r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1273d41c84b2b39f78a8033130d00282
556757697b70e019ed502585fcc888e2403f3229
ee3c03cc0a659fbc43d34feaa79a8ad6627b9c525d675956cdb434c1590db89e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8861
Expires: Fri, 07 Oct 2022 12:27:30 GMT
Date: Fri, 07 Oct 2022 09:59:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
54.230.111.7200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BugZQMLVpOW6oheRR38I3iVAuCIi8M3qA373KaWhGnAlAtE0LZ_ZGg==
Age: 151951
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4762
Expires: Fri, 07 Oct 2022 11:19:11 GMT
Date: Fri, 07 Oct 2022 09:59:49 GMT
Connection: keep-alive
homepartner24.top/tds/auze?
190.115.19.3301 Moved Permanently 568 B URL HTTP/1.1 homepartner24.top/tds/auze?
IP 190.115.19.3:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Hash 2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee
GET /tds/auze? HTTP/1.1
Host: homepartner24.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Fri, 07 Oct 2022 09:59:49 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://homepartner24.top/tds/auze?
Content-Type: text/html; charset=utf8
Content-Length: 568
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ETBKKNCDul+yGJfQwmOLbE0w2+xFVXFzFSw6yGZ7GCgSPvvJPf7vpiDKeg4wcaOOdMaMi5jRTRQ=
x-amz-request-id: P6WNJC2ASCEE7ANT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 09:31:08 GMT
age: 1721
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 09:59:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e0aa74cb44120b73b2e99529b934e42
782ef33a3b360b8f4c6b53b5eef2da6f43ca01d1
09b14e312462474c71635d769018911763f81e9beb2daccbb80d4a365fc9071d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09B14E312462474C71635D769018911763F81E9BEB2DACCBB80D4A365FC9071D"
Last-Modified: Fri, 07 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21519
Expires: Fri, 07 Oct 2022 15:58:29 GMT
Date: Fri, 07 Oct 2022 09:59:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.7200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Fri, 07 Oct 2022 09:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 07 Oct 2022 10:05:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XJfV75BnYF3DeiHHvv-CgPZuL8edWYiR7wlu82bR8_gcfHkcRQHYSQ==
Age: 1809
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d6c404502c7987174a84d8f0a3efab23
fc3a3f6d63acab3f659fb3536b65fd8564ec8628
94b5693df873bd923ffbf31f576fff01d2628e5796af4c6b91306a743e27d19b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3786
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:59:50 GMT
Last-Modified: Fri, 07 Oct 2022 08:56:44 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
homepartner24.top/tds/auze?
190.115.19.3302 Found 5 B URL HTTP/2 homepartner24.top/tds/auze?
IP 190.115.19.3:0
ASN #262254 DDOS-GUARD CORP.
File type very short file (no magic)
Hash 0b0b4604229d72547945164d162237aa
8364186715302565e2d839f31912ec36cc8cadb7
96609678968090be47d67379ad569f9d474c3949611159819744982226ffa941
GET /tds/auze? HTTP/1.1
Host: homepartner24.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=lkIT2YlSMtMYLDy7M33U; Domain=.homepartner24.top; HttpOnly; Path=/; Expires=Sat, 07-Oct-2023 09:59:50 GMT
date: Fri, 07 Oct 2022 09:59:50 GMT
content-type: text/html; charset=utf-8
location: http://yourpartnerclub.top/z033?tds=1
strict-transport-security: max-age=15768000; includeSubdomains; preload
access-control-allow-origin: *
x-frame-options: ALLOWALL
x-content-type-options: nosniff
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/w4QWX0cp8JI
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/w4QWX0cp8JI
IP 142.250.74.3:0
Hash fbf4807af5a209fe82cd63ac6254af1b
48791ca731e554c4d986cbf38b60b8db3bfd8956
0c85021a9f89711c813351b38946229a5b596dda68ab24e9310c067986dd86b0
POST /s/gts1p5/w4QWX0cp8JI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:59:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.165.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /fpc7PlKATWRaDutdRLY/A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mwkTLkwQgd1uRTfRivexO/xxbIY=
ocsp.pki.goog/s/gts1p5/w4QWX0cp8JI
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/w4QWX0cp8JI
IP 142.250.74.3:0
Hash fbf4807af5a209fe82cd63ac6254af1b
48791ca731e554c4d986cbf38b60b8db3bfd8956
0c85021a9f89711c813351b38946229a5b596dda68ab24e9310c067986dd86b0
POST /s/gts1p5/w4QWX0cp8JI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:59:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/jquery-2.1.3.min.js
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-2.1.3.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32180)
Hash de4fdb8e2e5d9b9624bad7ed2b726525
053a31e8e83b261e3863c4f9e652caba910a2b89
