r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14816
Expires: Fri, 27 Jan 2023 03:04:47 GMT
Date: Thu, 26 Jan 2023 22:57:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2709
Expires: Thu, 26 Jan 2023 23:43:00 GMT
Date: Thu, 26 Jan 2023 22:57:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 22:42:56 GMT
content-type: application/json
age: 895
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3562
Expires: Thu, 26 Jan 2023 23:57:13 GMT
Date: Thu, 26 Jan 2023 22:57:51 GMT
Connection: keep-alive
mutskii.buzz/
200 OK 24 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (27999), with CRLF, CR, LF line terminators
Hash 86fae3b8a644fd466eff6b9a82b78ec4
009147d89cbf76a0118b0623403486b01013f785
9d8eb35ed3ac718987b9e50a87452ff271f5c3b1f36eb49df1f42abfc0c7fcff
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET / HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OI4LzQHh8R6VvE0IHInwnCBtZM7ErrrrXYB1bH6bHDSplXki7nz7ig1CJ%2Bt6SgXInapUrMHs0liQ1WR9cVbQ60o2he4zj9FN7q0%2BRnUeNdRvVDodk%2B3xRtoPnIjA60%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78fcd995397ab509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gbiLOX8cFd0rjr3bzk3zfBw8fXDL+5+QLvIX9XPmy5rwtvHLoDHL96ZIAG0blgSC3+n0nLXGiA4=
x-amz-request-id: 743ZSMNKQKW1TTEQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 22:20:17 GMT
age: 2254
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:57:51 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 77bd61b98f7b67af56639229724f8dd4
f04f07dd8ff53e58c32b738f81b71a014bca441d
8ce54c3b77bf31899b27b29188ff4936b580f2bd2b3222d43dda2851ba272e24
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:57:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 27433
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1538f"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1737922
expires: Tue, 16 Jan 2024 22:57:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6z5RYIQI9GJZ0qjc2FcfiYBBR8%2BC%2BngE%2BO04kqt7l6W%2FK9YD5SYAYrVZWMR4e1vRt0MVDdPUH1LsuV1hh5V0zR090xH%2FTI9G4PTSD4GOZ1mw%2F1qJk6YOAC3HYpKR1I%2BOqFQwaW%2Ff"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78fcd998eb9fb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mutskii.buzz/media/com_uniterevolution2/assets/rs-plugin/css/dynamic-captions.css
200 OK 497 B URL HTTP/1.1 mutskii.buzz/media/com_uniterevolution2/assets/rs-plugin/css/dynamic-captions.css
IP
File type ASCII text, with very long lines (1702)
Hash bbfd1ff87fd5a7c5948ee4d6a8f8e8b5
25b9a95892229a550e6ebd7d993b4b9a340f05dc
0f8b158f52ce6a92b2249d2d29d6110ebb7d0af2dfc87611cea5cd133b4366ff
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /media/com_uniterevolution2/assets/rs-plugin/css/dynamic-captions.css HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:52:36 GMT
ETag: W/"5b4dae54-d01"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjoRsOwkoDy2Di7Hug0fQS3eTtwqFNG3O2O%2FhA4gvmd2tMu3nC%2BkinoQbRgUP24R57iX3ux9hanDqdJYlidCSoq%2BY5g7ixBhfV4%2BqHLLB9XIjewO68bLGIWbi%2FEf7Ts%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd9987b821c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mutskii.buzz/media/com_uniterevolution2/assets/rs-plugin/css/static-captions.css
200 OK 132 B URL HTTP/1.1 mutskii.buzz/media/com_uniterevolution2/assets/rs-plugin/css/static-captions.css
IP
Hash 9e566a61e922964d27ae3b15cab61371
ec6eff8d8fa5a7081a2dd8b104fcd41246c3b6df
106e819d7fe1f763af63aa3c59a0fd2712b6b29728930a8ccbee1ae432c4ceff
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /media/com_uniterevolution2/assets/rs-plugin/css/static-captions.css HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:52:37 GMT
ETag: W/"5b4dae55-e3"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQ9BkMb4jA50gJ0QhSoahBM0PHdwqibIOPGKoJFBWZV7HZ3sV7HoDvBTcBlrrGX2Ijecy0tLH2CGgfzfaCdSik%2BdoSW2bj1kLq9SpJFdYOx6APJ6Px50I59VmKzA6lM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd9987e58fac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mutskii.buzz/media/com_finder/css/finder.css
200 OK 887 B URL HTTP/1.1 mutskii.buzz/media/com_finder/css/finder.css
IP
Hash 3ecd6f956e027f626df0b13446e42551
76a5a73a79a65e70992a49a20f3efb550e4acc15
3de1c4c0d7663607f63fab802e2858e4ada0f6769d7621ed2f0a23cc28823aac
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /media/com_finder/css/finder.css HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 09:39:19 GMT
ETag: W/"63c66cc7-9c0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jw49vKlUM9BEVLlDEx8Ui7Jhgr0qugNu%2FaFMa5O7L%2FHl4Pkir%2B0GGUwgbRTXEaY3zIzURxLYWdiiTcHZdb8hJr6v37qyZinnituTCtd672jF0n2kdYS3WvDa1ubUf%2Fc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd9989b8db4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mutskii.buzz/media/com_jchoptimize/cache/css/f132831636a69ae76a5369a1baf87efd6770e74a0163cf83ef90fa9cf00269d4.css
200 OK 2.5 kB URL HTTP/1.1 mutskii.buzz/media/com_jchoptimize/cache/css/f132831636a69ae76a5369a1baf87efd6770e74a0163cf83ef90fa9cf00269d4.css
IP
Hash a6a9c220afcaab21b0fb41e3d81a9501
db34dc5f9783f190c9e90cac4e3da7225a329b10
58d1a212ee2e02c038be92f4b06affcd3bf814d2cbf3d334a8eb79dda7c6894b
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /media/com_jchoptimize/cache/css/f132831636a69ae76a5369a1baf87efd6770e74a0163cf83ef90fa9cf00269d4.css HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 09:39:19 GMT
ETag: W/"63c66cc7-3186"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvxBaU%2BfbjgVtEUh3M8m8Tjj3zi%2Fvmdiy18Cx1TA3Bw%2Fg6z1LfHzDNli6I%2BE9Y5nqbeDnpn2xdBIpsj4Hy8n2ICCRzNV9rFHR28iyjKL85BMJvJtvRJb5M667RxZQkM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd9989931fabc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mutskii.buzz/media/mod_languages/css/template.css%3Fbfe6655753fda936e8403f50c04dd9a0.css
200 OK 171 B URL HTTP/1.1 mutskii.buzz/media/mod_languages/css/template.css%3Fbfe6655753fda936e8403f50c04dd9a0.css
IP
Hash 21bfc3eb3263495ab7bbf4eb942f98bd
93a85defc79589e9ead18893ab996918e7116dc1
71b579b9f7ef7be300b7737ae14a03564c4802363bc1b7155d3e8e1175b0785a
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /media/mod_languages/css/template.css%3Fbfe6655753fda936e8403f50c04dd9a0.css HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 14 Aug 2022 13:21:56 GMT
ETag: W/"62f8f6f4-14f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBTHBuaP9Hr5MOSoEaPdy5EaAC%2FaBzL%2B%2Br9sGFkWGhtlzsHUsqR9O3%2FE%2FVTVmklEbg5HPmjtOc1Qrc8CHPXmFaJi5k3RM6jlnNAYyXAji8OI4teR9u4DQ3zqxk3lzSE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd998fc0a1c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mutskii.buzz/media/com_uniterevolution2/assets/rs-plugin/css/settings.css
200 OK 8.5 kB URL HTTP/1.1 mutskii.buzz/media/com_uniterevolution2/assets/rs-plugin/css/settings.css
IP
File type Unicode text, UTF-8 text, with very long lines (374)
Hash 70e3c1b465f9baaab53c5c532a77c1df
15226d4ea5b04dddf81b8b63457777d1125fb1c2
a86584c02047a45bf36b8542c77ed9b13dec71d2bbffe14d98ba5db0b4e0712c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /media/com_uniterevolution2/assets/rs-plugin/css/settings.css HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 09:39:19 GMT
ETag: W/"63c66cc7-e3de"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofpBFZNsRcfkIGJhRyO9qK5X5EsT%2BfyyJLf8kN2ij3NWgKTeubsRiqj4GGgdP5cyD%2FQiEms5msKgCIxgSdAgG9%2Fa%2BS87IYjzy8iwM38RyJtf4GnnC47Jfht%2Bv2hy%2FcQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd9987da20b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mutskii.buzz/media/com_jchoptimize/cache/css/f132831636a69ae76a5369a1baf87efdec7036b2b03cb95b8dbe7f6386ed0143.css
200 OK 58 kB URL HTTP/1.1 mutskii.buzz/media/com_jchoptimize/cache/css/f132831636a69ae76a5369a1baf87efdec7036b2b03cb95b8dbe7f6386ed0143.css
IP
File type ASCII text, with very long lines (65289)
Hash 97560a37586ea4725b8aa6ad875928df
68d1ec8bb020844ae2775da02c177eb7534ca982
5527da567d701cd14f954cd740b1d22a0c3de4b133ccce88139429ed82c7c405
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /media/com_jchoptimize/cache/css/f132831636a69ae76a5369a1baf87efdec7036b2b03cb95b8dbe7f6386ed0143.css HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 09:39:19 GMT
ETag: W/"63c66cc7-570e3"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbfFsvUR1C7baPtb26qxtueQX1%2BKrLq%2BBUkhQwsqsZHm5nHK0dh9dPNGRUtf3sFT5s3rjG799sqComeuRLEATYBXf%2FHEEB6CpPdK9BjasIWeTLIuX2vFeQXGXTZ5SS4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd9984d40b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mutskii.buzz/media/com_jchoptimize/cache/css/f132831636a69ae76a5369a1baf87efd2425af6cf57b26b9431f79e5219801ae.css
200 OK 2.0 kB URL HTTP/1.1 mutskii.buzz/media/com_jchoptimize/cache/css/f132831636a69ae76a5369a1baf87efd2425af6cf57b26b9431f79e5219801ae.css
IP
File type Unicode text, UTF-8 text, with very long lines (413)
Hash 5721fa61f099adf509ce1213c47bc681
9a4a6ed37ce82435d4c92485eb1458f6c368c4a8
ad48e1bb2979f8fd8628d96b3ce514fea2e91e99337833a7a98ce188e92b8abe
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /media/com_jchoptimize/cache/css/f132831636a69ae76a5369a1baf87efd2425af6cf57b26b9431f79e5219801ae.css HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 09:17:19 GMT
ETag: W/"63c6679f-6f12"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2qNnEd8MUNIFsWlk419Uqc9UXTmGXsK3qW2fn87PoJPn%2FEsPWjEVUHvUUL%2BJ9QIWYELKAsrDEygO32epBtloceFNu%2BWP5JsGn%2BsFIYU6bowOoIz1z4zos4e%2Ff63%2F2k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd998fe97fac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mutskii.buzz/templates/joosa/js/tabs/tabs.js
