hottime4you.com/ol/all/de/ms/25-687828/
104.21.61.179200 OK 2.4 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/
IP 104.21.61.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 9c347d57dabf5f8bce82b3aa36c5856b
e3b48c59f86d7bebcc6544680e41ed90a9337b11
2b81dcdf19d07d249155d976c987dc69f60f12e89f8568f9262711c01193da85
Analyzer Verdict Alert fortinet Malware
GET /ol/all/de/ms/25-687828/ HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bl9N1CyiN8RZJJpdo3W4%2BgE880r4px6ffOVV9Wf6AtdcSHun2YRFZ5M6hfbceV2cYxrdeMftXrCw7aSQbd5vgqynMVyU5gdbqomigYDt1rMek7ABjW6oiGwOdhcrC5MPLBs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74fddf8ec92db4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 19:14:34 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0pJBifuK7w-po06bjty61iKci96o4cojjybQihQBv_Wthe1YY-qNsw==
Age: 309
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2381
Expires: Sat, 24 Sep 2022 19:59:24 GMT
Date: Sat, 24 Sep 2022 19:19:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b3e81b5bd7bd8e12288a8159e44ceb3f
977945964ffcbf49ac78f840db9da822c50c82f0
4721814da286852318f7ebf9857bd4bf01f0beea2c9eb7ddb9f290e3fa472232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4721814DA286852318F7EBF9857BD4BF01F0BEEA2C9EB7DDB9F290E3FA472232"
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18462
Expires: Sun, 25 Sep 2022 00:27:25 GMT
Date: Sat, 24 Sep 2022 19:19:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4zE7lQUyPrUr+kkFP9lXEFdtTG8IKQi2etvsmB2ha6N61NSoLjsyA4pVDeNX4mBKIHxdWReoS7TQ/V2I15TDgQ==
x-amz-request-id: 8WDZ984C59GFBHGB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 24 Sep 2022 18:45:17 GMT
age: 2066
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
hottime4you.com/ol/all/de/ms/25-687828/css/style.css?506693
104.21.61.179200 OK 1.3 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/css/style.css?506693
IP 104.21.61.179:0
File type assembler source, ASCII text
Hash 72aad72b7a7577895dce7e46bfb0bfde
043e7652c5f102f7aba9d6257e29e5ff583cb078
6089d2910cd66df85fbaf684d2275de5c73e8c7f795529e967b7e0a0deea88c9
Analyzer Verdict Alert fortinet Malware
GET /ol/all/de/ms/25-687828/css/style.css?506693 HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:43 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:25 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2hFWImkw5NHS21%2FSs03ChJGIAfU8XGa8d%2Bx61iK29i0Vmxr568Gt7%2BAVBKTnrD2JZFUR50MtEVexQZijrJvHy5148p9gsjha95W2wna3%2FLFiboalxaM7P9P8YTmupPAA8Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf90cd1bb4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:19:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
static.production.almightypush.com/mng/subs_window.css?ver=1638888212
54.230.111.23200 OK 6.9 kB URL HTTP/2 static.production.almightypush.com/mng/subs_window.css?ver=1638888212
IP 54.230.111.23:0
Hash bd7dbae15f904a4e1213439ebfefddbe
9f7a33b3d6e7965d8b99f0ff56cbf2e2ebb8f78e
30c08f3bb42d9a16155c65fbc952430048e4a84be70b98cb989b2dc977b49f8a
GET /mng/subs_window.css?ver=1638888212 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 6945
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 02:29:00 GMT
etag: "bd7dbae15f904a4e1213439ebfefddbe"
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: paLdxRHsC60bCORVouZIqH-AzlQZ2zAojmxdL50x1bSOGRrGH726Ug==
age: 60923
X-Firefox-Spdy: h2
static.production.almightypush.com/mng/subs_window.js?ver=1638888212
54.230.111.23200 OK 20 kB URL HTTP/2 static.production.almightypush.com/mng/subs_window.js?ver=1638888212
IP 54.230.111.23:0
Hash ae593f4be1dd1f0710123918b49c4933
66fbe30bb873e0a47d3d72e737d68aa4b6916c26
fdf9ff3f74dcf11d0fa456dcd53cb21550f67f0cfdc11dc29bef595f07b56206
GET /mng/subs_window.js?ver=1638888212 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 19491
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:28:29 GMT
etag: "ae593f4be1dd1f0710123918b49c4933"
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HxIbAnDCdel1v0CWp6-8Z45NWKxwwStAFd3PRJVmRvgwGbEK0uFs7Q==
age: 53487
X-Firefox-Spdy: h2
hottime4you.com/ol/all/de/ms/25-687828/css/animation.css?506693
104.21.61.179200 OK 523 B URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/css/animation.css?506693
IP 104.21.61.179:0
