r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7076
Expires: Sun, 05 Feb 2023 08:42:50 GMT
Date: Sun, 05 Feb 2023 06:44:54 GMT
Connection: keep-alive
www.buttygirls.com/esus/multi/ms/7-216324/?cep=S43mgnF-myKkgP0L5_ZdfhSOxU2EztPzCG7P6EN03zPDgP3LVxVbIt9MXqJQsAg1uSh_ChZmzcXWzZutqaVRI6jwojPA7o3yGJSlcEWhxrEL3K60vvPIM4WvymoZOPccOn2Q4_cENOZDBZDNrjP8EwKu0xG_bb1KZpRIjcNIIN2Suhlw4p9K9hmDn05pojYUoIImjTjPnl50xp3iCAx0fvs-QxLM2-k6DZgC6BTe4z1crGLDCDPQFOHATbQ9Af4qY9Q1kVM-EBg5Lw6r6otYmGJ71p_IVnow9weC6oown5abs-ie9YNzymdaYhxDKR6eeyeDGctAlohBR3BRHOY1H_IHm61oNXAiamwmkLzmY9zHs6np6OmMf63Tgq9ouyEt&lptoken=163c750f5802126d7455
104.21.86.190200 OK 3.6 kB URL HTTP/1.1 www.buttygirls.com/esus/multi/ms/7-216324/?cep=S43mgnF-myKkgP0L5_ZdfhSOxU2EztPzCG7P6EN03zPDgP3LVxVbIt9MXqJQsAg1uSh_ChZmzcXWzZutqaVRI6jwojPA7o3yGJSlcEWhxrEL3K60vvPIM4WvymoZOPccOn2Q4_cENOZDBZDNrjP8EwKu0xG_bb1KZpRIjcNIIN2Suhlw4p9K9hmDn05pojYUoIImjTjPnl50xp3iCAx0fvs-QxLM2-k6DZgC6BTe4z1crGLDCDPQFOHATbQ9Af4qY9Q1kVM-EBg5Lw6r6otYmGJ71p_IVnow9weC6oown5abs-ie9YNzymdaYhxDKR6eeyeDGctAlohBR3BRHOY1H_IHm61oNXAiamwmkLzmY9zHs6np6OmMf63Tgq9ouyEt&lptoken=163c750f5802126d7455
IP 104.21.86.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash cca3ee285691387c812356d830e6e057
4008eebe171accb24150d7c82e6f1ea472420bcf
16108acd591471f3e47e285fd2c2ea4a06f39816ae424566199bff4b7a9a1dbb
GET /esus/multi/ms/7-216324/?cep=S43mgnF-myKkgP0L5_ZdfhSOxU2EztPzCG7P6EN03zPDgP3LVxVbIt9MXqJQsAg1uSh_ChZmzcXWzZutqaVRI6jwojPA7o3yGJSlcEWhxrEL3K60vvPIM4WvymoZOPccOn2Q4_cENOZDBZDNrjP8EwKu0xG_bb1KZpRIjcNIIN2Suhlw4p9K9hmDn05pojYUoIImjTjPnl50xp3iCAx0fvs-QxLM2-k6DZgC6BTe4z1crGLDCDPQFOHATbQ9Af4qY9Q1kVM-EBg5Lw6r6otYmGJ71p_IVnow9weC6oown5abs-ie9YNzymdaYhxDKR6eeyeDGctAlohBR3BRHOY1H_IHm61oNXAiamwmkLzmY9zHs6np6OmMf63Tgq9ouyEt&lptoken=163c750f5802126d7455 HTTP/1.1
Host: www.buttygirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 06:44:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FevOaoKCv1NYAr2rVg0fugDlfNm2uPLnxgk4zY36mbDpV7fRVSQiomW6Xze7IwmdyHtYmVogATlCXZIuJUQSmXSIlaVCeji54z%2F0VcR%2BXqtfe%2FBypMrBemmAIYYzHSY6vWCDkxc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7949ae1d1da1b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10274
Expires: Sun, 05 Feb 2023 09:36:08 GMT
Date: Sun, 05 Feb 2023 06:44:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17883
Expires: Sun, 05 Feb 2023 11:42:57 GMT
Date: Sun, 05 Feb 2023 06:44:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 06:36:17 GMT
content-type: application/json
age: 517
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nmCqPwubIbH/1EWsvmsFdJmWqwEuJCu7LdEqRF2Bb4apk/22zeDtSJ8LSrscFvY+RtOHa93kvY5FgQm9i66Glw==
x-amz-request-id: 3Y54DVF5RGJF7J99
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 05:53:09 GMT
age: 3105
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:44:54 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
static.production.almightypush.com/mng/subs_window.js?ver=1644586917
54.230.111.23200 OK 20 kB URL HTTP/2 static.production.almightypush.com/mng/subs_window.js?ver=1644586917
IP 54.230.111.23:0
Hash ae593f4be1dd1f0710123918b49c4933
66fbe30bb873e0a47d3d72e737d68aa4b6916c26
fdf9ff3f74dcf11d0fa456dcd53cb21550f67f0cfdc11dc29bef595f07b56206
GET /mng/subs_window.js?ver=1644586917 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.buttygirls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 19491
date: Sat, 04 Feb 2023 07:50:47 GMT
last-modified: Wed, 18 Jan 2023 12:37:33 GMT
etag: "ae593f4be1dd1f0710123918b49c4933"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Hu2PqABjHSLzM7w9d2EbPP0nj9WTY9ibJRj8xFm-3cZLz-CTFMzH4A==
age: 82448
X-Firefox-Spdy: h2
static.production.almightypush.com/mng/subs_window.css?ver=1644586917