200 OK 334 B URL HTTP/1.1 mutskii.buzz/templates/joosa/js/tabs/tabs.js
IP
Hash 6187476c8b955358fc5221f0b24e8914
ee9cf4842d495e8257f8f86e8d668108435c49e5
1080549544e53c4cb66966d153af374a78445350bed5ffd7f6869d2cdc15bcb5
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /templates/joosa/js/tabs/tabs.js HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 27 Jan 2022 08:25:36 GMT
ETag: W/"61f25700-2a2"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5s71RziklIMO5cyGtkRfTLA0%2BhT5BUttlEv%2FpOA7IDKi3dUvS08%2B6tc8Al%2BR4OHQrNHLpzzoBRs8zJkzYS35ZtRxLuqFOqwV0XGuaaK9igv4x4AK7P%2F7NslkFKOpKQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd9998e8eb509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mutskii.buzz/media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.tools.min.js
200 OK 33 kB URL HTTP/1.1 mutskii.buzz/media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.tools.min.js
IP
File type ASCII text, with very long lines (24774)
Hash f44b59b91d6f9155074b581e2c5dce5f
097b3f707b15cd7f96b4da54304f874757eb7674
02ab72488e3ab5a0767affe892b0fef7941ff5819b9642a673102e2d698ebb6e
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.tools.min.js HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:52:46 GMT
ETag: W/"5b4dae5e-172a0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whyY5o6MLVHtD2UMHKrZ3ZiFTrfcgyfvLghi6dOMvz84HOju7x0MtG3Ej%2FI01dlsUE4%2Bn1biJAjzEgMsOU4XkApEupBEc1yXxrjTNiQw54yIqIsB9jMs9laESSkfl3g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd999199dfabc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 279 B IP
Hash a473e335d5a75a94188d2aab086e752e
3f7b53b2360bc19046105106744b8967b9c7633c
504beb5f50f59260821af07aea342f78370a3ff79f0e9d5c1876f618886e076b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2387
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:51 GMT
Last-Modified: Thu, 26 Jan 2023 22:18:04 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
mutskii.buzz/templates/joosa/js/tabs/tabs-style2.js
200 OK 343 B URL HTTP/1.1 mutskii.buzz/templates/joosa/js/tabs/tabs-style2.js
IP
Hash 31ee66d11f1028688fffd2b97ab2346e
96792bfc80f44b8041599e97ae5b9f0b7db87c68
5d94b82be9eb700b764225d07240ca0a9bc2cdf25afad5e69dd8020ff27175c0
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /templates/joosa/js/tabs/tabs-style2.js HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 27 Jan 2022 08:25:35 GMT
ETag: W/"61f256ff-2ba"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NASa9YGRsGFqBydaP77k6lVO1aRLQSFvBQKpA4HCNYURUx%2BN5fsNM4UuH4%2BA5l8P%2FwFTKbqK6ST77U3kVFycMSwxZbf3IRwr5zBvbiyArccmFnkdLEnTkW0lkBEvZTU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd9999ee4fac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mutskii.buzz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 655 B URL HTTP/1.1 mutskii.buzz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 23 Jan 2023 11:05:52 GMT
ETag: W/"63ce6a10-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBXEc5ji7If2RWnkH9%2FSTb4%2B2bOinzEimQb%2Fo2zy3Odm%2FSsFhM1aL0TZdKhgglmihnXKpXewPu4XFTWJRAhRVNqwaD7oWY6KKDInSRVX1jFMsMUsZHB7S6zo0vuC%2BNI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99a1f19fac0-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sat, 28 Jan 2023 22:57:51 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
mutskii.buzz/media/com_jchoptimize/cache/js/8efc545e3de752caf94ceaa5a74f1a88dfd73e98ce7a371a0724a250b2a6805b.js
200 OK 38 kB URL HTTP/1.1 mutskii.buzz/media/com_jchoptimize/cache/js/8efc545e3de752caf94ceaa5a74f1a88dfd73e98ce7a371a0724a250b2a6805b.js
IP
File type ASCII text, with very long lines (65379)
Hash 4ce4d8f61227d98accd7aa218e7f6cb8
a96304c9f7586813a01063019fe75f505daf559a
3ad4452ddd9510c1cbcff43a868d225d5016bd7a10208aafec63ada7cc86d115
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /media/com_jchoptimize/cache/js/8efc545e3de752caf94ceaa5a74f1a88dfd73e98ce7a371a0724a250b2a6805b.js HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 09:21:00 GMT
ETag: W/"63c6687c-1aa2c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HffXIWpD3dWFiXI6zG2fefZrfTUqZtRRnLeGGUSvJ3YogxzO0Y3zOrkqOijseIf5H592EJMlpvZb%2BmRXn7L87JqHgeIun7c3epxqxy4Lndnhkuy%2BAxV5FBgvM0oQqCY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd9991c03b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mutskii.buzz/media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.revolution.min.js
200 OK 26 kB URL HTTP/1.1 mutskii.buzz/media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.revolution.min.js
IP
File type ASCII text, with very long lines (65206)
Hash c8062208040ba325729e417c911024ca
9db33cb2411ed99e6e674a5cd0eb3f5cc10b7743
f5d87bd6f9980fd3c9b0ba26eb4b387faa53f9a296485453a7eb31280dac1a68
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.revolution.min.js HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:52:45 GMT
ETag: W/"5b4dae5d-1b217"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKaHLGgV5Fqm1b7miNh9Re1hf1LrqT32KAH9I%2BnTT2yfbBvzodTXd6oR0sJPKzZh0U4LBbgDreXVEqbTl8gKrl32f%2Fd6dqcJuSe4iDJic8FF0iXBkIkeKOqITzFohUE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd9993c341c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mutskii.buzz/templates/joosa/js/custom.js
200 OK 638 B URL HTTP/1.1 mutskii.buzz/templates/joosa/js/custom.js
IP
Hash e33d64e779e3d34b079750e8bf981443
dc9c784b0db68af9a1fa0ac18612a5ab89d70078
6df58087ef39cfefdc548ea19b138a89c3a9ef2d8d93c5e7590bab90b2f50473
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /templates/joosa/js/custom.js HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 27 Jan 2022 08:25:28 GMT
ETag: W/"61f256f8-550"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pvv5xkwEk4XEUPgM%2F%2BuD4iwe1jWubHRj7KpqYrGxuX4RPkDhoIysFXiYLtI8SRPP8htku5bkYCX%2ByrwUz0LaDZb0928rd3YxxdtVRMiCemgNZFvdQxQYymghT5qp54%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd999ced8b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mutskii.buzz/media/com_jchoptimize/cache/js/8efc545e3de752caf94ceaa5a74f1a88c500c628fa08af9bc2fee49ca7b2f7be.js
200 OK 26 kB URL HTTP/1.1 mutskii.buzz/media/com_jchoptimize/cache/js/8efc545e3de752caf94ceaa5a74f1a88c500c628fa08af9bc2fee49ca7b2f7be.js
IP
File type ASCII text, with very long lines (34239), with CRLF, LF line terminators
Hash 5d7fcfb8aeac42d8e85e33ef1e3908f5
35b6973e7ac9a9a4b4bbbc97080ea9a879d1e80f
2b668dba31671d71a1f22329069032d585b871af7b8401c6065a524e572d75b9
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /media/com_jchoptimize/cache/js/8efc545e3de752caf94ceaa5a74f1a88c500c628fa08af9bc2fee49ca7b2f7be.js HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 09:21:00 GMT
ETag: W/"63c6687c-17dd5"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzyc5BZUvrX1BrMbo2vIPmKAb42BB8sI0Jul3PbPTyN5vD7LauTtmyz2oeZY7%2BYSUyNM84pfpeJvZGe6oBx5%2FMnIEHECMXzzN%2BBeYQuQU%2FA%2BwXByWqDSLCH9slU8%2Bm0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd9997e710b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/XF__pwNp8Dg
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XF__pwNp8Dg
IP
Hash e394d481caad28eb233807805ce093c6
4583dabc829c84158ca40342d7aeb8812a386b04
512c8946272a7786859db66b5a3b5dd6c723ffa04f804b5afaac1a453b8ff98b
POST /s/gts1p5/XF__pwNp8Dg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mutskii.buzz/templates/joosa/js/preset_directory/owl.carousel.min.js
200 OK 10 kB URL HTTP/1.1 mutskii.buzz/templates/joosa/js/preset_directory/owl.carousel.min.js
IP
File type ASCII text, with very long lines (32045)
Hash 97b63815c387dd468cf07db2a3aef0f8
3f740c24cc240c8ec5463da86a92683b4e0eaccc
b1a7cd0d000aefe15058adec44951b1d5be2b5799e468e5ebef4079e672ecf5f
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /templates/joosa/js/preset_directory/owl.carousel.min.js HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 27 Jan 2022 08:25:29 GMT
ETag: W/"61f256f9-a1cb"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEiHVhzVpuZArXcJhBYb9N56v0gw0dDEIcpRuPoYO2UkCpyhS3f1aQnnSRXqh1BOjKg3UaseIo14OXyf7jLtSjQBgyXC6rGBtYw16ocJ7FdRyZRFuPL9GPQELW6mIOQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd999ea32fabc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/XF__pwNp8Dg
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XF__pwNp8Dg
IP
Hash e394d481caad28eb233807805ce093c6
4583dabc829c84158ca40342d7aeb8812a386b04
512c8946272a7786859db66b5a3b5dd6c723ffa04f804b5afaac1a453b8ff98b
POST /s/gts1p5/XF__pwNp8Dg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/XF__pwNp8Dg
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XF__pwNp8Dg
IP
Hash e394d481caad28eb233807805ce093c6
4583dabc829c84158ca40342d7aeb8812a386b04
512c8946272a7786859db66b5a3b5dd6c723ffa04f804b5afaac1a453b8ff98b
POST /s/gts1p5/XF__pwNp8Dg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9f0bd316654631b8ff94521b3efd97d4
e6aaa964365579af53416aa42ee446e223847068
ab6b53c36eaef91058b7c15364668dbc8f52e371ae8d0ada7089468afb68c916
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB6B53C36EAEF91058B7C15364668DBC8F52E371AE8D0ADA7089468AFB68C916"
Last-Modified: Tue, 24 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7190
Expires: Fri, 27 Jan 2023 00:57:41 GMT
Date: Thu, 26 Jan 2023 22:57:51 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/XF__pwNp8Dg
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XF__pwNp8Dg
IP
Hash e394d481caad28eb233807805ce093c6
4583dabc829c84158ca40342d7aeb8812a386b04
512c8946272a7786859db66b5a3b5dd6c723ffa04f804b5afaac1a453b8ff98b
POST /s/gts1p5/XF__pwNp8Dg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
