773262825fcdd1e28e97e9f1114f8a5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Theme/Styles/Fonts/FR/Quicksand-Medium.woff2 HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gla.ge/Theme/Styles/CSS/FR/fonts.css?v=0.1
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd; _ga_4L91D0PM01=GS1.1.1674292698.1.0.1674292698.0.0.0; _ga=GA1.1.1948412283.1674292698
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:04 GMT
Server: Apache/2
Last-Modified: Sat, 21 Nov 2020 16:44:10 GMT
ETag: "80b0-5b4a0ab952a80"
Accept-Ranges: bytes
Content-Length: 32944
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: application/x-font-woff2
gla.ge/Theme/Styles/Fonts/FR/Roboto-Medium.woff2
91.239.207.24200 OK 67 kB URL HTTP/1.1 gla.ge/Theme/Styles/Fonts/FR/Roboto-Medium.woff2
IP 91.239.207.24:0
File type Web Open Font Format (Version 2), TrueType, length 66792, version 1.0\012- data
Hash 50d01d3e6c994995bcaf829e63d53d1a
c78884cb32e7b020971ffae746fe21d90502bcae
998b049e731114e2fa35d65f23fc6e6e153249a4ef328912e3c7c49546e2d207
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Theme/Styles/Fonts/FR/Roboto-Medium.woff2 HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gla.ge/Theme/Styles/CSS/FR/fonts.css?v=0.1
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd; _ga_4L91D0PM01=GS1.1.1674292698.1.0.1674292698.0.0.0; _ga=GA1.1.1948412283.1674292698
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:04 GMT
Server: Apache/2
Last-Modified: Sat, 21 Nov 2020 16:44:16 GMT
ETag: "104e8-5b4a0abf0b800"
Accept-Ranges: bytes
Content-Length: 66792
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: application/x-font-woff2
push.services.mozilla.com/
54.149.93.186101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.93.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: s0UXO8re2Tk75RYQd0RZww==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: L8sTt51/H2vBg0iD1BdGka5GmJk=
gla.ge/Uploads/Slider/1/Images/slider1.jpg.jpg
91.239.207.24200 OK 781 kB URL HTTP/1.1 gla.ge/Uploads/Slider/1/Images/slider1.jpg.jpg
IP 91.239.207.24:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=3438, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=5152], baseline, precision 8, 1250x834, components 3\012- data
Size 781 kB (781290 bytes)
Hash 78dfdc53de8cb2ebbcb1557e557e7774
478dc982300c9399ce61db9eb74e1a040c2854c6
9ab2c06d2a649e4af8fc10e24b0a6ddea03258d1e7d09f2229c23c41dff68a8e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Uploads/Slider/1/Images/slider1.jpg.jpg HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gla.ge/
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd; _ga_4L91D0PM01=GS1.1.1674292698.1.0.1674292698.0.0.0; _ga=GA1.1.1948412283.1674292698
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:04 GMT
Server: Apache/2
Last-Modified: Fri, 05 Mar 2021 15:14:31 GMT
ETag: "bebea-5bccb8a7723c0"
Accept-Ranges: bytes
Content-Length: 781290
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
gla.ge/Uploads/Slider/4/Images/robin-pierre-dPgPoiUIiXk-unsplash.jpg.jpg
91.239.207.24200 OK 856 kB URL HTTP/1.1 gla.ge/Uploads/Slider/4/Images/robin-pierre-dPgPoiUIiXk-unsplash.jpg.jpg
IP 91.239.207.24:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 4272x2848, components 3\012- data
Size 856 kB (856490 bytes)
Hash a80812c083ffd3b46da00b1915ea1268
42863cfb019d637a4e3974266e23221336dc7e1a
edf2797de56e3d4fe74a6663dbb18050abc0f71bc3735fce8c9b8b2bc073fa70
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Uploads/Slider/4/Images/robin-pierre-dPgPoiUIiXk-unsplash.jpg.jpg HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gla.ge/
