hottime4you.com/ol/all/fr/ms/2-442857/?cep=QciIzB3MwWdfVG6iDXd5xQ-Fc49NiF8pz9Mwt6r5b_gjlvCSjw3l7dNi3JYrdPQG4uyXqEItAYSNShBXyWhNzlkJ0r26gSQhs-2519OXDuLD40BTqp_Q8qV9AdaOiZJXUyh7jiNh7xZVRmey8IZFqdvVwZFj7z3mxVEnZSQgw8aemzG3wGegZ0QXuXl03cnYgS2SqQwF7eW2XhVsz9J0dr-V34qkcRBnoECVq149sHM53KqT6wJFd0nd9UBCUq6yAzvGcI7UBFH0J8q6INU_6CBjGknRbLrUxuV9DcHmYSazwETC-V_wr9P7WFbzVeNIQipgcagRExatt1Nd-7A3ZckU0LvXw7x8pYuP5wEWMkDQoNGdOZcGN7tX6QTkWGTs&lptoken=1685675969d3390c395c
200 OK 5.4 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/?cep=QciIzB3MwWdfVG6iDXd5xQ-Fc49NiF8pz9Mwt6r5b_gjlvCSjw3l7dNi3JYrdPQG4uyXqEItAYSNShBXyWhNzlkJ0r26gSQhs-2519OXDuLD40BTqp_Q8qV9AdaOiZJXUyh7jiNh7xZVRmey8IZFqdvVwZFj7z3mxVEnZSQgw8aemzG3wGegZ0QXuXl03cnYgS2SqQwF7eW2XhVsz9J0dr-V34qkcRBnoECVq149sHM53KqT6wJFd0nd9UBCUq6yAzvGcI7UBFH0J8q6INU_6CBjGknRbLrUxuV9DcHmYSazwETC-V_wr9P7WFbzVeNIQipgcagRExatt1Nd-7A3ZckU0LvXw7x8pYuP5wEWMkDQoNGdOZcGN7tX6QTkWGTs&lptoken=1685675969d3390c395c
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash de882d77d62af185e5b7ec126c32d8cd
8b949663d997a4eabbf0446522d143e9c9938c34
7624cad312dd078cc8b3c8b16f43548b8a89d95aab67dee410424b88f93aed4a
GET /ol/all/fr/ms/2-442857/?cep=QciIzB3MwWdfVG6iDXd5xQ-Fc49NiF8pz9Mwt6r5b_gjlvCSjw3l7dNi3JYrdPQG4uyXqEItAYSNShBXyWhNzlkJ0r26gSQhs-2519OXDuLD40BTqp_Q8qV9AdaOiZJXUyh7jiNh7xZVRmey8IZFqdvVwZFj7z3mxVEnZSQgw8aemzG3wGegZ0QXuXl03cnYgS2SqQwF7eW2XhVsz9J0dr-V34qkcRBnoECVq149sHM53KqT6wJFd0nd9UBCUq6yAzvGcI7UBFH0J8q6INU_6CBjGknRbLrUxuV9DcHmYSazwETC-V_wr9P7WFbzVeNIQipgcagRExatt1Nd-7A3ZckU0LvXw7x8pYuP5wEWMkDQoNGdOZcGN7tX6QTkWGTs&lptoken=1685675969d3390c395c HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 23:49:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJlnYNnHJvMsIi1fhZTF4R0LixFKlFdHZA6Hs8oYj724mct%2B%2FVcM3eLFuLjjloeBf2yAzj1MKW8iYjRA29gTsbpkMzqwfKts3mlE71y2ePOz3aAKoURs36%2BMgZbUereBA%2Bw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76597c118ee8b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8286265a56e3e10efd41b41618a54071
5f10ac9a050e15f5598674dc7ee3865b325d01a8
2da2fa0b2b86ccc4029d0baa4e9c5b21a6433228b84b451b72b1d318561d4ef2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2DA2FA0B2B86CCC4029D0BAA4E9C5B21A6433228B84B451B72B1D318561D4EF2"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10763
Expires: Sun, 06 Nov 2022 02:48:35 GMT
Date: Sat, 05 Nov 2022 23:49:12 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6081
Cache-Control: max-age=127393
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 23:49:12 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 11:12:25 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6081
Cache-Control: max-age=127393
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 23:49:12 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 11:12:25 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 078950c3ba9ad01927f3da494b1d1de4
443c8a8247e4e3e04c14d21e0227fc4e8f396142
dd5dd09fec51669adf36b3014bbf65d7bff608f72018d037f9ed9b414675037c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD5DD09FEC51669ADF36B3014BBF65D7BFF608F72018D037F9ED9B414675037C"
Last-Modified: Fri, 04 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10699
Expires: Sun, 06 Nov 2022 02:47:31 GMT
Date: Sat, 05 Nov 2022 23:49:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ribO7n5JaluMdQNm/71/+t7xDuXJTg77D59L3a5Ua7XyQMM1Ls/oP118UTDn94tyc7/Qql6dybg=
x-amz-request-id: XRPVTV4BJE6ZBGT9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 05 Nov 2022 23:47:24 GMT
age: 108
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
static.production.almightypush.com/mng/channels/init.min.js?ver=1651138969
200 OK 22 kB URL HTTP/2 static.production.almightypush.com/mng/channels/init.min.js?ver=1651138969
IP
Hash 2ea196bb9d9670ec138eb0c8c23e6696
b0876fd8c0c56c5d34368c16a829c040c23cbaba
1475c052ae8dbc220775cd44b20e508e38db9f09168c57d4a73e0a9027f252f7
GET /mng/channels/init.min.js?ver=1651138969 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 21924
