gv8nvchl.langtily.tk/
104.21.63.146200 OK 8.4 kB IP 104.21.63.146:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 150f262d04279f6eb0f2621d53bcf549
b6a3ca5a9137a2d26a50dfabb193e7812d2713bc
26bf3b852e741290876bbf13975d1e5239056a2783c679e3db8563eb2c847eaf
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET / HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4ntlMB%2FSR%2ByuW%2Bj8A1EV8Lwd0axlCIk1wxUhrTVp%2F0mqJXBRMHlELeEP3H3W9E0gUq2kzn6tLL%2BGdvXINC%2BbJR65i8mqLPDxQm2KMwASFiOUacfUwa1tzaMYaZ%2B01ZVWAbwCiw%2BLw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bf0326b9eab521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 648bf42163c5d645d8a33cd0a9afebd0
9b9ac85435c4e90647e8379bca54c689058a8929
060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3867
Expires: Thu, 19 Jan 2023 11:55:23 GMT
Date: Thu, 19 Jan 2023 10:50:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cc07d664b5dadee6f9120d54904dfa57
df75a55b0b2019684a6c512bee528c51a2c4a756
14a1bd6315a3256468edafedfd1c02a6ba147914c0f01e8504e7d8cc67781c34
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14A1BD6315A3256468EDAFEDFD1C02A6BA147914C0F01E8504E7D8CC67781C34"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7850
Expires: Thu, 19 Jan 2023 13:01:46 GMT
Date: Thu, 19 Jan 2023 10:50:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 19 Jan 2023 10:34:32 GMT
content-type: application/json
age: 984
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6c8239f3894cfba54d1f3a9ea1c85db5
a70f2b3bf79f2aa26b0cc0340dd182565c3eb946
64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3341
Expires: Thu, 19 Jan 2023 11:46:37 GMT
Date: Thu, 19 Jan 2023 10:50:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4tLS26GccVpzgQPKU57wBC4oG133vxSouIhIs/WzpCyDtMrtYuV+nAscfekEQeLY4RwE1HoL4sA=
x-amz-request-id: 3DD50808CY42CTGS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 19 Jan 2023 10:17:10 GMT
age: 2026
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 10:50:56 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
gv8nvchl.langtily.tk/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.21.63.146200 OK 655 B URL HTTP/1.1 gv8nvchl.langtily.tk/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.21.63.146:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 13 Jan 2023 23:34:08 GMT
ETag: W/"63c1ea70-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMhiVZgBPfYiyMzBqhYrjFWrZUQGqyASRBblx9jNBZ3GwJiOmTeL440ww%2BqVW6610Lq97KMOkYBziXF47WXbAr6MvjuFaxRVQKy%2B%2Bcl1EnWuUpZKpQ5wjRgEC8pemkLfYbPB7uaLQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf0329ad82b521-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sat, 21 Jan 2023 10:50:56 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
gv8nvchl.langtily.tk/assets/css/magnific-popup.css
104.21.63.146200 OK 1.8 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/css/magnific-popup.css
IP 104.21.63.146:0
Hash 568281e9e2d705cf37e98cd2573082fa
7569d3b23fda5d604c63cd17a0dbf538f31e08e5
e9e30c3bb4af65bbb2ad188a46e3e99ff7be117afb03f8e8b8d0a79cdc6c793f
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/css/magnific-popup.css HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:56 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDtpQvirL%2FKdQsKBcYBzg9JVyXbTxjmDmlC%2F0h4taCM8%2FIhwIqDu3vx7g48rF%2B0bcLKD1nOMfbuejmizhDxwwiFPaR2NT5WDZMXI%2FQjpqhVG4STZsrOWjoVtrGEEIuzLHTxZhT92Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf03299c43b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 607bf9684e4803d817fdd1120427dcdd
886fa77396c792751868f05806793937a4f11be6
d17df5470015b9c3be3fc1e9c8fa5f2b732231eed453b689e94897f6f1da3911
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 10:50:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 607bf9684e4803d817fdd1120427dcdd
886fa77396c792751868f05806793937a4f11be6
d17df5470015b9c3be3fc1e9c8fa5f2b732231eed453b689e94897f6f1da3911
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 10:50:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gv8nvchl.langtily.tk/assets/js/popper.min.js
104.21.63.146200 OK 7.4 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/js/popper.min.js
IP 104.21.63.146:0
File type ASCII text, with very long lines (20831)
Hash 3603c7ec4e69775bb62d87702dca0127
fe23a57b4c8539d550e087e45a13a3d9bdc6bcc7
9d1874ef874c3ce2ce99307b2de7b1b6340e14846296e01d246d45d9cedbd30f
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/js/popper.min.js HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9FMTja6E7%2BR1BqBNBBK%2FPgEyJNYxysOf0%2BECfYB8nX5pTTRbKSMFvud7MT9cCgtSO%2BOKYu3vQdUsw7zInFjKpnXjIj0msk7yY5YytwC6BIoWZHjMEyOYskr5cbHbL1eyY7yZOBdZyw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032a1cf4b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/css/fontawesome-all.css
104.21.63.146200 OK 9.3 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/css/fontawesome-all.css
IP 104.21.63.146:0
File type ASCII text, with very long lines (317)
Hash c9f84cbe766ab8a8a34c6aa26f631e2f
aa7f98dddeb8f40ce8f1b74e25ce9043205058bc
f3d71f5bfdc044fed7613bd9920d4afc06b6ee7f8c5c2eaef3c9ad5561cb16cb
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/css/fontawesome-all.css HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJCfITW5arO177yf%2FNSUlYlQLLr2H7eFDq3IB2xGDeGc4ceBeF0AIaYx%2BeFYJEteEVrVipw9z29lTQLRBghE0jqcoypp26kz0S97wL%2FBNxL7I84DX13M1lncePqTMkK4lBNCYh0STA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032999e80b3d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/css/swiper.css
104.21.63.146200 OK 3.3 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/css/swiper.css
IP 104.21.63.146:0
File type ASCII text, with very long lines (1468)
Hash 6ad1dbf6ff23e01553bf2e039ad8cee2
15a42f5c24b654974b98139643259f1175dfb7d0
58c70191085711061fb6c972214ff3ebb1b6d885f465229f9be4cbd6f40f818a
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/css/swiper.css HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8JtGYHb%2BLeQbUtXNRIxKrkBPfgxf%2BWA3S662PZPRG4hqlzQTMN9ehTQ%2BI8zKMfC%2BmMyS4yrdOjCGD3KiHsklQhUyhtdTOQJIDjS0hO%2B%2F35AR%2FkQOiA6kFRxX7J2NQSXH7NQB3WPnw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf03299f18b50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 607bf9684e4803d817fdd1120427dcdd
886fa77396c792751868f05806793937a4f11be6
d17df5470015b9c3be3fc1e9c8fa5f2b732231eed453b689e94897f6f1da3911