54.230.111.23200 OK 6.9 kB URL HTTP/2 static.production.almightypush.com/mng/subs_window.css?ver=1644586917
IP 54.230.111.23:0
Hash bd7dbae15f904a4e1213439ebfefddbe
9f7a33b3d6e7965d8b99f0ff56cbf2e2ebb8f78e
30c08f3bb42d9a16155c65fbc952430048e4a84be70b98cb989b2dc977b49f8a
GET /mng/subs_window.css?ver=1644586917 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.buttygirls.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 6945
last-modified: Wed, 18 Jan 2023 12:37:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 04 Feb 2023 07:54:01 GMT
etag: "bd7dbae15f904a4e1213439ebfefddbe"
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5j2MzD7poMiM1LJo5FdoXT1Ylo-VUmKfnbjEDki2JBfcMHOFRrVTLw==
age: 82484
X-Firefox-Spdy: h2
static.production.almightypush.com/mng/channels/init.min.js?ver=1644586917
54.230.111.23200 OK 23 kB URL HTTP/2 static.production.almightypush.com/mng/channels/init.min.js?ver=1644586917
IP 54.230.111.23:0
Hash 3b6653c5e8ba364d3a55401890bfcd78
ee999f16f02d41b93d1db2bf3a489fab1034e67a
a598ef0100e73e2d81969e0a59374e915ccfe7c312603b4b1375bbd0e75498d5
GET /mng/channels/init.min.js?ver=1644586917 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.buttygirls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 22787
date: Sat, 04 Feb 2023 07:57:57 GMT
last-modified: Wed, 18 Jan 2023 12:37:33 GMT
etag: "3b6653c5e8ba364d3a55401890bfcd78"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zz3EwXd3nmLRcqWsYuOSurYFFDJjVbMOdNdd5_lmHSme8LuJqol2Gw==
age: 82018
X-Firefox-Spdy: h2
www.buttygirls.com/esus/multi/ms/7-216324/css/normalize.css
104.21.86.190200 OK 2.1 kB URL HTTP/1.1 www.buttygirls.com/esus/multi/ms/7-216324/css/normalize.css
IP 104.21.86.190:0
Hash 3a8aa2b923c16206db04bc6c69f1a58f
f2d28e1d8ce197bbfbebf4314949ef8cb3e5d58e
1a75f821f5beaf52dd5466522392998eaf1b150047fb58b144c001f14dd0a174
GET /esus/multi/ms/7-216324/css/normalize.css HTTP/1.1
Host: www.buttygirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.buttygirls.com/esus/multi/ms/7-216324/?cep=S43mgnF-myKkgP0L5_ZdfhSOxU2EztPzCG7P6EN03zPDgP3LVxVbIt9MXqJQsAg1uSh_ChZmzcXWzZutqaVRI6jwojPA7o3yGJSlcEWhxrEL3K60vvPIM4WvymoZOPccOn2Q4_cENOZDBZDNrjP8EwKu0xG_bb1KZpRIjcNIIN2Suhlw4p9K9hmDn05pojYUoIImjTjPnl50xp3iCAx0fvs-QxLM2-k6DZgC6BTe4z1crGLDCDPQFOHATbQ9Af4qY9Q1kVM-EBg5Lw6r6otYmGJ71p_IVnow9weC6oown5abs-ie9YNzymdaYhxDKR6eeyeDGctAlohBR3BRHOY1H_IHm61oNXAiamwmkLzmY9zHs6np6OmMf63Tgq9ouyEt&lptoken=163c750f5802126d7455
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 06:44:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 11 Feb 2022 15:27:25 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72cwov0%2BQi58%2FNrqLfisaqMU6K5LyqBGZHTtMrCQ%2FxLmCChVcfzJc6BBTuwAERIwqbRF2rztrz0vDhkKJo4nvUj44EQZ68sRXEhYFJnNSEXjZu7PDhMILCgduwWEGCp86YuqWTM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949ae1f4f3cb512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.buttygirls.com/esus/multi/ms/7-216324/css/style.css
104.21.86.190200 OK 1.8 kB URL HTTP/1.1 www.buttygirls.com/esus/multi/ms/7-216324/css/style.css
IP 104.21.86.190:0
Hash 7eded0c259bed040a6838742da7f82fd
d7448cfc776a4fdc8fb6cd953bd77c72b1f3fe0c
f6b82e40f5b4eefbb63fa076d9f25c22dac47dab1b7302abfa63f9cc29dab356
GET /esus/multi/ms/7-216324/css/style.css HTTP/1.1
Host: www.buttygirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.buttygirls.com/esus/multi/ms/7-216324/?cep=S43mgnF-myKkgP0L5_ZdfhSOxU2EztPzCG7P6EN03zPDgP3LVxVbIt9MXqJQsAg1uSh_ChZmzcXWzZutqaVRI6jwojPA7o3yGJSlcEWhxrEL3K60vvPIM4WvymoZOPccOn2Q4_cENOZDBZDNrjP8EwKu0xG_bb1KZpRIjcNIIN2Suhlw4p9K9hmDn05pojYUoIImjTjPnl50xp3iCAx0fvs-QxLM2-k6DZgC6BTe4z1crGLDCDPQFOHATbQ9Af4qY9Q1kVM-EBg5Lw6r6otYmGJ71p_IVnow9weC6oown5abs-ie9YNzymdaYhxDKR6eeyeDGctAlohBR3BRHOY1H_IHm61oNXAiamwmkLzmY9zHs6np6OmMf63Tgq9ouyEt&lptoken=163c750f5802126d7455