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 05 Nov 2022 05:46:13 GMT
etag: "2ea196bb9d9670ec138eb0c8c23e6696"
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: F_W6YZQE2we2C2pm8tNly29Gt7KJ3DE0KhkdCqyQHJqjeV78zC7mMg==
age: 70625
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 23:49:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
static.production.almightypush.com/mng/subs_window.css?ver=1651138969
200 OK 6.9 kB URL HTTP/2 static.production.almightypush.com/mng/subs_window.css?ver=1651138969
IP
Hash bd7dbae15f904a4e1213439ebfefddbe
9f7a33b3d6e7965d8b99f0ff56cbf2e2ebb8f78e
30c08f3bb42d9a16155c65fbc952430048e4a84be70b98cb989b2dc977b49f8a
GET /mng/subs_window.css?ver=1651138969 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 6945
date: Sat, 05 Nov 2022 02:24:39 GMT
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
etag: "bd7dbae15f904a4e1213439ebfefddbe"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: anLJ2XpKKxI9dLxbaxrax8sSo18lrQnR6v93YWfmFGdqxlHm3b4wVg==
age: 77075
X-Firefox-Spdy: h2
hottime4you.com/ol/all/fr/ms/2-442857/js/backoffer.js
200 OK 230 B URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/js/backoffer.js
IP
File type ASCII text, with very long lines (430), with no line terminators
Hash d1d761e3721375472889577260906f9c
c5e6e54e8b6b84af216d867dca79eb00c2819e42
de8798dd7447b4651ec2d44931c15ceb0d3e5099997b2ddc2452d3f95092a1a2
Analyzer Verdict Alert fortinet Malware
GET /ol/all/fr/ms/2-442857/js/backoffer.js HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=QciIzB3MwWdfVG6iDXd5xQ-Fc49NiF8pz9Mwt6r5b_gjlvCSjw3l7dNi3JYrdPQG4uyXqEItAYSNShBXyWhNzlkJ0r26gSQhs-2519OXDuLD40BTqp_Q8qV9AdaOiZJXUyh7jiNh7xZVRmey8IZFqdvVwZFj7z3mxVEnZSQgw8aemzG3wGegZ0QXuXl03cnYgS2SqQwF7eW2XhVsz9J0dr-V34qkcRBnoECVq149sHM53KqT6wJFd0nd9UBCUq6yAzvGcI7UBFH0J8q6INU_6CBjGknRbLrUxuV9DcHmYSazwETC-V_wr9P7WFbzVeNIQipgcagRExatt1Nd-7A3ZckU0LvXw7x8pYuP5wEWMkDQoNGdOZcGN7tX6QTkWGTs&lptoken=1685675969d3390c395c
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 23:49:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 19 Apr 2016 09:53:16 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxpsvG7hqiHp6Nq2U942myfXOAnL14rNuaLKWKqCEKgSLF0SnUOzSpnMv%2BdjXc2uBXjA73tAmwtLRVoVkFBioOOQXpsmITTzuDVN%2Bm3w2nUxzKam7aPgBt47rDs%2BAzpmlYk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76597c145ecb0b06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3a282a7f6a365d977640d70211924a55
dea8a879eef67cb540f7cd47b8cd2ad1da54e06f
dd0d78192e6e566cf6bc0868fe4ab296478f8b5a341199951432e3fe357bafc3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD0D78192E6E566CF6BC0868FE4AB296478F8B5A341199951432E3FE357BAFC3"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21074
Expires: Sun, 06 Nov 2022 05:40:27 GMT
Date: Sat, 05 Nov 2022 23:49:13 GMT
Connection: keep-alive
hottime4you.com/ol/all/fr/ms/2-442857/js/jquery.js?4
200 OK 34 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/js/jquery.js?4
IP
File type ASCII text, with very long lines (32086)
Hash 35838f7f4d8467ad30b25d6e4019f331
61e29db5c5120ce27518533cf9143f7d73c19656
36bb24f3dc82acc8ea2329b4b11fac097a67efeff94c9f11c8e92edfedf5f925
GET /ol/all/fr/ms/2-442857/js/jquery.js?4 HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=QciIzB3MwWdfVG6iDXd5xQ-Fc49NiF8pz9Mwt6r5b_gjlvCSjw3l7dNi3JYrdPQG4uyXqEItAYSNShBXyWhNzlkJ0r26gSQhs-2519OXDuLD40BTqp_Q8qV9AdaOiZJXUyh7jiNh7xZVRmey8IZFqdvVwZFj7z3mxVEnZSQgw8aemzG3wGegZ0QXuXl03cnYgS2SqQwF7eW2XhVsz9J0dr-V34qkcRBnoECVq149sHM53KqT6wJFd0nd9UBCUq6yAzvGcI7UBFH0J8q6INU_6CBjGknRbLrUxuV9DcHmYSazwETC-V_wr9P7WFbzVeNIQipgcagRExatt1Nd-7A3ZckU0LvXw7x8pYuP5wEWMkDQoNGdOZcGN7tX6QTkWGTs&lptoken=1685675969d3390c395c
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 23:49:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 16 May 2022 14:13:26 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKZmfqQQ%2FEtn57uA7UwhUg%2BCLNRvYQvuLRLcY7kCw5a7S4uge7tPBxqeIa652NNmtzMJS%2BIP6p2U4sv1wwQmTwTpjt7pK%2FWuaXnOZ8oVaNLQdbgtVW7dn4EBIy%2FAYvtfx94%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76597c142957b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 986b9f19462948e05d95add32a72b139