200 OK 11 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP
File type ASCII text, with very long lines (32033)
Hash b0f37e093b718a6b7993dc8a7d748b23
9be767204685fc76fedcc38e8daaf65f2e68031c
a960db118c5686e485011cb40fe50b25b94c7d9a8efee853058cfa8153c3ec5c
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mutskii.buzz
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:57:51 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"5869c96cc8f19086aee625d670d741f9"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 11/15/2022 10:30:01
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1053
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2bd95e6202fd6ab86583ecec9737a11f
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fcd99a2b710afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash a473e335d5a75a94188d2aab086e752e
3f7b53b2360bc19046105106744b8967b9c7633c
504beb5f50f59260821af07aea342f78370a3ff79f0e9d5c1876f618886e076b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2387
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:51 GMT
Last-Modified: Thu, 26 Jan 2023 22:18:04 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/XF__pwNp8Dg
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XF__pwNp8Dg
IP
Hash e394d481caad28eb233807805ce093c6
4583dabc829c84158ca40342d7aeb8812a386b04
512c8946272a7786859db66b5a3b5dd6c723ffa04f804b5afaac1a453b8ff98b
POST /s/gts1p5/XF__pwNp8Dg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mutskii.buzz/images/categories/ARTE_Kategorie_275x170px_Intimni_Mista.jpg
200 OK 5.7 kB URL HTTP/1.1 mutskii.buzz/images/categories/ARTE_Kategorie_275x170px_Intimni_Mista.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 275x170, components 3\012- data
Hash ddf2c144298b697b2dab4a7dfc1fa808
d6d8fdf8a6e4ea919c8fb245ff40534c012bb0c0
b9c0ecc9fc66228436aadc2ba5f63ba57589480b30b4a5834c37292d4a2c526a
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/categories/ARTE_Kategorie_275x170px_Intimni_Mista.jpg HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: image/jpeg
Content-Length: 5655
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:26:02 GMT
ETag: "5b4da81a-1617"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrHwpvwD86Cx8Rot%2BG2C6l84EUvIrP9KZsHmwcQPLmnzq5aNd5Zlzj324P5QrYGWU3RC%2Bt4QpakFAq1NpULNKdQeBdiXxOVwRxs44lWnmVutdjFHEgrSjtdi70wo9ys%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99b8e28b4ff-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/categories/ARTE_Kategorie_275x170px_Boky.jpg
200 OK 6.4 kB URL HTTP/1.1 mutskii.buzz/images/categories/ARTE_Kategorie_275x170px_Boky.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 275x170, components 3\012- data
Hash ce7e16f99e384b029de7f9c1eb5c2957
4e29b962c6d11990fdd6b2d82f10132e6e07bc2f
3135ea595c4849dfe739ea4250a55a9e8efc07626e3a0cce0ee8c08a1542a1b3
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/categories/ARTE_Kategorie_275x170px_Boky.jpg HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: image/jpeg
Content-Length: 6365
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:26:02 GMT
ETag: "5b4da81a-18dd"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62RcNCTFffSY74r0YWHTezF4h1IssMDxUnsSvZNbJohPMrHT22srv%2BL8WUNwo2PYXNYo69HaEwTB4kTqbWjzkYVey4WZRHy3XHDTq7Y7L6FC9bDrrgaIKUP4U5JUd7w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99b8af9fabc-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/V-rez.jpg
200 OK 10 kB URL HTTP/1.1 mutskii.buzz/images/V-rez.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x127, components 3\012- data
Hash a76e4df3fcb651936cafd54d4646c0b0
6cbd1fad7284451861a19eaf629ddb6ffe2846af
c725ee56017d6a6f1b570f7c6890392d995a39774a0385f15baaa59c3af0627d
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/V-rez.jpg HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: image/jpeg
Content-Length: 10214
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:25:56 GMT
ETag: "5b4da814-27e6"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYmXhxAl7uLJrONgAd64WwL97f8SZkmDWLHWOMC9l5Hnhajp%2Fsv5PSDEL0RnL8utmua5beqR9C65zsz1rUrV1Hq%2FJ3RsiTtovfjTrlp3pG6FJrpa9l01UumLii5WyPQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99b8e701c0a-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/Seffi_v01.png
200 OK 5.8 kB URL HTTP/1.1 mutskii.buzz/images/Seffi_v01.png
IP
File type PNG image data, 300 x 127, 8-bit colormap, non-interlaced\012- data
Hash 3c905ad27b57d897ccbedb30fd0d6b33
0426023bff1057da5d017230108604d540b85a73
850e7af6bb020c863f5c922428482714d4021cded31696777099f64f7e9e3cbd
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/Seffi_v01.png HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: image/png
Content-Length: 5781
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:25:52 GMT
ETag: "5b4da810-1695"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2562EoRIw1Lg%2B2uw1%2FOUsOEyMaPPh1tz9qvGVZcWJC3%2BO9wyhuNtTAZBKCjriyAgq6K2CrxkoGT%2F7rsOR1XEgcMX10sIm1slJVcJoJuZKc%2FXEwPH2qZuLHiMDdBaAk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99b889eb509-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/QuickLift1.png
200 OK 11 kB URL HTTP/1.1 mutskii.buzz/images/QuickLift1.png
IP
File type PNG image data, 500 x 140, 8-bit colormap, non-interlaced\012- data
Hash bbd6f587fda05790809fb74795717863
3b9a577c7f657acb0ca8958c41260e1b2340af4b
764e7ebc08bfeab44cdeb6571e7d8ed1dc47e029a8442ea1d990af5dfd533904
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/QuickLift1.png HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:51 GMT
Content-Type: image/png
Content-Length: 10868
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:25:51 GMT
ETag: "5b4da80f-2a74"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5C0%2BXLTE4%2BUIu3A%2BQMBPjvhVxqsZPmxWVTyrnZoGlB7%2Bachhva0jkucF%2FukrYs%2FLnfx8m8h4bEY9%2BuUwWF1LZwz0%2FItRuiqIUnwQYixkHJm8N4U6MnHMUAbtun6wk7Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99bce64b4ff-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a5d01e053984f1e7b1637867f69ff12a
83063884489a4b361989608a5c399275f84e7036
ca4096cab5b7e67ec36ab489228b0fd7fed60527e771269997683b3559acbd58
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA4096CAB5B7E67EC36AB489228B0FD7FED60527E771269997683B3559ACBD58"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13375
Expires: Fri, 27 Jan 2023 02:40:47 GMT
Date: Thu, 26 Jan 2023 22:57:52 GMT
Connection: keep-alive
mutskii.buzz/images/icons/ARTE_Icony_90x90px__Konzultace_zdarmaFIN.png
200 OK 5.4 kB URL HTTP/1.1 mutskii.buzz/images/icons/ARTE_Icony_90x90px__Konzultace_zdarmaFIN.png
IP
File type PNG image data, 90 x 90, 8-bit colormap, non-interlaced\012- data
Hash 4f8e00f4bf6bc5a464fed083b6023537
63d12a8f261546d73a80ca82cb431a7005369922
ba0d5b710f26e09c5a2486342d1dc90fc44492ce3b9d48703d055a7a9eed2bef
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/icons/ARTE_Icony_90x90px__Konzultace_zdarmaFIN.png HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/png
Content-Length: 5413
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:29:57 GMT
ETag: "5b4da905-1525"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Az%2FsWFgWm7gc9Dab7jIf2JkT0%2Bknsg326A%2FVSkdVcyE6Nnpkw2hF2V2uS8eTu8occ6tiMczbqD4INGdEqp8gFbjwHXEVdX5iCGm7eT9Zh1%2BTHlPv5pgAkb5lAndvtjM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99bf91db509-OSL
alt-svc: h2=":443"; ma=60
www.estheticon.cz/widget/review_extended?com=351558&h=44c9a87e4d0274c3d512f56c7a529dea&v=10
200 OK 1.1 kB URL HTTP/2 www.estheticon.cz/widget/review_extended?com=351558&h=44c9a87e4d0274c3d512f56c7a529dea&v=10
IP
File type HTML document, Unicode text, UTF-8 text, with very long lines (2792)
Hash 75cb75f72110e6b473c154c0fcb16c92
1b721ca8126e225ee2075dd95de9470f1b670eb9
b66c954ca5446cf4deb0aea32017678859a2385ef11e7a8bb302297f5c84319c
GET /widget/review_extended?com=351558&h=44c9a87e4d0274c3d512f56c7a529dea&v=10 HTTP/1.1
Host: www.estheticon.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 1080
date: Thu, 26 Jan 2023 22:57:51 GMT
server: Apache
set-cookie: PHPSessionId=841c663fcfab586db218fcc6d69a07d2; path=/; domain=.estheticon.cz
content-encoding: gzip
x-ua-device: pc
x-captured: DID NOT
cache-control: no-cache
x-varnish: 74671257
via: 1.1 varnish (Varnish/7.1), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j6yXwrbOELdF_W-aNqakS036-YqHzYrcRewMoDvPibTZbDqN8xNilQ==
age: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/XF__pwNp8Dg
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XF__pwNp8Dg
IP
Hash e394d481caad28eb233807805ce093c6
4583dabc829c84158ca40342d7aeb8812a386b04
512c8946272a7786859db66b5a3b5dd6c723ffa04f804b5afaac1a453b8ff98b
POST /s/gts1p5/XF__pwNp8Dg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mutskii.buzz/images/images/stredni-operacni-sal.jpg
200 OK 86 kB URL HTTP/1.1 mutskii.buzz/images/images/stredni-operacni-sal.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x853, components 3\012- data
Hash b83628252cfa90b5bafd2cde93594d11
4af0ce4d9fe51fe8e1898d982d704eb746ce3f3e
f89b7d78b4bf0398d498301bb57825ccf71716e304c351c25a0d150b871610d2
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/images/stredni-operacni-sal.jpg HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/jpeg
Content-Length: 85886
Connection: keep-alive
Last-Modified: Sat, 15 Sep 2018 13:25:47 GMT
ETag: "5b9d085b-14f7e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wUXa5La10gxo9NWxIdmZF6lw4V%2FrEjymJuXPobvJOdAM9bK6F2VQzctOQRhqZrJI7ruk5dLEBUarj%2BZxA1vJDLhyhtKpnr8IjTgrmJiLifazjcigwuPDk%2Bklzzp17U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99b8fd1fac0-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/images/arte-clinic-brno.jpg