f44c9556d0ecebc0716a7fce2899c0b40ed96394bebafb2937f4305bf3b118f3
GET /jquery-2.1.3.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yourpartnerclub.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:59:50 GMT
content-encoding: gzip
content-length: 29507
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-14960"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1665136790.dop224.sk1.t,1665136790.cds067.sk1.hn,1665136790.cds215.sk1.c
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e181d1ca5646b5dd407bd9c9eb6cd42
dd8d011fbaf152ed255054d7a1b9c00a3ab100df
6ee9ad5c9f4088d1e5d329c59c9297308ea2dfe7d50bb1c641386d03e9bbbd04
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6EE9AD5C9F4088D1E5D329C59C9297308EA2DFE7D50BB1C641386D03E9BBBD04"
Last-Modified: Fri, 07 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13171
Expires: Fri, 07 Oct 2022 13:39:21 GMT
Date: Fri, 07 Oct 2022 09:59:50 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e181d1ca5646b5dd407bd9c9eb6cd42
dd8d011fbaf152ed255054d7a1b9c00a3ab100df
6ee9ad5c9f4088d1e5d329c59c9297308ea2dfe7d50bb1c641386d03e9bbbd04
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6EE9AD5C9F4088D1E5D329C59C9297308EA2DFE7D50BB1C641386D03E9BBBD04"
Last-Modified: Fri, 07 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13171
Expires: Fri, 07 Oct 2022 13:39:21 GMT
Date: Fri, 07 Oct 2022 09:59:50 GMT
Connection: keep-alive
eb.fotini5trofim.click/static/img/loading_spinner2.gif
172.67.194.100200 OK 12 kB URL HTTP/2 eb.fotini5trofim.click/static/img/loading_spinner2.gif
IP 172.67.194.100:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash 1b39dbef70cc62459601b100df938acc
2409799a9481933ed6c095ae479dfbed0a3ad681
dce8c7a6eb3f432284372ab5c1d0861d474a29e3c8d72cc37ff5a4794f4e79aa
GET /static/img/loading_spinner2.gif HTTP/1.1
Host: eb.fotini5trofim.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eb.fotini5trofim.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:59:51 GMT
content-type: image/gif
content-length: 11867
last-modified: Thu, 06 Oct 2022 07:18:01 GMT
etag: "633e8129-2e5b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yyfkj1E0B4TTpdQeADPPxflN8HijBu82iyeRIIZrI32w5DUWewprb4e6LOP9ZYf7%2FBF3OKw1v7jVqmcnqQP0NIBUk9v%2FVfVMICDuJ5Dvwdb4ojYHq20um2Ii2VDucudbTHQNzVIbz6RI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7565c94fbe21fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:59:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:59:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:59:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:59:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:59:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
216.58.207.195200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Hash 848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://eb.fotini5trofim.click
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:08:19 GMT
expires: Tue, 03 Oct 2023 21:08:19 GMT
cache-control: public, max-age=31536000
age: 305492
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
eb.fotini5trofim.click/static/css/app.87410567262ff1c61ee1e9f1429b6106.css
172.67.194.100200 OK 46 kB URL HTTP/2 eb.fotini5trofim.click/static/css/app.87410567262ff1c61ee1e9f1429b6106.css
IP 172.67.194.100:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6dec5ffc6a9f1114e9f666df73277e8e
90322bc5b0d5aca0320d9e7d051e8e74ab1ae757
afb5979ebd292e6659c38a85c51e890bbaaf4bd18ac46cf9199334230eb251a6
GET /static/css/app.87410567262ff1c61ee1e9f1429b6106.css HTTP/1.1
Host: eb.fotini5trofim.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eb.fotini5trofim.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:59:51 GMT
content-type: text/css
last-modified: Thu, 06 Oct 2022 07:18:01 GMT
etag: W/"633e8129-39ec7"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUd%2BZEg4wq51Ym6Awq%2FKaERNJn5pW4iB98y6hyhE%2BUqysbKmPUXCxM4whyLHeec1PgSOEmgWHC9U%2FMi3DB98kxNlpidtoWISDOMPeq7LQJ8Dcxm7xAioot4IH4E%2FZXCPFTYK3PmXcOHO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7565c94fbe20fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:59:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3137
Expires: Fri, 07 Oct 2022 10:52:08 GMT
Date: Fri, 07 Oct 2022 09:59:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3137
Expires: Fri, 07 Oct 2022 10:52:08 GMT
Date: Fri, 07 Oct 2022 09:59:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3137
Expires: Fri, 07 Oct 2022 10:52:08 GMT
Date: Fri, 07 Oct 2022 09:59:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3137
Expires: Fri, 07 Oct 2022 10:52:08 GMT
Date: Fri, 07 Oct 2022 09:59:51 GMT
Connection: keep-alive
eb.fotini5trofim.click/static/js/app.71aa2be727f8f584b6a1.js
