www.ehpad-charaintru.fr/includes/ee/
195.15.217.184200 OK 198 B URL HTTP/1.1 www.ehpad-charaintru.fr/includes/ee/
IP 195.15.217.184:0
ASN #29222 Infomaniak Network SA
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c1a27402942af20ca931c6ddc1a4de6b
a81c90b9d972a81cb558a5b5e66925be366fc47e
de4379107effe039eac5379cdc1b7b7ff9f614dcd6c23abe21003abcee63a10d
Analyzer Verdict Alert fortinet Phishing
GET /includes/ee/ HTTP/1.1
Host: www.ehpad-charaintru.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:47:53 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19098
Expires: Thu, 08 Dec 2022 14:06:11 GMT
Date: Thu, 08 Dec 2022 08:47:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7988
Expires: Thu, 08 Dec 2022 11:01:01 GMT
Date: Thu, 08 Dec 2022 08:47:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5508
Expires: Thu, 08 Dec 2022 10:19:41 GMT
Date: Thu, 08 Dec 2022 08:47:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 08:08:11 GMT
content-type: application/json
age: 2382
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9epFPJ8/ZoxAAwrEZRq0f3JCJ7WZPOzwoJQX6UAgP5pjn5eR7vmNLhfV6rWex7kAuTyXFaZ5/MA=
x-amz-request-id: H82SVW8A8NAP00C2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 08:47:51 GMT
age: 2
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.ehpad-charaintru.fr/favicon.ico
195.15.217.184404 Not Found 1.2 kB URL HTTP/1.1 www.ehpad-charaintru.fr/favicon.ico
IP 195.15.217.184:0
ASN #29222 Infomaniak Network SA
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 4f42c3a9f4804a681f18fe1b0f25ff43
7ffe6a342b858cfd41242addc5b9ce35e6c6dd57
7fbc101cdf75725982f405b797323f8ac38a9cf93cf5b9661698a9e65bf06cd8
GET /favicon.ico HTTP/1.1
Host: www.ehpad-charaintru.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ehpad-charaintru.fr/includes/ee/
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 08:47:53 GMT
Server: Apache
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 08:47:53 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 08:07:58 GMT
age: 2396
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 924
Cache-Control: max-age=88460
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:47:54 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:22:14 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.223.160.237101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.223.160.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: irsiCIW2EDfW3Jf4AAACpA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: m5ooEel2lH5bBJn3XPFMrkvmmeQ=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5496
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 08:47:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5496
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 08:47:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5496
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 08:47:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d44d17585c9a536c8da0e75ed90d175
9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1
6d14a5b5c43b39244434560a83a2bfea6604a4d072943b6147293b7adfd1b7b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10164
x-amzn-requestid: a0cb7259-0a07-44f5-91cd-e96b8d9c9cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnAPOGSnoAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c472e-799b6ee425e29fb70ff7e4ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Q2LRCrEYVZz_KldQARUQ26O1mv0G7rMAPQXGkBzUnERF-WjtZPMJA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 12:11:17 GMT
age: 74198
etag: "9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f870bb-e67d-4a93-bab0-cf574561a496.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f870bb-e67d-4a93-bab0-cf574561a496.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4cbd333b74ebe10e77c1bdf1fec0269
bbcfa6a3ae98d5e3f4ffd3b0d6ee6934c7ca33a8
7c868974824cef2f1a08c4500d10490fbaa8515984391b822c70a5009ad8c225