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 10:50:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gv8nvchl.langtily.tk/assets/js/jquery.min.js
104.21.63.146200 OK 30 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/js/jquery.min.js
IP 104.21.63.146:0
File type ASCII text, with very long lines (65451)
Hash ca9d617a98c509cd24e10eae39ea15d3
1a9197526a13967413a4bba8e5a2446eea4fd4ea
a95d26bd14a6aade75c9a263f28d7fc0effce309a114781e6abc89b7c0c0fdae
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/js/jquery.min.js HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcmEcWSVGmOd18DCuYfhrGfJMIEGTPp0923I1OKsPN7C1lNFo9GWbIMIi8OTcbR9%2BrCswUWcJGV%2FUUxqNyMH8d7zFWq8BBNVkaB29TlTr1iUHpwqslIM1tIFD7wFr1sH2rBzZ3iw2A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf0329ad86b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/js/jquery.easing.min.js
104.21.63.146200 OK 1.9 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/js/jquery.easing.min.js
IP 104.21.63.146:0
File type Unicode text, UTF-8 text, with very long lines (4004)
Hash 1878f76b056b31420c431887378d29cc
b9cc3220362a5c1010817ebe91e7858e7648828a
32fa16ed2b40dff4672882cabfd4f17c245e0712799530f2b43624e7187c1402
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/js/jquery.easing.min.js HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKVqFMLpe6nlMmlxOnfrYKR5SkuT1b%2BCdGeDFbBb%2BrSnswyIiMoDhdeZ2pNbTt2rBBCThn2BDcdC4t5jb6io2ZENOFplNHu%2BHS74JqxrVRxCEKFDvFtCf2Lv6lEfQNHg8CjWskaHnw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032a9af30b3d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/css/bootstrap.css
104.21.63.146200 OK 25 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/css/bootstrap.css
IP 104.21.63.146:0
File type ASCII text, with very long lines (570)
Hash 942dfeb7c66a16b6ce83f8a4ada41e39
7e84dbdd9de1a5b04a5cc8ece89403525f01885b
217cc1b4b8fa520fda686eb876804a6f7645a96c3cf614c53ed369aed06aa57c
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/css/bootstrap.css HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FfJioyV8Q9EppF1lXwn72PGst5wT610hKz5FoSW3BZMHc%2BUm0gHcNPvgYTJFxeHDBSesvCIzRihI8xnY8r%2B5Q3pyx9NL46r9GgrIiNG1GOx1aI7QyhmqpIUOHv4Kxy1OWi0zO6mtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf03299d6ab521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/css/styles.css
104.21.63.146200 OK 8.1 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/css/styles.css
IP 104.21.63.146:0
File type ASCII text, with CRLF line terminators
Hash 00fb3dd210b0f0fcbeade4ffe01d09fd
937013225ba56625ebcef57aee1ac0099c940858
b22a129024532ec5ffdf130c6003f9d3a5ded297558eb87e7b5876644cc7dc3a
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/css/styles.css HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSpnxmXrRTrjXxGOqXxQTVT%2BCjHS0sMvpyS%2FQPVmrBWOTAZXwUkKUI5W4LqXrmBRA0LovUdJFEFlvWpR6l5ainhMW75SHyNs713sC7HlRuPQhC9C5H1IcVI3Bz8kQxGkG%2BBn20eMew%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf03299f200b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/js/jquery.magnific-popup.js
104.21.63.146200 OK 7.4 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/js/jquery.magnific-popup.js
IP 104.21.63.146:0
File type ASCII text, with very long lines (21547), with CRLF line terminators
Hash e837b0a49e58e5782c40b26060eef99d
158e54f63ce2ab3410a1df12bf343b85eab588f8
20ca4a8793724f547da1c0035bb6c52151f93669fc751c33c5c141cf0f33ceda
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/js/jquery.magnific-popup.js HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrENxJuRyM5bdtH5PL00Tjaa4VmMSI0SvaZZ1ow5yUj%2BT8Q8r97hr1BlmQVwrJ2prYcKddL6pye%2Fga8vE4%2BOKeLTU%2FFoWo8%2BpycjkfJ%2FSon1wYnpTnqpmwqQ6FJjlVZRtbIInU5MXg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032b0f34b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/js/bootstrap.min.js
104.21.63.146200 OK 15 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/js/bootstrap.min.js
IP 104.21.63.146:0
File type ASCII text, with very long lines (57791)
Hash 2bea9d31ec6b205b4ee464200e342dd6
1324cabed6660588cff31fba1dfa1f51f8d5dbc8
dee57501a567c9ada6a6d9aa77fceda98cf749b0edda704bb834377e5f88b1f7
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/js/bootstrap.min.js HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYzdTuvd7m97MNqRsm7rU13TyfoTXjQRt42S112SmDdZ9EWItG4dErDQDfRZlFLgDvXGzOORmBOrE7JkD9wlL3uMmOsDKmlckIipbz%2BUYw22UIWw%2FyK8eJRp6A3rw5iy%2BpSaMfqbmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032a9d75b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/js/morphext.min.js
104.21.63.146200 OK 514 B URL HTTP/1.1 gv8nvchl.langtily.tk/assets/js/morphext.min.js
IP 104.21.63.146:0
File type ASCII text, with very long lines (1014), with no line terminators
Hash 45be725ac3f4e1713265b49024b68f49
d8243340c0574e6917181983bf8922387e39c8c9
2091a57218f22dac329668ca7c0b20b5b0a67468d723db292dd8c0db2a740672
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/js/morphext.min.js HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlucGxUMhxINjLnnJ0BS22YQoeeAuUnvjGLHpQIge%2F1jxAKBzs9vTywFqnuL5XOIH5SGA%2FOlMdN8ba4eGjPipRdTG%2FMl%2Ffh2QtvjmNwgc5nhQN4ZOog5hwtFzimMHiYwM%2B9CwL8V5A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032b1b470b3d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/js/validator.min.js
104.21.63.146200 OK 3.2 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/js/validator.min.js
IP 104.21.63.146:0
File type ASCII text, with very long lines (7453), with CRLF line terminators
Hash 849dd9229e981d5421fa9d4646dbb97e
a079683a71083c6289433b8e977e4949ed76a07f
1a34ef69b2720a8865bb0a5ed28d1d25c3081f99a220656417a1d42ece659cb2
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/js/validator.min.js HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mE%2F4jj74YjNw6deJg8k5u0TELHqLdpM6FlKHs72kLF%2BjgMHx%2BZmaKiFqIRnU2qZSNvyqHWyyNbJjXR6v04SeeRIt1P%2Bnr6%2BrfBKhjJRnD%2BaCnzXdXUhn6qZcVKChw3782I%2BYKIh6ew%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032b38c10b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/js/isotope.pkgd.min.js
104.21.63.146200 OK 9.8 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/js/isotope.pkgd.min.js
IP 104.21.63.146:0
File type ASCII text, with very long lines (32019)
Hash e652660a52e19c3fe3a13d1f266efdcb