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd; _ga_4L91D0PM01=GS1.1.1674292698.1.0.1674292698.0.0.0; _ga=GA1.1.1948412283.1674292698
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:04 GMT
Server: Apache/2
Last-Modified: Fri, 05 Mar 2021 15:14:31 GMT
ETag: "d11aa-5bccb8a7723c0"
Accept-Ranges: bytes
Content-Length: 856490
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
gla.ge/Uploads/Slider/5/Images/slider.jpg.jpg
91.239.207.24200 OK 1.9 MB URL HTTP/1.1 gla.ge/Uploads/Slider/5/Images/slider.jpg.jpg
IP 91.239.207.24:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Macintosh), datetime=2021:03:12 14:32:06], progressive, precision 8, 1920x900, components 3\012- data
Size 1.9 MB (1872616 bytes)
Hash f3dbac8bd2d1b4ef631c4200391f32ca
9d15b6194a1518657876bcbcfe72986faa98cb4c
87675add605438c2903a6b6b8f9a0a81d92a041f1da3a2bb70743fc15524ef3b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Uploads/Slider/5/Images/slider.jpg.jpg HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gla.ge/
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd; _ga_4L91D0PM01=GS1.1.1674292698.1.0.1674292698.0.0.0; _ga=GA1.1.1948412283.1674292698
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:04 GMT
Server: Apache/2
Last-Modified: Fri, 12 Mar 2021 10:32:24 GMT
ETag: "1c92e8-5bd546a6d3e00"
Accept-Ranges: bytes
Content-Length: 1872616
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
gla.ge/Theme/Styles/Images/FR/favicon.svg
91.239.207.24200 OK 562 B URL HTTP/1.1 gla.ge/Theme/Styles/Images/FR/favicon.svg
IP 91.239.207.24:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 0ff79aa2731c0bcc46fa51b544ebf7be
6e83a3e2a671c8a71e13bf5fb23f50b5f6b3ea35
1c9d8266b526204dc3894fb6e538cfd5383152395a19747fa6578cf399b8bb03
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /Theme/Styles/Images/FR/favicon.svg HTTP/1.1
Host: gla.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gla.ge/
Cookie: PHPSESSID=5hpklihd6d2vjvpvchblt2tfcd; _ga_4L91D0PM01=GS1.1.1674292698.1.0.1674292698.0.0.0; _ga=GA1.1.1948412283.1674292698
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 09:18:05 GMT
Server: Apache/2
Last-Modified: Sun, 10 Jan 2021 14:38:46 GMT
ETag: "3ba-5b88cbf2ec980-gzip"
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
Pragma: no-cache
Content-Length: 562
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 46b8df17eeb01460decb64410267e15e
f6693bd6607ce79c0a4899763da30d886dcd6ad3
f9948fc9e977fc5b4fc6d74f6bb661fcbfeb4ef3b1e3a1573a6ca6f3cc5319c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1756
Cache-Control: max-age=145440
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 09:18:20 GMT
Etag: "63cb3c20-1d7"
Expires: Mon, 23 Jan 2023 01:42:20 GMT
Last-Modified: Sat, 21 Jan 2023 01:13:04 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 46b8df17eeb01460decb64410267e15e
f6693bd6607ce79c0a4899763da30d886dcd6ad3
f9948fc9e977fc5b4fc6d74f6bb661fcbfeb4ef3b1e3a1573a6ca6f3cc5319c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1756
Cache-Control: max-age=145440
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 09:18:20 GMT
Etag: "63cb3c20-1d7"
Expires: Mon, 23 Jan 2023 01:42:20 GMT
Last-Modified: Sat, 21 Jan 2023 01:13:04 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 8044f19ab59e861c0adfc6b8a185cce8
7ad8b0c83d35676cda75a7e11ffad1fcd4804691
38a109eadf989b42058d7a1debafab36b520cba8c2cfd5553c0a7f8378ae2f6a
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gla.ge/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 8fc5a7f8ce12ea41adda3244be6b3a7e
etag: "7f57464c51a4c350df7b16f68a5399b6"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 21 Jan 2023 09:29:09 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: gETxmrWehhwK38a4oYXM6A==