172.67.194.100200 OK 120 kB URL HTTP/2 eb.fotini5trofim.click/static/js/app.71aa2be727f8f584b6a1.js
IP 172.67.194.100:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 120 kB (120139 bytes)
Hash 82ac7656ddbff40a9c78f12cb195c479
f9b100cd323a287d4c2fa08ed7150cf3035ecb6a
04a4965d5f7f8ae80fbc7b74e89102b5f7b955a4cc65bd978dc66fa8d534b94f
GET /static/js/app.71aa2be727f8f584b6a1.js HTTP/1.1
Host: eb.fotini5trofim.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eb.fotini5trofim.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:59:51 GMT
content-type: application/javascript
last-modified: Thu, 06 Oct 2022 07:18:01 GMT
etag: W/"633e8129-a83fd"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5hgcvVbR3id3F8Gf3UeBU6Xf%2Fads8IBHHCi47eR3jAQry3FQOdlw6UJhs%2BlXSw8ZpuqbvPYaX2OUbJKutQLi6WPqRghLCtz4qAjYEecK8Jo18e2IjohWdGzG1rGIb4fhcQnPzkprtvT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7565c94fbe28fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F925ee025-58b0-436d-8cda-192ec7c44c33.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F925ee025-58b0-436d-8cda-192ec7c44c33.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae567a6922213a56f35ddc5d5cc1d0f1
fc49df76e8625d8542b0634bfcf12b8d6cda445c
135f25c0350ad26235447cdfba53a45e5d0f9f4c07a6c1e66dd2ed4a4a487f86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F925ee025-58b0-436d-8cda-192ec7c44c33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9995
x-amzn-requestid: 46d789c8-c830-4003-a752-472ee853a14b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi-GRZIAMFzag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-5d69f864308ea18c0440203e;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: AhetYWEoOD9HJelPo3_Uo1Jng9xDy_qbIwt1H-_Qyxxtcf0O52pYmw==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:43:40 GMT
age: 44171
etag: "fc49df76e8625d8542b0634bfcf12b8d6cda445c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F622cb832-8fef-4fe9-9445-c157aaf29d57.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F622cb832-8fef-4fe9-9445-c157aaf29d57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a3a09d5d16b53ee4490d882ed48c0075
ce9546b225787f1c765be9bbef42f585c83a10d3
ac27484dba78ee6657f5aa791999d4958ccdfba8e67a011f4ab4034fa235a26f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F622cb832-8fef-4fe9-9445-c157aaf29d57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6847
x-amzn-requestid: 9af16d4c-106c-4e8d-912b-e6f4fa44daa6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZkjcNHkAIAMFsDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e7f81-35fc285b7639a1a879d89f00;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 07:10:57 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 4d5W1LjWo-F3wimuYTXZo_pEZ8vIyXPZub9qQGHa5dmOGU_RBXlArw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 45d6a557ecb29942f314e3dd736d817a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 07:20:20 GMT
age: 9571
etag: "ce9546b225787f1c765be9bbef42f585c83a10d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ecd6748-5460-43cc-84b5-f33deb7cf126.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ecd6748-5460-43cc-84b5-f33deb7cf126.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6fb155a5d0fa0cebfa4cd03606f1f48c
c44cac382e2f2eb2b6ce35da6dfb37747d436d60
ca79a1bcc80f4e6fece82a0efb71a6c9af2b0b3d67b8f8c010a7f02ded6d2cfa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ecd6748-5460-43cc-84b5-f33deb7cf126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6900
x-amzn-requestid: 9c86242f-70de-4484-90eb-ef6d9e7cde10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmpMaFCIoAMFYdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f5582-79871c575f974721675e9cd2;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 22:24:02 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: dbKiRZRm7d978ZvK90nLjT8yFRQatSZvrjDdbCXtedMWi9DgMbhSjQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 04:22:08 GMT
age: 20263
etag: "c44cac382e2f2eb2b6ce35da6dfb37747d436d60"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f3ec27-4efa-459e-a0bf-ae28f5d2dd3d.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f3ec27-4efa-459e-a0bf-ae28f5d2dd3d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faa74f37d774e88f35e8d28397e066dc
6864ffbbeba98f1afdcc89c6588a21868bd33b4c
1c2f63843f2699f1c7a1df149d048dcc265387cbac9e6e9ca89ee7487a166ed8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f3ec27-4efa-459e-a0bf-ae28f5d2dd3d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8239