200 OK 98 kB URL HTTP/1.1 mutskii.buzz/images/images/arte-clinic-brno.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x853, components 3\012- data
Hash 5125d0982f762b785645b24b313affab
98c8a61fcd8b221e517fa87e182882159ca87528
245af1f77399ce82c52761f9ce7caca3a8a83f815e4cbea0de42c92f8c3a7b36
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/images/arte-clinic-brno.jpg HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/jpeg
Content-Length: 97996
Connection: keep-alive
Last-Modified: Sat, 15 Sep 2018 13:25:44 GMT
ETag: "5b9d0858-17ecc"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eKuq0TKjtDJgczns0%2BGhu3uMqRRjuvGmw2tfIf0Dn%2BM7aaqWntXgyBpPsChqjwcCEMBmWJAG%2B1hHces%2FPJjoX0qJj4QV%2FQHmHyFzpAZdbtpR1Ak0IxzKhY76CTp7zs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99b88240b51-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/SerdevSuturesLift.png
200 OK 5.9 kB URL HTTP/1.1 mutskii.buzz/images/SerdevSuturesLift.png
IP
File type PNG image data, 500 x 140, 8-bit colormap, non-interlaced\012- data
Hash 44c12a2fdf98c592cf71dcffb83b2761
6cc5cd9da3c456ea7dd591bc6d8a6d0abffdbcd6
9d79820f19620fae3533f488212e3ad438e5244650dc92c557e54a16d8fe166f
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/SerdevSuturesLift.png HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/png
Content-Length: 5869
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:25:53 GMT
ETag: "5b4da811-16ed"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYBH96UUbc8l%2FVMPulZT605uEhoEAsy7uhDhuE28IcZaKOmJH1US5hF90ej1IlWq61md2Tj%2FjcTMqMh5uQhBpG1gVJGOg3g%2FWtmcqzQ2IRgJ1HT%2Bwx%2B20Vj1HN3kM%2BI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99c394fb509-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/icons/ARTE_Icony_90x90px_SerdevSutureLiftTMFIN.png
200 OK 5.5 kB URL HTTP/1.1 mutskii.buzz/images/icons/ARTE_Icony_90x90px_SerdevSutureLiftTMFIN.png
IP
File type PNG image data, 90 x 90, 8-bit colormap, non-interlaced\012- data
Hash 9ce3a9e6d27faff12c444dc263d8203e
062617a054861dc0fc323daa4414ecec913ee387
fe197c5e8a2adafdfafe10b60e31230b0517a0bff4e8a1ff70900fdd305bc57c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/icons/ARTE_Icony_90x90px_SerdevSutureLiftTMFIN.png HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/png
Content-Length: 5479
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:29:56 GMT
ETag: "5b4da904-1567"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVWMv3AH0SmkJnmr7JigUd5ZAM94kAZxtNAapNR6NuynG5KNm6Ui3DStnEvnqvgA4vE9mDtsF9Po73oWB84V8eMUx06czTVjIUhG7zbev006ulINmmIYc6RiZfP62bg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99bfee31c0a-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/icons/ARTE_Icony_90x90px_Lekar_na_Tel_FIN.png
200 OK 5.1 kB URL HTTP/1.1 mutskii.buzz/images/icons/ARTE_Icony_90x90px_Lekar_na_Tel_FIN.png
IP
File type PNG image data, 90 x 90, 8-bit colormap, non-interlaced\012- data
Hash 7169f8d3d83c68a359b8ff6fa5143bfb
843d11f4e7df93c6aa3ff059b64fcfadf3bf4778
1e2071e1aa5362c6d4732e87efe3defb91a0fd7ae1f32b172975cdcdc587bd9e
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/icons/ARTE_Icony_90x90px_Lekar_na_Tel_FIN.png HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/png
Content-Length: 5138
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:29:56 GMT
ETag: "5b4da904-1412"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51zCJtAiWrZpA0KY0QFstMrqfXukp8rdA5mdcaSw6y9hOu0k%2B1trTD731MKhhKuR4w1H4E0wsnRSddD5Sdv3bwDIHpwCeRUK8IHRncuiwh%2FyqkK9lTGTY3rXJuGNNus%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99bfb40fabc-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/images/cekarna-arteclinic.jpg
200 OK 54 kB URL HTTP/1.1 mutskii.buzz/images/images/cekarna-arteclinic.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x853, components 3\012- data
Hash ab58e662019ea5536bf0eb5541393a37
88ca72310ed29e7f00824603cb7db37a7cead5ac
39882568af57c47a19b152d0f37ae5f7f0646bb258bd7e566dc7b584e62732ae
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/images/cekarna-arteclinic.jpg HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/jpeg
Content-Length: 54524
Connection: keep-alive
Last-Modified: Sat, 15 Sep 2018 13:25:45 GMT
ETag: "5b9d0859-d4fc"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lf4Kcz2pXm0D8cwzufP5%2FDD9ID33lPNjzUs9ceW7aH6jHJQOLhHWxi5ha5XUCbTuL7RUksdYVRa%2FnE4PV2NFZQ1mrJLixDtVKy9jOm7yHwU4%2FCwCg73L6RCqSIppchk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99c0ea0b4ff-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/icons/ARTE_Icony_90x90px_Komplexni_pristupFIN.png
200 OK 4.7 kB URL HTTP/1.1 mutskii.buzz/images/icons/ARTE_Icony_90x90px_Komplexni_pristupFIN.png
IP
File type PNG image data, 90 x 90, 8-bit colormap, non-interlaced\012- data
Hash 284e59e564dbfc64a518ca9b75dcf895
0198cd9aa6e0b00fba4684e2ff6bbe46dc8305b2
d65cce534537d4ccf84d7b8716a4ee5196808646fecd1fa02039edc609920bb9
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/icons/ARTE_Icony_90x90px_Komplexni_pristupFIN.png HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/png
Content-Length: 4667
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:29:56 GMT
ETag: "5b4da904-123b"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pag1S0VvBo8lVzg%2FHuCKxjUpBEwsY%2B0ujdB66wmA6sa9mkJO1WAy%2BKg3bt%2BWJiopkXG4WPYQpPNIH7uk4ny2hvEgXCaRMdS6x6mEtvNKihmBRG8HIiGsDRQP6tKb3DE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99c89adb509-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/logo2.png
200 OK 4.4 kB URL HTTP/1.1 mutskii.buzz/images/logo2.png
IP
File type PNG image data, 205 x 59, 8-bit colormap, non-interlaced\012- data
Hash 40fd96c2e38ea6841b87f61d377e1aba
0e3421eff6ff1d239335c79950abca5621675380
d357c53ffb5e432e999447d5dd96b4b9067ad9f53532fc939a6daff96916c26f
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/logo2.png HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/png
Content-Length: 4352
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:25:45 GMT
ETag: "5b4da809-1100"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmGkKzPZebPqh%2F%2F4cRB8m9K7F1wi8P2qMgnwXvuo%2B5OHnQwHBWBpIG3KdJoURYYmf6jNRbd2nP3h1fbMLRpcnOIfxOqElTj9Ji3F2cUfFll%2FrEqi1X90XxPxGJoLSkY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99c88d40b51-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/icons/ARTE_Icony_90x90px_Vernostni_program.png
200 OK 5.1 kB URL HTTP/1.1 mutskii.buzz/images/icons/ARTE_Icony_90x90px_Vernostni_program.png
IP
File type PNG image data, 90 x 90, 8-bit colormap, non-interlaced\012- data
Hash d9163c367954eb710ee290f6980d3b9e
ba23cd9e7a0b10a86381d724f3657bc57f2ec7fe
7a984f8085c1d60f2f6ee5e3edf56b2472fe8634c44c86448e0ef0db8bdf6dc2
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/icons/ARTE_Icony_90x90px_Vernostni_program.png HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/png
Content-Length: 5100
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:29:56 GMT
ETag: "5b4da904-13ec"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAA6la3kNbPMACdL6N%2FRJoJtyD8zr4gjt9cpjlDsR06XBviAKbnpY8tgHG9qQqhmkINgAQHV%2BdRJezOSD4C0MeVdhOYfl32OnN6LehIjosXDd%2FlfEX1nl%2F05AfqBfz8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99c8f6a1c0a-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/icons/ARTE_Icony_90x90px_Vysoka_spokojenost.png
200 OK 6.0 kB URL HTTP/1.1 mutskii.buzz/images/icons/ARTE_Icony_90x90px_Vysoka_spokojenost.png
IP
File type PNG image data, 90 x 90, 8-bit colormap, non-interlaced\012- data
Hash fe0fe9e71ec55479b1517f20231a3a89
ac0f037937acbadf91fb50b5371af5955771c34e
ef07ae6db306a84447840435b89f49ef5693252d46297d8627012f26b6da13bd
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/icons/ARTE_Icony_90x90px_Vysoka_spokojenost.png HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/png
Content-Length: 5979
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:29:57 GMT
ETag: "5b4da905-175b"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3oQ8CTDdbOuJPRCRaJSiQevUwYdOBlQJ1M7MKBjTBrwnTOUUiBJOeWewSqNfiNX4cNL6KkjjAcW4jWn%2Bgr6q07hE4bYdQBEFDovGzIQO39GQtC6c7Q3pAiZAmXGMzY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99c8843fac0-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 22:49:01 GMT
age: 531
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mutskii.buzz/templates/joosa/css/font-awesome/fonts/fontawesome-webfont.woff%3Fv=4.0.1
200 OK 44 kB URL HTTP/1.1 mutskii.buzz/templates/joosa/css/font-awesome/fonts/fontawesome-webfont.woff%3Fv=4.0.1
IP
File type Web Open Font Format, TrueType, length 44476, version 1.0\012- data
Hash fb0869e352d83a49579e9cd4d9ac1c6b
2277b24e7a512d1b298fbe085d06eae3f92ec2c4
c151a7e68aedc7bd4d84cb2096e92ee2f055c16be01c2ba027acd38b6cc9d52a
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /templates/joosa/css/font-awesome/fonts/fontawesome-webfont.woff%3Fv=4.0.1 HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mutskii.buzz/media/com_jchoptimize/cache/css/f132831636a69ae76a5369a1baf87efdec7036b2b03cb95b8dbe7f6386ed0143.css
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: application/octet-stream
Content-Length: 44476
Connection: keep-alive
Last-Modified: Thu, 27 Jan 2022 08:27:02 GMT
ETag: "61f25756-adbc"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=veGcAfXyp9gw37HuSKDlvFJmqo8BA4FhOt2bZ8kA0WP8Bbnw7AOFIgCfy26C0JrYXMuzPO%2F2GtTxr%2F15v923pnXyYFZb%2F%2FUP6%2BGv13WicbT7YCtflQSEnLoGaEx8xHU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78fcd99caf4cb4ff-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/images/operacni-sal-arte-clinic.jpg