1193378b1c3e33a9e83a5c15806df790998d0a3d
9952d06d9f5a971f1f3e60e6ec81e1cfd50bb1384d237a50d9f0f2b7e76df0da
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100032
Date: Sat, 05 Nov 2022 23:49:13 GMT
Etag: "6365da39-1d7"
Expires: Mon, 07 Nov 2022 03:36:25 GMT
Last-Modified: Sat, 05 Nov 2022 03:36:25 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WfkLFepipAJjJs6uC9c7YDoLnGpehjaey4mz3XrcSd52Eg0tn0c9tg==
static.production.almightypush.com/mng/subs_window.js?ver=1651138969
200 OK 20 kB URL HTTP/2 static.production.almightypush.com/mng/subs_window.js?ver=1651138969
IP
Hash ae593f4be1dd1f0710123918b49c4933
66fbe30bb873e0a47d3d72e737d68aa4b6916c26
fdf9ff3f74dcf11d0fa456dcd53cb21550f67f0cfdc11dc29bef595f07b56206
GET /mng/subs_window.js?ver=1651138969 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 19491
date: Sat, 05 Nov 2022 01:14:29 GMT
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
etag: "ae593f4be1dd1f0710123918b49c4933"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K_Ma3LCn2nRQSD2mD9rMCeHEHABQCz-G2PejCkpnIVpl2BhpvjZWUQ==
age: 81285
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
IP
Hash a0a9e479f916ce77a9d100547d84ddc0
e98ca822cd55856ef64182be619b29453fd4f1e2
48dab30fd5079934c34df2645759e1aa5d9f19c023416720381f2701e3dcd399
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 23:49:13 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash db63d54b77502dd6c7bdc792d4fd093e
026ad8186833988279468829c004c6e2a2f2626f
eff89ef67baa622e8a196ffcadc44d29aafff009bb531da3e979a1f47c3b1c36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5225
Cache-Control: max-age=121479
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 23:49:13 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 09:33:52 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
hottime4you.com/ol/all/fr/ms/2-442857/images/logo.svg
200 OK 4.1 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/logo.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (11634)
Hash 9a783caa8a8251f36166178a67f47a11
9ea6e5b928c5b8f30098cb450e7cc150bb9ec52e
83070d8dfd1a7ee1a070fe1bce65a715f94912c19820cc01dab6d2b0dc0eeea4
Analyzer Verdict Alert fortinet Malware
GET /ol/all/fr/ms/2-442857/images/logo.svg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=QciIzB3MwWdfVG6iDXd5xQ-Fc49NiF8pz9Mwt6r5b_gjlvCSjw3l7dNi3JYrdPQG4uyXqEItAYSNShBXyWhNzlkJ0r26gSQhs-2519OXDuLD40BTqp_Q8qV9AdaOiZJXUyh7jiNh7xZVRmey8IZFqdvVwZFj7z3mxVEnZSQgw8aemzG3wGegZ0QXuXl03cnYgS2SqQwF7eW2XhVsz9J0dr-V34qkcRBnoECVq149sHM53KqT6wJFd0nd9UBCUq6yAzvGcI7UBFH0J8q6INU_6CBjGknRbLrUxuV9DcHmYSazwETC-V_wr9P7WFbzVeNIQipgcagRExatt1Nd-7A3ZckU0LvXw7x8pYuP5wEWMkDQoNGdOZcGN7tX6QTkWGTs&lptoken=1685675969d3390c395c
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 23:49:13 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2B1PQNsd%2BHmn7xGxCEqXIY0U9qpndlk6KUq4o40edjvEt2hDj6XYBbNgUbQTQh9jh9J0oelyinkSIW0Q%2Bl%2BtnqlzShlS%2BCcdCieOXmu0nmkkOKZ%2FYd4U5%2F6C2sibs33dnzg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76597c17fa040b06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 23:49:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
200 OK 42 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 42336, version 1.0\012- data
Hash fe744073b54b3ba4efbf59b75be93667
737e9cf2c8d55812d1b2290e2146a43e0cefa6c8
c640c6d4c7104b09736c8a8c26f666305963273ffcba78e63b7a06451461cc55
GET /s/raleway/v22/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hottime4you.com
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 42336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 04:50:41 GMT
expires: Sat, 04 Nov 2023 04:50:41 GMT
cache-control: public, max-age=31536000
age: 154712
last-modified: Tue, 29 Jun 2021 19:44:26 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hottime4you.com/ol/all/fr/ms/2-442857/images/hookup.svg