x-amzn-requestid: 82d6eec9-0b0a-4342-9805-da201179818c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zd9izGiRIAMF_rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633bdc78-4a82b86b2d75b9127b12415b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 07:10:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: d4GkQkVlHcLruEBQvyZ6T5ZSc7quxUully07xJ7_v4X3j2G_l7sbbw==
via: 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 07:11:13 GMT
age: 10118
etag: "6864ffbbeba98f1afdcc89c6588a21868bd33b4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f216d30-b6e9-4471-9b6f-86095d60e4b7.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f216d30-b6e9-4471-9b6f-86095d60e4b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b10a2c23d975a25e56610bef9644086f
8a67a3f5b1b3a4cf8009e7ed005d3a35fba26710
175ee7cf5908324bce2b244ee9e4a1c93139bb6813fb61d4423509161f4b8961
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f216d30-b6e9-4471-9b6f-86095d60e4b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4396
x-amzn-requestid: 0dd4fb48-52fd-4a26-b40b-0f6b263bffa4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmi-dGSpoAMF87Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b8f-75df75ca36fbf230397bdcb2;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:41:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: tcMpMcrC5NQAUhc4zfKjsFsMm1Aa1F6aqxajvY8N5GwCrNeZ7CyyHw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:50 GMT
age: 42661
etag: "8a67a3f5b1b3a4cf8009e7ed005d3a35fba26710"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: Vy9jQu1a8BGypY4C4u_9gao5wPEkVHgArhG2zMNdH8KfBS0lfmyHBA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57bd3a2d9e0e4cbf89d9eb3d7dfb916e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:43:40 GMT
age: 44171
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ecc594c8ad8a58175abca6f74592cad0
bc3eb5409877f214ca5d45c39d39754fd80997ae
4376e30946f541ed958cbbff449d18b6acb24608aa48fa078440cb99291dc7d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4204
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:59:52 GMT
Last-Modified: Fri, 07 Oct 2022 08:49:48 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
Hash 06c058a7a1637429cf2f9aa1bf362706
4cd8c7317fd5550c7d681cf61de2d1434d01c7b1
67e4f1d67b82df9d41d8fcc9ff677431a444becdabfb4ff74827152e6bbb84cf
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eb.fotini5trofim.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: aBohg24PaXWWWbqTYjn6Kh6GosZyMMChSR9at9PLtWfZtT6Sg5e2RTXfGU+3b1uwKbEI2KEILfPidVOe3b6PcA==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1904183273
date: Fri, 07 Oct 2022 09:59:52 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ecc594c8ad8a58175abca6f74592cad0
bc3eb5409877f214ca5d45c39d39754fd80997ae
4376e30946f541ed958cbbff449d18b6acb24608aa48fa078440cb99291dc7d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4204
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:59:52 GMT
Last-Modified: Fri, 07 Oct 2022 08:49:48 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 48cc8e283ddcd54c81b8a2cac64a2330
e32866e7920d1f0559160272b1f2c19cebd2b3ff
50ad10452a2f3c98ce0579b57f3b25f97617808faa5c51eb7b08f2723f30427f
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 09:59:52 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 11 Oct 2022 07:31:54 GMT
ETag: "e32866e7920d1f0559160272b1f2c19cebd2b3ff"
Last-Modified: Fri, 07 Oct 2022 07:31:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3531
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7565c9575f3bb4eb-OSL
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 77 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type JSON data\012- , Unicode text, UTF-8 text
Hash 04511b84a1482a1b38b0e3277936f4cd
414e0041000bf405ea415d62f3237658ea8fd817
e799d62380de1c54bf899486f1ad7b7f3053f1b2cede86a3af028163a76650a6
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eb.fotini5trofim.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73219
date: Fri, 07 Oct 2022 09:59:52 GMT
access-control-allow-origin: *
etag: "633fab48-11e03"
expires: Fri, 07 Oct 2022 10:59:52 GMT
last-modified: Fri, 07 Oct 2022 07:30:00 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eb.fotini5trofim.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 07 Oct 2022 09:59:52 GMT
access-control-allow-origin: *
etag: "633fab48-2b"
expires: Fri, 07 Oct 2022 10:59:52 GMT
accept-ranges: bytes
last-modified: Fri, 07 Oct 2022 07:30:00 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/73931623/1?wmode=7&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&page-ref=https%3A%2F%2Fyourpartnerclub.top%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A356%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1410790266698%3Ahid%3A674928856%3Az%3A0%3Ai%3A20221007095952%3Aet%3A1665136793%3Ac%3A1%3Arn%3A745437614%3Arqn%3A1%3Au%3A1665136793544470753%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A14%2C44%2C67%2C0%2C%2C0%2C%2C1023%2C0%2C%2C%2C%2C1164%3Ans%3A1665136790794%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665136793%3At%3A%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%D1%8B%D0%B8%D0%B3%D1%80%D1%8B%D1%88%D0%B0&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