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f870bb-e67d-4a93-bab0-cf574561a496.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 79861560-2468-4c0a-afd8-800d1e6d6814
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4A5EbzIAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106d2-0b1efe0b006b8b0b2f69870b;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OInz4Evmbh2Z4PL2ogGsw6iOF9I-u-KhBhAsHHiA46CuHcqHo2Z34A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:07 GMT
age: 38088
etag: "bbcfa6a3ae98d5e3f4ffd3b0d6ee6934c7ca33a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce35df4fe4f77c950e40dc44b311bab4
aadf97d040e3577599581e892ee20f88d191bf91
f9c4cfc384213f77c0bbb252f3d6fbc22be60e1ecc158eece857d5050c8ced3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5620
x-amzn-requestid: fadda084-c7fc-4ec0-bad0-27e97b8349d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4gHGIMIAMFy_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391079a-5dc824963fe82ab927205128;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MWB80hrfUMDjexNsySVGMXtm6Wva4t1gkJXaesFKRaGSkFS1r1zIrw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
age: 38071
etag: "aadf97d040e3577599581e892ee20f88d191bf91"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9367069b-64ab-4e4d-b8c9-fa115e0681a9.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9367069b-64ab-4e4d-b8c9-fa115e0681a9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bdf4703f3372054a7aadce1cb0e11bd0
84d060f66accd412503d52c385ee47cb35795c07
c5853b653ee328e567e2456be12450e04c1704ed64fb6234f008532e4b6c8363
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9367069b-64ab-4e4d-b8c9-fa115e0681a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3744
x-amzn-requestid: 73eab74b-e50c-46d1-adde-3ef85fb772f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlj7FDiIAMFmsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb618-70ffb1925e3a9ef6081d1cd1;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mNqZM4645fF2zaqXJgT68q_xIbg2tvE1KaqK1P2LzC307rl4OTZ33Q==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:58:04 GMT
age: 38991
etag: "84d060f66accd412503d52c385ee47cb35795c07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:35:32 GMT
age: 33143
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43fdc85bfd574fa803f0bcdc216ef622
27f558d5cdc150a50f080c054423500666b63d74
fafd2a81cddacdb4e5fd7c9963a784e6e56d06ac98f0bd4124fd74fa3ba015e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5245
x-amzn-requestid: 9770ebcd-fb1e-4b81-bb87-1e98ef024741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy-E8HugoAMFsKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911085-54eb7a48323113d52329abf5;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:15:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d2DHUS5fGT4uoPPdjDXmHUOQVF93ULtO4zSHRmrx7KMu3lO0y0K9ag==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:24:13 GMT
age: 37422
etag: "27f558d5cdc150a50f080c054423500666b63d74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.j4.dfi-japan.com/god/ss/xx/
173.231.230.66302 Found 0 B URL HTTP/1.1 www.j4.dfi-japan.com/god/ss/xx/
IP 173.231.230.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /god/ss/xx/ HTTP/1.1
Host: www.j4.dfi-japan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 08 Dec 2022 08:47:59 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=ef3dcaebbecc859a5486726da9bae652; path=/
Location: 04jkodux6qx86l6kb6f3efj7.php?client_id=9B7B696E56DAEDE5DECE1CA0EA44DB7E&response_mode=form_post&response_type=code+id_token&scope=openid+profile&email=&Connect_Authentication_Properties&&nonce=8896274769b7b696e56daede5dece1ca0ea44db7e&redirect_uri=&ui_locales=en-US&mkt=en-US
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.j4.dfi-japan.com/god/ss/xx/04jkodux6qx86l6kb6f3efj7.php?client_id=9B7B696E56DAEDE5DECE1CA0EA44DB7E&response_mode=form_post&response_type=code+id_token&scope=openid+profile&email=&Connect_Authentication_Properties&&nonce=8896274769b7b696e56daede5dece1ca0ea44db7e&redirect_uri=&ui_locales=en-US&mkt=en-US
