hottime4you.com/ol/all/de/ms/25-687828/
104.21.61.179200 OK 2.4 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/
IP 104.21.61.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 646b6254115f65fbb48dbd3fef0ee9c4
9f6865b3d220c714e51b49aabf99a24121608cc2
57b1d9870f669dd38608dc16ac81c9bee05cb23aac955ad7d0c1c1fdab600910
Analyzer Verdict Alert fortinet Malware
GET /ol/all/de/ms/25-687828/ HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKzESh%2BYZS2xNNXOAtE%2BOS2%2F4B3yl%2B6J7tE5rFxPfSZ53DDX66yAQLNuZjdnLCEnX4cK8SWTq6jON495Pzh%2F1WxXn5qpPjuk3ZHnC1LCev%2Bu17C753pE%2FTyY2zmzYXEpbaA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 755c6d369ae21c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
54.230.111.7200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Y4MYaQn6CkXR7XDYYK9h3B_GKlfmyJyzBrndgVdfy7BeWjIqfSvVPA==
Age: 53808
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3319
Expires: Thu, 06 Oct 2022 07:39:26 GMT
Date: Thu, 06 Oct 2022 06:44:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
54.230.111.14200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 54.230.111.14:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OUIXR7IbgfXT3-29PjWDFTO5WGn0HeCsWKJuQAe0j4q83lGmf2zfPg==
age: 9695
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 06:44:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
static.production.almightypush.com/mng/subs_window.css?ver=1638888212
54.230.111.72200 OK 6.9 kB URL HTTP/2 static.production.almightypush.com/mng/subs_window.css?ver=1638888212
IP 54.230.111.72:0
Hash bd7dbae15f904a4e1213439ebfefddbe
9f7a33b3d6e7965d8b99f0ff56cbf2e2ebb8f78e
30c08f3bb42d9a16155c65fbc952430048e4a84be70b98cb989b2dc977b49f8a
GET /mng/subs_window.css?ver=1638888212 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 6945
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 02:43:28 GMT
etag: "bd7dbae15f904a4e1213439ebfefddbe"
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -F5YubVeBjBhskNeGiff6LulpJ3nLlvnEyk21IbvkiomzshWPg9L-w==
age: 14548
X-Firefox-Spdy: h2
hottime4you.com/ol/all/de/ms/25-687828/css/animation.css?506693
104.21.61.179200 OK 523 B URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/css/animation.css?506693
IP 104.21.61.179:0
Hash 7d856f49fb85c308f7e3aade806615a1
a8afe132ac05e71b26e86069554a4f8fa0ba1956
f48295eced6a46803e1b1b944fb1debb2f72c2d252dfeb0a8af0d5152b06b1d5
GET /ol/all/de/ms/25-687828/css/animation.css?506693 HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:07 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:25 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1N%2BPPZPxXpFj9sr4rPMvurIoofLLffAn1uqLcmOBL5VHTmVIiG%2BHvZo6SwFHxxynrJAgULejTj9lmHwg3WniP1ioQWwEpU537hxk0TBdYV5Nplx02bKWJ4FALaVL3TTMHN0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d392d071c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/css/style.css?506693
104.21.61.179200 OK 1.3 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/css/style.css?506693
IP 104.21.61.179:0
File type assembler source, ASCII text
Hash 72aad72b7a7577895dce7e46bfb0bfde
043e7652c5f102f7aba9d6257e29e5ff583cb078
6089d2910cd66df85fbaf684d2275de5c73e8c7f795529e967b7e0a0deea88c9
Analyzer Verdict Alert fortinet Malware
GET /ol/all/de/ms/25-687828/css/style.css?506693 HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:07 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:25 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjkSxrE5OyvgsYn4eGpEoum3p%2Fwm%2BhOGI3GnVWVnnFlQeXOfq1YqFSqFR0xveyuOh%2FGex6hkNrOt1JL6b8ckGFyFTvkRN4ry043sw%2BlDCcNXa5aQFxsILMCIlALA8WT1yZM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d392bd5b4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 06:44:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hottime4you.com/ol/all/de/ms/25-687828/js/step.js?506693
104.21.61.179200 OK 865 B URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/js/step.js?506693
IP 104.21.61.179:0
Hash 46a3a0281d7bd5455f99d71715bfbf53
9a88730bc5731b2f686aa3076ae9ec06ea78b439
c4ad2f86a75743cff0db4e957c174c02149421b1c134fee9c84218c263320a81
Analyzer Verdict Alert fortinet Malware
GET /ol/all/de/ms/25-687828/js/step.js?506693 HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:33 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PH893vEwKkfgKeBd5ZYevUdY1lu09BCGdBCFAwE5PEWuAYv2oCQ4oJa60HYmX0kAg6WBcw71ot%2BHYczOg8LTKKAK2NMA0LTrOIDb5Gp2LLNy971p1ISxaXxhCmd0GSlNEa8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d395d060afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/js/backoffer.js