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 06:44:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 11 Feb 2022 15:27:25 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GI0%2B2%2FYC%2FP04pi7z2UtnVXmmOWoX7SzCoTCs4dhrpkSrTnVhnE0RdtEARcisDG%2FBe%2Fiec68gqrUwPbcUF4evjgMdj1O1aHR7R%2FQWisp66uLnn84v8GQKIUPhmYD7ZvzuHP8vioI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949ae1f4c6efac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.buttygirls.com/esus/multi/ms/7-216324/js/inline_video.js
104.21.86.190200 OK 1.3 kB URL HTTP/1.1 www.buttygirls.com/esus/multi/ms/7-216324/js/inline_video.js
IP 104.21.86.190:0
File type ASCII text, with very long lines (3011)
Hash ab03e3a189486b315c2e0bc4de293527
59aa7f71eedcf7642f22a9c50ae955292cb3ea39
b1d4e79daa51c97053fa4b2da8a5001ec23c2f7c9322ee7426bc2a16b2f34f5c
Analyzer Verdict Alert fortinet Malware
GET /esus/multi/ms/7-216324/js/inline_video.js HTTP/1.1
Host: www.buttygirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.buttygirls.com/esus/multi/ms/7-216324/?cep=S43mgnF-myKkgP0L5_ZdfhSOxU2EztPzCG7P6EN03zPDgP3LVxVbIt9MXqJQsAg1uSh_ChZmzcXWzZutqaVRI6jwojPA7o3yGJSlcEWhxrEL3K60vvPIM4WvymoZOPccOn2Q4_cENOZDBZDNrjP8EwKu0xG_bb1KZpRIjcNIIN2Suhlw4p9K9hmDn05pojYUoIImjTjPnl50xp3iCAx0fvs-QxLM2-k6DZgC6BTe4z1crGLDCDPQFOHATbQ9Af4qY9Q1kVM-EBg5Lw6r6otYmGJ71p_IVnow9weC6oown5abs-ie9YNzymdaYhxDKR6eeyeDGctAlohBR3BRHOY1H_IHm61oNXAiamwmkLzmY9zHs6np6OmMf63Tgq9ouyEt&lptoken=163c750f5802126d7455
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 06:44:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 11 Feb 2022 15:27:26 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbHLrYmP8psdYXum72YxGXjaNDlynylMMcrR5FsZgLk7GftLjIQSBSGMCwoazyEACezzWbgdcXspPSMfKgQw79OfPnmJP40PIpTIGZW8taCMKSIMKmsXPoL%2BO3rhN6a7jkmIIxU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949ae1f5c380b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.buttygirls.com/esus/multi/ms/7-216324/js/jquery.min.js
104.21.86.190200 OK 33 kB URL HTTP/1.1 www.buttygirls.com/esus/multi/ms/7-216324/js/jquery.min.js
IP 104.21.86.190:0
File type ASCII text, with very long lines (32047)
Hash 681f5acb09e41b111a796c7a4eddfe73
8793aadb0e45567d84f2c4bd03e9ff49e615e3cc
d9a28a18def7d05077f968ad00a30534a017a097134f6da9c924862d93aa62ca
Analyzer Verdict Alert fortinet Malware
GET /esus/multi/ms/7-216324/js/jquery.min.js HTTP/1.1
Host: www.buttygirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.buttygirls.com/esus/multi/ms/7-216324/?cep=S43mgnF-myKkgP0L5_ZdfhSOxU2EztPzCG7P6EN03zPDgP3LVxVbIt9MXqJQsAg1uSh_ChZmzcXWzZutqaVRI6jwojPA7o3yGJSlcEWhxrEL3K60vvPIM4WvymoZOPccOn2Q4_cENOZDBZDNrjP8EwKu0xG_bb1KZpRIjcNIIN2Suhlw4p9K9hmDn05pojYUoIImjTjPnl50xp3iCAx0fvs-QxLM2-k6DZgC6BTe4z1crGLDCDPQFOHATbQ9Af4qY9Q1kVM-EBg5Lw6r6otYmGJ71p_IVnow9weC6oown5abs-ie9YNzymdaYhxDKR6eeyeDGctAlohBR3BRHOY1H_IHm61oNXAiamwmkLzmY9zHs6np6OmMf63Tgq9ouyEt&lptoken=163c750f5802126d7455
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 06:44:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 11 Feb 2022 15:27:26 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4zXJat65s%2BbrbDygpi7%2BaTkk5cv1PmpnAFetzQXWTgoRCndffNGoE1Qi%2Fhk70jlfoSmB%2FUwzR6rFkGMrhBmPh0%2F9iWNfPytdhER01fMV3%2FUfaWjkYZEno%2BkLEQEfbD2nZzig7s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949ae1f4d540b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.buttygirls.com/esus/multi/ms/7-216324/js/ip_api.js
104.21.86.190200 OK 354 B URL HTTP/1.1 www.buttygirls.com/esus/multi/ms/7-216324/js/ip_api.js
IP 104.21.86.190:0
Hash 792f5be3a6ab4b300b164593323d05b1
b86d12ba7693b0d14bd5c59677eb4bc68265f17e
f2aa9bae5d96991cbdf05bff51bc3606354a430c19dea760e4e1bbf3d28d8789