404 Not Found 238 B URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/hookup.svg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert fortinet Malware
GET /ol/all/fr/ms/2-442857/images/hookup.svg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=QciIzB3MwWdfVG6iDXd5xQ-Fc49NiF8pz9Mwt6r5b_gjlvCSjw3l7dNi3JYrdPQG4uyXqEItAYSNShBXyWhNzlkJ0r26gSQhs-2519OXDuLD40BTqp_Q8qV9AdaOiZJXUyh7jiNh7xZVRmey8IZFqdvVwZFj7z3mxVEnZSQgw8aemzG3wGegZ0QXuXl03cnYgS2SqQwF7eW2XhVsz9J0dr-V34qkcRBnoECVq149sHM53KqT6wJFd0nd9UBCUq6yAzvGcI7UBFH0J8q6INU_6CBjGknRbLrUxuV9DcHmYSazwETC-V_wr9P7WFbzVeNIQipgcagRExatt1Nd-7A3ZckU0LvXw7x8pYuP5wEWMkDQoNGdOZcGN7tX6QTkWGTs&lptoken=1685675969d3390c395c
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Sat, 05 Nov 2022 23:49:13 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiUrXG3VA3cdL8hbdaYFjOYDhb1hSrb6Cn8uskylm3or1h6wG%2Ffmxak%2Fl0jlIf3QQe7ql9WwKBVOqUM67K6LITTx%2BhHsevhNW2tFDW3ErS67bBPAJ%2BjR38Mw06Inl4DIU9Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76597c1838b8b50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/fr/ms/2-442857/images/serious.svg
404 Not Found 238 B URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/serious.svg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert fortinet Malware
GET /ol/all/fr/ms/2-442857/images/serious.svg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=QciIzB3MwWdfVG6iDXd5xQ-Fc49NiF8pz9Mwt6r5b_gjlvCSjw3l7dNi3JYrdPQG4uyXqEItAYSNShBXyWhNzlkJ0r26gSQhs-2519OXDuLD40BTqp_Q8qV9AdaOiZJXUyh7jiNh7xZVRmey8IZFqdvVwZFj7z3mxVEnZSQgw8aemzG3wGegZ0QXuXl03cnYgS2SqQwF7eW2XhVsz9J0dr-V34qkcRBnoECVq149sHM53KqT6wJFd0nd9UBCUq6yAzvGcI7UBFH0J8q6INU_6CBjGknRbLrUxuV9DcHmYSazwETC-V_wr9P7WFbzVeNIQipgcagRExatt1Nd-7A3ZckU0LvXw7x8pYuP5wEWMkDQoNGdOZcGN7tX6QTkWGTs&lptoken=1685675969d3390c395c
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Sat, 05 Nov 2022 23:49:13 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SleXx8%2FWI0iZfRbmPsECutAH3oOUcnyPey19NfYyXjUYktXswaNRLXqMGA4ijr9%2FZLYrLXy0XJK6WIixvCDhwf1N%2FjefVFkFhudb625hJ%2BqkL4hWx%2B55OjJ2BBkvALgjzI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76597c183af4b503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 23:49:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hottime4you.com/ol/all/fr/ms/2-442857/images/onlinesex.svg
404 Not Found 238 B URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/onlinesex.svg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert fortinet Malware
GET /ol/all/fr/ms/2-442857/images/onlinesex.svg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=QciIzB3MwWdfVG6iDXd5xQ-Fc49NiF8pz9Mwt6r5b_gjlvCSjw3l7dNi3JYrdPQG4uyXqEItAYSNShBXyWhNzlkJ0r26gSQhs-2519OXDuLD40BTqp_Q8qV9AdaOiZJXUyh7jiNh7xZVRmey8IZFqdvVwZFj7z3mxVEnZSQgw8aemzG3wGegZ0QXuXl03cnYgS2SqQwF7eW2XhVsz9J0dr-V34qkcRBnoECVq149sHM53KqT6wJFd0nd9UBCUq6yAzvGcI7UBFH0J8q6INU_6CBjGknRbLrUxuV9DcHmYSazwETC-V_wr9P7WFbzVeNIQipgcagRExatt1Nd-7A3ZckU0LvXw7x8pYuP5wEWMkDQoNGdOZcGN7tX6QTkWGTs&lptoken=1685675969d3390c395c
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Sat, 05 Nov 2022 23:49:13 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPFENXInO6WipeehBOUCFeoQzB9L7sTVp0iA4y8B6dQiRS99iAIQF14fUlf6Bd3UaI5V7kI43qQvH16BNak17vKO5nqf2b0iwg0baankUnEnqHBWFUHujOLUujc%2Bk3Ri2iY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76597c18b946b50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/fr/ms/2-442857/images/serious-desktop.jpg
200 OK 67 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/serious-desktop.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x1080, components 3\012- data
Hash 112fc3ea157bf79b88786de55a3be1b8
a7211bb35cdeefd3959d82ab942e1b2886d36756
30ba0d70d139e457f946a920859d706cdcf3aa9f920eeb1fab2b964e35d387b5