Hash 7d856f49fb85c308f7e3aade806615a1
a8afe132ac05e71b26e86069554a4f8fa0ba1956
f48295eced6a46803e1b1b944fb1debb2f72c2d252dfeb0a8af0d5152b06b1d5
GET /ol/all/de/ms/25-687828/css/animation.css?506693 HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:43 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:25 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGmhQU35YoPtCf2Y0iSkKQ%2FKa2UE0iP4DQ5h27chtXJcWZkKUKfdGtg6q4jOtougfCAct7PkpMNBJWGoNoLLKVRSD9OQxDA46GMD7nHjB2MssSV9OyffvERSttnbXab4WBE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf90cc53b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/js/step.js?506693
104.21.61.179200 OK 865 B URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/js/step.js?506693
IP 104.21.61.179:0
Hash 46a3a0281d7bd5455f99d71715bfbf53
9a88730bc5731b2f686aa3076ae9ec06ea78b439
c4ad2f86a75743cff0db4e957c174c02149421b1c134fee9c84218c263320a81
Analyzer Verdict Alert fortinet Malware
GET /ol/all/de/ms/25-687828/js/step.js?506693 HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:33 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqZkLbptn3Ov71Phz80lXiZ9vD6ZLzRiiv1T1viNOiJhP%2FGNTvlYu6x4NUB5nwQlGoC%2FwU5ecRkZE86a%2BWnFG%2Fr7HhwUjdyC%2FenP0QJ6mwIDSjVIitNHLajxJxRsi5qnU3w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf90ede4b4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/js/backoffer.js
104.21.61.179200 OK 230 B URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/js/backoffer.js
IP 104.21.61.179:0
File type ASCII text, with very long lines (430), with no line terminators
Hash d1d761e3721375472889577260906f9c
c5e6e54e8b6b84af216d867dca79eb00c2819e42
de8798dd7447b4651ec2d44931c15ceb0d3e5099997b2ddc2452d3f95092a1a2
Analyzer Verdict Alert fortinet Malware
GET /ol/all/de/ms/25-687828/js/backoffer.js HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:33 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkJuLwfV%2F57H%2BBkVJ6ygDYGgOOSpDGkgrZQpaYIHHD2DIxYH9dFpKL4K4llRq16pIaApfz74fTL8Bz8elUom3lBuK%2BUKoVwbUR1aaTOGqN9aQFYqm4xThP3eyprWB0HJOkM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf90fd000b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:19:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:19:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
142.250.74.170200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65447)
Hash 7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 09:42:03 GMT
expires: Tue, 19 Sep 2023 09:42:03 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 466660
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:19:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:19:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 4335f1c7ddd6de3b9033c0f8b58534c1
e1b66470c549fab1345580ccd621d732df4d4bad
5d0ec82e0ae339706240f3e7271916da5292d8f5ec806f49c469ca453165acdd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 19:19:43 GMT
Server: ECS (dcb/7FA4)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 373fm6CmFIwF8qwmYFnRQxnj-gtkkNoVRpR6b-onFpKrG9dH0j10Bw==
static.production.almightypush.com/mng/channels/init.min.js?ver=1638888212
54.230.111.23200 OK 22 kB URL HTTP/2 static.production.almightypush.com/mng/channels/init.min.js?ver=1638888212
IP 54.230.111.23:0
Hash 2ea196bb9d9670ec138eb0c8c23e6696
b0876fd8c0c56c5d34368c16a829c040c23cbaba
1475c052ae8dbc220775cd44b20e508e38db9f09168c57d4a73e0a9027f252f7
GET /mng/channels/init.min.js?ver=1638888212 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 21924
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 06:05:31 GMT
etag: "2ea196bb9d9670ec138eb0c8c23e6696"
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0Ja45-uJyRPTgfx3yJc_ixxCWkrBVyAuKLeqk4v6M00ubS-mhKW-Fg==
age: 48711
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aea87150cfab7dc7f69c7dc5fb885735
e6451d0b8ea18b28f340b9595e1fd2a13fb8dca7
1aa299558c7741de3684118ce6f2eea5e8e383286911043958a0346109403987
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1AA299558C7741DE3684118CE6F2EEA5E8E383286911043958A0346109403987"
Last-Modified: Fri, 23 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7068
Expires: Sat, 24 Sep 2022 21:17:31 GMT