104.21.61.179200 OK 230 B URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/js/backoffer.js
IP 104.21.61.179:0
File type ASCII text, with very long lines (430), with no line terminators
Hash d1d761e3721375472889577260906f9c
c5e6e54e8b6b84af216d867dca79eb00c2819e42
de8798dd7447b4651ec2d44931c15ceb0d3e5099997b2ddc2452d3f95092a1a2
Analyzer Verdict Alert fortinet Malware
GET /ol/all/de/ms/25-687828/js/backoffer.js HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:33 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdSF4AhO9v0%2B5riyePj6Kw31M0rmkRAR0Pf3hmTXGJxftVQYPuA4MjSjepekXuj2DfsDrJ3KJP5KOmXQGN%2B9byKKf92VWydJ0X9GUhov0%2FML7KuZk6e%2FZa5vjnxWQmuhR%2Fs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d396f870b59-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 06:44:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
142.250.74.42200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (65447)
Hash 7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 16:23:42 GMT
expires: Thu, 05 Oct 2023 16:23:42 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
age: 51625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 5aec10b9570d38767b6ea64e8bf9e2d6
3ebfc626287234fcb2f8458b2be5394d41c812f2
5cbc69384ab6110c291b1b403f155cedc4e7278a9af1a3dad019e0128b5678e2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 06:44:07 GMT
Last-Modified: Thu, 06 Oct 2022 05:56:33 GMT
Server: ECS (dcb/7F5F)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3Ha5o6DvVbYbk58WrFVACwLVuE0CinuxbqMnHX3d37LbI9kAlKiBxA==
Age: 2854
static.production.almightypush.com/mng/channels/init.min.js?ver=1638888212
54.230.111.72200 OK 22 kB URL HTTP/2 static.production.almightypush.com/mng/channels/init.min.js?ver=1638888212
IP 54.230.111.72:0
Hash 2ea196bb9d9670ec138eb0c8c23e6696
b0876fd8c0c56c5d34368c16a829c040c23cbaba
1475c052ae8dbc220775cd44b20e508e38db9f09168c57d4a73e0a9027f252f7
GET /mng/channels/init.min.js?ver=1638888212 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 21924
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 02:49:57 GMT
etag: "2ea196bb9d9670ec138eb0c8c23e6696"
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7Lu4N-QRvuJPgBFUTr-YONHBAyUgJ6jQhnT1Bb2OrkpyQfw_5cqFaw==
age: 16400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 5aec10b9570d38767b6ea64e8bf9e2d6
3ebfc626287234fcb2f8458b2be5394d41c812f2
5cbc69384ab6110c291b1b403f155cedc4e7278a9af1a3dad019e0128b5678e2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 06:44:07 GMT
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cbMnebDtIF-ujdohxFRTeJyvjmE0pbgx0XE2V_ubouOLIT2R8pNiBQ==
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 06:44:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.production.almightypush.com/mng/subs_window.js?ver=1638888212
54.230.111.72200 OK 20 kB URL HTTP/2 static.production.almightypush.com/mng/subs_window.js?ver=1638888212
IP 54.230.111.72:0
Hash ae593f4be1dd1f0710123918b49c4933
66fbe30bb873e0a47d3d72e737d68aa4b6916c26
fdf9ff3f74dcf11d0fa456dcd53cb21550f67f0cfdc11dc29bef595f07b56206
GET /mng/subs_window.js?ver=1638888212 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 19491
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 07:04:55 GMT
etag: "ae593f4be1dd1f0710123918b49c4933"
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wuWFuEmiyKZKJTQZ1NGZBoExkKS4HKHYFX4NUMb8HnFgPoJw6XJeGg==
age: 85180
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 06:44:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d85962ac3734cbef89f5a48b4aa5c2db
8904f1baa9a4c52c04bf72a0717a3f64126180d2
4a7de2dd4a713ee57e835d459bce0bb83db1e333cfa3677ffbdf15acaea11d91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A7DE2DD4A713EE57E835D459BCE0BB83DB1E333CFA3677FFBDF15ACAEA11D91"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9585
Expires: Thu, 06 Oct 2022 09:23:52 GMT
Date: Thu, 06 Oct 2022 06:44:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.7200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 06:29:41 GMT
Expires: Thu, 06 Oct 2022 06:58:24 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: L7Y1gNEQpLWBkkdCBQ0ZKMJQxuqNiFmM_tLm03OhoX8PFqidoCONHA==
Age: 866
hottime4you.com/ol/all/de/ms/25-687828/images/23.png