77.88.21.119200 OK 435 B URL HTTP/2 mc.yandex.ru/watch/73931623/1?wmode=7&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&page-ref=https%3A%2F%2Fyourpartnerclub.top%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A356%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1410790266698%3Ahid%3A674928856%3Az%3A0%3Ai%3A20221007095952%3Aet%3A1665136793%3Ac%3A1%3Arn%3A745437614%3Arqn%3A1%3Au%3A1665136793544470753%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A14%2C44%2C67%2C0%2C%2C0%2C%2C1023%2C0%2C%2C%2C%2C1164%3Ans%3A1665136790794%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665136793%3At%3A%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%D1%8B%D0%B8%D0%B3%D1%80%D1%8B%D1%88%D0%B0&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (435), with no line terminators
Hash cba7ba7cb11537dd6a810af8d45458f5
c0971e481dfdb3dddbacec6b782297d96e5856d6
ec5a3fc4a33c766fe7d25523ca1a33cd5f67d8052a2747d86a79867a372bb3c7
GET /watch/73931623/1?wmode=7&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&page-ref=https%3A%2F%2Fyourpartnerclub.top%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A356%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1410790266698%3Ahid%3A674928856%3Az%3A0%3Ai%3A20221007095952%3Aet%3A1665136793%3Ac%3A1%3Arn%3A745437614%3Arqn%3A1%3Au%3A1665136793544470753%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A14%2C44%2C67%2C0%2C%2C0%2C%2C1023%2C0%2C%2C%2C%2C1164%3Ans%3A1665136790794%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665136793%3At%3A%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%D1%8B%D0%B8%D0%B3%D1%80%D1%8B%D1%88%D0%B0&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://eb.fotini5trofim.click
Referer: https://eb.fotini5trofim.click/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 435
date: Fri, 07 Oct 2022 09:59:53 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://eb.fotini5trofim.click
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 07-Oct-2022 09:59:53 GMT
last-modified: Fri, 07-Oct-2022 09:59:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/73931623?wmode=0&wv-part=1&wv-hit=674928856&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&rn=966701551&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1665136796%3Aw%3A1280x939%3Av%3A912%3Az%3A0%3Ai%3A20221007095955%3Au%3A1665136793544470753%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665136796&t=gdpr(14)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/73931623?wmode=0&wv-part=1&wv-hit=674928856&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&rn=966701551&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1665136796%3Aw%3A1280x939%3Av%3A912%3Az%3A0%3Ai%3A20221007095955%3Au%3A1665136793544470753%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665136796&t=gdpr(14)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/73931623?wmode=0&wv-part=1&wv-hit=674928856&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&rn=966701551&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1665136796%3Aw%3A1280x939%3Av%3A912%3Az%3A0%3Ai%3A20221007095955%3Au%3A1665136793544470753%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665136796&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 38610
Origin: https://eb.fotini5trofim.click
Connection: keep-alive
Referer: https://eb.fotini5trofim.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 07 Oct 2022 09:59:55 GMT
access-control-allow-origin: https://eb.fotini5trofim.click
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 07-Oct-2022 09:59:55 GMT
last-modified: Fri, 07-Oct-2022 09:59:55 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/73931623?wmode=0&wv-part=1&wv-hit=674928856&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&rn=156815539&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1665136796%3Aw%3A1280x939%3Av%3A912%3Az%3A0%3Ai%3A20221007095955%3Au%3A1665136793544470753%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665136796&t=gdpr(14)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/73931623?wmode=0&wv-part=1&wv-hit=674928856&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&rn=156815539&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1665136796%3Aw%3A1280x939%3Av%3A912%3Az%3A0%3Ai%3A20221007095955%3Au%3A1665136793544470753%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665136796&t=gdpr(14)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/73931623?wmode=0&wv-part=1&wv-hit=674928856&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&rn=156815539&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1665136796%3Aw%3A1280x939%3Av%3A912%3Az%3A0%3Ai%3A20221007095955%3Au%3A1665136793544470753%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665136796&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: https://eb.fotini5trofim.click