Analyzer Verdict Alert fortinet Malware
GET /esus/multi/ms/7-216324/js/ip_api.js HTTP/1.1
Host: www.buttygirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.buttygirls.com/esus/multi/ms/7-216324/?cep=S43mgnF-myKkgP0L5_ZdfhSOxU2EztPzCG7P6EN03zPDgP3LVxVbIt9MXqJQsAg1uSh_ChZmzcXWzZutqaVRI6jwojPA7o3yGJSlcEWhxrEL3K60vvPIM4WvymoZOPccOn2Q4_cENOZDBZDNrjP8EwKu0xG_bb1KZpRIjcNIIN2Suhlw4p9K9hmDn05pojYUoIImjTjPnl50xp3iCAx0fvs-QxLM2-k6DZgC6BTe4z1crGLDCDPQFOHATbQ9Af4qY9Q1kVM-EBg5Lw6r6otYmGJ71p_IVnow9weC6oown5abs-ie9YNzymdaYhxDKR6eeyeDGctAlohBR3BRHOY1H_IHm61oNXAiamwmkLzmY9zHs6np6OmMf63Tgq9ouyEt&lptoken=163c750f5802126d7455
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 06:44:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 11 Feb 2022 15:27:26 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tbHrpQzOTslE8a6jppovXILfi68%2BNwn%2BexlGAwO82qh3IZa%2F3ZrwUwYsnmQPBqnOxu2OyCqwU454MSXJg5WhNI5MUvT8KVFpgaxxvJyKnVLTdFDZENX11rN3h8C%2BsUm9liz7bM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949ae1f5a21b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.buttygirls.com/esus/multi/ms/7-216324/js/backoffer.js
104.21.86.190200 OK 230 B URL HTTP/1.1 www.buttygirls.com/esus/multi/ms/7-216324/js/backoffer.js
IP 104.21.86.190:0
File type ASCII text, with very long lines (430), with no line terminators
Hash d1d761e3721375472889577260906f9c
c5e6e54e8b6b84af216d867dca79eb00c2819e42
de8798dd7447b4651ec2d44931c15ceb0d3e5099997b2ddc2452d3f95092a1a2
Analyzer Verdict Alert fortinet Malware
GET /esus/multi/ms/7-216324/js/backoffer.js HTTP/1.1
Host: www.buttygirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.buttygirls.com/esus/multi/ms/7-216324/?cep=S43mgnF-myKkgP0L5_ZdfhSOxU2EztPzCG7P6EN03zPDgP3LVxVbIt9MXqJQsAg1uSh_ChZmzcXWzZutqaVRI6jwojPA7o3yGJSlcEWhxrEL3K60vvPIM4WvymoZOPccOn2Q4_cENOZDBZDNrjP8EwKu0xG_bb1KZpRIjcNIIN2Suhlw4p9K9hmDn05pojYUoIImjTjPnl50xp3iCAx0fvs-QxLM2-k6DZgC6BTe4z1crGLDCDPQFOHATbQ9Af4qY9Q1kVM-EBg5Lw6r6otYmGJ71p_IVnow9weC6oown5abs-ie9YNzymdaYhxDKR6eeyeDGctAlohBR3BRHOY1H_IHm61oNXAiamwmkLzmY9zHs6np6OmMf63Tgq9ouyEt&lptoken=163c750f5802126d7455
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 06:44:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 11 Feb 2022 15:27:26 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0XaG%2FZVH2TX9wrOmekd42%2FLNAK6wFUftyR3FjetAKT1zVSmrnpBfol2RwlMpBqDO3W6vD6LgoCWL2FpkgkMfg98IQobBqTaaoQedrONr1URuV461GVKQ3rRY74AthpQINBC2Mg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949ae1f6f4eb518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 06:44:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 06:44:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,900italic&subset=latin,latin-ext
142.250.74.106200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic,900italic&subset=latin,latin-ext
IP 142.250.74.106:0
Hash f8b685fa3284f771ecc25cf7550fbee3
3c1447c48c7dd26a548bbba480ad127509586a80
ffdae2ef54c1247ea5628eb7e80ea300e336a4794e701d9ce21de92d322cb691
GET /css?family=Source+Sans+Pro:400,700,400italic,700italic,900italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.buttygirls.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 06:44:54 GMT
date: Sun, 05 Feb 2023 06:44:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ip-api.com/json
208.95.112.1200 OK 277 B IP 208.95.112.1:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 47abdf32b87fc82ed4160af504891507
290f0d4d0cef4cd5983db4bfe53c02a3f4193a6e
9df7a6b6ab363f5e4b96012311150f647cc5b24830f32f9cb621ddfbfab0d823
NIDS Severity Alert suricata medium ET POLICY External IP Lookup ip-api.com
GET /json HTTP/1.1
Host: ip-api.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.buttygirls.com