104.21.61.179200 OK 62 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/23.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash da384da949049318f5e2666fdd5944e8
666ac1ed92f2134d2ed7f15a6361306f1b21b146
417d52172fecfb675aafb6dd55a7a6c0fb166d2045ecb7a6c0447673b837a7f7
GET /ol/all/de/ms/25-687828/images/23.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:07 GMT
Content-Type: image/png
Content-Length: 61988
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:29 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tIcywG90mRDT5NBNOnLZ7yV6YL3nulLhE0b2R%2B07swoku2MU%2FG3aW%2B681DvTN5JvqtanssZHGsqrEUMZk%2B7hqLuEpWR815bSp5zfLrIOCeat4JYYOikRi7oS0NeIZVUYe1w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d3d1fe11c0a-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/44.png
104.21.61.179200 OK 54 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/44.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f7edd152703c2e421e411c0b361b498
13e65f5eba06be9507af7be27a6b6c9e3189b391
94d93e34dd3f5903b2efae4d7e7ddb3c895ce92de9aa379b859aa4037d914b9f
GET /ol/all/de/ms/25-687828/images/44.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:07 GMT
Content-Type: image/png
Content-Length: 53709
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MuBSJjvFkc0Lg91bJAQ7KO7Kptm16GGKTu2MBQk3HaNFbfq5Rcl2EQVgGfgxYeQBtTybAKAyKsKO0b3viojA63anifFcuVjwbnJZadzP%2F2I8KLES3mZLAkAoPJWlQxxXSX4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d3d1822b4e8-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/11.png
104.21.61.179200 OK 60 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/11.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 74c93e1362de9523d8f35b6f2d78917b
1d9df51e43be8d555d5fabe62dcb159eab784f5e
39707e9d6aaa148b2bbc1aabe00110f54bbcf7c07c62f24daaf539005e582472
GET /ol/all/de/ms/25-687828/images/11.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:07 GMT
Content-Type: image/png
Content-Length: 60166
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:27 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y92JXrRYXaPes9UMfajtI9gS3c3lNwet6BsN8T3ZN%2BzyoEKZVe%2FyDsBP50Ne8Zh7k2cG2IwAT4cP%2BJPexXoneoobzkIeC0FneBA2Z2Yh6%2FJlZKWes%2BhDvuiQxgHH%2FtRd3OU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d3d2cc11c12-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ddbf24fabadcec7f41787b226bebe150
284c0b5dd1f2dfc087d6328469367d3887274fc6
5fdceb03a2d605fc92869ddf9ec3dec122e04ac0e0e313151c465afa8b86931e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5FDCEB03A2D605FC92869DDF9EC3DEC122E04AC0E0E313151C465AFA8B86931E"
Last-Modified: Wed, 05 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13895
Expires: Thu, 06 Oct 2022 10:35:42 GMT
Date: Thu, 06 Oct 2022 06:44:07 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 06:44:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/quattrocentosans/v18/va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/quattrocentosans/v18/va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 24320, version 1.0\012- data
Hash 056a6ed9c698772e2438032629f4933e
e88b32e3d9492e241bf5451e95967c5597f29967
86380b40e3d14ed9f3e0a5ff79c04f510d7910f677a66685e2b10f8b8765797f
GET /s/quattrocentosans/v18/va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hottime4you.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 23:48:38 GMT
expires: Thu, 05 Oct 2023 23:48:38 GMT
cache-control: public, max-age=31536000
age: 24929
last-modified: Wed, 27 Apr 2022 16:02:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hottime4you.com/ol/all/de/ms/25-687828/images/12.png
104.21.61.179200 OK 58 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/12.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 46fb821d3c8ca1b808dcc54300710f89
8c2af696ea30e845c7c8cc249909e26755de3f8d
48f9f84693e443822172bc338b16f6bed62c4cbeb686f8018dcd2bf691007b62
GET /ol/all/de/ms/25-687828/images/12.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:07 GMT
Content-Type: image/png
Content-Length: 58018
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:27 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEm0pP1m7IEEEDA2jmA%2FSkSxG3cWdZSVNd93x6f3PVRPsViimErrrjHXFAjGn0VxX2nZNCiGBQCJ3%2FqT2KDpwq69Q8yfcn2QGqeR446FETOSQufplY9sLT8I%2B5IVxk3N2w4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d3d18860afe-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/24.png