GET /ol/all/fr/ms/2-442857/images/serious-desktop.jpg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=QciIzB3MwWdfVG6iDXd5xQ-Fc49NiF8pz9Mwt6r5b_gjlvCSjw3l7dNi3JYrdPQG4uyXqEItAYSNShBXyWhNzlkJ0r26gSQhs-2519OXDuLD40BTqp_Q8qV9AdaOiZJXUyh7jiNh7xZVRmey8IZFqdvVwZFj7z3mxVEnZSQgw8aemzG3wGegZ0QXuXl03cnYgS2SqQwF7eW2XhVsz9J0dr-V34qkcRBnoECVq149sHM53KqT6wJFd0nd9UBCUq6yAzvGcI7UBFH0J8q6INU_6CBjGknRbLrUxuV9DcHmYSazwETC-V_wr9P7WFbzVeNIQipgcagRExatt1Nd-7A3ZckU0LvXw7x8pYuP5wEWMkDQoNGdOZcGN7tX6QTkWGTs&lptoken=1685675969d3390c395c
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 23:49:13 GMT
Content-Type: image/jpeg
Content-Length: 67016
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sYu2YEbLwf%2F%2BImRIxpcrC1%2BsxeeQShtf9CI6VTQSi8jaRz07NjMwjBaHFPNTNzGB0%2F0ZzRz8sLRVnWf69p1KrSKDiPoPVS0cApbJoOHZhOMD82U2j1VfRkjxeIL9zZ8O3M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76597c183dbcb518-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/fr/ms/2-442857/images/onlinesex-desktop.jpg
200 OK 63 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/onlinesex-desktop.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x1080, components 3\012- data
Hash 0d79ffb95618867cdef5f21e4f43ae77
0de5b35006c41fce8d81f704acd05e82199a8ef9
61a54e2fd489a966a4e217a4206849ca86c909b7604bf365135525d2e3a3a8ae
GET /ol/all/fr/ms/2-442857/images/onlinesex-desktop.jpg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=QciIzB3MwWdfVG6iDXd5xQ-Fc49NiF8pz9Mwt6r5b_gjlvCSjw3l7dNi3JYrdPQG4uyXqEItAYSNShBXyWhNzlkJ0r26gSQhs-2519OXDuLD40BTqp_Q8qV9AdaOiZJXUyh7jiNh7xZVRmey8IZFqdvVwZFj7z3mxVEnZSQgw8aemzG3wGegZ0QXuXl03cnYgS2SqQwF7eW2XhVsz9J0dr-V34qkcRBnoECVq149sHM53KqT6wJFd0nd9UBCUq6yAzvGcI7UBFH0J8q6INU_6CBjGknRbLrUxuV9DcHmYSazwETC-V_wr9P7WFbzVeNIQipgcagRExatt1Nd-7A3ZckU0LvXw7x8pYuP5wEWMkDQoNGdOZcGN7tX6QTkWGTs&lptoken=1685675969d3390c395c
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 23:49:13 GMT
Content-Type: image/jpeg
Content-Length: 62777
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBRn5lblvi%2Bwv3iimEwUtp%2FlrJKs%2BvUrQR4rHRkaCr5KgDUi%2FPl6zHXSGxvS7r8ZfG9n2C%2FJ3DuVrfFbvPFopuFzvjLU8tX%2FODVm0BmtRl9ZDRZySplF1iHTwkSK%2BJ4hZUY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76597c187a660b06-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/fr/ms/2-442857/images/hookup-desktop.jpg
200 OK 62 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/hookup-desktop.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x1080, components 3\012- data
Hash 8f587d707f7e18f994af0453be2c68d7
52daab9a9944d9b0d2348c9409b1d160aafcd18c
0a2ce539eadc90769ad5c0cf4e49d8b9d3b2046f03df1cbd95b6e498db3183ac
GET /ol/all/fr/ms/2-442857/images/hookup-desktop.jpg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=QciIzB3MwWdfVG6iDXd5xQ-Fc49NiF8pz9Mwt6r5b_gjlvCSjw3l7dNi3JYrdPQG4uyXqEItAYSNShBXyWhNzlkJ0r26gSQhs-2519OXDuLD40BTqp_Q8qV9AdaOiZJXUyh7jiNh7xZVRmey8IZFqdvVwZFj7z3mxVEnZSQgw8aemzG3wGegZ0QXuXl03cnYgS2SqQwF7eW2XhVsz9J0dr-V34qkcRBnoECVq149sHM53KqT6wJFd0nd9UBCUq6yAzvGcI7UBFH0J8q6INU_6CBjGknRbLrUxuV9DcHmYSazwETC-V_wr9P7WFbzVeNIQipgcagRExatt1Nd-7A3ZckU0LvXw7x8pYuP5wEWMkDQoNGdOZcGN7tX6QTkWGTs&lptoken=1685675969d3390c395c
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 23:49:13 GMT
Content-Type: image/jpeg
Content-Length: 61848
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKKA0NLhcjIpL3bxaeGZvjNPWTpBreyy%2BBzt%2BAvrgnh112yvtlKzTEHpXpOAbCOxlNZRlsgJ%2FXtNnzhfoP2Fmp5KCGyFMP4O0kVC%2FNue%2Ft1ouyqsv1O%2BQcS11oNV9rjhqpY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76597c183cf30b59-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/fr/ms/2-442857/images/back-laststep-desktop.jpg
200 OK 84 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/back-laststep-desktop.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Hash e431ac80dda05f7e37ada8ed197a9652
74056d9a5976eca4566cd43e419d406a2512afd6
5e2882cf781a0d9768e563e46e9f2ba10510cd42c1c6d9228727ce5fdda3844a
GET /ol/all/fr/ms/2-442857/images/back-laststep-desktop.jpg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=QciIzB3MwWdfVG6iDXd5xQ-Fc49NiF8pz9Mwt6r5b_gjlvCSjw3l7dNi3JYrdPQG4uyXqEItAYSNShBXyWhNzlkJ0r26gSQhs-2519OXDuLD40BTqp_Q8qV9AdaOiZJXUyh7jiNh7xZVRmey8IZFqdvVwZFj7z3mxVEnZSQgw8aemzG3wGegZ0QXuXl03cnYgS2SqQwF7eW2XhVsz9J0dr-V34qkcRBnoECVq149sHM53KqT6wJFd0nd9UBCUq6yAzvGcI7UBFH0J8q6INU_6CBjGknRbLrUxuV9DcHmYSazwETC-V_wr9P7WFbzVeNIQipgcagRExatt1Nd-7A3ZckU0LvXw7x8pYuP5wEWMkDQoNGdOZcGN7tX6QTkWGTs&lptoken=1685675969d3390c395c