173.231.230.66200 OK 9.0 kB URL HTTP/1.1 www.j4.dfi-japan.com/god/ss/xx/04jkodux6qx86l6kb6f3efj7.php?client_id=9B7B696E56DAEDE5DECE1CA0EA44DB7E&response_mode=form_post&response_type=code+id_token&scope=openid+profile&email=&Connect_Authentication_Properties&&nonce=8896274769b7b696e56daede5dece1ca0ea44db7e&redirect_uri=&ui_locales=en-US&mkt=en-US
IP 173.231.230.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (525)
Hash f6852ead7c035d38edeababba2bf98b1
5dfd706899824187314fed9d35eec03c40d891cf
f2cf9b7451a41a144de46a8e02e3bffafde125506c1bf8eb4ee1b5fd625f147f
GET /god/ss/xx/04jkodux6qx86l6kb6f3efj7.php?client_id=9B7B696E56DAEDE5DECE1CA0EA44DB7E&response_mode=form_post&response_type=code+id_token&scope=openid+profile&email=&Connect_Authentication_Properties&&nonce=8896274769b7b696e56daede5dece1ca0ea44db7e&redirect_uri=&ui_locales=en-US&mkt=en-US HTTP/1.1
Host: www.j4.dfi-japan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=ef3dcaebbecc859a5486726da9bae652
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:47:59 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe4f8e5cd96e01b042500cd8370bb3af
24511179cd1ae8912aea1e77df9df1ecb8ddf7b1
8064cd91a5d7c18e7ea91de9eb94119397bce54e4a248e495d3cd7c68485495f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5106
Cache-Control: max-age=170733
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:48:00 GMT
Etag: "639188bb-1d7"
Expires: Sat, 10 Dec 2022 08:13:33 GMT
Last-Modified: Thu, 08 Dec 2022 06:48:27 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe4f8e5cd96e01b042500cd8370bb3af
24511179cd1ae8912aea1e77df9df1ecb8ddf7b1
8064cd91a5d7c18e7ea91de9eb94119397bce54e4a248e495d3cd7c68485495f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5106
Cache-Control: max-age=170733
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:48:00 GMT
Etag: "639188bb-1d7"
Expires: Sat, 10 Dec 2022 08:13:33 GMT
Last-Modified: Thu, 08 Dec 2022 06:48:27 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe4f8e5cd96e01b042500cd8370bb3af
24511179cd1ae8912aea1e77df9df1ecb8ddf7b1
8064cd91a5d7c18e7ea91de9eb94119397bce54e4a248e495d3cd7c68485495f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=165627
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:48:00 GMT
Etag: "639188bb-1d7"
Expires: Sat, 10 Dec 2022 06:48:27 GMT
Last-Modified: Thu, 08 Dec 2022 06:48:27 GMT
Server: nginx
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe4f8e5cd96e01b042500cd8370bb3af
24511179cd1ae8912aea1e77df9df1ecb8ddf7b1
8064cd91a5d7c18e7ea91de9eb94119397bce54e4a248e495d3cd7c68485495f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=165627
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:48:00 GMT
Etag: "639188bb-1d7"
Expires: Sat, 10 Dec 2022 06:48:27 GMT
Last-Modified: Thu, 08 Dec 2022 06:48:27 GMT
Server: nginx
Content-Length: 471
ssocsp.cybertrust.ne.jp/OcspServer
116.118.230.85200 OK 1.5 kB URL HTTP/1.1 ssocsp.cybertrust.ne.jp/OcspServer
IP 116.118.230.85:0
ASN #58793 FUJITSU CLOUD TECHNOLOGIES LIMITED
Hash a0f7aba8b6cfafa2b5345ecc5556c0e7
f8b0f82bfa67b7c219198e537c8d697081eeaf59
3876d4f037a3fb3d20ae68ba1ba1c3f5eb4db094f022c6f180243bbcdbb5a0b5
POST /OcspServer HTTP/1.1
Host: ssocsp.cybertrust.ne.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 08:48:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1477
Connection: keep-alive
Keep-Alive: timeout=2
web1.plala.or.jp/mail/plus/css/tsuikalogin.css
60.43.62.6200 OK 190 B URL HTTP/1.1 web1.plala.or.jp/mail/plus/css/tsuikalogin.css
IP 60.43.62.6:0
ASN #4713 NTT Communications Corporation
Hash 19f741632387585fbd589d3fc31b347f
a64821d916f502adf5734810b48f30b8fe513eb8
6fa5fda5079bec36b02ab73a550608c3662a7cd5305c45cf8234f29040f82ea5
GET /mail/plus/css/tsuikalogin.css HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:01 GMT
Server: Apache