200 OK 78 kB URL HTTP/1.1 mutskii.buzz/images/images/operacni-sal-arte-clinic.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x853, components 3\012- data
Hash 79356e5781a0c5f15c0c1eab95100080
daf33c0b7fbd7163c45741e0232e8f985b13e72a
488cae248bd0200b8a2ba4bde860f2cbec90e05c6a7578e47c5e856bd7022b17
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/images/operacni-sal-arte-clinic.jpg HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/jpeg
Content-Length: 77476
Connection: keep-alive
Last-Modified: Sat, 15 Sep 2018 13:25:46 GMT
ETag: "5b9d085a-12ea4"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9iZPqOiIYRyV2zeBDtouHDQeR1zrCXEGGOABAVCNaJ7tZriMBDCFr9Ug19bFne2hshFt5h4MeeG6%2Fq0qzHqDlyriYMwORVcU3GslPo9gJreOTDAqG76vlKv9z8niJE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99c8b8efabc-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mutskii.buzz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 273911
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mutskii.buzz/images/ico_footer_youtube.png
200 OK 1.7 kB URL HTTP/1.1 mutskii.buzz/images/ico_footer_youtube.png
IP
File type PNG image data, 33 x 28, 8-bit colormap, non-interlaced\012- data
Hash 098f30a0e4ed95de939ab1972d9dcf5f
f9fed37500befc2a765c1943ae13290841525092
515844b4719ee01074d4146adaff0f50a2c84aa7b5ed3f8ddaae7a01a627d5f7
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/ico_footer_youtube.png HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/png
Content-Length: 1670
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:25:41 GMT
ETag: "5b4da805-686"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FNDAw%2FGPtU8AfapjSRTqen7JumnYciva21JvnZrkqvm9Awkjh%2BzLfPIsGbNxiXNq6zcLYlW%2FZ%2BfclpT1yacYd4TGeNmhC2zwCMv9EdyMYbd5WimRq8bqdhh3%2FYHVtY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99cf871fac0-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Hash 3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mutskii.buzz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 10:24:39 GMT
expires: Mon, 22 Jan 2024 10:24:39 GMT
cache-control: public, max-age=31536000
age: 390793
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mutskii.buzz/media/com_uniterevolution2/assets/images/dummy.png
200 OK 3.3 kB URL HTTP/1.1 mutskii.buzz/media/com_uniterevolution2/assets/images/dummy.png
IP
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash 965d6394e883d841597c6fc4285e8a60
0dda61735f2bcd092e9c924934c1ae0621c69144
695dfce5465f088fe190a3c79095a31d393c5a0d5031082e5af3b12b650ecea1
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /media/com_uniterevolution2/assets/images/dummy.png HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/png
Content-Length: 3279
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:52:25 GMT
ETag: "5b4dae49-ccf"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOZ9FWxoZV%2Bxy9iJ3oE1MHTERJrIPzlHb9gzsI689X2g29ZX06kl1NK8VJjaWloIWYFEnocHFNY1sXkquJa%2FE%2FQ1qIjh8G%2BD8DC131%2Fmu%2Bz171IbjhNo2JZ0wA0Rpn8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99cf9150b51-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/images/odpocivarna.jpg
200 OK 41 kB URL HTTP/1.1 mutskii.buzz/images/images/odpocivarna.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x853, components 3\012- data
Hash e2efb4210675772aa35b3222e14a3687
36202899049c58905ba04d2e7448f253e366f1a9
eaa3553d723d8c3fed8e21ef174c37a6349477b2e80920e5a71f6e72b4135dc5
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/images/odpocivarna.jpg HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/jpeg
Content-Length: 40875
Connection: keep-alive
Last-Modified: Sat, 15 Sep 2018 13:25:45 GMT
ETag: "5b9d0859-9fab"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHk1MqX0P%2FihB1cEIgTX6IpcO4CcDpwdHLhII%2Bmg2hw0bXC4N3zUOoOIPWfVIzP1qhNa%2FcyrcAYgH38Lnt8VcT%2BWa6gKf7pI6VDouyvdXkQpEyJsmd2sqfGhyx%2BO%2FMs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99cffdb1c0a-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mutskii.buzz/images/slimlipo.jpg
200 OK 9.8 kB URL HTTP/1.1 mutskii.buzz/images/slimlipo.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x127, components 3\012- data
Hash 02de1dead1624e8d33f6c91e9fd9d5a5
c8ed30168e14acd916c1bc8c801ac66928131ea8
73d13902246cd2ca8abe0a2e362cc4f51008c048effe28b14cb8b6e13f1a82cb
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/slimlipo.jpg HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/jpeg
Content-Length: 9846
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:25:54 GMT
ETag: "5b4da812-2676"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BntC8sBOPA9bYEoG54FlDUacgKTllC9kRuJVku3CGyHvDGqtXM44nValB5LNdyX3gOZ%2FnMeZBVw1fFt4R7QUIV8vz5zpxNzW9iYY7ybhJ7bBfiCzzl7StguT0CvdzI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99d5894fac0-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/templates/joosa/css/fonts/glyphicons-halflings-regular.woff2
200 OK 18 kB URL HTTP/1.1 mutskii.buzz/templates/joosa/css/fonts/glyphicons-halflings-regular.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /templates/joosa/css/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mutskii.buzz/media/com_jchoptimize/cache/css/f132831636a69ae76a5369a1baf87efdec7036b2b03cb95b8dbe7f6386ed0143.css
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: font/woff2
Content-Length: 18028
Connection: keep-alive
Last-Modified: Thu, 27 Jan 2022 08:27:03 GMT
ETag: "61f25757-466c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snN5mLBzd%2F0mIW%2FUiniU%2BYitNEhxXN%2BBF%2BEaLd9ud5OYPgOb7efECB5Vvd3PepSprMeh4mm7O8HX%2B%2FUemI6C1AELKFDrzj38ve0j3%2Fy4sNGisWcjNZGUL934vtfcNSM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99cc9eab509-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/categories/ARTE_Kategorie_275x170px_Ruce.jpg
200 OK 7.8 kB URL HTTP/1.1 mutskii.buzz/images/categories/ARTE_Kategorie_275x170px_Ruce.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 275x170, components 3\012- data
Hash d9aa3dfccac2d961400015863aa7b79f
b7468603834a1f8070dded90a6a7810ca5daba72
55155093dbafe49098ad9f53b75c9707ed1f1d381c4fe31cfb35c528daf2dd46
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/categories/ARTE_Kategorie_275x170px_Ruce.jpg HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/jpeg
Content-Length: 7788
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:26:03 GMT
ETag: "5b4da81b-1e6c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQYytuNOR9NA9yBeTRBJg3WTK7eNZ29qs66ZIwzhKUvG2otIIF%2BykYU8u2D%2BQGkgMqe20uaNj0rkNTqbM1DO4959yuvfv%2BzWELArAFX%2FSqJqe5mJd8DWCKFGS4zhHuI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99d2ff1b4ff-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/categories/arte-clinic-specialista-na-lifting-obliceje.jpg
200 OK 6.9 kB URL HTTP/1.1 mutskii.buzz/images/categories/arte-clinic-specialista-na-lifting-obliceje.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x257, components 3\012- data
Hash 17bf4433207cf70328707d84038744dc
8b19e3a93ae929f13807fa726d35ecda03011af7
0ba9b59b9ba3c26cd527d4b4bd2bc64a04640bd483c0bd678f7b110ce6f6f6ec
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/categories/arte-clinic-specialista-na-lifting-obliceje.jpg HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/jpeg
Content-Length: 6876
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:26:01 GMT
ETag: "5b4da819-1adc"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GiHbiecV%2FGGxo1BsjtPIUgwuN%2FaLPeXvbQ%2BEDYQpNFkIS67wpGPYrVOS%2BlEH7qnjg%2FP%2BDodnLHZK43ofPYzAoaitH79T2FRT2HPfzBnlCTl%2BerLw4lcloTHRW2w8ilo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99d3bfafabc-OSL
alt-svc: h2=":443"; ma=60
www.estheticon.cz/img/menu/widgets/partner/CZ_stamp_rs.png
200 OK 16 kB URL HTTP/2 www.estheticon.cz/img/menu/widgets/partner/CZ_stamp_rs.png
IP
File type PNG image data, 254 x 220, 8-bit/color RGBA, non-interlaced\012- data
Hash aa28b170af2c9f0ae60a8307bd3b8144
a841f7fce987f2ee0315ecb1c61ba8b0dfcba69a
1795374e5c360b561ac844b10d4402b20bbaa40954d5dbe3a3ba95c6768ac1f3
GET /img/menu/widgets/partner/CZ_stamp_rs.png HTTP/1.1
Host: www.estheticon.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 16165
date: Wed, 18 Jan 2023 14:33:10 GMT
server: Apache
last-modified: Mon, 09 Jan 2023 10:00:51 GMT
etag: "3f25-5f1d1d796dac0"
cache-control: max-age=2592000
expires: Fri, 17 Feb 2023 14:33:10 GMT
x-ua-device: all
x-varnish: 84070913 29478235
via: 1.1 varnish (Varnish/7.1), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: b5kckn4zvPsRGqorN7j0PH18c1i8LnjYYFGogKUBY0unx-xoUiwRvw==
age: 721481
X-Firefox-Spdy: h2
mutskii.buzz/images/okm.png
200 OK 1.1 kB URL HTTP/1.1 mutskii.buzz/images/okm.png
IP
File type PNG image data, 30 x 30, 8-bit colormap, non-interlaced\012- data
Hash 1ddffecf256082f4d767a0d72335fe0a
5f0eab206e0466abcee14e86f8e47007cadd741b
b49c7c17f84b34678676a6d700aa3e9a160b46ed97c1dadada929ed74152a1ad
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/okm.png HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/media/com_jchoptimize/cache/css/f132831636a69ae76a5369a1baf87efdec7036b2b03cb95b8dbe7f6386ed0143.css
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/png
Content-Length: 1091
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:25:49 GMT
ETag: "5b4da80d-443"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FlMqlTWTCSkR6wq78Gh8DtZMxnh6cCyFNIAzs8OsUudkw%2BbRn9Ed8TWYeHCOwf5YD4FiMkHycRfiBPkM0sk8sNJf%2F306todFnNFSkS5kRHd3rXoOn4y4q7RjxOHkos%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99d88411c0a-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/Mivel_v01.png