104.21.61.179200 OK 58 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/24.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 5275c3e17ee2ba370c01ae31249d42af
98c09ca29deff276fd966d313599ffdf397c55e4
f05b3a33818bc9d5dd44fe4074f1818f19efb54d70def227b72ab36ea5bd2c78
GET /ol/all/de/ms/25-687828/images/24.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:07 GMT
Content-Type: image/png
Content-Length: 58158
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4WjdTM0EfacsTm%2BQMmprO2%2FtRJgQ6t5NcV%2FSxDnAAk9YZOy3tDE9brTRfKokkdFmpv4sqj26YzOxxgygJP962GcrVDXCTM%2FR8otz3TD33ZIVtGCzWXg3B0wtVzJK1Hqv%2BM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d3d1b1c0b59-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4665
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 06:44:08 GMT
Last-Modified: Thu, 06 Oct 2022 05:26:23 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 06:44:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hottime4you.com/ol/all/de/ms/25-687828/images/22.png
104.21.61.179200 OK 61 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/22.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 9502e70fcfd8acca4d0510286eba3bd8
1a4243f43e7212489c8ac5ecd57e74fefed98d96
3dc39eeeb917cdc0e57b6241c4df77b4d9103b0f2dc69771d7a659f0b35912ba
GET /ol/all/de/ms/25-687828/images/22.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:08 GMT
Content-Type: image/png
Content-Length: 61392
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aKhElUS97QvtkiY%2BqZYa0pcS4XzczkJ1iFEMVMi20dOPOM%2FxlpntJrYNfTRB041rdGuUUnrvp%2BiGamuXVY06uxCNgHIJbsoZW%2By5Gq69P%2Bim1jS1nB5lfrsSiXWTgonJzg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d3d2ca3b515-OSL
alt-svc: h2=":443"; ma=60
alexatracker.com/jscode/JAIA.js?sub1=hottime4you.com&sub2=&sub3=&sub4=&sub5=&prid=
51.68.197.173200 OK 7.7 kB URL HTTP/1.1 alexatracker.com/jscode/JAIA.js?sub1=hottime4you.com&sub2=&sub3=&sub4=&sub5=&prid=
IP 51.68.197.173:0
File type ASCII text, with very long lines (7728), with no line terminators
Hash 298cecb40891e0530829d9845bf64d54
7e9ecfe7fef8f4157d87c7866e24dac7d43cb13a
2df3c1cb92b42fbafa3dc57c5ef8331d02618c3e8893f51bdf23b0e7ab329889
GET /jscode/JAIA.js?sub1=hottime4you.com&sub2=&sub3=&sub4=&sub5=&prid= HTTP/1.1
Host: alexatracker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 06 Oct 2022 06:44:08 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 7728
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: trbarid=cf6d5458fa2f7db2022b211c80efcc20b537a4f9c8422e02314a90ed1bf831e7a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A7982651674281802040%3B%7D; expires=Thu, 10-Oct-2024 06:44:08 GMT; Max-Age=63504000; path=/; secure; HttpOnly; SameSite=None
hottime4you.com/ol/all/de/ms/25-687828/images/girl.png
104.21.61.179200 OK 115 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/girl.png
IP 104.21.61.179:0
File type PNG image data, 179 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 115 kB (114891 bytes)
Hash e6f5ef72ab1dcc3eafc82a18f80ff1a2
60f8cd2eb79d1748b2cc3a74cf6ca8bb37fa4ced
5dd9582581c7b8c05ddae2d388af0eaf951186fefc73a6c0894b08e8edbf24c5
GET /ol/all/de/ms/25-687828/images/girl.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:08 GMT
Content-Type: image/png
Content-Length: 114891
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWoE5nlqQw0T%2FdqGqR%2BbcZxH%2FDTJYc4J0lLjJRBlkvNVXO%2BvyIqiNuDhOD5HTrXA9btOCjXLHt5qGS1DGUlk3nyh25QG4sHoH7LkLK2i%2BceohM10oZrQbozGA3tedqibJGk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d3d98461c0a-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/25.png
104.21.61.179200 OK 67 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/25.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash d1b1b830be86c68486835a237652ed19
a72ee10174523bbcea9e7fbb09dd79de10e6f38d
9809a272cdb59025422645d54b003a4b425ea461e3fe7218d83f6551a55b5e1b
GET /ol/all/de/ms/25-687828/images/25.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:08 GMT
Content-Type: image/png
Content-Length: 67145
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdOIxsO5M%2BAly2tBMyJtrYcCcclwS0Hvlq9m7fj9JGua5%2Ba7Zu4Su13LwTALuTBiro6namG46vbOXGJ23Va7ku3pdrzsb8o2ZBs%2Bxh8f5xHVRjWS2O9ghya%2FDv7edWv6i%2FA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d3da898b4e8-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/31.png