Last-Modified: Mon, 16 Dec 2019 02:13:54 GMT
ETag: "7c071-be-c3615c80"
Accept-Ranges: bytes
Content-Length: 190
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/css
Set-Cookie: Plala_WEB_=265055708.47873.0000; path=/
sec.plala.or.jp/fp/tags.js?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77
91.235.133.182200 OK 12 kB URL HTTP/1.1 sec.plala.or.jp/fp/tags.js?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77
IP 91.235.133.182:0
File type ASCII text, with very long lines (15506)
Hash b61f470a98e99c8a725510863031f77c
db420cdcf82ef1c4709d8575ded8be76a242aeb9
b8d3730ea4b511c05a4f635b2283664b388f7a0c0166e71200e80d3395921dc0
GET /fp/tags.js?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:01 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP=IVAa PSAa
Set-Cookie: thx_guid=5ac65d2fed0fd1c243f914fad699b18c; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure; SameSite=None;
tmx_guid=AAzo2CSxXxdOUkZGlLF-PZP7tgC8CB6LSSY40OR1nUnzxYNh9d35YMl6Mu5i0oG5CIVXfVin_RJKsEmEzkI8pZxL0Evb9g; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure; SameSite=None;
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
web1.plala.or.jp/mail/plus/css/login.css
60.43.62.6200 OK 1.7 kB URL HTTP/1.1 web1.plala.or.jp/mail/plus/css/login.css
IP 60.43.62.6:0
ASN #4713 NTT Communications Corporation
File type ASCII text, with CRLF line terminators
Hash bc8c477d159f24ea86eb72a9907f843e
7c6424642bffc3b47f5d1b81ab8326d008755f71
79e3e092b0b22df9f93ac9325fb7438d3bced0784bcb2ccfd8964fa07b3b221d
GET /mail/plus/css/login.css HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:01 GMT
Server: Apache
Last-Modified: Fri, 22 Aug 2008 08:51:44 GMT
ETag: "342d5-6b3-8c03c800"
Accept-Ranges: bytes
Content-Length: 1715
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/css
Set-Cookie: Plala_WEB_=617377244.47873.0000; path=/
web1.plala.or.jp/mail/plus/images/hd_logo_login.gif
60.43.62.6200 OK 2.8 kB URL HTTP/1.1 web1.plala.or.jp/mail/plus/images/hd_logo_login.gif
IP 60.43.62.6:0
ASN #4713 NTT Communications Corporation
File type GIF image data, version 89a, 115 x 58\012- data
Hash ee6284e8ab015ada7763075b85c722d7
40826abe00d54ceed725fff2d90d63043b875558
662a02c554ce83d623a3f8b01a1fc02ad7238798d2207ac839f8d129ab3decdd
GET /mail/plus/images/hd_logo_login.gif HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:01 GMT
Server: Apache
Last-Modified: Fri, 22 Aug 2008 08:51:09 GMT
ETag: "3e173-ae5-89edb940"
Accept-Ranges: bytes
Content-Length: 2789
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/gif
web1.plala.or.jp/mail/plus/images/spacer.gif
60.43.62.6200 OK 43 B URL HTTP/1.1 web1.plala.or.jp/mail/plus/images/spacer.gif
IP 60.43.62.6:0
ASN #4713 NTT Communications Corporation
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /mail/plus/images/spacer.gif HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:01 GMT
Server: Apache
Last-Modified: Wed, 24 Oct 2007 05:30:33 GMT
ETag: "3e19d-2b-6a9c5040"
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: Plala_WEB_=265055708.47873.0000; path=/
web1.plala.or.jp/mail/plus/images/barg.gif
60.43.62.6200 OK 1.7 kB URL HTTP/1.1 web1.plala.or.jp/mail/plus/images/barg.gif
IP 60.43.62.6:0
ASN #4713 NTT Communications Corporation
File type GIF image data, version 89a, 750 x 30\012- data
Hash 13a156ce3615ab6a1206daa3b16a69d9
2efb6bc8681bf1d35dd317a9b47bff4c9b747885
ba71589b6bb729587c3c110462cf7843859a61d03b0f9bb6c9724cf40cdd9f76
GET /mail/plus/images/barg.gif HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:01 GMT
Server: Apache
Last-Modified: Wed, 24 Oct 2007 05:33:02 GMT
ETag: "342fc-6ca-737ddf80"
Accept-Ranges: bytes
Content-Length: 1738
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: Plala_WEB_=617377244.47873.0000; path=/
web1.plala.or.jp/mail/plus/images/login.gif
60.43.62.6200 OK 424 B URL HTTP/1.1 web1.plala.or.jp/mail/plus/images/login.gif
IP 60.43.62.6:0
ASN #4713 NTT Communications Corporation