x-fb-debug: hg1FEqhtiKgWZRlQRg/9DYmOrcjmJG1os0wEsWGgTpCm9FelF5HihKcN0RMlD/uGX9r8mic5eU7qzLyMAL/99Q==
priority: u=3,i
content-length: 1688
x-fb-trip-id: 1904183273
date: Sat, 21 Jan 2023 09:18:20 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-4L91D0PM01>m=2oe1i0&_p=37534382&cid=1948412283.1674292698&ul=en-us&sr=1280x1024&_s=1&sid=1674292698&sct=1&seg=0&dl=http%3A%2F%2Fgla.ge%2F&dt=Gla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-4L91D0PM01>m=2oe1i0&_p=37534382&cid=1948412283.1674292698&ul=en-us&sr=1280x1024&_s=1&sid=1674292698&sct=1&seg=0&dl=http%3A%2F%2Fgla.ge%2F&dt=Gla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-4L91D0PM01>m=2oe1i0&_p=37534382&cid=1948412283.1674292698&ul=en-us&sr=1280x1024&_s=1&sid=1674292698&sct=1&seg=0&dl=http%3A%2F%2Fgla.ge%2F&dt=Gla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gla.ge
Connection: keep-alive
Referer: http://gla.ge/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://gla.ge
date: Sat, 21 Jan 2023 09:18:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 9ba458c0d3060a442f3094daf58ec05d
fc35d487d0dd81e6855f1b02367b755609d9608d
17087257ea25c2232c025f338b9f3153d35c3d953cb382b7b6e01728a643bc0b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gla.ge/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: eHUrJCWGb44ujnPzGxT98dEn8eRUefJ5pHZIgHS09nNBT0oaBco0skxVI7siDocKIHxlO5t4ZDg67Vbe7/bvjA==
priority: u=3,i
content-length: 27859
x-fb-trip-id: 1904183273
date: Sat, 21 Jan 2023 09:18:20 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 46b8df17eeb01460decb64410267e15e
f6693bd6607ce79c0a4899763da30d886dcd6ad3
f9948fc9e977fc5b4fc6d74f6bb661fcbfeb4ef3b1e3a1573a6ca6f3cc5319c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1756
Cache-Control: max-age=145440
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 09:18:20 GMT
Etag: "63cb3c20-1d7"
Expires: Mon, 23 Jan 2023 01:42:20 GMT
Last-Modified: Sat, 21 Jan 2023 01:13:04 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js?hash=40961ba016b22d6f93551f4da9656051
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=40961ba016b22d6f93551f4da9656051
IP 31.13.72.12:0
File type ASCII text, with very long lines (17777)
Hash 292204c6028db3b6dce18be945901953
90cb18d342e3fd3bcdbf1a17c3a8dd897ba90e6f
93278ce93957e2ceeeefdb91978bcb39afa8e5dc284eda34192d45ed88c9944f
GET /en_US/sdk.js?hash=40961ba016b22d6f93551f4da9656051 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gla.ge
Connection: keep-alive
Referer: http://gla.ge/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ac84bf78217a9df1e982d5fe062a5dbd
etag: "e8f1b0b0d19c6fd3af0631cb97966ee4"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 21 Jan 2024 08:05:39 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: KSIExgKNs7bc4YvpRZAZUw==
x-fb-debug: y+8AB3PE0xUkbAjtCmuuRQgnhTNnlbXq3oOTCzrwZVzkRN8TRBg6chE1H64Pijdoythw0+GBnNmDxwP2WIpnyg==
priority: u=3,i
content-length: 88390
x-fb-trip-id: 1904183273
date: Sat, 21 Jan 2023 09:18:20 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=3770951146318684&ev=ViewContent&dl=http%3A%2F%2Fgla.ge%2F&rl=&if=false&ts=1674292699741&sw=1280&sh=1024&v=2.9.94&r=stable&ec=1&o=30&cs_est=true&fbp=fb.1.1674292699741.1778090915&it=1674292699487&coo=false&es=automatic&tm=3&rqm=GET
31.13.72.36200 OK 110 kB URL HTTP/2 www.facebook.com/tr/?id=3770951146318684&ev=ViewContent&dl=http%3A%2F%2Fgla.ge%2F&rl=&if=false&ts=1674292699741&sw=1280&sh=1024&v=2.9.94&r=stable&ec=1&o=30&cs_est=true&fbp=fb.1.1674292699741.1778090915&it=1674292699487&coo=false&es=automatic&tm=3&rqm=GET
IP 31.13.72.36:0