Date: Sat, 24 Sep 2022 19:19:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 24 Sep 2022 19:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sat, 24 Sep 2022 19:53:07 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8rfFE3rpP7Ethouo54j0Fvz_rEtKj3vz-j7-sosmmo-8uBCdTkSlBw==
Age: 926
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1772
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:19:44 GMT
Last-Modified: Sat, 24 Sep 2022 18:50:12 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:19:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/quattrocentosans/v18/va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/quattrocentosans/v18/va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 24320, version 1.0\012- data
Hash 056a6ed9c698772e2438032629f4933e
e88b32e3d9492e241bf5451e95967c5597f29967
86380b40e3d14ed9f3e0a5ff79c04f510d7910f677a66685e2b10f8b8765797f
GET /s/quattrocentosans/v18/va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hottime4you.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 23:45:51 GMT
expires: Thu, 21 Sep 2023 23:45:51 GMT
cache-control: public, max-age=31536000
age: 243233
last-modified: Wed, 27 Apr 2022 16:02:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cb1b70641c40b886161ccf42c3a10fed
ab87fe7210e0b1b03c401a0f5c6b08bcb74cc242
2ecbdd53d5cd7325f6cde05bc96c101c5176c1c3468e2d1d73c9d06941065cc7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2ECBDD53D5CD7325F6CDE05BC96C101C5176C1C3468E2D1D73C9D06941065CC7"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8782
Expires: Sat, 24 Sep 2022 21:46:06 GMT
Date: Sat, 24 Sep 2022 19:19:44 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:19:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hottime4you.com/ol/all/de/ms/25-687828/images/14.png
104.21.61.179200 OK 64 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/14.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 5229c527050cfc1d3e744bb3e243a511
8a161090b7b68654b53ec4d62b1917813e1135f9
b6609d6a77a5d7ef9a1b0bc8cb339e500966f5fe8dff8b8ca9a84acd3d1a4515
GET /ol/all/de/ms/25-687828/images/14.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:44 GMT
Content-Type: image/png
Content-Length: 64303
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:28 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ubycAa8Kg0xK8qhJvfsPRUIy%2F2sHUyDyhZdHFpNWGMEU6%2BwCehGTu6A0XaPIzwVQXvVzFiSuzuHQP3kyxZBARXftex8LXRx6n4ZysqiVKhaV1h9s%2FBlSComKs4iat4FtbHc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf94dafdb4eb-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/43.png
104.21.61.179200 OK 60 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/43.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 01e539dac5d06d4ea5b596208d0ea607
6dbc43d0df4010b6cee02e6dfbb1a26ad60f2b9c
85c15d2d42b33ad87c7f7d3e422348d46412938a97370ee26a24daa66e09adad
GET /ol/all/de/ms/25-687828/images/43.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:44 GMT
Content-Type: image/png
Content-Length: 60395
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncnvXgJ%2BIEnchQjqBN5FDc2v06IHJqefrBoL%2Bd565neCX2y4qfyOXV6bmYSrGRt7earOpS9A3jFGpMMY7J56eeyRkZZh39Ucwwq8RtQCnEImH8irmC3HkJGxygL9T8MwDYc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf94d91cb4f9-OSL
alt-svc: h2=":443"; ma=60
zeniocloud.com/JAIA.js?sub1=hottime4you.com
167.114.67.56200 OK 12 kB URL HTTP/2 zeniocloud.com/JAIA.js?sub1=hottime4you.com
IP 167.114.67.56:0
Hash a17847fc6744d425986cd43da1ab5d5e
871017b18cff2575a7187936e53e5e270ebc31b9
a3c42a1d280c51e92589a601222f65bb8d6dd9b342c9a50cc4a048863850f0b4
Analyzer Verdict Alert fortinet Phishing
GET /JAIA.js?sub1=hottime4you.com HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 24 Sep 2022 19:19:44 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2
hottime4you.com/ol/all/de/ms/25-687828/images/42.png
104.21.61.179200 OK 64 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/42.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 9a78453a120ef776608b04ff29cdeae1
b1f7c5bfc3a5999845d1d101a9efccadbc6066b3
bac36e0cd616d2c9716ee7ea996e086ad48f10589f0ed45e1562fe99d1db00df
GET /ol/all/de/ms/25-687828/images/42.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:44 GMT
Content-Type: image/png
Content-Length: 63889