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 23:49:13 GMT
Content-Type: image/jpeg
Content-Length: 83565
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8nYKrXM%2BgOWM5zn6Efke3dq0FdfrFY6CQtrQKwlt2v9LsbIcpjv8O5yq%2BVfExKfft9zCLEfHPPe3wgWwwpcYTeUJum2n7fZTg6ovY8J%2FE5CwH2nDiXwy5wVX9wKYfIP5jis%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76597c1829ddb4f9-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
IP
Hash a0a9e479f916ce77a9d100547d84ddc0
e98ca822cd55856ef64182be619b29453fd4f1e2
48dab30fd5079934c34df2645759e1aa5d9f19c023416720381f2701e3dcd399
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 23:49:13 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hottime4you.com/ol/all/fr/ms/2-442857/images/apple-touch-icon.png
200 OK 15 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/apple-touch-icon.png
IP
File type PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Hash 06cccf2fbccc024e971c61e25c79371a
7670223c8b94e99051aac5d73a50a586b522c538
e34cc0bbabe9b6e5d76098f9628115351c7b39a46aa8297221b6e5af7cc879e5
GET /ol/all/fr/ms/2-442857/images/apple-touch-icon.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=QciIzB3MwWdfVG6iDXd5xQ-Fc49NiF8pz9Mwt6r5b_gjlvCSjw3l7dNi3JYrdPQG4uyXqEItAYSNShBXyWhNzlkJ0r26gSQhs-2519OXDuLD40BTqp_Q8qV9AdaOiZJXUyh7jiNh7xZVRmey8IZFqdvVwZFj7z3mxVEnZSQgw8aemzG3wGegZ0QXuXl03cnYgS2SqQwF7eW2XhVsz9J0dr-V34qkcRBnoECVq149sHM53KqT6wJFd0nd9UBCUq6yAzvGcI7UBFH0J8q6INU_6CBjGknRbLrUxuV9DcHmYSazwETC-V_wr9P7WFbzVeNIQipgcagRExatt1Nd-7A3ZckU0LvXw7x8pYuP5wEWMkDQoNGdOZcGN7tX6QTkWGTs&lptoken=1685675969d3390c395c
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 23:49:13 GMT
Content-Type: image/png
Content-Length: 15044
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X31BFsejhkyYyF%2BcpDcaVKzZvWBo4DyzSDltFpHH9Ghtum865U3G%2F4haiXA2lBad8v2yTnLuWIk5jmjamcRXiiFj8UnIpt4iI06sEd%2B0iztUDnFb3CD4avyTKVWtiarPw6s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76597c19ab6eb4f9-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/fr/ms/2-442857/images/favicon-16x16.png
200 OK 1.3 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/favicon-16x16.png
IP
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash d538e176ce147346539d54cbe91d9099
a08de9e15e2d6ca9ddd8a6c940055f51440800d7
fdbf44ab7cc09f4f10014be97d1f7e031452cff785ca3f6f6be9b39671371d4f
GET /ol/all/fr/ms/2-442857/images/favicon-16x16.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=QciIzB3MwWdfVG6iDXd5xQ-Fc49NiF8pz9Mwt6r5b_gjlvCSjw3l7dNi3JYrdPQG4uyXqEItAYSNShBXyWhNzlkJ0r26gSQhs-2519OXDuLD40BTqp_Q8qV9AdaOiZJXUyh7jiNh7xZVRmey8IZFqdvVwZFj7z3mxVEnZSQgw8aemzG3wGegZ0QXuXl03cnYgS2SqQwF7eW2XhVsz9J0dr-V34qkcRBnoECVq149sHM53KqT6wJFd0nd9UBCUq6yAzvGcI7UBFH0J8q6INU_6CBjGknRbLrUxuV9DcHmYSazwETC-V_wr9P7WFbzVeNIQipgcagRExatt1Nd-7A3ZckU0LvXw7x8pYuP5wEWMkDQoNGdOZcGN7tX6QTkWGTs&lptoken=1685675969d3390c395c
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 23:49:13 GMT
Content-Type: image/png
Content-Length: 1342
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qeaViVeAY807b1EeBHwaSpAiZ78fOned0yrIGv7QLKkehC5VgBP1bSq76bXNOUYhBdaZUBXwUPbbaqtBSHi%2FxMOkvYoAYCCuQwWm87mWqf9jYkN%2FhJn4KCoUt%2F7mle6WKA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76597c19ab610b06-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 23:49:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gZE9mXBPYXxSPqhdjn65rQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FB9lu2NSx005FKAJIG2gJK+hJnU=
lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
302 Found 337 B URL HTTP/2 lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 66a43eafe19fd2e9782007272dd06ced
9d5112f8b4482ef224d10b0d0a17bfaf053e8e23
f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb
GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1