200 OK 6.4 kB URL HTTP/1.1 mutskii.buzz/images/Mivel_v01.png
IP
File type PNG image data, 300 x 138, 8-bit colormap, non-interlaced\012- data
Hash 0b5ab4ebf9f42f934095f7cf18e84558
a0b5a44da1cc4fadd48aebfd0efe83f9b04d5a58
137f768346a77c7abb184e0a6931aea4ba9cdd53d84fe522f1ec6dc77a920e63
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/Mivel_v01.png HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/png
Content-Length: 6449
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:25:48 GMT
ETag: "5b4da80c-1931"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sa%2BXkwwmqscQFdkAxdb8uldAyG0a16BVmB42iopdLuAJtGDV0KXn7QIWyw3FQ337MVBJ7LHvDqC9GMKKpJeNL77rBOd1gW7NjnqoGK5BC4%2FPpQOycfbFqDxAWGo%2BPFo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99d98acfac0-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/templates/joosa/images/title-hline.png
200 OK 148 B URL HTTP/1.1 mutskii.buzz/templates/joosa/images/title-hline.png
IP
File type PNG image data, 500 x 7, 4-bit colormap, non-interlaced\012- data
Hash 790cc5ed88a43bdfe90584899893637c
0723abce710fa3e197c9bf6c6209dc66fa5133a8
30cf8e5c92693055d988a069d7dd8b93ce750fa9c95b2fe610b9c377b5ef7f11
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /templates/joosa/images/title-hline.png HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/media/com_jchoptimize/cache/css/f132831636a69ae76a5369a1baf87efdec7036b2b03cb95b8dbe7f6386ed0143.css
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/png
Content-Length: 148
Connection: keep-alive
Last-Modified: Thu, 27 Jan 2022 08:24:17 GMT
ETag: "61f256b1-94"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzozebmkWozXCarMB5stq%2Bry5LxJFEsbwoVT0kCU1MKwl3N6tCtI%2FuhLqSEqccmy%2BMcXrKm%2BNFyyI2VPkaRAQP5sw6P9vRLv4KNF59hAJgKMppIpJzW4sZ4ibwpmm%2Bs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99d69610b51-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/categories/ARTE_Kategorie_275x170px_Krk_Sije.jpg
200 OK 7.2 kB URL HTTP/1.1 mutskii.buzz/images/categories/ARTE_Kategorie_275x170px_Krk_Sije.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 275x170, components 3\012- data
Hash 63ce2b8cf8f8d3b44dcb2439b99ceac9
8384cfe54ef97f5846e67f33769d4f9cd2c53a9c
dfb6824fc0962777935935e1e5681271d654324db68ced9502cd357e0f6b534b
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/categories/ARTE_Kategorie_275x170px_Krk_Sije.jpg HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/jpeg
Content-Length: 7236
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:26:03 GMT
ETag: "5b4da81b-1c44"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFUbHzTxCnV9T4ZFPv69vBvM1D5THr6EDxqvV9T6ycmLPR%2BsFNn5aOrb%2BxdqsQZeCZCCbZ7PEA5WyNAmefEYYkK89dfjSIYPGyPF%2BJR%2F0CTpvNoLm0dI%2FBqeeDCiO%2Bs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99d9ad1b509-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/images/ico_footer_fb.png
200 OK 1.6 kB URL HTTP/1.1 mutskii.buzz/images/ico_footer_fb.png
IP
File type PNG image data, 33 x 28, 8-bit colormap, non-interlaced\012- data
Hash e3bf95d31f34177980b73ec4be6181c8
7a0c2041b063de2b0894c46804ff0895445baa54
2dcff78f5abc4ad4f3ec9332b62a6062a2989201989931c1b11911f21dd49d44
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/ico_footer_fb.png HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/png
Content-Length: 1620
Connection: keep-alive
Last-Modified: Tue, 17 Jul 2018 08:25:41 GMT
ETag: "5b4da805-654"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zjxAi%2B4FGfyVTWoTGniBYc%2Bt6GSjML3G0aQqEvusyROHQTeX7L9XReOgBwJmf3wa4CKdBQNUF3jXlPP1FjI7WVj%2FeSJH3BSfKIFehUhnQHXXW7X2HnvPL%2BnN%2Fydbl0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99d9c3dfabc-OSL
alt-svc: h2=":443"; ma=60
mutskii.buzz/templates/joosa/images/title-hline2.png
200 OK 148 B URL HTTP/1.1 mutskii.buzz/templates/joosa/images/title-hline2.png
IP
File type PNG image data, 500 x 7, 4-bit colormap, non-interlaced\012- data
Hash f97073c982d6060f95c01ffa8c16e37e
8e18a29cd1ac03f94144fc6db6b88a946defa55d
fb043a6d6e2e2de3951c7724cee6229a61059bee32637acebe4484eadab3ec2f
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /templates/joosa/images/title-hline2.png HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/media/com_jchoptimize/cache/css/f132831636a69ae76a5369a1baf87efdec7036b2b03cb95b8dbe7f6386ed0143.css
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/png
Content-Length: 148
Connection: keep-alive
Last-Modified: Thu, 27 Jan 2022 08:24:14 GMT
ETag: "61f256ae-94"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9Gjki%2FScGNCXjHe0QC%2FrZeb9cpgzMTbESIHv%2BfAC039Yxs30lEeqUIKYvKj%2FHadLk9kDTnW5%2Fe%2BmUOLUBPPfbI%2FsNG3cOtHKjWmqO5z9QXXJuLdQfNytAEugaT8pAE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99d9893b4ff-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11148
Expires: Fri, 27 Jan 2023 02:03:40 GMT
Date: Thu, 26 Jan 2023 22:57:52 GMT
Connection: keep-alive
www.estheticon.cz/20220201/css/widget.css
200 OK 1.4 kB URL HTTP/2 www.estheticon.cz/20220201/css/widget.css
IP
File type ASCII text, with very long lines (6104), with no line terminators
Hash 832d9bfce28dea8f4ce4797865974952
8e339fe50c1167e7dca6306192f6b465c603e7eb
cb408b34a4ba471042feea4fc4ec4ff46ef53711c5e4fd412e65ac3fde67c998
GET /20220201/css/widget.css HTTP/1.1
Host: www.estheticon.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1364
date: Thu, 26 Jan 2023 11:59:17 GMT
server: Apache
last-modified: Thu, 26 Jan 2023 11:33:03 GMT
etag: "17d8-5f3291c9fd9c0-gzip"
cache-control: max-age=2592000
expires: Sat, 25 Feb 2023 11:59:17 GMT
content-encoding: gzip
x-ua-device: all
x-varnish: 84841640 84646462
via: 1.1 varnish (Varnish/7.1), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
accept-ranges: bytes
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: w3UUiDL40-ThVvwzmZ6FUfT_zKiZi5rO1DVJVxXvzE4uiBtYn4N9oA==
age: 39515
X-Firefox-Spdy: h2
mutskii.buzz/images/images/zakrokovy-salek.jpg
200 OK 43 kB URL HTTP/1.1 mutskii.buzz/images/images/zakrokovy-salek.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x853, components 3\012- data
Hash 9d48de9ea05e1d8757ecec77025502ff
800c3e40d87ea32b3120f78c59800996776f535c
f94bbf6b11bfbc6cd2845adfc58c208e92127a4a0238a074c9643322520f30e2
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/images/zakrokovy-salek.jpg HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/jpeg
Content-Length: 43085
Connection: keep-alive
Last-Modified: Sat, 15 Sep 2018 13:25:47 GMT
ETag: "5b9d085b-a84d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ST623XLsbFmLFQ%2BvL2eilog%2BvqthWQI%2F74Yfy9jTxcqCbG%2F2Bsxk7NlXMWLLOYIQ94A4Nxc2y%2B8WbaPaeHun4329hLD7erC6VN3kIogLIuakDVoZt4be2Xo4lV8zmlY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99dc8871c0a-OSL
alt-svc: h2=":443"; ma=60
www.estheticon.cz/site/own/star_5.png
200 OK 1.9 kB URL HTTP/2 www.estheticon.cz/site/own/star_5.png
IP
File type PNG image data, 288 x 52, 8-bit colormap, non-interlaced\012- data
Hash 945fde111917efe72ad08540a7844e9f
b1dd0e3c5c681490338f6ed2b21d747220a19245
075b30071b725c1b282f5e926f0d1a8a08cbebf29b6d3c63595097c34279d750
GET /site/own/star_5.png HTTP/1.1
Host: www.estheticon.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1854
last-modified: Mon, 25 May 2020 09:12:40 GMT
x-varnish: 9899656 8421152
accept-ranges: bytes
date: Thu, 26 Jan 2023 21:27:13 GMT
expires: Fri, 27 Jan 2023 01:27:13 GMT
cache-control: max-age=14400
etag: "73e-5a67561789045"
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Uz3e7novjFaISC6bMNHt34kTJklXOcmqlvH0yq31zyc1mPfduYzPVw==
age: 5438
X-Firefox-Spdy: h2
mutskii.buzz/templates/joosa/images/scroll-top-arrow.png
200 OK 436 B URL HTTP/1.1 mutskii.buzz/templates/joosa/images/scroll-top-arrow.png
IP
File type PNG image data, 40 x 40, 8-bit colormap, non-interlaced\012- data
Hash 6f560a7851acdcc628a7436582c64ce6
e994b3f03abb7869a07c7798af5401dcbd183a72
ae1354de06407d6e694bdb6dc9e143a3f70dd44a9594010cde0b6c01f56f6671
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /templates/joosa/images/scroll-top-arrow.png HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/media/com_jchoptimize/cache/css/f132831636a69ae76a5369a1baf87efdec7036b2b03cb95b8dbe7f6386ed0143.css
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/png
Content-Length: 436
Connection: keep-alive
Last-Modified: Thu, 27 Jan 2022 08:24:14 GMT
ETag: "61f256ae-1b4"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7DiDK1koyJtyOrtgazbtVYXj7nyUFcxyhDgG8AMAhZa5XGwzRj5ldMUEFhFXso0adZF1BLjcL%2F31I6mFjUIes5Gytj%2FQbqYrX4CSJ2zvohzAhDU%2F%2BhBDj%2B2VIWNL0c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99e09de0b51-OSL
alt-svc: h2=":443"; ma=60
c.seznam.cz/retargeting?id=36929&url=http%3A%2F%2Fmutskii.buzz%2F&consent=-1
301 Moved Permanently 0 B URL HTTP/1.1 c.seznam.cz/retargeting?id=36929&url=http%3A%2F%2Fmutskii.buzz%2F&consent=-1
IP
ASN #43037 Seznam.cz, a.s.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /retargeting?id=36929&url=http%3A%2F%2Fmutskii.buzz%2F&consent=-1 HTTP/1.1
Host: c.seznam.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
HTTP/1.1 301 Moved Permanently
location: https://c.seznam.cz/retargeting?id=36929&url=http%3A%2F%2Fmutskii.buzz%2F&consent=-1
date: Thu, 26 Jan 2023 22:57:51 GMT
server: envoy
content-length: 0
c.seznam.cz/retargeting?id=36929&url=http%3A%2F%2Fmutskii.buzz%2F&consent=-1
200 OK 38 B URL HTTP/2 c.seznam.cz/retargeting?id=36929&url=http%3A%2F%2Fmutskii.buzz%2F&consent=-1
IP
ASN #43037 Seznam.cz, a.s.