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:31 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOBrxPB5yAzqxApcVBNAkvFWNdYg7kufnQLnQHSpkPuJ5kc%2FhSoK3UFo6BspCMenFyaSsrXcwQDuTACtfob%2B119Eo9A4q9rCt1r4pdVGHGYAWiKwjsCcpg90g0KEl%2BDpeXY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf94d93e0b4d-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/31.png
104.21.61.179200 OK 60 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/31.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 8219bfcdb7286bd03b2295e4065d3c38
459b57ce62406ba97b9682cf8da47fc53f18fe2f
78ecebccf0b424f613fac6ca2c34e5d9bc7cccab0b2b0cc88efb23bb2a8a6bea
GET /ol/all/de/ms/25-687828/images/31.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:44 GMT
Content-Type: image/png
Content-Length: 59718
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWZF%2FKNA08vW%2B4kwqmNkLjIqdwa5zCbTxdtXVoTJTo3qqwIDKePt3SPSzad8gpyIUcyt3ZtCmpFmATXJWm1gbaAQDNFsiTfkJNXrmn22mvA%2B6peojLb6JD17PNhE3a85OEE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf94eb00b4eb-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
44.238.3.246101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.3.246:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lEEi6csRBk0ZB+RRgtA2Og==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gX6CRT0a5+blTO9Zpt+6KUTBu4U=
hottime4you.com/ol/all/de/ms/25-687828/images/21.png
104.21.61.179200 OK 54 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/21.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash a081e159c9b11cdc4930e2b70ec5a1aa
58bda100572729bc2ad1288a623bb63b02172b84
03e842319f517c509736b088d866254d7bdc6a61f8dd691c2fe9f79545e749fc
GET /ol/all/de/ms/25-687828/images/21.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:44 GMT
Content-Type: image/png
Content-Length: 54171
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:29 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ei7Fb9OGpzeWcTIB6bodBAJjA2iw0g3TG8PrUA%2FwNndeITjgxkS1u0cp3JFZ9UD9amBboFmqr0qcbgJB8YgNaKMwNxhB0gP6Hheq6SqPRaZoxh1i5OCAOPmiQqeEsrdtxHY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf96db2d0b4d-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/25.png
104.21.61.179200 OK 67 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/25.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash d1b1b830be86c68486835a237652ed19
a72ee10174523bbcea9e7fbb09dd79de10e6f38d
9809a272cdb59025422645d54b003a4b425ea461e3fe7218d83f6551a55b5e1b
GET /ol/all/de/ms/25-687828/images/25.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:44 GMT
Content-Type: image/png
Content-Length: 67145
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1k79vkQTQ8lfrNnFfku3VxeoO6drLZ0sAt5oaUiERlb9%2FoH2zYcdE%2FEQKphbrc3g%2ByvoguAbLzOlPj%2B%2BXY3ngYBveZccDkmZumXpVBUEj4LRJPqwHuwf1jJ2YyuaJgbxbGY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf94db43b4f3-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/35.png
104.21.61.179200 OK 66 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/35.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash fd680f2add1ba478d3138793153a8a15
3a0f15277750d45fc7ec66ac0fa7fece5933b688
50bbc3f2dbf0158911cad9742eea7d0c54a8eef64febcec25881f955a244c7e7
GET /ol/all/de/ms/25-687828/images/35.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:44 GMT
Content-Type: image/png
Content-Length: 65676
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:31 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=As664TNHXXpqBYUqJaNAVLpbPP4Gu8gJvIIiia0slMKZ15k5iuecImMoPIAnbzCgqvkf7dsWSx7a8mp9RUCAkDd3YOse99UB3Bnxt855lIfe1DGIb2%2Beq7MOstB0FcaeYHs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf976e91b4f3-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/44.png
104.21.61.179200 OK 54 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/44.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f7edd152703c2e421e411c0b361b498
13e65f5eba06be9507af7be27a6b6c9e3189b391
94d93e34dd3f5903b2efae4d7e7ddb3c895ce92de9aa379b859aa4037d914b9f
GET /ol/all/de/ms/25-687828/images/44.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:44 GMT
Content-Type: image/png
Content-Length: 53709