741b56b5fa72697e414ee75d777589766d74ec29
06648221ddd0678a42275753d1c30903c3e727bb93fdf8b1b0437dde951fc791
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/js/isotope.pkgd.min.js HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AFy7QBlCD7iISQw2vzZb0L9bHe%2FEYVrtu%2F0pyNdpVpxwR745ocw1ocEvy3wuUCq8jEOBliR5HU0K30tsK0BPcczh9VPSoXK4lHbJgqyToUiAAUAg%2FDH3hMDeNlvoq109Sna2VwHMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032b1f4db521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/js/scripts.js
104.21.63.146200 OK 3.0 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/js/scripts.js
IP 104.21.63.146:0
File type ASCII text, with CRLF line terminators
Hash 2a3c410c6a3e6427602138e9eded8b97
f99841a792551c800891618bf4254d5cc2a67e43
69b9cb1304902c3ea367c48a60286552fd2df2dc0afb2b4f811243179d22d5b1
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/js/scripts.js HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mytYnNIdqMHhsS0xZiVA2ZwJ2hldvNnIchgLSDUBODqRpBdegJR6Rv9uvWWgq%2BzeOMBzRH4yuiTKPxWJbf9DSlpOsX3bQp6Rvhcd56qEFpenmVuXTcjFxtBiMqW1IzdAde7gP7xeFg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032b5fa4b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash db72b0cf36b635e3c0825b954e3f0571
f0f3d97119b058f86553062c835f89b1b283945d
bf6ecaa45a5dbd66d0c657e5f33345ac46bdc94d8cae1274fcaf01c0ff302b97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 10:50:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gv8nvchl.langtily.tk/assets/images/logo.svg
104.21.63.146200 OK 1.5 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/logo.svg
IP 104.21.63.146:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash f62aae7bf0e82bc38fec1094842d669b
509f442f0939ed010917627356d8a5652137a780
48fe46de94df27bc6768b6c4c901503dfad0c126367e997d1da31a1fb969f567
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/logo.svg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bidU%2BxwyIP3d3%2FVpzsEmhpcP0i7BFxZH%2Fddc8jrPotdZLw6jYMW3sW31j30avvuqBRKqTz2tSxs31DkRl1BRMBVKYpyB0pXti0QYuJY5uv4DZsyizWjgQg%2FTEuuqjHPWaTLTPwzkvw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032b7e7ab518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash db72b0cf36b635e3c0825b954e3f0571
f0f3d97119b058f86553062c835f89b1b283945d
bf6ecaa45a5dbd66d0c657e5f33345ac46bdc94d8cae1274fcaf01c0ff302b97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 10:50:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash db72b0cf36b635e3c0825b954e3f0571
f0f3d97119b058f86553062c835f89b1b283945d
bf6ecaa45a5dbd66d0c657e5f33345ac46bdc94d8cae1274fcaf01c0ff302b97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 10:50:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash db72b0cf36b635e3c0825b954e3f0571
f0f3d97119b058f86553062c835f89b1b283945d
bf6ecaa45a5dbd66d0c657e5f33345ac46bdc94d8cae1274fcaf01c0ff302b97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 10:50:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://gv8nvchl.langtily.tk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 07:08:09 GMT
expires: Sat, 13 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 531768
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://gv8nvchl.langtily.tk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 18:52:41 GMT
expires: Tue, 16 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 230296
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
216.58.207.227200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data
Hash 3d5107abaf7bf4df5478bd04625c0929
b04d394caabf6ea3e500b74781dc2bfd54f3c18d
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://gv8nvchl.langtily.tk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 18:04:34 GMT
expires: Wed, 17 Jan 2024 18:04:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
content-type: font/woff2
age: 146783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gv8nvchl.langtily.tk/assets/js/swiper.min.js
104.21.63.146200 OK 33 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/js/swiper.min.js
IP 104.21.63.146:0
File type ASCII text, with very long lines (65270)
Hash c1fdc96a940e5bc290bd876573f7e540
edec35f71f0401430df376c0db3e6d404c1ab2b5
7ede5ad1393eb4d82f937f3eb3c684da2e6b6ee328e083add1ca51fe11236fae
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/js/swiper.min.js HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0hYEQiA6%2FTaABUBrAxXSHcW5eSHK0V0LhOEcu4kPZVrXnj%2F%2B0twlpBoey%2FZvnmNMCPCTdVvCINJwpZ0FiEpXD0mmp2qMGnZpGj4Vo6kYEV%2BpqhnUEgViJcN2ZgdaJabMBd4ujckvA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032ac88bb50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/webfonts/fa-brands-400.woff2
104.21.63.146200 OK 61 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/webfonts/fa-brands-400.woff2
IP 104.21.63.146:0
File type Web Open Font Format (Version 2), TrueType, length 61336, version 1.0\012- data
Hash 3654744dc6d6c37c9b3582b57622df5e
0ec12ea1707f5bc812b627f41cccad2aff01e54b
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/assets/css/fontawesome-all.css
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: font/woff2
Content-Length: 61336
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPkpEGuqHDbrjCrq%2BLWjBt3WDaOZj5%2B8tC5evIXQywhLfDQX%2Bs%2Fd6uT6AhkUqJRTTAQZux2bxeULwTaDqFGONQSjQtcx6tWMoM1FxwBGUgWoA4CfKpWKUYQeh9V5FO1ZI3B6ewvp%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032bf847b521-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/hexagon-green.svg
104.21.63.146200 OK 470 B URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/hexagon-green.svg
IP 104.21.63.146:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 3a15cc1a551f8e4757858586dc66bc72
15ba80985309a753729401c526d0fc9ef9b68b3c
67e7da933487b44a6051b9b079eee47bd966570884ee47893887ed63123ae5f3
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/hexagon-green.svg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/assets/css/styles.css
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLpMbgPmbdN9mm%2FQgGUSJw%2BX5d0YAwg1qhXg%2BCLfR6cLelCvy7Cvq5F%2FlfUEoPC5%2BfGRYvnFbK33yym%2BwLVaR6Hw%2FbOGRTHPNFa6pqngF7TO7urPdt6FroiRXE3ENbOMMHGqbYqDoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032c1878b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash db72b0cf36b635e3c0825b954e3f0571
f0f3d97119b058f86553062c835f89b1b283945d