Connection: keep-alive
Referer: https://eb.fotini5trofim.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 07 Oct 2022 09:59:55 GMT
access-control-allow-origin: https://eb.fotini5trofim.click
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 07-Oct-2022 09:59:55 GMT
last-modified: Fri, 07-Oct-2022 09:59:55 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/73931623?wv-check=32349&wv-type=0&wmode=0&wv-part=1&wv-hit=674928856&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&rn=261324532&browser-info=gdpr%3A14%3Aet%3A1665136799%3Aw%3A1280x939%3Av%3A912%3Az%3A0%3Ai%3A20221007095958%3Au%3A1665136793544470753%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665136799&t=gdpr(14)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/73931623?wv-check=32349&wv-type=0&wmode=0&wv-part=1&wv-hit=674928856&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&rn=261324532&browser-info=gdpr%3A14%3Aet%3A1665136799%3Aw%3A1280x939%3Av%3A912%3Az%3A0%3Ai%3A20221007095958%3Au%3A1665136793544470753%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665136799&t=gdpr(14)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/73931623?wv-check=32349&wv-type=0&wmode=0&wv-part=1&wv-hit=674928856&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&rn=261324532&browser-info=gdpr%3A14%3Aet%3A1665136799%3Aw%3A1280x939%3Av%3A912%3Az%3A0%3Ai%3A20221007095958%3Au%3A1665136793544470753%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665136799&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 252
Origin: https://eb.fotini5trofim.click
Connection: keep-alive
Referer: https://eb.fotini5trofim.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 07 Oct 2022 09:59:58 GMT
access-control-allow-origin: https://eb.fotini5trofim.click
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 07-Oct-2022 09:59:58 GMT
last-modified: Fri, 07-Oct-2022 09:59:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/73931623?wmode=0&wv-part=2&wv-hit=674928856&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&rn=600067054&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1665136799%3Aw%3A1280x939%3Av%3A912%3Az%3A0%3Ai%3A20221007095958%3Au%3A1665136793544470753%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665136799&t=gdpr(14)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/73931623?wmode=0&wv-part=2&wv-hit=674928856&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&rn=600067054&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1665136799%3Aw%3A1280x939%3Av%3A912%3Az%3A0%3Ai%3A20221007095958%3Au%3A1665136793544470753%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665136799&t=gdpr(14)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/73931623?wmode=0&wv-part=2&wv-hit=674928856&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&rn=600067054&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1665136799%3Aw%3A1280x939%3Av%3A912%3Az%3A0%3Ai%3A20221007095958%3Au%3A1665136793544470753%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665136799&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: https://eb.fotini5trofim.click
Connection: keep-alive
Referer: https://eb.fotini5trofim.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 07 Oct 2022 09:59:58 GMT
access-control-allow-origin: https://eb.fotini5trofim.click
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 07-Oct-2022 09:59:58 GMT
last-modified: Fri, 07-Oct-2022 09:59:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/73931623?wmode=0&wv-part=2&wv-hit=674928856&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&rn=44264988&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1665136799%3Aw%3A1280x939%3Av%3A912%3Az%3A0%3Ai%3A20221007095958%3Au%3A1665136793544470753%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665136799&t=gdpr(14)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/73931623?wmode=0&wv-part=2&wv-hit=674928856&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&rn=44264988&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1665136799%3Aw%3A1280x939%3Av%3A912%3Az%3A0%3Ai%3A20221007095958%3Au%3A1665136793544470753%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665136799&t=gdpr(14)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/73931623?wmode=0&wv-part=2&wv-hit=674928856&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&rn=44264988&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1665136799%3Aw%3A1280x939%3Av%3A912%3Az%3A0%3Ai%3A20221007095958%3Au%3A1665136793544470753%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665136799&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 15