104.21.61.179200 OK 60 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/31.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 8219bfcdb7286bd03b2295e4065d3c38
459b57ce62406ba97b9682cf8da47fc53f18fe2f
78ecebccf0b424f613fac6ca2c34e5d9bc7cccab0b2b0cc88efb23bb2a8a6bea
GET /ol/all/de/ms/25-687828/images/31.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:08 GMT
Content-Type: image/png
Content-Length: 59718
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToIfjclgmxAuJmJAZhOZp8UAHf31M4i73WoaU7C1NXv3HGZOEyIwsbqHI7Q%2BSQVk%2Fg4GgA8dqwZiPCb0StA7%2FV7WxcEJGGDwtKigXpwN2TQA09%2Fcy4wyb%2BtIcGNjsQSSybs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d3dbd321c12-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
44.228.207.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.228.207.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pJaQ2u6ow3X5CJJ0YCs7pg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bHyJjA3gm5VSPUAfF6UxRllU0Mo=
hottime4you.com/ol/all/de/ms/25-687828/images/43.png
104.21.61.179200 OK 60 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/43.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 01e539dac5d06d4ea5b596208d0ea607
6dbc43d0df4010b6cee02e6dfbb1a26ad60f2b9c
85c15d2d42b33ad87c7f7d3e422348d46412938a97370ee26a24daa66e09adad
GET /ol/all/de/ms/25-687828/images/43.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:08 GMT
Content-Type: image/png
Content-Length: 60395
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3h7H6uSZthihjGCtJy%2FBDrbvKvzb6oUrN184v0bXaDuCqXIwC3OvL85DKjy6qPuEoucn2Vw8nwvRJjlRZZYjwP%2BVCXxgXoUnMBL09HvBxyB0jW5f%2Bv%2BNcO3rJ4U2y%2F2V91s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d3df9690afe-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/33.png
104.21.61.179200 OK 66 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/33.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 8919c27bfbf6a695f22b42979e169490
b944fb71fca53041501799c932956af920dfccc9
c9bfcf08c816d5b8e685ebd2697dc414a1b09db848f58b9353ecc3182ae52a4c
GET /ol/all/de/ms/25-687828/images/33.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:08 GMT
Content-Type: image/png
Content-Length: 66468
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dElohLmFS0tVzDtTpTIw0f9muqWL%2BEOTkKou7wZU4cUqt7JdOyfkxTvbYpOjQLX2gpA02ULUvzlZ8RSP5z2QrZg7SLlMOIXZvF64tZSnMjTGXV38h04r39zZmPZdkpSJUjU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d3e5df2b515-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/34.png
104.21.61.179200 OK 65 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/34.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash c397f9f4382193fd4d45c600b6008e49
3689e9db6a13d3ad4819d7f229ecda756cbee61a
82357ef1702df45958ed401f7b0c4b83f89d2fda13a7433a67fd0bd7327696d7
GET /ol/all/de/ms/25-687828/images/34.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:08 GMT
Content-Type: image/png
Content-Length: 64758
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:31 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGWdIJo4GRI5p%2F4nQmy9DzOS94HAAlje6zLvURXekSvn6Q0280gZa3yJqAxtRlaWqGeH5kURViBCE%2FFXZSzBBqvvpjqLGMIzG8Ts1UjsiPyqgbHQxcj8TDUlQiCLrP86BhA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d3e0bf60b59-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/32.png
104.21.61.179200 OK 55 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/32.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 8c58ae244f7bd521506573d2589cf8b9
a7ce9a4e1cb43e2f4efe2094f576285b4f25b9c6
c178cb0498a1a548575f8f9e3911e45fdef95cfbb7b229fabb1955aca060fdf8
GET /ol/all/de/ms/25-687828/images/32.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:08 GMT
Content-Type: image/png
Content-Length: 55175
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iqp93lktF3ygtpty1Sex0F1aYMIfBtRi9EKzxde49x6ky6rT8ocWlv%2BMpEJAlQK1y8ilyy2unIeAkCzpeIMBuKNMuj3cPsnhqBb8ELqAKmfD0T%2BnDswPPl%2FFPoWbBTZ1Djc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d3f49fb1c0a-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/13.png
104.21.61.179200 OK 54 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/13.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 4556a96c44b107c284756f1356ea20a4
863cb36669642a5b8c64aea43f5af2359e3470ff
3e0b6093aa4ffb696f6ad8e89569185bfcfcde1c5e0789d40b15e379039c6dec
GET /ol/all/de/ms/25-687828/images/13.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:08 GMT
Content-Type: image/png