bf6ecaa45a5dbd66d0c657e5f33345ac46bdc94d8cae1274fcaf01c0ff302b97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 10:50:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gv8nvchl.langtily.tk/assets/webfonts/fa-solid-900.woff2
104.21.63.146200 OK 50 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/webfonts/fa-solid-900.woff2
IP 104.21.63.146:0
File type Web Open Font Format (Version 2), TrueType, length 50372, version 1.0\012- data
Hash 8a8c0474283e0d9ef41743e5e486bf05
1ba4dd60af529d1a72d0e57467c3bc0bbb728a4d
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/assets/css/fontawesome-all.css
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: font/woff2
Content-Length: 50372
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4QHmAKCjLX6N%2BBBVYQsJ9FTQ8rzBvYauQo%2BiyF2qjGH9C2SiMSfzkXCK0SEOxDrnZIQuKoVPRCEpHwdwekqIn3oS4aceNOOTrPGv2%2FRSNdRQSGAtoK%2BrUrTfVXFvZgt4YEsW9%2BO3w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032bd96e0b61-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/intro-office.jpg
104.21.63.146200 OK 61 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/intro-office.jpg
IP 104.21.63.146:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 690x446, components 3\012- data
Hash 5de0bc8c5e753e594f914e19e83da92e
0e2e2af37b9396640d160fd343c5ece976031bc6
c30423525c17a9b2e77636e6717a85e5f5916829e6044cc1876f4e347231bd54
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/intro-office.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 60789
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xa12NlSAyWK4IL7FYCiv1hUadcabwcolrhLXxT6V621ffaD%2FzdnBFaV9fOHuyy4vD7kNtlHknQewwOrhIt44CxQ2Uhgf9T3Fi2%2Fc05vka4zHHwWmgrtGu6w2Oqw%2BHqdWo25jVRCjaA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032b9bab0b3d-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/project-2.jpg
104.21.63.146200 OK 129 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/project-2.jpg
IP 104.21.63.146:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 722x704, components 3\012- data
Size 129 kB (128650 bytes)
Hash f467bd306a5e04910955f517d1b09b8c
a16db5a00108ee15b40e5e114fb1e25a562a386a
aa1fde15b335ca1f4076025f84a8371806e73a2b57afb24cf79015963264b03e
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/project-2.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 128650
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GD1%2FrFUq1sT5aHvNKezHMdIp1nbqUFtJMOQ5%2FOt33ORmVcwqZBj9RIcenY%2FTZJq9jLtvth5x8mayRe1RlYLnidB7DOG2UrHQUIgtMCTx10zKJ5D6nt0%2F9BeJifE5eAfR1VtKWmcw6g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032c9aa1b50f-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 19 Jan 2023 10:48:57 GMT
age: 120
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
gv8nvchl.langtily.tk/assets/images/header-background.jpg
104.21.63.146200 OK 466 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/header-background.jpg
IP 104.21.63.146:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 466 kB (465922 bytes)
Hash e5707cb75d2a8df86739498f2f753d30
d5fe92366ca850696d85477f2fedaece50afdada
27104de3677856b3b8791f6635b38acb1b96e6b2e7a6daee1d6cedc833a082c6
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/header-background.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/assets/css/styles.css
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 465922
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GMoOcD23EfFX%2Fol0JEVcSRUwyskrR41tp7e%2FX%2FAe0DP83y%2FVMGsbCYnSLpUmSD0WjVRKPcAupxopQFeBRHOlR1Vw547a%2FWSSj%2B20taAJtWEIwoGt%2BRrBLX%2FrOylKYIfe4Qp9nKb0A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032c1f3db518-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/project-6.jpg
104.21.63.146200 OK 91 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/project-6.jpg
IP 104.21.63.146:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 722x704, components 3\012- data
Hash b76e3f7283ad38721d52bb0ad71d9640
5fb23a085252c2e82b43f672150ce75481a045f5
3238abc40cdd63aec6950309115c587ef43add82b45f4786713a8404c3be7454
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/project-6.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 91029
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MY1kb0URTC%2B4O8WWlFfKkPAjhUTP46rjHzJDcIB%2Bk4gMeJJ0B790638atU7gIYtL3L8OoBWQv4YYK1azcdYT0Rifsr3lB1w5Cw%2FwNpUfrZIG1AkV8MvkjsOI%2BFZnoglhJUs8UFmNKA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032d2d3b0b3d-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/project-4.jpg
104.21.63.146200 OK 79 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/project-4.jpg
IP 104.21.63.146:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 722x704, components 3\012- data
Hash ae147dfe4e6b2111a6352befc17bd260
3fe030520cfb57eba8ad7fcdcb575679bbcec363
955269223925b61169807b535cf414f3332684d80faffb9781946624bcf1d5ae
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/project-4.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 79011
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXMfMo7lOwdxwMr%2Bzc8NXQ3mis2O%2FN8KltbXneJfWeItKDvrYjhexoi2ulLfOfraRQ888X07rssfB%2FZjYyiDsCJUXLe75x2p0KVDQmRoQRHWiEC3iOHn1A0Zb3bgxYaUHv9W2Mu%2F%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032cf9d4b521-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/project-3.jpg
104.21.63.146200 OK 121 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/project-3.jpg
IP 104.21.63.146:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 722x704, components 3\012- data
Size 121 kB (121101 bytes)
Hash e96677e57c134b45f11b94ea53ce4bec
db49c6a79f9afe2e63f9c2193cbf3af639d352f8
3df87d6b42cd5ee8061f7f1157c620de08f497a31bb53e3cf2865295776f99dd
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/project-3.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 121101
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxLCImQe1GCG89kb8ZzQyOTecxOVksT5UFy7iuRw2mDNVo3%2Bg78CDlc%2FS29ldZ6uIKaPEukyUTnvoYKZ9iCXh79tl4Wn6L5NXDce2wob1XXEaB2SVoo03b9Mrp9YDgMEKvr3RXrWog%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032cd9bdb521-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dce4a8be753d4a93db03ffca50421c43
068040a8f69777484e545c0053ad54f273710797
7e6dddef8a4a5502c9715f8c20dcb75e132ecc875f13459a967c9e235e9ce3e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 376