Origin: https://eb.fotini5trofim.click
Connection: keep-alive
Referer: https://eb.fotini5trofim.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 07 Oct 2022 09:59:58 GMT
access-control-allow-origin: https://eb.fotini5trofim.click
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 07-Oct-2022 09:59:58 GMT
last-modified: Fri, 07-Oct-2022 09:59:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16339989f5c6c229a3dcc0ed1e52032f
a1ea26d6e4eb4a72cc8c87100b40035dab69d285
16703f888ee6f974bb89e1c4c16a75186b31b64130abcd1a3bcd3741159d912c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13437
x-amzn-requestid: ec801fbc-c339-46ce-ac5f-18d064e5ef21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_HdeoAMFyOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-02b52b770e6e76cf52b26e47;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Iesqk_XbGiZE-n3mTa1_1WtlXiyEqz-4qfyt3_609O1eujdLcFu3zA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:47:25 GMT
age: 43953
etag: "a1ea26d6e4eb4a72cc8c87100b40035dab69d285"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/73931623?wv-check=44909&wv-type=0&wmode=0&wv-part=2&wv-hit=674928856&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&rn=780089020&browser-info=gdpr%3A14%3Aet%3A1665136799%3Aw%3A1280x939%3Av%3A912%3Az%3A0%3Ai%3A20221007095958%3Au%3A1665136793544470753%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665136799&t=gdpr(14)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/73931623?wv-check=44909&wv-type=0&wmode=0&wv-part=2&wv-hit=674928856&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&rn=780089020&browser-info=gdpr%3A14%3Aet%3A1665136799%3Aw%3A1280x939%3Av%3A912%3Az%3A0%3Ai%3A20221007095958%3Au%3A1665136793544470753%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665136799&t=gdpr(14)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/73931623?wv-check=44909&wv-type=0&wmode=0&wv-part=2&wv-hit=674928856&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&rn=780089020&browser-info=gdpr%3A14%3Aet%3A1665136799%3Aw%3A1280x939%3Av%3A912%3Az%3A0%3Ai%3A20221007095958%3Au%3A1665136793544470753%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665136799&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 12
Origin: https://eb.fotini5trofim.click
Connection: keep-alive
Referer: https://eb.fotini5trofim.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 07 Oct 2022 09:59:58 GMT
access-control-allow-origin: https://eb.fotini5trofim.click
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 07-Oct-2022 09:59:58 GMT
last-modified: Fri, 07-Oct-2022 09:59:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
eb.fotini5trofim.click/static/js/manifest.2ae2e69a05c33dfc65f8.js
172.67.194.100200 OK 0 B URL HTTP/2 eb.fotini5trofim.click/static/js/manifest.2ae2e69a05c33dfc65f8.js
IP 172.67.194.100:0
GET /static/js/manifest.2ae2e69a05c33dfc65f8.js HTTP/1.1
Host: eb.fotini5trofim.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eb.fotini5trofim.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:59:51 GMT
content-type: application/javascript
last-modified: Thu, 06 Oct 2022 07:18:01 GMT
etag: W/"633e8129-31f"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abrKlrKclB2z6UbcsBDYGK0JHUTp5RTu51uNH2YpvP2F8FtbWx9Nv%2BXW9yVA6wlANRUJpcjGJ6QLhkLT5MwBj3bV2oZwW%2BzUC%2Fm2wehi9gtTa9jgReRQJ5SxjdJXfJc0md0mA0mQn%2FNj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7565c94fbe24fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/73931623?wmode=7&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&page-ref=https%3A%2F%2Fyourpartnerclub.top%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A356%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1410790266698%3Ahid%3A674928856%3Az%3A0%3Ai%3A20221007095952%3Aet%3A1665136793%3Ac%3A1%3Arn%3A745437614%3Arqn%3A1%3Au%3A1665136793544470753%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A14%2C44%2C67%2C0%2C%2C0%2C%2C1023%2C0%2C%2C%2C%2C1164%3Ans%3A1665136790794%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665136793%3At%3A%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%D1%8B%D0%B8%D0%B3%D1%80%D1%8B%D1%88%D0%B0&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