File type gzip compressed data, from Unix\012- data
Size 110 kB (110391 bytes)
Hash 80807893b8ccab396fd98f1040290cdc
5ba691a3519012b5064ae21132655f893cd96988
191dbcf663f1e0bb7ae6c183fa5d14e54ef066979ff281d7cc51f2102e23b1c6
GET /tr/?id=3770951146318684&ev=ViewContent&dl=http%3A%2F%2Fgla.ge%2F&rl=&if=false&ts=1674292699741&sw=1280&sh=1024&v=2.9.94&r=stable&ec=1&o=30&cs_est=true&fbp=fb.1.1674292699741.1778090915&it=1674292699487&coo=false&es=automatic&tm=3&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gla.ge/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 21 Jan 2023 09:18:20 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=3770951146318684&ev=PageView&dl=http%3A%2F%2Fgla.ge%2F&rl=&if=false&ts=1674292699745&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674292699741.1778090915&it=1674292699487&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=3770951146318684&ev=PageView&dl=http%3A%2F%2Fgla.ge%2F&rl=&if=false&ts=1674292699745&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674292699741.1778090915&it=1674292699487&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=3770951146318684&ev=PageView&dl=http%3A%2F%2Fgla.ge%2F&rl=&if=false&ts=1674292699745&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674292699741.1778090915&it=1674292699487&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gla.ge/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 21 Jan 2023 09:18:20 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=3770951146318684&ev=Contact&dl=http%3A%2F%2Fgla.ge%2F&rl=&if=false&ts=1674292699744&sw=1280&sh=1024&v=2.9.94&r=stable&ec=2&o=30&fbp=fb.1.1674292699741.1778090915&it=1674292699487&coo=false&es=automatic&tm=3&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=3770951146318684&ev=Contact&dl=http%3A%2F%2Fgla.ge%2F&rl=&if=false&ts=1674292699744&sw=1280&sh=1024&v=2.9.94&r=stable&ec=2&o=30&fbp=fb.1.1674292699741.1778090915&it=1674292699487&coo=false&es=automatic&tm=3&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=3770951146318684&ev=Contact&dl=http%3A%2F%2Fgla.ge%2F&rl=&if=false&ts=1674292699744&sw=1280&sh=1024&v=2.9.94&r=stable&ec=2&o=30&fbp=fb.1.1674292699741.1778090915&it=1674292699487&coo=false&es=automatic&tm=3&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gla.ge/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 21 Jan 2023 09:18:20 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20057
Expires: Sat, 21 Jan 2023 14:52:38 GMT
Date: Sat, 21 Jan 2023 09:18:21 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20057
Expires: Sat, 21 Jan 2023 14:52:38 GMT
Date: Sat, 21 Jan 2023 09:18:21 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20057
Expires: Sat, 21 Jan 2023 14:52:38 GMT
Date: Sat, 21 Jan 2023 09:18:21 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20057
Expires: Sat, 21 Jan 2023 14:52:38 GMT
Date: Sat, 21 Jan 2023 09:18:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F565a8eca-40af-442b-9fe9-95e12dc0170a.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F565a8eca-40af-442b-9fe9-95e12dc0170a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa786854fde0d99189b458067b9d9418
ddf0fb650816b969d53d6e32ae31074bcb7e944e
a3d08b87658f756aa2f9e3072e87d52db30884aa6b6ab0cd8b278d0c870db2b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F565a8eca-40af-442b-9fe9-95e12dc0170a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7000
x-amzn-requestid: 05354e13-330d-40fc-9a96-ac345cfc80f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4BN9HBgoAMF9Iw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c648bf-146e89a423565a04139b19cb;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:05:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QW0Cg437BUF4aKTmUOtupoLb-zyWtwV7-hHTuSJIUORUC4KCyxSt1g==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 07:32:32 GMT