Host: lh3.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
cache-control: private
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 05 Nov 2022 23:49:13 GMT
server: fife
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 23:49:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 138669aacfe3c5c3dbfaad8256736eb1
b10b54047c043a723a5dbc452f01c90d4c56ca03
98bf3006d2b5401089ea2be634624d6263f777bb41f5a3b08d9f5f8fc38bdd10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 23:49:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
302 Found 408 B URL HTTP/2 accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash 5987e89e90ec77b4e29472313defc134
3340db60221fc1aa2e26d9abfa5a0b736724ee75
5aa6fdcdcacb135537fac32dfe4f9ba0c16196fa4eebdf6e1b2957c88fb7f00e
GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 05 Nov 2022 23:49:14 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1980267565%3A1667692154097118&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAslLODbWsPrWKVlLx8x-lffm9xdsvO6IFAuT4So-Q6qnhaZ5RLVLvw7KIH71w1TV8dChIBD
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-e2IfDaOVjlYGbh7fV0BzKA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 408
server: GSE
set-cookie: __Host-GAPS=1:4MWpiviXBHIboHgatq4mz5ugK2-KQw:4he0crKuqn97IGGU;Path=/;Expires=Mon, 04-Nov-2024 23:49:14 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11540
Expires: Sun, 06 Nov 2022 03:01:35 GMT
Date: Sat, 05 Nov 2022 23:49:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11540
Expires: Sun, 06 Nov 2022 03:01:35 GMT
Date: Sat, 05 Nov 2022 23:49:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11540
Expires: Sun, 06 Nov 2022 03:01:35 GMT
Date: Sat, 05 Nov 2022 23:49:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11540
Expires: Sun, 06 Nov 2022 03:01:35 GMT
Date: Sat, 05 Nov 2022 23:49:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11540
Expires: Sun, 06 Nov 2022 03:01:35 GMT
Date: Sat, 05 Nov 2022 23:49:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F740ccc73-b923-49b5-a3cc-5e21146cee4a.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F740ccc73-b923-49b5-a3cc-5e21146cee4a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 425f4e7f6496e8ece483e05f40654687
df1997af30af72547a31e0c7d8c587891606cc9a
49876573e6da1a02a81290c16df77c169ca9aa50013a77f55bba67013a05ea57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F740ccc73-b923-49b5-a3cc-5e21146cee4a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5862
x-amzn-requestid: 72cce604-5482-4007-8f77-44936d369a58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJb3jFBnoAMF1nQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d9c9-6870c2521f516af77b1812d1;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:46:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Xksr8R3AIY9B8r9o1tVmiV70psZcnwToXZ8nI5N-7WlzlGktWZRxRQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:49:02 GMT
age: 7213
etag: "df1997af30af72547a31e0c7d8c587891606cc9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F148837ad-b0cd-4864-94a6-8a95f3af1c20.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F148837ad-b0cd-4864-94a6-8a95f3af1c20.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28381a10095fbc871cbd32f02e2c49be
ba8a552ca0d40c6e879ba451ef95ae85aeabc1ce
e5abdd27c7c75a5bd55f88ad933eb4bbfa8c72887307ad2e0918b4216c347ec3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F148837ad-b0cd-4864-94a6-8a95f3af1c20.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8918
x-amzn-requestid: 05695d8b-6915-4647-98bf-a699f35ed25a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabcHDjoAMFyVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-71d6d6223d1e8e006a8e2593;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: yv9L2i0EF6xcmBLnn7Jp-_vCHog1TGZ4lh5K1nMrWfDz761n8xh-yQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:46:01 GMT
age: 7394
etag: "ba8a552ca0d40c6e879ba451ef95ae85aeabc1ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcc79e66d1e21452efb26d26650f6739