Connection: keep-alive
Referer: http://www.buttygirls.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 06:44:54 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 277
Access-Control-Allow-Origin: *
X-Ttl: 60
X-Rl: 44
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 06:07:20 GMT
age: 2254
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7272
Expires: Sun, 05 Feb 2023 08:46:06 GMT
Date: Sun, 05 Feb 2023 06:44:54 GMT
Connection: keep-alive
www.buttygirls.com/esus/multi/ms/7-216324/images/frame.jpg
104.21.86.190404 Not Found 238 B URL HTTP/1.1 www.buttygirls.com/esus/multi/ms/7-216324/images/frame.jpg
IP 104.21.86.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
GET /esus/multi/ms/7-216324/images/frame.jpg HTTP/1.1
Host: www.buttygirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.buttygirls.com/esus/multi/ms/7-216324/?cep=S43mgnF-myKkgP0L5_ZdfhSOxU2EztPzCG7P6EN03zPDgP3LVxVbIt9MXqJQsAg1uSh_ChZmzcXWzZutqaVRI6jwojPA7o3yGJSlcEWhxrEL3K60vvPIM4WvymoZOPccOn2Q4_cENOZDBZDNrjP8EwKu0xG_bb1KZpRIjcNIIN2Suhlw4p9K9hmDn05pojYUoIImjTjPnl50xp3iCAx0fvs-QxLM2-k6DZgC6BTe4z1crGLDCDPQFOHATbQ9Af4qY9Q1kVM-EBg5Lw6r6otYmGJ71p_IVnow9weC6oown5abs-ie9YNzymdaYhxDKR6eeyeDGctAlohBR3BRHOY1H_IHm61oNXAiamwmkLzmY9zHs6np6OmMf63Tgq9ouyEt&lptoken=163c750f5802126d7455
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 06:44:54 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BSBMsDxspgrKerPz%2F5adbY1HSkaHhQSWr0bTxoAedum7wqc0JcSpPBI%2FZn5HKYHhbZ1kjeG5%2FcbHPfU99v8Lr8dgIfhta2u%2BiFlYqo0ZNYjCwRmepYybzHgqEjusxAaVWNiMOY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949ae231d8cfac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.buttygirls.com/esus/multi/ms/7-216324/images/loading.gif
104.21.86.190404 Not Found 238 B URL HTTP/1.1 www.buttygirls.com/esus/multi/ms/7-216324/images/loading.gif
IP 104.21.86.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
GET /esus/multi/ms/7-216324/images/loading.gif HTTP/1.1
Host: www.buttygirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.buttygirls.com/esus/multi/ms/7-216324/?cep=S43mgnF-myKkgP0L5_ZdfhSOxU2EztPzCG7P6EN03zPDgP3LVxVbIt9MXqJQsAg1uSh_ChZmzcXWzZutqaVRI6jwojPA7o3yGJSlcEWhxrEL3K60vvPIM4WvymoZOPccOn2Q4_cENOZDBZDNrjP8EwKu0xG_bb1KZpRIjcNIIN2Suhlw4p9K9hmDn05pojYUoIImjTjPnl50xp3iCAx0fvs-QxLM2-k6DZgC6BTe4z1crGLDCDPQFOHATbQ9Af4qY9Q1kVM-EBg5Lw6r6otYmGJ71p_IVnow9weC6oown5abs-ie9YNzymdaYhxDKR6eeyeDGctAlohBR3BRHOY1H_IHm61oNXAiamwmkLzmY9zHs6np6OmMf63Tgq9ouyEt&lptoken=163c750f5802126d7455
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 06:44:54 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GceGi5Jwva09CsOJZdunBb7EAVNPGNAgWwFAoNnPq5labgPUU%2FJ1d94Fb3EjTneLpnGL1VI11l28cEKDbe%2FtA8kEvK566MAUkP%2F7bwBczLhSTY7QYpfEhmNSoqGQwFYzhYoPd9o%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949ae231f7b0b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.buttygirls.com/esus/multi/ms/7-216324/css/CenturyGothic.woff
104.21.86.190404 Not Found 315 B URL HTTP/1.1 www.buttygirls.com/esus/multi/ms/7-216324/css/CenturyGothic.woff
IP 104.21.86.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
GET /esus/multi/ms/7-216324/css/CenturyGothic.woff HTTP/1.1
Host: www.buttygirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.buttygirls.com/esus/multi/ms/7-216324/css/style.css
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 06:44:54 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5Os7S3WVlg1zfN64HUE8uv%2FjoxFfTFTmFcKVWcQGdPBIy3h4ji6UIPzP5BjCIeSf22sxZ3uPNZ3rKtZvOoznSkgYyiSoKWxWf7lvkqsyXd1ascy2pxnUVe%2FgieEggL1UV3mTSA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949ae235e580b49-OSL
alt-svc: h2=":443"; ma=60
www.buttygirls.com/esus/multi/ms/7-216324/css/CenturyGothic-Bold.woff