File type GIF image data, version 89a, 112 x 24\012- data
Hash 47e5e2303fca8b31ed4fc0e4592eb05e
926791b0c9bea9eead7e6b7e596f078907bf2ef1
ec2716d4c90cf8b58b22978f562c937382d76f259fbd5a82b2738ab6ccba0b51
GET /mail/plus/images/login.gif HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:01 GMT
Server: Apache
Last-Modified: Wed, 24 Oct 2007 05:33:02 GMT
ETag: "34324-1a8-737ddf80"
Accept-Ranges: bytes
Content-Length: 424
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/gif
web1.plala.or.jp/mail/plus/images/bg_g.gif
60.43.62.6200 OK 3.2 kB URL HTTP/1.1 web1.plala.or.jp/mail/plus/images/bg_g.gif
IP 60.43.62.6:0
ASN #4713 NTT Communications Corporation
File type GIF image data, version 89a, 727 x 400\012- data
Hash b56a7f43cdb87bcb6ccef5257fd8280b
11bf42136c6e9d25502052d51bd0a8df538e982d
74610a7040540b5fcbf05a8089f669f5d70b990e3dfe5abc3c9c9acb837dda27
GET /mail/plus/images/bg_g.gif HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web1.plala.or.jp/mail/plus/css/login.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:01 GMT
Server: Apache
Last-Modified: Fri, 22 Aug 2008 08:51:09 GMT
ETag: "3e15b-c4f-89edb940"
Accept-Ranges: bytes
Content-Length: 3151
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: Plala_WEB_=265055708.47873.0000; path=/
web1.plala.or.jp/mail/plus/images/head_r1g.gif
60.43.62.6200 OK 2.6 kB URL HTTP/1.1 web1.plala.or.jp/mail/plus/images/head_r1g.gif
IP 60.43.62.6:0
ASN #4713 NTT Communications Corporation
File type GIF image data, version 89a, 543 x 40\012- data
Hash 12dbb91a5a1184dec00afe7b284a4731
b892bef8f194c203460f6beeedb6500827ff1fe8
446d94289151636165a11ab4cac37952dd293406365a5a2308c3660fb6e9e949
GET /mail/plus/images/head_r1g.gif HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web1.plala.or.jp/mail/plus/css/login.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:01 GMT
Server: Apache
Last-Modified: Fri, 22 Aug 2008 08:51:43 GMT
ETag: "34318-a04-8bf485c0"
Accept-Ranges: bytes
Content-Length: 2564
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: Plala_WEB_=617377244.47873.0000; path=/
web1.plala.or.jp/mail/plus/images/bg_r1g.gif
60.43.62.6200 OK 86 B URL HTTP/1.1 web1.plala.or.jp/mail/plus/images/bg_r1g.gif
IP 60.43.62.6:0
ASN #4713 NTT Communications Corporation
File type GIF image data, version 89a, 543 x 1\012- data
Hash eb298e2e87363f15d73b5826694d679a
e7e69789118d0973d15144fd4ed92051f5a30a8b
22f7edc3f3a01d24c030fe489dc16bed380334573fe70d242e90ab74de58bf35
GET /mail/plus/images/bg_r1g.gif HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web1.plala.or.jp/mail/plus/css/login.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:01 GMT
Server: Apache
Last-Modified: Fri, 22 Aug 2008 08:51:09 GMT
ETag: "3e15c-56-89edb940"
Accept-Ranges: bytes
Content-Length: 86
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif
Set-Cookie: Plala_WEB_=265055708.47873.0000; path=/
web1.plala.or.jp/mail/plus/images/foot_r1g.gif
60.43.62.6200 OK 2.1 kB URL HTTP/1.1 web1.plala.or.jp/mail/plus/images/foot_r1g.gif
IP 60.43.62.6:0
ASN #4713 NTT Communications Corporation
File type GIF image data, version 89a, 543 x 55\012- data
Hash 3606d5956ea4eb11ebb62586e3fe0410
8c8504656e9ff01dd962c0ef0cb4dc41dd30ac3e
468a33eb30adbffb9b0e5e428cdcf6df53d6dc81237e62be9b096b6e789adc03
GET /mail/plus/images/foot_r1g.gif HTTP/1.1
Host: web1.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web1.plala.or.jp/mail/plus/css/login.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:01 GMT
Server: Apache
Last-Modified: Fri, 22 Aug 2008 08:51:09 GMT
ETag: "3e170-83c-89edb940"
Accept-Ranges: bytes
Content-Length: 2108
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: image/gif
sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&ck=0&m=2
91.235.133.182200 OK 81 B URL HTTP/1.1 sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&ck=0&m=2
IP 91.235.133.182:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&ck=0&m=2 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/