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 10:50:57 GMT
Last-Modified: Thu, 19 Jan 2023 10:44:41 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
gv8nvchl.langtily.tk/assets/images/project-5.jpg
104.21.63.146200 OK 125 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/project-5.jpg
IP 104.21.63.146:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 722x704, components 3\012- data
Size 125 kB (124818 bytes)
Hash b73472bd406efddaf305ccabf9ab5033
286d2bf013b7b873b8aeb5508ad2df12d93927da
47755114a55e973444289872432aca263671bdab8734917cf2a859bce782d8b4
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/project-5.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 124818
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gMO6kcwMtcxVBJ1EbXnvYONu1njfT0p1Hk7dn6Xp%2B2KZ7GDqOEhaYH8Cl%2Batpj8y4Gi7FIGobTTL0U3pADPV0LpA%2F78gKsoGw%2FYZOlXSenZl%2FvDeMfiHQM0WkqlSS8cldz7PcaEqA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032d1aa60b61-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/team-2.png
104.21.63.146200 OK 19 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/team-2.png
IP 104.21.63.146:0
File type PNG image data, 230 x 200, 8-bit colormap, non-interlaced\012- data
Hash 85c9a64b48c5f2f7628cf52d8e1dbd7b
4e80ebbf3fe19035ca0ce12993be801716224a82
e50f1cd75801973a226969e9acb7589f0274b4b3c46b33d8099604e135206a92
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/team-2.png HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/png
Content-Length: 18853
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhZDcOBmXtGjB59cb2YxOFF9Yr66yfkMUzP4KERweYw2OxBZy3S0to0vJuNgqhE3E8LspPteiFlt6YHfX74gsrMoQrKxyJ4eHIPOuDu1RrkCLNDAnvsVdcxyLUQUicXkQC3CxC6I7A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032e3b74b521-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/details-1-background.jpg
104.21.63.146200 OK 88 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/details-1-background.jpg
IP 104.21.63.146:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x800, components 3\012- data
Hash fcf75aca7c554a0fe508f3c738d9c361
04eaa4da890a6e4a581ed1249623363c0516ed5f
e478f67a5616b44030a25b06ab8e37dce26dcfbfee6dcb71ad89b0fed951b7fa
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/details-1-background.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/assets/css/styles.css
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 87542
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCA%2BtL6UeqI4cjYdvkeU1P3mILuT%2BsGlwB27BXqdT2mU0epAbQbQv9bqXE3dfH%2FI%2FqP6KjUtGY5SxRHGGZZYjXJ5dJleQYvb29VtuWm3RLDNMnGcxOu59oyrJ%2BCDm9HFYuCOAKdzww%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032dc901b518-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/project-8.jpg
104.21.63.146200 OK 63 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/project-8.jpg
IP 104.21.63.146:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 722x704, components 3\012- data
Hash d9e8a6245800b4ff6e6be1ab413be1d6
8b5d5afffe07477cf6d83661341bf9498f7734f6
1fa386b4ec95f717ccb6759e28f62f89a158c3a7a68aa88727c419ccfbfbe002
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/project-8.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 63374
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZn4lTZS66ksbUgSa9DCgBhqZvAQrdoL%2BVmComnBmv9O4rDY2SiKIANU8cFfdmVjTPs1hKm2JJL55UtCt3tasQHS0zeRAIluQAc1Oktfy5lundHL2zihoR2nnLoOlIDcYft9jpdX5w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032e1df40b3d-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/project-7.jpg
104.21.63.146200 OK 88 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/project-7.jpg
IP 104.21.63.146:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 722x704, components 3\012- data
Hash f82f90a4b3d80d07d7fb0cd3294698fd
cb500daa0f90fa078efbedb7afbe558cdce56572
1d06ba5a80e1e1b693ffa33db2881fdff28aab1b18eeef30a4314554e0e31731
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/project-7.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 87474
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PyTuXIkuINB3XVUr0IjCIOzOLu9NMtz2jUUQk4TOB4CPZY5Kn7882oJ9WMpqy9rxsUELELSECnmG3IQSGgOBRekNIyRVMO02e4xZ2ZkeMmbduWqVINoMeDVqoyMNdasWrhIcyNp2A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032d7b83b50f-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/services-1.jpg
104.21.63.146200 OK 18 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/services-1.jpg
IP 104.21.63.146:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 690x398, components 3\012- data
Hash db7ef22712a4b475a426fab9ef5284d5
8a7a76a1ff31d09141f098737ee42ca13602d1cc
b5c5492eab1bb755646d9932666aaa755225d0b65932ba729bc126311dc12a1a
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/services-1.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 18345
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HHERt6pVahnYwdkhVtZ96G1qIj6MwUpZtq9QnmqJXerrNkZFv1aqSXf4t18zSHGO%2B0b7pdz16FzC9V0J3lYqDsOFZecRJaqkzo9M2usGROsBXG%2B3MLrN2HZdti8eFgTmWeVTWqAVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032ebe750b3d-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/team-1.png
104.21.63.146200 OK 19 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/team-1.png
IP 104.21.63.146:0
File type PNG image data, 230 x 200, 8-bit colormap, non-interlaced\012- data
Hash 70b05db7e49931d59fc896d03819b389
6396404d552743ce6473f2b0f421571ce84ff771
41768e8052de115958d44c3d2166e81d8977f445a4a11db90e2489ca215be4e4
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/team-1.png HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/png
Content-Length: 18874
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=To9XlJqTqCoUyBy%2Bnx%2BXsIFu2mSdLYzZ4JKufidBg8wpWkKPpWE7iWeqbdMvEmJsEf%2FkeltrRZ8D3GmecDF0%2BNNwHV5C5Vi%2FLSQKALQAmys0ojWqWHyKMH5vonMDL5x5c8XLONpUrA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032e1b51b521-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/team-3.png
104.21.63.146200 OK 20 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/team-3.png
IP 104.21.63.146:0
File type PNG image data, 230 x 200, 8-bit colormap, non-interlaced\012- data
Hash f206425c2bbb0405083aba59953cf7a3
7eba037a3aab8e46d4b4b83de7e65650a7ba0a1c
dff9970b6cc442a8f9122317dab81495cc757d87e1e4cb683202946caacad22d
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/team-3.png HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/png