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWnmf%2FPIEZU7vp9PhCr1Mv36LKwT1XZYhL7U5HRRCy3FXZdlPjJp8J%2Boes4W0idfxyVaTgz9B4tC1%2B10VBrWNc9rw13rSAuAa9ISDeFEkMsD5HnD5sJU2EZvnoKg0mRNOSA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf94eebfb509-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/girl.png
104.21.61.179200 OK 115 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/girl.png
IP 104.21.61.179:0
File type PNG image data, 179 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 115 kB (114891 bytes)
Hash e6f5ef72ab1dcc3eafc82a18f80ff1a2
60f8cd2eb79d1748b2cc3a74cf6ca8bb37fa4ced
5dd9582581c7b8c05ddae2d388af0eaf951186fefc73a6c0894b08e8edbf24c5
GET /ol/all/de/ms/25-687828/images/girl.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:44 GMT
Content-Type: image/png
Content-Length: 114891
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3o6Prc3Mx4yTCFC2cBGTySGiGyyaMVREoN8YkXTDDicSF%2Bsn4yXfFD8RdYwAFeZDmY6yXzmOgiSi5XEJXS9Klyh%2BXu7mbbb8yj4mxuvOyA8DDs7b%2FXybemPrOw4Q9BMIjAo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf966cb9b4eb-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/15.png
104.21.61.179200 OK 53 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/15.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e6044de45fe8d0d22f624413aa4c785
4bd34494cb010aec1cb685bc31e98a93d2e94306
d906fe11bcc0d22dc8feb8a10fa3d3f9415c127f7dc1ad833d788972b684f600
GET /ol/all/de/ms/25-687828/images/15.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:44 GMT
Content-Type: image/png
Content-Length: 52615
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:29 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRN49YmIRSGQwTNfe02n8Cxcj7h%2FojGMcZI%2Fm03aRQkq6XXLthnbg4Uv3v2cq5YL3qZFouGpRCF2YNYzb6gQ%2FZISXXpPlKhcOJOrFHPzKVchZCURQ79FoMNGyP5cPAMyzgg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf96ab7bb4f9-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/22.png
104.21.61.179200 OK 61 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/22.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 9502e70fcfd8acca4d0510286eba3bd8
1a4243f43e7212489c8ac5ecd57e74fefed98d96
3dc39eeeb917cdc0e57b6241c4df77b4d9103b0f2dc69771d7a659f0b35912ba
GET /ol/all/de/ms/25-687828/images/22.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:44 GMT
Content-Type: image/png
Content-Length: 61392
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUraZheGiGpN5rJ3XoebXPCl2aLGuwNYBVuXfymxljVmcuzzT9%2B9Qg%2FURALJ%2F%2BLRj%2BYNdFdLt2bgP9eNtAkxO5mYbmp4rYSuhnsIz8s%2F60d%2FM6nHSS3xeo063%2FtB%2B%2BML6QY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf970d43b4eb-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/45.png
104.21.61.179200 OK 61 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/45.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 07092234c81d019e50a0fcd65dfd9409
7554ce01f18dfed2fdf5f3245c0f691f694d61cc
e99340f5c88e442ec5f28de9a3f13dd3271aeae21ed9e9986e90317e43c54346
GET /ol/all/de/ms/25-687828/images/45.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:44 GMT
Content-Type: image/png
Content-Length: 61156
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTEIlKZZ%2B3uukwAHx70GoNJeW9MTxVX2L04dY7a1VQAYqFNISyZJNR9dtt6RBAPc5TB%2BW6b%2FGUQCct4%2F%2Bbd6FFfs1w7v4z%2FSMZqCtm2RiCbTW1ZrEZ0hJEouEIldsmLe3SI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf971ba00b4d-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/24.png
104.21.61.179200 OK 58 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/24.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 5275c3e17ee2ba370c01ae31249d42af
98c09ca29deff276fd966d313599ffdf397c55e4
f05b3a33818bc9d5dd44fe4074f1818f19efb54d70def227b72ab36ea5bd2c78
GET /ol/all/de/ms/25-687828/images/24.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:44 GMT
Content-Type: image/png
Content-Length: 58158
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElrbB2GfFsPFvK%2FmhbdTbY8XXz%2FGylYW4kpGDouP68dxOAT5yV5Msbhif%2FSHYKlLpax5BHTYGDykWzknKIuBKqCmK%2BEoDQvNv90vubS4%2BPBTuEI9tIGDls8JC4iNh5fVWdE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf97bed1b4f3-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/32.png
104.21.61.179200 OK 55 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/32.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 8c58ae244f7bd521506573d2589cf8b9
a7ce9a4e1cb43e2f4efe2094f576285b4f25b9c6