age: 6349
etag: "ddf0fb650816b969d53d6e32ae31074bcb7e944e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4483cb695fef2fe82f38a65e18ea1fd7
ea95504fc5be0259c8c3a39f47f8fcb322bca88d
807a120b964ee7ec7c83c5d943d29cea5df2171291ad1b99de9ef4df7e7e9046
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9657
x-amzn-requestid: 63c51fc8-3cd1-486b-960b-91d0d4b14dbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exbnMFUvoAMFvYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a62d-3f30f1cb5bc13bf812d3cf71;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:07:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 34RyiiWTD7qtrgZHxL7KpjUkCETug9eJ0TvPh6b2qGiLWLcZnmT3wg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 16:05:34 GMT
age: 61967
etag: "ea95504fc5be0259c8c3a39f47f8fcb322bca88d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 893ea518ea7c11ec06ffea60b2ee7921
34675a13bbac6abd1b087e546425e141215cf072
675ec12ed5803fad5036cedc1a3b66229316836bb321b4ad3a34aab56a100ca7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8698
x-amzn-requestid: 97c3bd04-2d8a-447e-85cb-376ea44b283c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0K85GOQIAMFbPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4beb8-5b6517906d2f8bad6488e6f8;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:04:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yqCw_c7tiFbJHxXvh65YuXnDX8bXdnsBupUJQXXfF141ODP-SBm48A==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 07:35:39 GMT
age: 6162
etag: "34675a13bbac6abd1b087e546425e141215cf072"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b08ef55971faa2683ab9f2af8a11dcec
a46c748cccb714f05a068c2438181328b4fbd57a
1d073abf25fbea2d85f34076eae47f9e89502846815094f5288b8e80762a8fe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11562
x-amzn-requestid: c3864d3b-caaa-4c44-a4bd-9339d0eede69
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-E1UGw4IAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4ee-703e32aa596019d42680e599;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZxoIRkRgzS5Hp0D9gzxOiTg3GatK8zSCIokF3NWUghEUmePltkYVRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:38:02 GMT
age: 20419
etag: "a46c748cccb714f05a068c2438181328b4fbd57a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RlbJymJhU6Ti5RZCSIvPzloackAiBEBGapKI440u4ZIfB5FYBNugLw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:24:48 GMT
age: 21213
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f99971c-1473-40a1-8c51-d03ce30e94e6.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f99971c-1473-40a1-8c51-d03ce30e94e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 868be33d3c4e2c509093599072ce6dc7
50d61f7462a41c8afe83f0beb00eb12d6d09bc5f
d698c324af46805e945d7d7a8a991ed032bfafa4014962edbb7b1d6a30eee4fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f99971c-1473-40a1-8c51-d03ce30e94e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11158
x-amzn-requestid: 8aef6294-7a98-4ced-b066-4a286dd7159f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exb1HEVwoAMFWyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a686-3252cc374b3ac7237f3b6b8d;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:08:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OQXPHaQhhuBxrUIT-qn6lSqieXcmM8c-1l-quG9cW844L2I65TTbBw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 04:53:28 GMT
age: 15893
etag: "50d61f7462a41c8afe83f0beb00eb12d6d09bc5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2