Content-Length: 20346
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rM%2BuZQ1kPUsSYglhktcBPvOaZmRZ6V4CdryWyDxpCFeWoyXOCkczIGaOToUQIXe2lUWUq3WFBt%2BKyz%2FPhPSMb5o1QlaStX2mdA4Ss7hlhOj8HWUF8KaJMJbZFtAFgzdCOld7JWfXFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032e6bf30b61-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/about.jpg
104.21.63.146200 OK 41 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/about.jpg
IP 104.21.63.146:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 690x468, components 3\012- data
Hash a7d9b9adeeb5ebe86ff84ea51e03fa18
93063c30e071ae7afae5dab38cc9800ecfd7a812
3a05c958e8105479cee704d83104aa74b6ff72b3397119839656cc4111a2fb6e
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/about.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 41312
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9qogDGWkc2Zed3Rkfz%2Fimj7N%2FXuMlv%2FA322%2FAW0iHJFuz6oKZyDnbmz7gYj%2FskMVUgqjmMQtUcRCisk5E9hTKJ5K0WxdoZMOricEdakRnI7zSsBgdnCi%2FpBCZDRgysG1R0zJyJU7w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032e9a13b518-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/team-4.png
104.21.63.146200 OK 21 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/team-4.png
IP 104.21.63.146:0
File type PNG image data, 230 x 200, 8-bit colormap, non-interlaced\012- data
Hash 8ce04d0e6177b0f95105b8928cfd7703
76c96b1a00c08e2d0d3c16051da8b0ecbb9f3716
9280453255d890fc4a3f75a3cff60434d7a137bb98fe0638637dce2e7f124594
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/team-4.png HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/png
Content-Length: 20795
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTAH0MhW%2FW4jud3Kk7IbtR1ionzDKj4BKW1HSDl%2FvWZ%2FxLhIj4EhpR4qkv%2Bcsx2%2B5MK5rZLnLGcIqlpag22DuY8cVHQV3Hpg%2FDSkjgjbS9pYhSpu4fNx8WWmd9sGFsLDuhUfUJ3odQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032e8be0b521-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/services-3.jpg
104.21.63.146200 OK 57 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/services-3.jpg
IP 104.21.63.146:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 690x398, components 3\012- data
Hash 1bd32ec4abdc49741aa10cfeab1a0f08
51904dab31e181fa4251bcad0b174ab46b7bf5f0
f521db39fe23999740a52552dd3e32a1e42cfaef642db84a9b27dcf5823de5a4
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/services-3.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 57316
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRnVPnN7L%2FG1bdCCpxXd%2BuNOZLr4VdnlGpQr5eKsirA0ufDPATZ5LYcHmBsx3ccNY0NTnSO72nL%2BMh5g%2BMWPuCAJKyekMqbhnJeNMzrRnv7zT6w%2BVWre5eRm79k9Ha%2Bzyj8CTGEjAw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032efe9f0b3d-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/testimonial-2.jpg
104.21.63.146200 OK 14 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/testimonial-2.jpg
IP 104.21.63.146:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 150x150, components 3\012- data
Hash 3a53745caff42323a74d1c5da07e99b1
cbbda50a9e326934c1b6e5ede6bfb2988fdd1a5e
b9698e57d32c7c39d5194fd48fcecdef8e63192453250a85fefccad7acf8d0d3
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/testimonial-2.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 14272
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cb8hTTeoARtwzTsod6MF%2FET%2BK5SC0XDNWzQcqQEGe30b%2FbO7WTXT%2BhgbJ%2BPIRFtHsG8hoS%2Bol8%2Bk7AWJrkSyhDoxzTZSwVn6ZWL8%2BlQBdUQIYafWMgkFKDvfpb1fC90zPtl8Yp2hHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032f8b0cb518-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/services-2.jpg
104.21.63.146200 OK 45 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/services-2.jpg
IP 104.21.63.146:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 690x398, components 3\012- data
Hash e1449770bba52fee6b302a1c94bcdf3a
be8811435f3ebeb5509963c8b0f2711323069580
a2b8b9cda5cce1a1ca8be715802340efebf0f2d26e8a96e1c42e744b3e61653a
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/services-2.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 45032
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHOe1hEKrg3IWw5GyfFad0MOZuHbabaC1iXPlvXMx9nRYmYZfuxxYgY0nq0uATpqaOpCUgmcXj4GKVhm0sTw07iwV9msNdMe7IE60yY2MYFq5k%2FAU24SUd9Y6ZdCar8D4yB7SWKWOg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032ebd66b50f-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/testimonial-1.jpg
104.21.63.146200 OK 17 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/testimonial-1.jpg
IP 104.21.63.146:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 150x150, components 3\012- data
Hash 5ece4f460ee903bc72b0363cb13dd1f8
6e8e641ad96fa7fc205f214f22d1f37f7e2188e6
4b20eb66552a80d8fb82f186813407d54b3a8494f028d07980c94709d9c22a0c
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/testimonial-1.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 17153
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slSKZqwKMd%2Br44NZ1GhuJweateYN8EuXxaTaghdzwtVdkwz9D5vBJVPffEjTING9VfRqeytCgD3STWxdsDNRdJ1L2ZNs%2FIAj7O%2BFpAr6LhFe%2Fi4S6Ad4BUR7phgfc1prm582P%2FqLoA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032f2cc10b61-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/project-1.jpg
104.21.63.146200 OK 87 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/project-1.jpg
IP 104.21.63.146:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 722x704, components 3\012- data
Hash 8d83fc8eea997b1fd0920d07fcdf6810
db2b919d36f05f9bf9b0eaa990adf504d7f9278c
c76560a63bd3583a15621130b806b15b55eeb23f5fed48e43f34ae5abf8ae29d
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/project-1.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 87109
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZMPx9HjTkJamqY1ZLlBUoudDLHYb38lkFK1pCp3VTQob7JgVn2igmnYfitaiy77ZPBLKLAS1lP%2BXjaofw9ytTY9R3cqzJcH9Z%2F%2BgM33oa%2FAG5tZd9KA7Qruf1h3HGJwm16MSEQCVg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032efc53b521-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
54.148.70.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.70.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Z2eEE1n6zytYmfDf3o51fg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SgF5fNoDXgWOF8AU35k6wnOC90k=
gv8nvchl.langtily.tk/assets/images/testimonial-3.jpg