Content-Length: 53585
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:28 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjuQ2GG1N6ybdeO%2Bp5E4BGfPkTiZTU0YG1%2Fjug3i5SVfiRvke5xVEB6FHMCI59kM9FQbGoJXruqV5DV%2FfWvVikSnJOllUc6fxSndFv8lVDdzvRwmMgG1oJOALFk09wVx7wc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d415ea90b59-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/45.png
104.21.61.179200 OK 61 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/45.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 07092234c81d019e50a0fcd65dfd9409
7554ce01f18dfed2fdf5f3245c0f691f694d61cc
e99340f5c88e442ec5f28de9a3f13dd3271aeae21ed9e9986e90317e43c54346
GET /ol/all/de/ms/25-687828/images/45.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:08 GMT
Content-Type: image/png
Content-Length: 61156
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tam8%2BRHbcWzfG6ALQEwf4dg7A5RgMJI%2BrJVTqW7lGqH4rlp4Yx57R6%2FxXLdoM83zFhpCnsiB03pTlf6DUA%2Be8JzFbgcRPoe7R0Kb9%2FsZJuX3yCnofwP9vIzNVJm%2BBHop4ws%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d41dbec1c0a-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/21.png
104.21.61.179200 OK 54 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/21.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash a081e159c9b11cdc4930e2b70ec5a1aa
58bda100572729bc2ad1288a623bb63b02172b84
03e842319f517c509736b088d866254d7bdc6a61f8dd691c2fe9f79545e749fc
GET /ol/all/de/ms/25-687828/images/21.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:08 GMT
Content-Type: image/png
Content-Length: 54171
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:29 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kVHUGlF7m5HExFT%2Bb%2BckyuWCb%2FmSxzV21O8wf71KIL2eh8uqlZ9ZPBrdvvpBjyFAdqOovxEleS2m8VH61xLImvaoMFINZgJc%2F378mLsQ4KeoB0yHI3MSr01VOsg%2FKovQTc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d41ff340b59-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/15.png
104.21.61.179200 OK 53 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/15.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e6044de45fe8d0d22f624413aa4c785
4bd34494cb010aec1cb685bc31e98a93d2e94306
d906fe11bcc0d22dc8feb8a10fa3d3f9415c127f7dc1ad833d788972b684f600
GET /ol/all/de/ms/25-687828/images/15.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:08 GMT
Content-Type: image/png
Content-Length: 52615
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:29 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0wxQjYpvF0QloXeGOHaWbdtaojw3jTwPeVbY9OFEgKTcg5bgZueXl%2FB%2BWwLEXX0F5Zf%2F2VHZt%2Bbp8ZApog2EP%2B0IwfxkEgUosSCAy7m02zJ9EhswN8YNv6bvDIdaAwoRek%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d3f9abbb4e8-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/42.png
104.21.61.179200 OK 64 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/42.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 9a78453a120ef776608b04ff29cdeae1
b1f7c5bfc3a5999845d1d101a9efccadbc6066b3
bac36e0cd616d2c9716ee7ea996e086ad48f10589f0ed45e1562fe99d1db00df
GET /ol/all/de/ms/25-687828/images/42.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:08 GMT
Content-Type: image/png
Content-Length: 63889
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:31 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pctBCcqs0EE98hhesGm8oUTo8ks%2Bt1wZyL4AYOV7sFD0uA20EJL9syLnJG8A6VhwbvrQFRYmIk%2BysKQp08tDkjH7aIzQwC8Sm1TWY2KaRZBYGj9foi0c1cPKFZnxjlTWXOw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d421c231c0a-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 06:44:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
142.250.74.142302 Found 337 B URL HTTP/2 lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
IP 142.250.74.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 66a43eafe19fd2e9782007272dd06ced
9d5112f8b4482ef224d10b0d0a17bfaf053e8e23
f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb
GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1
Host: lh3.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
cache-control: private
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 06:44:09 GMT
server: fife
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 06:44:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hottime4you.com/ol/all/de/ms/25-687828/images/14.png
104.21.61.179200 OK 64 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/14.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 5229c527050cfc1d3e744bb3e243a511