Hash 3c5b7b0fae90f7792c240c2d4586cc88
49c65807386ef41bf3c6aab3a73715fa0c74c623
211a5291736637d4e11bd8e02a3538a5e23d20ad79629422ba9a366c8469113c
GET /retargeting?id=36929&url=http%3A%2F%2Fmutskii.buzz%2F&consent=-1 HTTP/1.1
Host: c.seznam.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mutskii.buzz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
date: Thu, 26 Jan 2023 22:57:52 GMT
content-type: image/gif
content-length: 38
set-cookie: sid=id=11247069243730764860|t=1674773872.472|te=1674773872.472|c=838EBF2F60E6E4365F7A5BCB4B78FA1C; Domain=.seznam.cz; Path=/; SameSite=None; Secure; Expires=Sat, 25-Feb-2023 22:57:52 GMT
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: deflate
x-request-id: 126ba11c-2fe2-4894-b0cb-5e5ce4a9bad6
x-szn-hostname: rtghitserver-767b849586-lhzdf
x-envoy-upstream-service-time: 3
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-openrtb-version,x-sklik-trace
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
mutskii.buzz/templates/joosa/favicon.ico
200 OK 279 B URL HTTP/1.1 mutskii.buzz/templates/joosa/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash ab1f3aaebd392c0fb5a30f8ae9662a5c
516ac7b0101343b0e8ed09009215e0a43c4a6030
85e49925196198cbbd4c71c148c35e05d3d71a28ed071741e0f043d986afbe16
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /templates/joosa/favicon.ico HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutskii.buzz/
Cookie: PHPSESSID=30c2bu4vqlcrnb8voru4ophbe2
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:57:52 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 27 Jan 2022 08:24:08 GMT
ETag: W/"61f256a8-47e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FctjwA%2BRbdtw9YCedwC%2FzaiMpRAbAC5oA0Fq1JZeSk2c1lHiQxU0FXmzPIsCSSQSRVbQ%2FWgRuMLmclCi9UNpeeM%2B12YtyEXpPkoSsxIbs8FoHdc5RxG6t7YKt6EiR0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcd99f2ab40b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d098f18e004f0c0d89fc8737e5eb0c60
74ca301313d01da221a927c6c0762f431f64a43e
e9005f63c901bb5ced7c9cc8f2a0d39d4ac5025a263bce059ec7b27be64f90dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion.js
200 OK 17 kB URL HTTP/2 www.googleadservices.com/pagead/conversion.js
IP
File type ASCII text, with very long lines (2772)
Hash 04ec73ef2e5b66c5c39789225ef6f3b4
2ab347c238be13f67eca677342a5908069c0f7f4
5fe85656bf935a0c9eb402c514de0373da700f53a7bc64071c54c3a8cb6d4cf5
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 26 Jan 2023 22:57:52 GMT
expires: Thu, 26 Jan 2023 22:57:52 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 9276738928452068410
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 16812
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mutskii.buzz/modules/mod_maximenuck/themes/css3megamenu/css/maximenuck.php?monid=maximenuck485
404 Not Found 492 B URL HTTP/2 mutskii.buzz/modules/mod_maximenuck/themes/css3megamenu/css/maximenuck.php?monid=maximenuck485
IP
Hash 74956eb11df8ee60d917ce2bfcad5a25
eac40dbfd523a4255b71f25aa546d597b541febd
39a81e74b859455defddf524091d0bf6c5e3287bc71a71429d6df75320ced22b
GET /modules/mod_maximenuck/themes/css3megamenu/css/maximenuck.php?monid=maximenuck485 HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Thu, 26 Jan 2023 22:57:51 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDQRKkVpffhdWCsD%2BxisGFfh%2FBkWTpyg6Xm7PAXk7DtFP22h2kW7qlUC%2BXGedeVdCLCC18LN6I4TND%2BOAyme5xU39%2BoEWCTUSpsYlPO9Kjw2vs5nvGGrDv1DZznTiSs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fcd99afb821bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7b8dcc42710b2f68c0ec782d2b2a3ae3
b865da423aa26e774270b8e3942b6fbe76793133
2da0fcf67d020f7c563946fca7ade89803cbe7cfe484f123640f8a9950b3f2b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mutskii.buzz/modules/mod_maximenuck/assets/fancymenuck.js
404 Not Found 101 B URL HTTP/2 mutskii.buzz/modules/mod_maximenuck/assets/fancymenuck.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash acdae3fba5ff9e436647ccccea48e726
b82bfebf5fc840eaa176f61924254e509e23c0ad
2f58451132cdb1644c26990c0d7aa7e6e04c2271be3c0c25011c147a51082540
GET /modules/mod_maximenuck/assets/fancymenuck.js HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Thu, 26 Jan 2023 22:57:51 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FgXAWosj%2FKM1Bgz5zKg7IioF5OO0tl1X%2B0WPbDuB6inF5oWdyrnmxOrtv5mcM0RAPw%2FcsaEy9BQ20bglbMdEzbA6lU4ryFHmxyxwcbvFFzrV%2BorL1jLGWAsNIkxbLg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fcd99a9b2d1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/955209622/?random=1674773872495&cv=9&fst=1674773872495&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fmutskii.buzz%2F&tiba=Klinika%20plastick%C3%A9%20a%20estetick%C3%A9%20chirurgie%20-%20Arte%20Clinic%20Brno&hn=www.googleadservices.com&rfmt=3&fmt=4
200 OK 957 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/955209622/?random=1674773872495&cv=9&fst=1674773872495&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fmutskii.buzz%2F&tiba=Klinika%20plastick%C3%A9%20a%20estetick%C3%A9%20chirurgie%20-%20Arte%20Clinic%20Brno&hn=www.googleadservices.com&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2197), with no line terminators
Hash 00f4dfc71c7c7516468a9cc44d8a280c
9d300eb23f8104191c5a8aa12ec221c4dddf4305
44dd533d508d79adfacfa80d9fe5f166e8c598aa5f8629ab4fe6706a44f95cfb
GET /pagead/viewthroughconversion/955209622/?random=1674773872495&cv=9&fst=1674773872495&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fmutskii.buzz%2F&tiba=Klinika%20plastick%C3%A9%20a%20estetick%C3%A9%20chirurgie%20-%20Arte%20Clinic%20Brno&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 22:57:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 957
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Jan-2023 23:12:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7b8dcc42710b2f68c0ec782d2b2a3ae3
b865da423aa26e774270b8e3942b6fbe76793133
2da0fcf67d020f7c563946fca7ade89803cbe7cfe484f123640f8a9950b3f2b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3ebf9d7211aba4c70b84fb470a61b414
28fe29a24e47d6abda88eeeb5e22eddda03c7fca
a8276e099d9d8452b65b70d161a459fae25afb37cea7eff9cc5563b7de972acc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c8a0d6bc80301700d6fb1d520beb8b49
f33a1a1e491fcd6ca31360b28b092457a2d48f23
ef0535b52ccb717c1200d5974ea8841b92f655234d67ace0e71c1ec7f5fbb3f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/955209622/?random=1674773872495&cv=9&fst=1674770400000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fmutskii.buzz%2F&tiba=Klinika%20plastick%C3%A9%20a%20estetick%C3%A9%20chirurgie%20-%20Arte%20Clinic%20Brno&fmt=3&is_vtc=1&random=4035400904&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/955209622/?random=1674773872495&cv=9&fst=1674770400000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fmutskii.buzz%2F&tiba=Klinika%20plastick%C3%A9%20a%20estetick%C3%A9%20chirurgie%20-%20Arte%20Clinic%20Brno&fmt=3&is_vtc=1&random=4035400904&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/955209622/?random=1674773872495&cv=9&fst=1674770400000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fmutskii.buzz%2F&tiba=Klinika%20plastick%C3%A9%20a%20estetick%C3%A9%20chirurgie%20-%20Arte%20Clinic%20Brno&fmt=3&is_vtc=1&random=4035400904&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 22:57:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mutskii.buzz/modules/mod_maximenuck/assets/maximenuresponsiveck.css
404 Not Found 143 B URL HTTP/2 mutskii.buzz/modules/mod_maximenuck/assets/maximenuresponsiveck.css
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 5cbdba482a349507fc860459c36eabc3
d0e5582c1431a32d25d876d4c9d7556f3264e14b
6f77b643b62cb3a58f0e3e1b6dffd889a3c2ccf1274318e1d4d132fed1e3f34a
GET /modules/mod_maximenuck/assets/maximenuresponsiveck.css HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Thu, 26 Jan 2023 22:57:51 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rneq6suJe0Fan3vAJM4wSiEmBmvlqoD8KfFhDH3vAp5qQK2tAdAuOJlcIzHLQ2ofS3vnk8vguTOkvxuSOIyoNXT31ClW9xlUOUHQC81tsNFkbTyeMP3WZsFOaN7NPo0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fcd99adb711bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mutskii.buzz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 09:41:19 GMT
expires: Wed, 24 Jan 2024 09:41:19 GMT
cache-control: public, max-age=31536000
age: 220593
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 97ccaa279f6ade845b71b57615d40388
5186089108dca0136feab418da66a9e027c7e427
515128c713e98c9a0546c35d9a1e0719057136509b5b2312e4af56a9acc80ec2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWt06F15M.woff2
200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWt06F15M.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 33340, version 1.0\012- data
Hash 1462fe121afeab5c279708499e475089
14b1b57c47e44fd469892eb64d7d5d594203c0e0
d0b5f2cb38ee6588b4c127c9d32c5bdc2f3530cc294bd9867f11a17b1236a2ad