104.21.63.146200 OK 14 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/testimonial-3.jpg
IP 104.21.63.146:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 150x150, components 3\012- data
Hash 871ee8f1618ac352b62a9cfa2a5fda0e
64e434579a08884ec14f377af987006e79985e5f
11969e798993d60ffdd246d2c3324ee3dcc66057d64bfcd3e75838c5860edf86
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/testimonial-3.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 13659
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzPL0pCIZpnHe%2F5%2F8lRtSdZoZ6CJuJOFzuiiAjfJe2g4gPhXKfM71K7E8pcXeWucFVv87bK70DklEoHtX%2FLecFg1T%2FIoUhXqlOadyNhWu8470R4Tp5WxM%2BBBFXPiTMlcWoYcHiqe6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032fcd3eb521-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/testimonial-6.jpg
104.21.63.146200 OK 13 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/testimonial-6.jpg
IP 104.21.63.146:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 150x150, components 3\012- data
Hash 4a330f5eb9a69543375211bf4b219f63
9762801ee93705a20e68178c44c7d8dba6fcdf1e
aaa9e8124ef1c1a9358e0bb16298880ec7bb2f33cf43605c1c8ed72687bfb13c
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/testimonial-6.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/jpeg
Content-Length: 12698
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sZMpYHR%2BQUC1kU79bAdX5S2U4P8DX7mkaGteQdFqq93lof%2FuoJNoLHKrA0Xlj2pbb%2FakmW9CM8Va0YSsdpJljBM%2FZlUwtSK3HtOftNgykZotbJTNEz873S3%2BhDc7v05kae3G%2BVP7g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032fff7ab50f-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/down-arrow.png
104.21.63.146200 OK 1.0 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/down-arrow.png
IP 104.21.63.146:0
File type PNG image data, 14 x 9, 8-bit/color RGBA, non-interlaced\012- data
Hash ac6d4cdd83c10d04fa6d4d7034874957
4deb5b8010307fb0e0bade1ef1f860361bd05466
83f78eb5a5ef02c50d3d3f41ac156b070868698fd0083cfa7cf777bfaae44318
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/down-arrow.png HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/assets/css/styles.css
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:57 GMT
Content-Type: image/png
Content-Length: 1044
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SmTZcrTk%2BemLLrscWoLaSj3gDktZnW3qzOImEX5FKqCG1gu%2BhRiNIkUs20fMhAMwyRd7Rr3IGK5sDnD0BCxdpysl7Y35JMLBNiHq7ObJOzB0FbVyNSMY%2Bf2sRQHIqKFy9HvlH7Ghg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf03302da6b521-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/testimonial-4.jpg
104.21.63.146200 OK 12 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/testimonial-4.jpg
IP 104.21.63.146:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 150x150, components 3\012- data
Hash c0f04dba079ee6b0ae25d2f52c48a0ef
813e6daeb0f616ed257f7f866ca149b271a213d1
bad7b03b84053c3be3d85fb317ce99cb079ed75d10bc34b0bc0f69e651160dec
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/testimonial-4.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:58 GMT
Content-Type: image/jpeg
Content-Length: 12487
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4SUiDN%2BMxJjzmqRnF6U8ffY8BpHe6RN%2Bm3ftKclTOAap1ycTDTLGwzQyOMMSTwdgPC4mr4TIHapbjXmnhbmQ8MqmC34AfhmhGIuz5mesNk93Wkz4hl91tgqL4PjAL0lomLX4uNHKg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032fdf390b3d-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/details-2-background.jpg
104.21.63.146200 OK 192 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/details-2-background.jpg
IP 104.21.63.146:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x800, components 3\012- data
Size 192 kB (192233 bytes)
Hash e41d1c0f17be353995a707436a279fa7
e4d7d8771bd6c89d2afed44fc5437fd837b3257e
a4da1c0e83ff93e75b870a001178275b84db4eb1989d64fc7bd1957a2d49c884
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/details-2-background.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/assets/css/styles.css
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:58 GMT
Content-Type: image/jpeg
Content-Length: 192233
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6VO%2FzbD%2F17oioyzuzEZoT02byUv%2FX1qxQaL7p3qjEq5YJBymnqvtkfEC0U9Us7ZEsoNP%2F6SqlCBLSwLf%2B0ZZeORwG0SBvfwKi4t3Q12xv1m5wXrrH8J332lnPm0RpuR440zPYygBg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf03301d640b61-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/testimonial-5.jpg
104.21.63.146200 OK 14 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/testimonial-5.jpg
IP 104.21.63.146:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 150x150, components 3\012- data
Hash 6cebd0233f08d00260cf1e24b5475222
630f683871c7d19edf6c5b888f473bc8746afc41
5eb925ae0a6b3b404347298ad85367f6b6ab506a58ba06721fc531f2b34d6b3c
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/testimonial-5.jpg HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:58 GMT
Content-Type: image/jpeg
Content-Length: 14372
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6j8jD4ZC6Wf98wEZnAvyJ3VloKKsziP658RidX1kcFfbdJ%2FbeqbdjagxY2H%2BfjNHrYQNhYAgTB5%2BEE9n1KFAbJwys2jOAft5BhOqWD7acJKQDLc0T11WssMmLSfO0dRAN5KmXe52iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf032ffb72b518-OSL
alt-svc: h2=":443"; ma=60
gv8nvchl.langtily.tk/assets/images/favicon.png
104.21.63.146200 OK 1.4 kB URL HTTP/1.1 gv8nvchl.langtily.tk/assets/images/favicon.png
IP 104.21.63.146:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash c2195fb7d311a0c8de10b081d23e6b9a
1e2675f23b1a143d6c2caa8f8879ec98d7a2ba6a
b29b85173752c3c60bd5914e5eb98b1f79f143e3ff59c13c883bf59034697ab3
NIDS Severity Alert suricata medium ET POLICY HTTP Request to a *.tk domain
GET /assets/images/favicon.png HTTP/1.1
Host: gv8nvchl.langtily.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 10:50:58 GMT
Content-Type: image/png
Content-Length: 1355
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 20:31:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXcXx4HkcV7QFODaE4kb%2BIkDUJCAYVQlcjeyc0hJctRl4eTuG%2FKiajGCQbPLfc5YRh6UjAYUU9oummwScAlHiV%2FciuEXfuUfMNFbspNW0DhlCqR75OF0G%2Ft0%2B6DYXID7adBUdWNNwA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf03313d20b518-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7291
Expires: Thu, 19 Jan 2023 12:52:30 GMT
Date: Thu, 19 Jan 2023 10:50:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7291