8a161090b7b68654b53ec4d62b1917813e1135f9
b6609d6a77a5d7ef9a1b0bc8cb339e500966f5fe8dff8b8ca9a84acd3d1a4515
GET /ol/all/de/ms/25-687828/images/14.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:09 GMT
Content-Type: image/png
Content-Length: 64303
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:28 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebtN%2FugZEZwnNapHv0dIA0g%2Fe1A2A7l4jyO%2Fo9bAq83bKTGKD7N83Qh2%2Fu0KSHSrIzlpA7162uGiHFXqN8ltVC7%2BmnXxSAaVEJPzOJSBXn%2BrxZQuXYW8I0Cvhxf7PHma0gk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d3ffeb41c12-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 075c0849a5739bda75763e3740fd5079
c59fbd5865bacc3857fcdfae28c7eaaa7ca1972b
24b54121bcf5221650c3127ee28ef7f92524d391f75639c1ad25d678e7a99d2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 06:44:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
216.58.207.237302 Found 408 B URL HTTP/2 accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash 033f78ecef93fc3e3dc5e3f3fa9346bb
05df96a13d43c013239dba6c82a43a9108fdcbc1
e476cdc3850c79343c622187757462c7fd35f9056da1be2e31deecb568f64c80
GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 06 Oct 2022 06:44:09 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-586459327%3A1665038649192156&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrg677h1lAETGdyJgIDtgfuOUV9YNBhKSyR9mlhDPOj9u8LvqTJya0bkiytRv7PzHLpdDbG
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-nLM8odqDCEYX4QptrbWwxA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 408
server: GSE
set-cookie: __Host-GAPS=1:4sWyGCXPptN24IjocuKt8ED6Ru9QHw:8-qHlrYYTC40nK9L;Path=/;Expires=Sat, 05-Oct-2024 06:44:09 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hottime4you.com/ol/all/de/ms/25-687828/images/41.png
104.21.61.179200 OK 59 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/41.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 9a61621beab625268e0eb02e83d2ae34
2070afedeafc30bd0648bc6c07accfdcd0ab542c
314c03abfaa1c4ed21a33d5c91374f310a2a5f0f9e7f50520e71ecaa1b3757d9
GET /ol/all/de/ms/25-687828/images/41.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:09 GMT
Content-Type: image/png
Content-Length: 59394
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:31 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EB%2Fr%2FmZn%2FmLuAzBkFPPN%2Bkfi1pQtuQwOYlxJ%2FmhTlnB6EY7A6rio2l2GWmqQpyrwJa4rsXMbJmFB37r9EIJKl99e8Z8xXVKvG%2F2XjaTMXgCHdeWltjYYGx1vHZVYAGRr938%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d404bde0afe-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9839
Expires: Thu, 06 Oct 2022 09:28:08 GMT
Date: Thu, 06 Oct 2022 06:44:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9839
Expires: Thu, 06 Oct 2022 09:28:08 GMT
Date: Thu, 06 Oct 2022 06:44:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9839
Expires: Thu, 06 Oct 2022 09:28:08 GMT
Date: Thu, 06 Oct 2022 06:44:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9839
Expires: Thu, 06 Oct 2022 09:28:08 GMT
Date: Thu, 06 Oct 2022 06:44:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9839
Expires: Thu, 06 Oct 2022 09:28:08 GMT
Date: Thu, 06 Oct 2022 06:44:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 746e3c38e01d58e6fa0728798221a830
b19dd1d42995ea4242505b152e77835442341581
c524a2e7e29690030b7402077f711e643674c8f42de071214f3909b447fb1e3b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6933
x-amzn-requestid: aa50b0cd-e931-49a9-bce3-00366738aea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPtNGKPoAMF6UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df987-77a4f8306103dcdf3de7d1fd;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:19 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: aRwLcesGtAJ-M6BLPyzdprcMh8tvcxVH6AOG2LJc8aSYLR0BR9WAwg==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:09:09 GMT
etag: "b19dd1d42995ea4242505b152e77835442341581"
content-type: image/jpeg
age: 30900
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5a5ee14d41747f46e71f04782e1a3d3
b0205176a58913f57056b91674097bfb58046e97
b3bae0b56b50374cb85fc7fe4c9b551383d1969bf31e7adccb867e3467c59269
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7385