1f727a7ea032082658944cf4041686446fb6b5f2
af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ry_OKFFZDdDoVya2hTxnFlDGtgoSw0JRqieDnCO4mSNFbgV-AuLE5Q==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:33 GMT
age: 7482
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce7d7b50-094b-4310-b5b5-ea1e3416ac1b.jpeg
200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce7d7b50-094b-4310-b5b5-ea1e3416ac1b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 21a48fab41e721ac5122531d37b8a6bf
14315b78c536168c93738009b01a1478e145021a
dc596ad450a27c2151d541125bf21258f38e209bbc3169ae497c367e3a8afc82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce7d7b50-094b-4310-b5b5-ea1e3416ac1b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5022
x-amzn-requestid: f77253a1-c0f8-4909-80f5-d6c1de52d42a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabaFxtoAMF10Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-27570d6d5a6c2259017890e0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uprCD_xl7vWBIZ0pVmnbcAG-910vIWgZz5bPJ-Y37MXam4g4GTcXsw==
via: 1.1 feda34dcbf6a00e232656b7983c2c7f0.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:04:29 GMT
age: 6286
etag: "14315b78c536168c93738009b01a1478e145021a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa77f05b1af971db287607d9d9a30e0f
276f1493d6da74c8fa3ef83dee77bf48850ff4b4
005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zwi4Hg5iu5MB4zr0EFVhTRAvrnN2J1GnY31mOvlXJW0E_cgQu1gmgA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
age: 5797
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3fDf4aoep5tTAusisXhIdAf0A6SbpM5fYtYaiXtNSb0-VRJo5nu8Vg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 06:27:59 GMT
age: 62476
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddf9fb3-adcc-4e34-a9a7-1927e38830dc.jpeg
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddf9fb3-adcc-4e34-a9a7-1927e38830dc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93aada35cf6b5ccf56d7c8c49e566a1e
349f301eab8e4cd3732e9b0fbd1675bbbe3e969b
2285236779612c298f54306c6237df079a3329daa415c3f3a9015bf2a75f99aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddf9fb3-adcc-4e34-a9a7-1927e38830dc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9331
x-amzn-requestid: d67eca4f-66a8-4366-b2d8-fb424e77b438
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJb3lHQmIAMFemg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d9c9-77519cf22b23b7e00a23cacc;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:46:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZiP3LoPE9a2aP16DN-jBzPfGPS_uW4M_qtJ3ilw26cxK6w6mWJOxPQ==
via: 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
etag: "349f301eab8e4cd3732e9b0fbd1675bbbe3e969b"
content-type: image/jpeg
age: 5803
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zeniocloud.com/JAIA.js?sub1=hottime4you.com
200 OK 0 B URL HTTP/2 zeniocloud.com/JAIA.js?sub1=hottime4you.com
IP
Analyzer Verdict Alert fortinet Phishing
GET /JAIA.js?sub1=hottime4you.com HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 05 Nov 2022 23:49:13 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1980267565%3A1667692154097118&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAslLODbWsPrWKVlLx8x-lffm9xdsvO6IFAuT4So-Q6qnhaZ5RLVLvw7KIH71w1TV8dChIBD
403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1980267565%3A1667692154097118&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAslLODbWsPrWKVlLx8x-lffm9xdsvO6IFAuT4So-Q6qnhaZ5RLVLvw7KIH71w1TV8dChIBD
IP
GET /v3/signin/identifier?dsh=S1980267565%3A1667692154097118&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAslLODbWsPrWKVlLx8x-lffm9xdsvO6IFAuT4So-Q6qnhaZ5RLVLvw7KIH71w1TV8dChIBD HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 05 Nov 2022 23:49:14 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-5-7SnUYUVJuw7z8TDXYYGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
172.67.212.155
23.36.76.226
93.184.220.29
167.114.67.56
0.0.0.0