c178cb0498a1a548575f8f9e3911e45fdef95cfbb7b229fabb1955aca060fdf8
GET /ol/all/de/ms/25-687828/images/32.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:44 GMT
Content-Type: image/png
Content-Length: 55175
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qf8jT56Iqy3Kbko3RqGJwZspKD%2FHFF2Wgxk00YOSncwSOldlrK9J3NCITnc48hyhmeyVkTyb2BopoVKGBjk74Qpc%2B4o1Nsmkf2Cvi7UbTrwZuuw1iulB%2F5se5Pzov8tjq0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf97bb85b509-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/12.png
104.21.61.179200 OK 58 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/12.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 46fb821d3c8ca1b808dcc54300710f89
8c2af696ea30e845c7c8cc249909e26755de3f8d
48f9f84693e443822172bc338b16f6bed62c4cbeb686f8018dcd2bf691007b62
GET /ol/all/de/ms/25-687828/images/12.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:45 GMT
Content-Type: image/png
Content-Length: 58018
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:27 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJ3y6zdSZiPbkJl9QMLvzIwiTRvJQyxKQCX5o4iUdUH3BVKrFbjkseTj%2B%2B4j%2Bq9cbDoW0mjyvbHd6XVnIP%2FQ%2BpYZQUE02ZqTmnhNsppfrKF%2BLWpXrICrzTutQ9qdHkyXIfk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf98af4db4eb-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/23.png
104.21.61.179200 OK 62 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/23.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash da384da949049318f5e2666fdd5944e8
666ac1ed92f2134d2ed7f15a6361306f1b21b146
417d52172fecfb675aafb6dd55a7a6c0fb166d2045ecb7a6c0447673b837a7f7
GET /ol/all/de/ms/25-687828/images/23.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:45 GMT
Content-Type: image/png
Content-Length: 61988
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:29 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qv97Ge3YFQN1plMJwKj8EXs7mEQCI7uav1TIkxtrBzwrYtd%2FmF7PjUtUsob0IQ%2FM7zKX%2F%2FYFnJ7PRBciLnDTEoOO7iiYEKzQEXTmuOnLOdKF1gQ4ONZ%2B0ItSqUTj30iPhGo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf98cdeeb4f9-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/33.png
104.21.61.179200 OK 66 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/33.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 8919c27bfbf6a695f22b42979e169490
b944fb71fca53041501799c932956af920dfccc9
c9bfcf08c816d5b8e685ebd2697dc414a1b09db848f58b9353ecc3182ae52a4c
GET /ol/all/de/ms/25-687828/images/33.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:45 GMT
Content-Type: image/png
Content-Length: 66468
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxKSZqd%2F9INdgI5%2F28CVJk5LT184ljOBzmndG5atyv%2BrYhJC%2FJfykB2gOFjxB%2FDpWUM6L8qSo9a%2FOWzpFyru0Tqw%2FlPc4x1eGBxGJ4bLhJbMFK%2FTRmWQ9N%2B9M8jEZJ0VQ5Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf994966b4f3-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/34.png
104.21.61.179200 OK 65 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/34.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash c397f9f4382193fd4d45c600b6008e49
3689e9db6a13d3ad4819d7f229ecda756cbee61a
82357ef1702df45958ed401f7b0c4b83f89d2fda13a7433a67fd0bd7327696d7
GET /ol/all/de/ms/25-687828/images/34.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:45 GMT
Content-Type: image/png
Content-Length: 64758
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:31 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OB%2BddOrZJqKUxTxXMYw81bXPEUSEa5KgoFm28pYxOismR4kTktEErvx0r5DvSvbsgJbx7i4x2SL9VVOvw6tqMJS%2B9B%2FEV9zKfsQiGvAd4Fcpb99DM5uBk%2F3IyxXZY0K8IE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf98ed0e0b4d-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/13.png
104.21.61.179200 OK 54 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/13.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 4556a96c44b107c284756f1356ea20a4
863cb36669642a5b8c64aea43f5af2359e3470ff
3e0b6093aa4ffb696f6ad8e89569185bfcfcde1c5e0789d40b15e379039c6dec
GET /ol/all/de/ms/25-687828/images/13.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:45 GMT
Content-Type: image/png
Content-Length: 53585