104.21.86.190404 Not Found 315 B URL HTTP/1.1 www.buttygirls.com/esus/multi/ms/7-216324/css/CenturyGothic-Bold.woff
IP 104.21.86.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
GET /esus/multi/ms/7-216324/css/CenturyGothic-Bold.woff HTTP/1.1
Host: www.buttygirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.buttygirls.com/esus/multi/ms/7-216324/css/style.css
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 06:44:55 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnCOeF5DVaotAGBLAhFo6p8sJdWZ2O26M%2F9NCEM59sF8jYZPggUvrwpEa5m0QIsz%2BlpKITVeYWPXDtxuqKiNsdyEmWVlBS5IpUoBeIfRGXEh7sMVS9bhP36THpWt2QUHgYJfD80%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949ae235c9db521-OSL
alt-svc: h2=":443"; ma=60
www.buttygirls.com/esus/multi/ms/7-216324/images/girl-v1.webm
104.21.86.190404 Not Found 315 B URL HTTP/1.1 www.buttygirls.com/esus/multi/ms/7-216324/images/girl-v1.webm
IP 104.21.86.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
GET /esus/multi/ms/7-216324/images/girl-v1.webm HTTP/1.1
Host: www.buttygirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://www.buttygirls.com/esus/multi/ms/7-216324/?cep=S43mgnF-myKkgP0L5_ZdfhSOxU2EztPzCG7P6EN03zPDgP3LVxVbIt9MXqJQsAg1uSh_ChZmzcXWzZutqaVRI6jwojPA7o3yGJSlcEWhxrEL3K60vvPIM4WvymoZOPccOn2Q4_cENOZDBZDNrjP8EwKu0xG_bb1KZpRIjcNIIN2Suhlw4p9K9hmDn05pojYUoIImjTjPnl50xp3iCAx0fvs-QxLM2-k6DZgC6BTe4z1crGLDCDPQFOHATbQ9Af4qY9Q1kVM-EBg5Lw6r6otYmGJ71p_IVnow9weC6oown5abs-ie9YNzymdaYhxDKR6eeyeDGctAlohBR3BRHOY1H_IHm61oNXAiamwmkLzmY9zHs6np6OmMf63Tgq9ouyEt&lptoken=163c750f5802126d7455
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 06:44:55 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q51RCzbs0RVIp85k6nXkYGV8M4YxfPCpk0lUl54Q1D4tx5jGgzisyqUVWk9wcqRbItZKj8IfzPZpWv%2FHvLFOQEg4xjfXbstR9vgoYifjSXyBQbZd6%2FCtSaz8ilKMWvCHH3pXb6g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7949ae2369aab518-OSL
alt-svc: h2=":443"; ma=60
www.buttygirls.com/esus/multi/ms/7-216324/css/CenturyGothic.ttf
104.21.86.190404 Not Found 238 B URL HTTP/1.1 www.buttygirls.com/esus/multi/ms/7-216324/css/CenturyGothic.ttf
IP 104.21.86.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert fortinet Malware
GET /esus/multi/ms/7-216324/css/CenturyGothic.ttf HTTP/1.1
Host: www.buttygirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.buttygirls.com/esus/multi/ms/7-216324/css/style.css
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 06:44:55 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxmuaUpJ6y3BPC037tJlDnvA8UwZYMBGWVxyb2kBncyCu2lyTiA7zwBse%2FrqOe6ey%2B%2B%2Fm1uQWLuwsZ9DhF9oBqgrYYdiiVVWJ9%2F%2FSM1GJc4pXZrOw%2FirvD9YuZ2SfWW9aU7TsH4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949ae23afc60b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.buttygirls.com/esus/multi/ms/7-216324/css/CenturyGothic-Bold.ttf
104.21.86.190404 Not Found 238 B URL HTTP/1.1 www.buttygirls.com/esus/multi/ms/7-216324/css/CenturyGothic-Bold.ttf
IP 104.21.86.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert fortinet Malware
GET /esus/multi/ms/7-216324/css/CenturyGothic-Bold.ttf HTTP/1.1
Host: www.buttygirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.buttygirls.com/esus/multi/ms/7-216324/css/style.css
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 06:44:55 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhgUzP4jEf2xOh0iBoIPPk2XspVVCA3ZK1G8hPwwGc4TSLN6SZM1dLp0Vmtcp8bMQICRVDTx00hqM3hnjXfVhvcQ%2B%2BxZSWE78A3NjPMX8Uzq7OV6MLvmWSGNEZU854cvySA9mgY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949ae23ddc6fac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/2sAltK-Ives
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/2sAltK-Ives
IP 142.250.74.131:0
Hash 050bf478987c7ba10e31c684ccbfc7f4