x-amzn-requestid: 7ada8e43-9cb5-4793-9289-e308e9565e7d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZoF7aIAMF43A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-73da01595d32809e08b93a83;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: 14qQi5wDI-_EgyghHCMjRtdZliSj3L6veSqIeBoEjCTfdZfrKb-UzA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
etag: "b0205176a58913f57056b91674097bfb58046e97"
content-type: image/jpeg
age: 32823
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 03:50:38 GMT
age: 10411
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2277f8f2d93b4bc3b05d348343177892
531d9e4ec9078cd2d7376a19fcb287084af36c82
62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: LySueW1si-yWLwecUILV1s57IEV2FdcQ9_pH1Aoe4AYISi7QXXfd3A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:39:28 GMT
age: 32681
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70ea26af79226e9ff06d6198e2c019dc
ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57
f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 05:04:17 GMT
age: 5992
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F523563fe-7c63-4bf8-82a9-5a22c254cf4c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F523563fe-7c63-4bf8-82a9-5a22c254cf4c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00e43396123462b87cf3d3592dd71f02
8c895a5716462c161f98637053cac4469eaaea33
2fc70d34c11b2fc338714930bdf6efa14a1c3d4d7560a43061aea41c83ec4d2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F523563fe-7c63-4bf8-82a9-5a22c254cf4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10390
x-amzn-requestid: 3a01001b-3f8a-4118-9cce-af68e92b78bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjP2EEV4oAMFcqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df9c0-254f65637b3d98f8268fe321;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:40:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: ZemQhvOGChopa_bsi6lNCPY0nNsICABg9vAsWBCkPJFv8oz7TyOGBA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:49:35 GMT
age: 32074
etag: "8c895a5716462c161f98637053cac4469eaaea33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hottime4you.com/ol/all/de/ms/25-687828/images/35.png
104.21.61.179200 OK 66 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/35.png
IP 104.21.61.179:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash fd680f2add1ba478d3138793153a8a15
3a0f15277750d45fc7ec66ac0fa7fece5933b688
50bbc3f2dbf0158911cad9742eea7d0c54a8eef64febcec25881f955a244c7e7
GET /ol/all/de/ms/25-687828/images/35.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:09 GMT
Content-Type: image/png
Content-Length: 65676
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:31 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gbr2sPOG7uzmm%2BX%2BBDS7Nqm4eO6WSa9TLbLviozTHCv3oQ0gvu1EqsvJesfDgNfnpeUNrWYxseeCDTyTQZPCIWJgHb94vC%2BfVuHGwIRK8PxOHT37bfx31mveX3LUOiMpnWc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d41290ab515-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/fremdgehen69_com.png?506693
104.21.61.179200 OK 1.2 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/fremdgehen69_com.png?506693
IP 104.21.61.179:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 42b5a1de339f60bc62983337edc85f0a
10c3cb6655538193f1988123e9fd5f9fda7915fe
0387e0d953b13b879873233510f927697c7a598c82f22b3edf19a5c8d21469cf
Analyzer Verdict Alert fortinet Malware
GET /ol/all/de/ms/25-687828/images/fremdgehen69_com.png?506693 HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 06:44:09 GMT
Content-Type: image/png
Content-Length: 1240
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=esW5SibS7gTjzCORZLJfOagUUFm42FTm3zNjmPqoCeL9yUltgB2dhkbUqjg9i3oOb%2BRg%2BGNuOu5usJdWF9Rq9DJe6EuWm9TjW%2BWP2sgnewym%2F4AAapWNqA266hOmxD5A86Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c6d447f0bb4e8-OSL
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css?family=Quattrocento+Sans
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Quattrocento+Sans
IP 142.250.74.10:0
GET /css?family=Quattrocento+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 06:44:07 GMT
date: Thu, 06 Oct 2022 06:44:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zeniocloud.com/JAIA.js?sub1=hottime4you.com
167.114.67.56200 OK 0 B URL HTTP/2 zeniocloud.com/JAIA.js?sub1=hottime4you.com
IP 167.114.67.56:0
Analyzer Verdict Alert fortinet Phishing
GET /JAIA.js?sub1=hottime4you.com HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 06 Oct 2022 06:44:07 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2