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:28 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkYJ9bxDSnJ%2FtwER1MeLTW2yP%2BzblvdwgKjX3XG2ARgrY6RJZraMPdry%2BSLavvevPAS8Py1uvS%2BjpUiEwxNYQQUlMEt1b3kSgQuPitcIZhH8T6SoYb1d8qw4KVYsZW8mF8k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf98efa1b4eb-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/41.png
104.21.61.179200 OK 59 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/41.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 9a61621beab625268e0eb02e83d2ae34
2070afedeafc30bd0648bc6c07accfdcd0ab542c
314c03abfaa1c4ed21a33d5c91374f310a2a5f0f9e7f50520e71ecaa1b3757d9
GET /ol/all/de/ms/25-687828/images/41.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:45 GMT
Content-Type: image/png
Content-Length: 59394
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:31 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7Gz0EI4cJ9q8bOfk86QuLii1i3h8O8ZHqsjYvdvihyTPfQjt1fQ7pYE%2ByZITm6uV4XNG5CmFLOm41EfwB5dnw2AW39txjcdjUFFaC6Fdj07ze4eDxhjV%2B%2FdmHdJUnzeHpY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf996ddfb509-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/11.png
104.21.61.179200 OK 60 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/11.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 74c93e1362de9523d8f35b6f2d78917b
1d9df51e43be8d555d5fabe62dcb159eab784f5e
39707e9d6aaa148b2bbc1aabe00110f54bbcf7c07c62f24daaf539005e582472
GET /ol/all/de/ms/25-687828/images/11.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:45 GMT
Content-Type: image/png
Content-Length: 60166
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:27 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oy%2FgTK%2FOa3Qql2SpYdEyCA9iOoUrNevx83Ig4lB7%2BqXVM8G%2BIOveqoWyvRc1hDinyRrQjWUWBcOSRVtPM6AIvxSYhJfnS0UsduTSR0wXwQRE5U0CHOpZvRP0KnojiaSbhoM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf9a69bdb4eb-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 423331d8bae78ba045bea86f1e4c6e7f
8ed72a508ba25a95e6899569180a02728d5edb5c
fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:19:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hottime4you.com/ol/all/de/ms/25-687828/images/fremdgehen69_com.png?506693
104.21.61.179200 OK 1.2 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/fremdgehen69_com.png?506693
IP 104.21.61.179:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 42b5a1de339f60bc62983337edc85f0a
10c3cb6655538193f1988123e9fd5f9fda7915fe
0387e0d953b13b879873233510f927697c7a598c82f22b3edf19a5c8d21469cf
Analyzer Verdict Alert fortinet Malware
GET /ol/all/de/ms/25-687828/images/fremdgehen69_com.png?506693 HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:19:45 GMT
Content-Type: image/png
Content-Length: 1240
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49hSLM7Rbs9tHOLgfDGd3gLpHHv5kRWUcpwAaASaXG4BNT0UnksfWYxGi3Fk2frYsiFSkxpboSQsdRsnW74FxAKksTlZ7uQX6n9%2BxvSh2cJN3LYFluxUdOg64cAyhvMs2fc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fddf9afa89b4eb-OSL
alt-svc: h2=":443"; ma=60
lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
142.250.74.142302 Found 337 B URL HTTP/2 lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
IP 142.250.74.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 66a43eafe19fd2e9782007272dd06ced
9d5112f8b4482ef224d10b0d0a17bfaf053e8e23
f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb
GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1
Host: lh3.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
cache-control: private
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 24 Sep 2022 19:19:45 GMT
server: fife
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 423331d8bae78ba045bea86f1e4c6e7f
8ed72a508ba25a95e6899569180a02728d5edb5c
fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:19:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8692d33b1fe20cdfa090658a85160398
8bee6221dedcf1a66801ffb9ff527b12e9aa7334
14e044d96d2b421c6562fd3cbd2273474f2da0e1224eff3aa4547c3877f5d0c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:19:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
216.58.207.237302 Found 409 B URL HTTP/2 accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash 01766df67b82c0c05188a20593d5fc5e
746e438fdfc12d20d4c788830ba16755c2944539
211a9d2e76b3bcb18842a732d89f90a3a41f9aa7997014d30678067c940688fc
GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 24 Sep 2022 19:19:45 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-2063449132%3A1664047185254578&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqNiMTICD42zlFnthpbEnFZ53ef3BU8pE-cZW1RwtAb1DrSCKelIfECHd-CcVvHF6xBuexV
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-U6j653jJ9WAgtJNgdl2vUg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 409
server: GSE
set-cookie: __Host-GAPS=1:reBr1cS0tswiWcGXuGQxkR8nsvCQpw:wAP9DTAnGKdeBFlC;Path=/;Expires=Mon, 23-Sep-2024 19:19:45 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4546
Expires: Sat, 24 Sep 2022 20:35:31 GMT
Date: Sat, 24 Sep 2022 19:19:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4546
Expires: Sat, 24 Sep 2022 20:35:31 GMT
Date: Sat, 24 Sep 2022 19:19:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4546
Expires: Sat, 24 Sep 2022 20:35:31 GMT
Date: Sat, 24 Sep 2022 19:19:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4546
Expires: Sat, 24 Sep 2022 20:35:31 GMT
Date: Sat, 24 Sep 2022 19:19:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N7TwxCLUL8qnvm3YuZ6CGyJquVerc266VvZ1g8j5RxGpQXoUJwhULg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:51:16 GMT
age: 77309
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 55d224ac83a417772c98bc5080fb6689
a30f9044330824e70dde0dcc785890d981e6fdf5
b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9935
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQ5FARoAMFXQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:58:23 GMT
age: 76882
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HfslSWhSAKRjZr-qqajVm6bKf9jGt2pXq8N8GlXgyTwRxWqw0y-CgA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 05:14:28 GMT
age: 50717
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8d9af95acfc8b9b431eb1e020157f6d
f6f926be6e265a597aaede424f05fcd7c76fcc20
0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6386
x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHryIAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:27 GMT
age: 77478
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a4b36e1bf29c9c82f069cdd3c50874c
d2180d40ceb16924a87a41aad90dedb0bb912085
aab96d28ea8e21e6d37449eba400cac45acced1825ebdb27853d17ae4f993b00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7963
x-amzn-requestid: cadfa4ff-473d-4927-bdf6-3aad64cddf18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQbHTCIAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2735-41d711e5210099aa6273dd86;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: g0NS7XamCzSMKmm1-mLnWLwUuBoJczvwSmTb0c_7klsY78wbrg4bRw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:57:25 GMT
age: 76940
etag: "d2180d40ceb16924a87a41aad90dedb0bb912085"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:26 GMT
age: 77479
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-2063449132%3A1664047185254578&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqNiMTICD42zlFnthpbEnFZ53ef3BU8pE-cZW1RwtAb1DrSCKelIfECHd-CcVvHF6xBuexV
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-2063449132%3A1664047185254578&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqNiMTICD42zlFnthpbEnFZ53ef3BU8pE-cZW1RwtAb1DrSCKelIfECHd-CcVvHF6xBuexV
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S-2063449132%3A1664047185254578&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqNiMTICD42zlFnthpbEnFZ53ef3BU8pE-cZW1RwtAb1DrSCKelIfECHd-CcVvHF6xBuexV HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 24 Sep 2022 19:19:45 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-ZsHVUeHfvZB3exKgiyJT4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=SxnVg1LCoFEW_K9p26_q0qz6bwmDbGbiOzdlQ8QWJDIE-9MtIetl8Nno58R2o1jU0aIJwU5m5Rml7wY1Sx6rJOiZ14EeN3DiqG35ZACeiLpeHsWkUaPbluilvxnUUPFk0Ikca7zeAVyG0WvClzHInjjm9yXoe1svDceSPboJpQY; expires=Sun, 26-Mar-2023 19:19:45 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Quattrocento+Sans
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Quattrocento+Sans
IP 142.250.74.10:0
GET /css?family=Quattrocento+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Sep 2022 19:19:43 GMT
date: Sat, 24 Sep 2022 19:19:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2