34a2647a4437eae4f0f2ea52c1c30fd8aaca8ebf
bd63e522a2e981425ff14119180ebb1e014970c1b8b6215a40eaded77b8a00f9
POST /s/gts1p5/2sAltK-Ives HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 06:44:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.218.23.125101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.218.23.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MmarE19XVV+12x9ph+pe3w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PwoatTYzKU6vMta5XrY2pEracWg=
www.buttygirls.com/esus/multi/ms/7-216324/images/android-chrome-192x192.png
104.21.86.190404 Not Found 238 B URL HTTP/1.1 www.buttygirls.com/esus/multi/ms/7-216324/images/android-chrome-192x192.png
IP 104.21.86.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
GET /esus/multi/ms/7-216324/images/android-chrome-192x192.png HTTP/1.1
Host: www.buttygirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.buttygirls.com/esus/multi/ms/7-216324/?cep=S43mgnF-myKkgP0L5_ZdfhSOxU2EztPzCG7P6EN03zPDgP3LVxVbIt9MXqJQsAg1uSh_ChZmzcXWzZutqaVRI6jwojPA7o3yGJSlcEWhxrEL3K60vvPIM4WvymoZOPccOn2Q4_cENOZDBZDNrjP8EwKu0xG_bb1KZpRIjcNIIN2Suhlw4p9K9hmDn05pojYUoIImjTjPnl50xp3iCAx0fvs-QxLM2-k6DZgC6BTe4z1crGLDCDPQFOHATbQ9Af4qY9Q1kVM-EBg5Lw6r6otYmGJ71p_IVnow9weC6oown5abs-ie9YNzymdaYhxDKR6eeyeDGctAlohBR3BRHOY1H_IHm61oNXAiamwmkLzmY9zHs6np6OmMf63Tgq9ouyEt&lptoken=163c750f5802126d7455
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 06:44:55 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVKrOSYtf3eoG7ELRo85jBQIoKEkLipirETV2GBKI9bnMAUm%2F1EOhrxrpgkj5UDh65jTM3oiLK0W1ticUnz7pfimmraP%2BALQq7EX1vRY9SMHtE1W87LWQXD3L6UNNEFtYkKEy0U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949ae25188b0b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
zeniocloud.com/JAIA.js?sub1=buttygirls.com
167.114.67.56200 OK 333 B URL HTTP/2 zeniocloud.com/JAIA.js?sub1=buttygirls.com
IP 167.114.67.56:0
Hash b5d830af9fe611315c601ebdecffb9d1
12e233c843bf814830bc5a27c3c34e606bf53541
070586051e420c92680062d2ce14e609e4685546317f4fa048c86cf0ffdbd6f2
Analyzer Verdict Alert fortinet Phishing
GET /JAIA.js?sub1=buttygirls.com HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.buttygirls.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 Feb 2023 06:44:54 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2
www.buttygirls.com/esus/multi/ms/7-216324/images/favicon-16x16.png
104.21.86.190404 Not Found 238 B URL HTTP/1.1 www.buttygirls.com/esus/multi/ms/7-216324/images/favicon-16x16.png
IP 104.21.86.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
GET /esus/multi/ms/7-216324/images/favicon-16x16.png HTTP/1.1
Host: www.buttygirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.buttygirls.com/esus/multi/ms/7-216324/?cep=S43mgnF-myKkgP0L5_ZdfhSOxU2EztPzCG7P6EN03zPDgP3LVxVbIt9MXqJQsAg1uSh_ChZmzcXWzZutqaVRI6jwojPA7o3yGJSlcEWhxrEL3K60vvPIM4WvymoZOPccOn2Q4_cENOZDBZDNrjP8EwKu0xG_bb1KZpRIjcNIIN2Suhlw4p9K9hmDn05pojYUoIImjTjPnl50xp3iCAx0fvs-QxLM2-k6DZgC6BTe4z1crGLDCDPQFOHATbQ9Af4qY9Q1kVM-EBg5Lw6r6otYmGJ71p_IVnow9weC6oown5abs-ie9YNzymdaYhxDKR6eeyeDGctAlohBR3BRHOY1H_IHm61oNXAiamwmkLzmY9zHs6np6OmMf63Tgq9ouyEt&lptoken=163c750f5802126d7455
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 06:44:55 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFfdE3kFBrRagCjmhhJrtO4mjOU5%2BUMQDP4dx3Adsf6P3vbuoWVD23e2iyNIc%2B4Mn46EiYcn7TOsa4ypgtwMiRl%2FzGaK5HEZABD1CzdkKkqqG0i%2BKrtYuG7C5GbIVt5CQzk51LA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949ae252e4afac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/2sAltK-Ives
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/2sAltK-Ives
IP 142.250.74.131:0
Hash 050bf478987c7ba10e31c684ccbfc7f4
34a2647a4437eae4f0f2ea52c1c30fd8aaca8ebf