77.88.21.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/73931623?wmode=7&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&page-ref=https%3A%2F%2Fyourpartnerclub.top%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A356%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1410790266698%3Ahid%3A674928856%3Az%3A0%3Ai%3A20221007095952%3Aet%3A1665136793%3Ac%3A1%3Arn%3A745437614%3Arqn%3A1%3Au%3A1665136793544470753%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A14%2C44%2C67%2C0%2C%2C0%2C%2C1023%2C0%2C%2C%2C%2C1164%3Ans%3A1665136790794%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665136793%3At%3A%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%D1%8B%D0%B8%D0%B3%D1%80%D1%8B%D1%88%D0%B0&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 77.88.21.119:0
GET /watch/73931623?wmode=7&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&page-ref=https%3A%2F%2Fyourpartnerclub.top%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A356%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1410790266698%3Ahid%3A674928856%3Az%3A0%3Ai%3A20221007095952%3Aet%3A1665136793%3Ac%3A1%3Arn%3A745437614%3Arqn%3A1%3Au%3A1665136793544470753%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A14%2C44%2C67%2C0%2C%2C0%2C%2C1023%2C0%2C%2C%2C%2C1164%3Ans%3A1665136790794%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665136793%3At%3A%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%D1%8B%D0%B8%D0%B3%D1%80%D1%8B%D1%88%D0%B0&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://eb.fotini5trofim.click
Connection: keep-alive
Referer: https://eb.fotini5trofim.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/73931623/1?wmode=7&page-url=https%3A%2F%2Feb.fotini5trofim.click%2F&page-ref=https%3A%2F%2Fyourpartnerclub.top%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A356%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1410790266698%3Ahid%3A674928856%3Az%3A0%3Ai%3A20221007095952%3Aet%3A1665136793%3Ac%3A1%3Arn%3A745437614%3Arqn%3A1%3Au%3A1665136793544470753%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A14%2C44%2C67%2C0%2C%2C0%2C%2C1023%2C0%2C%2C%2C%2C1164%3Ans%3A1665136790794%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665136793%3At%3A%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%D1%8B%D0%B8%D0%B3%D1%80%D1%8B%D1%88%D0%B0&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 07 Oct 2022 09:59:52 GMT
access-control-allow-origin: https://eb.fotini5trofim.click
set-cookie: yandexuid=707863271665136792; Expires=Sat, 07-Oct-2023 09:59:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=707863271665136792; Expires=Sat, 07-Oct-2023 09:59:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2238679521665136792; Path=/; SameSite=None; Secure
i=HrJeCl8TibIzQDU3Co9x2sFEbHOzeoSSiSkKgYYlAOFtTsRk348BzyXvAz1Hk8O7hKl4ydvS6sEysWeqaq/f+aEqekY=; Expires=Mon, 04-Oct-2032 09:59:51 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1696672792.yrts.1665136792#1696672792.yrtsi.1665136792; Expires=Sat, 07-Oct-2023 09:59:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 07-Oct-2022 09:59:52 GMT
last-modified: Fri, 07-Oct-2022 09:59:52 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
yourpartnerclub.top/z033?tds=1
172.67.153.105200 OK 0 B URL HTTP/2 yourpartnerclub.top/z033?tds=1
IP 172.67.153.105:0
Analyzer Verdict Alert fortinet Phishing
GET /z033?tds=1 HTTP/1.1
Host: yourpartnerclub.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:59:50 GMT
content-type: text/html; charset=utf-8
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=i2aFoXefESsxAjUf22Sn; Domain=.yourpartnerclub.top; HttpOnly; Path=/; Expires=Sat, 07-Oct-2023 09:59:50 GMT
cookieID=387; expires=Sun, 06-Nov-2022 09:59:50 GMT; Max-Age=2592000; path=/; domain=yourpartnerclub.top
strict-transport-security: max-age=15768000; includeSubdomains; preload
access-control-allow-origin: *
x-frame-options: ALLOWALL
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FR6S5qVVpv6lWsj1anxOlxk0peHCrj75tQwr1gT%2FwOTPl6tQtF7xY7CxI8GeyK1CV7%2BG8lG0cVkG2o5wHf%2B%2B6vywA3ritYeVfLJJInhnyPrgY%2BdSUlr6w%2BJylR0CqYHD8h3Vaeg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7565c94c290cb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
eb.fotini5trofim.click/
172.67.194.100200 OK 0 B IP 172.67.194.100:0
GET / HTTP/1.1
Host: eb.fotini5trofim.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yourpartnerclub.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:59:50 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Byd33%2FreUQXglQmMYBdaw7lUXXRfUwKwlYdw7yNPIC40ilIk1ARrMH41tSGulGA8EvRTVUZKOEvKoiC3sbNuKbVJmUGznwvefxpGPGsKfKoalS3XUfb2L2fR2gtGeoVDVTDGtZuD%2BtcK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7565c94f0dc1fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2