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWt06F15M.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mutskii.buzz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 20:58:24 GMT
expires: Thu, 25 Jan 2024 20:58:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:15:47 GMT
content-type: font/woff2
age: 93568
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c8a0d6bc80301700d6fb1d520beb8b49
f33a1a1e491fcd6ca31360b28b092457a2d48f23
ef0535b52ccb717c1200d5974ea8841b92f655234d67ace0e71c1ec7f5fbb3f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11408
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 22:57:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11408
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 22:57:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11408
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 22:57:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11408
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 22:57:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11408
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 22:57:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:59:56 GMT
age: 3477
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mutskii.buzz/plugins/system/jcemediabox/js/jcemediabox.min.js?d67233ea942db0e502a9d3ca48545fb9
404 Not Found 7.6 kB URL HTTP/2 mutskii.buzz/plugins/system/jcemediabox/js/jcemediabox.min.js?d67233ea942db0e502a9d3ca48545fb9
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 6004fde807fd0203d7d34b81238e0e9f
60193c70718839cb4f47995c247f42e238835d40
d586185fbf403101f812b7162301ff57423fba76348fedffd79d0aeeff2dd1a2
GET /plugins/system/jcemediabox/js/jcemediabox.min.js?d67233ea942db0e502a9d3ca48545fb9 HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Thu, 26 Jan 2023 22:57:51 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtb3MTJSYaInY%2FblMFzEn9plcKBjA1JrbFHjS1g5fJElYyn4b%2FBoXpdcN235yLWQLWSxds4ME5zg5YIEWeFzgeJnV6dmYPzyLzlsLJZlaOCJljlr53kRwSgB%2B7Ww9Y8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fcd99adb6b1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg
200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e96f3ea585b5fa8ed6446ed16e2b4b2
f90c205f370a2426dffe3c21b24bfa551b385556
6967ba25887f87200fcb39a3e6f065fd27596b2ebcf0d33a2751c655d6e724f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4272
x-amzn-requestid: e051c22b-c2ec-4e59-b29b-ba1464d8015b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRz28G13oAMFeeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d099c5-48b013ff34b9702a6d2fd560;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 02:53:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X4SfAYS0JvW4sUNqSuBERNBwaI_xgKugxZ76_fsih_LSnImMC7Pnzg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 12:54:20 GMT
age: 36213
etag: "f90c205f370a2426dffe3c21b24bfa551b385556"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7364957de1b4c82a923bd947f0cce750
d8aa55b64a65757e043b4b1b63efd93c8261d275
f1f7059968d08adfa1c775c906ecb6e5b752210af0bcdcebfa77c2ba6f15bbf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: 2946b91b-1d7e-4eba-966d-600ae368cd3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzVxGw1oAMF-xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce328b-04037751257e13ca156eee8d;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4TidB2H164ziAxKhEORFw4BBF0FB2pkkwNq3iMQfS4t7yObXCA59Pw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 08:40:53 GMT
age: 51420
etag: "d8aa55b64a65757e043b4b1b63efd93c8261d275"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59e67210-efa8-4704-9931-e876d7c8922b.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59e67210-efa8-4704-9931-e876d7c8922b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 262b43386e404cb3d320c47c4cf792c1
87f304f8583fe6b6e942a9dbcb5efb5ee94987f2
ca0f72005920b2b2f49c387314540f3cd2f3d7808f0365dfb1c491500e8a8714
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59e67210-efa8-4704-9931-e876d7c8922b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8065
x-amzn-requestid: 4a4a6d4c-9c4b-418d-be96-8a0d1de4828a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYVuHZsoAMFmWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca0757-74c21aa22d11c4240019a4b3;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TXXkkbJHyvwrly_-5FH0EIkRm4EwlDJxGWBHcbwax2H_ccfMfs-5PQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:47:08 GMT
age: 4245
etag: "87f304f8583fe6b6e942a9dbcb5efb5ee94987f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa4a77d-7ed7-4b76-bcb0-24d1679a5359.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa4a77d-7ed7-4b76-bcb0-24d1679a5359.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2dfd3530064d405643a31fedd4fd7618
d8268771360e609892c5506f3114dc4f73c0aad0
b4790125e39e400c30d640cd0c64497256168892405511ec3d43b03dc0e5715a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa4a77d-7ed7-4b76-bcb0-24d1679a5359.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10973
x-amzn-requestid: caff330a-0cc6-488d-be82-c09c2bb87408
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLQYTEduIAMFZkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdfa9b-1f26b225062c8465440cf460;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:10:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L-i1AEFIP6AoWwjds6n7ohyz-Ls1HoF9CXNJS7RRDFApBceBZXmoxA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 12:29:15 GMT
age: 37718
etag: "d8268771360e609892c5506f3114dc4f73c0aad0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Shadows+Into+Light
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Shadows+Into+Light
IP
GET /css?family=Shadows+Into+Light HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 22:57:51 GMT
date: Thu, 26 Jan 2023 22:57:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mutskii.buzz/modules/mod_maximenuck/assets/maximenuck.js
404 Not Found 0 B URL HTTP/2 mutskii.buzz/modules/mod_maximenuck/assets/maximenuck.js
IP
GET /modules/mod_maximenuck/assets/maximenuck.js HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Thu, 26 Jan 2023 22:57:51 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIZL4Rzlp8Kqc9e2L9rMxKSR%2BBhR0FmsUxkIvUEc5xeG8p0rUzdrkbQFOWt9%2FSr2IdfjiA9D4FYjmLoQBkdg6vup1zN0JgO48S0Y2eKK3nhQPYLXY5F97XhYHsNCpHk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fcd99b7bd41bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,800,700italic,700,600italic,600,400italic,300italic,300%7cRoboto:100,300,400,500,700&subset=latin,latin-ext
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,800,700italic,700,600italic,600,400italic,300italic,300%7cRoboto:100,300,400,500,700&subset=latin,latin-ext
IP
GET /css?family=Open+Sans:400,800,700italic,700,600italic,600,400italic,300italic,300%7cRoboto:100,300,400,500,700&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 22:57:51 GMT
date: Thu, 26 Jan 2023 22:57:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mutskii.buzz/plugins/system/jcemediabox/css/jcemediabox.min.css?0072da39200af2a5f0dbaf1a155242cd
404 Not Found 0 B URL HTTP/2 mutskii.buzz/plugins/system/jcemediabox/css/jcemediabox.min.css?0072da39200af2a5f0dbaf1a155242cd
IP
GET /plugins/system/jcemediabox/css/jcemediabox.min.css?0072da39200af2a5f0dbaf1a155242cd HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Thu, 26 Jan 2023 22:57:51 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hPP539h%2FkIZ%2Fn62y6jJ2C8Zqye5GpDdoC9oEYuOdSaCG4nFLv0v3SsPGp42W9McctUh%2BWxAWyTWBNIEqiCTnjrvCekS6s%2FuHnpOiu5I5wZB4LjMrfVjGdkyhRM%2FAiE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fcd99a9b2a1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.imedia.cz/js/retargeting.js
301 Moved Permanently 0 B URL HTTP/2 c.imedia.cz/js/retargeting.js
IP
ASN #43037 Seznam.cz, a.s.
GET /js/retargeting.js HTTP/1.1
Host: c.imedia.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://c.seznam.cz/js/retargeting.js
date: Thu, 26 Jan 2023 22:57:51 GMT
server: envoy
X-Firefox-Spdy: h2
mutskii.buzz/plugins/system/jcemediabox/js/jcemediabox.min.js?d67233ea942db0e502a9d3ca48545fb9
404 Not Found 0 B URL HTTP/2 mutskii.buzz/plugins/system/jcemediabox/js/jcemediabox.min.js?d67233ea942db0e502a9d3ca48545fb9
IP
GET /plugins/system/jcemediabox/js/jcemediabox.min.js?d67233ea942db0e502a9d3ca48545fb9 HTTP/1.1
Host: mutskii.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutskii.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Thu, 26 Jan 2023 22:57:51 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4sjN75VwsUcuVrpqXsfvJmIqy8FKXjtZDFXtaoOPzAmEsl8IbYoVji%2Bxuzwelvv1ci4WXfUNspBq1MwUbPXLmImQ16g8sDWyYHFk3BO37HSNgoCW0pPj8Mf3%2F1KowGs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fcd99bac091bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
172.67.187.170
104.17.25.14
77.75.77.234
23.36.76.226
93.184.220.29