bd63e522a2e981425ff14119180ebb1e014970c1b8b6215a40eaded77b8a00f9
POST /s/gts1p5/2sAltK-Ives HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 06:44:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21024
Expires: Sun, 05 Feb 2023 12:35:20 GMT
Date: Sun, 05 Feb 2023 06:44:56 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21024
Expires: Sun, 05 Feb 2023 12:35:20 GMT
Date: Sun, 05 Feb 2023 06:44:56 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21024
Expires: Sun, 05 Feb 2023 12:35:20 GMT
Date: Sun, 05 Feb 2023 06:44:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94063a59-0665-4d1d-89f4-785b4ab501d8.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94063a59-0665-4d1d-89f4-785b4ab501d8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bee08788da5b88dde69aeb1d4de005c9
537c7a19a9395a60452b6b0b3ae08d47f4705181
02365d88ae9ff3ace3f29509df0e436ab0838d44714ef0f25dea463d665f794a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94063a59-0665-4d1d-89f4-785b4ab501d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6486
x-amzn-requestid: 544d13b9-8d45-4029-88e0-280f27cc0fa3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi4-SHN1IAMFSkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76ec1-3f1ee84f53fe45cc01439a28;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:16:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TtyPO9j12ZpU3XdElRgCrqB4XNERrppavwJZJn5As8mqjjDLyZBmsw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:39 GMT
age: 32477
etag: "537c7a19a9395a60452b6b0b3ae08d47f4705181"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1092c4dd4d9ca4d09462ae46e1dd7c1
17444ff60be1afbc40d3653fa936f9eaf9478068
ea8362c7249080b34288ee675f70333607fc3be37e716fdcf63e4901849def9f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7288
x-amzn-requestid: 1aa297f5-2f9a-45be-b823-1eb4d5887769
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WrwH-iIAMFyhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded17e-2b630b4a302b8ae118883b71;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:43:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z2oKgp1keqEkvN6jjsUepMbrxD4JCXKAOHrMNJHcuXN0CpulUh5GLA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:39 GMT
etag: "17444ff60be1afbc40d3653fa936f9eaf9478068"
content-type: image/jpeg
age: 32477
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jIvBQjGh9JzWQM0YpEYiqP5CcBrkwqLVjAYhMWJ1P1H0MRkm7kpnpg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:12:06 GMT
age: 30770
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 13:05:46 GMT
age: 63550
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c8da623-73ab-4c2d-afaa-03d28de3a280.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c8da623-73ab-4c2d-afaa-03d28de3a280.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e0c38abfcd86f8074d4182d49fc354f
1367bebb73fa652695242100b26c394f1bfe4457
e42d110060133ac05e6cdfafa6473c55473220fdc7eaf03e3a89f58aa3603670
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c8da623-73ab-4c2d-afaa-03d28de3a280.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11056
x-amzn-requestid: 4acc3364-4a33-4934-bdcb-41284d952113
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPFrwEW4IAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8317-33872f461a2faab552322837;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:04:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XhPm-ZDoEjlgeiXUwMRQZ5pOMs4qJzXagWZg302DcrYpUm5X7O8ZZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:46:47 GMT
age: 32289
etag: "1367bebb73fa652695242100b26c394f1bfe4457"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 14:53:45 GMT
age: 57071
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2