Expires: Thu, 19 Jan 2023 12:52:30 GMT
Date: Thu, 19 Jan 2023 10:50:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7291
Expires: Thu, 19 Jan 2023 12:52:30 GMT
Date: Thu, 19 Jan 2023 10:50:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d15f9a-9958-436b-ac3e-167b5a6563ea.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d15f9a-9958-436b-ac3e-167b5a6563ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1b47910c4f71976f73a884bcae6f9bc
26c0d42fddb2a02d9878c34a76874710c92a9d30
9c5ce4945939b126cd36202f5afb8009ce790a792270ec31cc22099e4cd12a24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d15f9a-9958-436b-ac3e-167b5a6563ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3861
x-amzn-requestid: c8fbb2e1-9ec6-42c0-8030-9be785e8913e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9TegFNEoAMFwqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c865f6-04a9e7db684e88ed69e1bd43;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wTiBoiSa1euVzUKPwlAWWZD-fYwMQGxgvRRzr1ALkrFY5VV3zeL9Jg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:52:42 GMT
age: 46697
etag: "26c0d42fddb2a02d9878c34a76874710c92a9d30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 511bbd0c410838e4a978d471d361d876
706be1b2636ad65bf5fe78ef7301af472c015275
e124c1ba6059fb613d0ab8f7ad37f4524323e7bbde851f78e9e5727c7d20f19f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9916
x-amzn-requestid: 42bb326d-889c-4b91-b989-47c1fd650afa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e96pVF61oAMF76g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8a4a1-2f33e6be45e298a7120d1119;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 02:02:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 68BfqCCeDzqQURstD87lSuWaXjwrqVQnXX8ws6EeFfQtbu_ad9JEgw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 05:26:43 GMT
etag: "706be1b2636ad65bf5fe78ef7301af472c015275"
content-type: image/jpeg
age: 19456
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b015242ebdda9cc22cfe6741d2e926f1
76072223007cd11c6f7b9fda8f01818ab0fea740
b7a72c737cac91c83c39718de999bc6ff0ec4ede63342e86407190d95e60d9a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6908
x-amzn-requestid: 5f0a0b3b-1d4c-450e-bcd5-481bda79f4e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eq1qQHwYIAMF-IQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1030e-62d053e35c8ab2374fd2fe35;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 07:06:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WdNoHBL4A3J_FHp8V9HLUMNKmEPIw-lstt0OdqYJtcUGfMRZJXPdwQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 11:34:07 GMT
age: 83812
etag: "76072223007cd11c6f7b9fda8f01818ab0fea740"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b8f931fb5afe958e67fce9e1822dac4
5732887999b819f6facc6f4608a407b5a09adf75
3c6c787e700f8139ec0eeaad93923f647f9efa5ce60120fc0aab52fa9588efaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5005
x-amzn-requestid: 647dd62e-6b47-4298-9457-c7f37e653e0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e5qLKEX6IAMFX0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c6f0ad-3dc1396c1b3662fa4ec5f1fa;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 19:02:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ge_XozSe44BAhC-fFiu-u8Oa4jd8Uctn4O3fmdLCavhYpcSVrhNMww==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 17:42:33 GMT
age: 61706
etag: "5732887999b819f6facc6f4608a407b5a09adf75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7228521-7486-47c0-9c97-8326b753903b.jpeg
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7228521-7486-47c0-9c97-8326b753903b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0322b0c1c8ccba218bb838b9a08236b
2019b85538667589467bd7330d5c14e81d0a0219
206ed7eb5ba89c76c42b01a7fbf354b9417dd87d8149847b28dab0cb1c887198
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7228521-7486-47c0-9c97-8326b753903b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3258
x-amzn-requestid: efeaacb9-f9b6-45ea-b457-dd2186113d7a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9704FE2IAMFw9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8a685-5c761cba0ef3eb1e0849aac1;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 02:10:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ja6gtQbUWud7hCAcoQ5R1zHQROQUC9rQ_LycuQK3BqQT_5GIUz4Q_w==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 02:15:16 GMT
age: 30943
etag: "2019b85538667589467bd7330d5c14e81d0a0219"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa0293b1-658b-40be-8f58-7c880a4f5b00.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa0293b1-658b-40be-8f58-7c880a4f5b00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b6cb560c00346a6c1d1862cfd25e5d92
0df06ee873767cda7b2f109caa5f3e0aab1ddc0a
1ee5d9792f084907b8837f818b7971c97eacff3b3e0cc83586220508c8755adf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa0293b1-658b-40be-8f58-7c880a4f5b00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: ef7eb7e8-8e7f-4578-ae9a-2d0be07df045
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0vOtFQ2IAMFedQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4f8c4-5ef1960d4ac7cd5560037d99;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 07:12:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hV9O65DcUGtRtapBhOQjJoID_d_zQ1eBLgp7Ux21xiIeixZTnDn_5A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 10:59:55 GMT
age: 85864
etag: "0df06ee873767cda7b2f109caa5f3e0aab1ddc0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:500,700&display=swap&subset=latin-ext
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:500,700&display=swap&subset=latin-ext
IP 142.250.74.106:0
GET /css?family=Montserrat:500,700&display=swap&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 19 Jan 2023 10:50:57 GMT
date: Thu, 19 Jan 2023 10:50:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,400i,600&display=swap&subset=latin-ext
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,400i,600&display=swap&subset=latin-ext
IP 142.250.74.106:0
GET /css?family=Open+Sans:400,400i,600&display=swap&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gv8nvchl.langtily.tk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 19 Jan 2023 10:50:57 GMT
date: Thu, 19 Jan 2023 10:50:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2