Cookie: thx_guid=5ac65d2fed0fd1c243f914fad699b18c; tmx_guid=AAzo2CSxXxdOUkZGlLF-PZP7tgC8CB6LSSY40OR1nUnzxYNh9d35YMl6Mu5i0oG5CIVXfVin_RJKsEmEzkI8pZxL0Evb9g
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:01 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
www.j4.dfi-japan.com/favicon.ico
173.231.230.66404 Not Found 236 B URL HTTP/1.1 www.j4.dfi-japan.com/favicon.ico
IP 173.231.230.66:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 3dea6e4a74ae5c8a6b8dd3bae0de6081
0b2672db2629a86272ca21084220113c548195db
6c09a3f77e8a1ce36ffdf1bf0cff8aa9bb5c17616ba8f31db31d8b5946245362
GET /favicon.ico HTTP/1.1
Host: www.j4.dfi-japan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/god/ss/xx/04jkodux6qx86l6kb6f3efj7.php?client_id=9B7B696E56DAEDE5DECE1CA0EA44DB7E&response_mode=form_post&response_type=code+id_token&scope=openid+profile&email=&Connect_Authentication_Properties&&nonce=8896274769b7b696e56daede5dece1ca0ea44db7e&redirect_uri=&ui_locales=en-US&mkt=en-US
Cookie: PHPSESSID=ef3dcaebbecc859a5486726da9bae652
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 08:48:01 GMT
Server: Apache
Content-Length: 236
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&ck=0&m=1
91.235.133.182200 OK 81 B URL HTTP/1.1 sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&ck=0&m=1
IP 91.235.133.182:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&ck=0&m=1 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/
Cookie: thx_guid=5ac65d2fed0fd1c243f914fad699b18c; tmx_guid=AAzo2CSxXxdOUkZGlLF-PZP7tgC8CB6LSSY40OR1nUnzxYNh9d35YMl6Mu5i0oG5CIVXfVin_RJKsEmEzkI8pZxL0Evb9g
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:01 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
sec.plala.or.jp/fp/check.js;CIS3SID=3D0FC3446894FF8F7A9E08362B390759?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&jb=353024246a736d753f4e6b6c75702668736d35446966777a26687360753d446b7267646d78266873603f446b726d666d78273a38313837
91.235.133.182200 OK 67 kB URL HTTP/1.1 sec.plala.or.jp/fp/check.js;CIS3SID=3D0FC3446894FF8F7A9E08362B390759?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&jb=353024246a736d753f4e6b6c75702668736d35446966777a26687360753d446b7267646d78266873603f446b726d666d78273a38313837
IP 91.235.133.182:0
File type ASCII text, with very long lines (5358)
Hash 36988649330fa7bf472b456b333cd663
c89dd5efcec30b3f518e9e9c22917e57bebad54e
d71406ed9085a0ac8b01c258237082d764aa955c65236c364fef6ed05d962b8a
GET /fp/check.js;CIS3SID=3D0FC3446894FF8F7A9E08362B390759?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&jb=353024246a736d753f4e6b6c75702668736d35446966777a26687360753d446b7267646d78266873603f446b726d666d78273a38313837 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/
Cookie: thx_guid=5ac65d2fed0fd1c243f914fad699b18c; tmx_guid=AAzo2CSxXxdOUkZGlLF-PZP7tgC8CB6LSSY40OR1nUnzxYNh9d35YMl6Mu5i0oG5CIVXfVin_RJKsEmEzkI8pZxL0Evb9g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:01 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: de75c3838908e19a
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked
sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&jb=3334246e73613f6567673037336a343b38306e3c343832633666386163326737623b6163613366
91.235.133.182204 No Content 0 B URL HTTP/1.1 sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&jb=3334246e73613f6567673037336a343b38306e3c343832633666386163326737623b6163613366
IP 91.235.133.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&jb=3334246e73613f6567673037336a343b38306e3c343832633666386163326737623b6163613366 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/
Cookie: thx_guid=5ac65d2fed0fd1c243f914fad699b18c; tmx_guid=AAzo2CSxXxdOUkZGlLF-PZP7tgC8CB6LSSY40OR1nUnzxYNh9d35YMl6Mu5i0oG5CIVXfVin_RJKsEmEzkI8pZxL0Evb9g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 08 Dec 2022 08:48:02 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/javascript
sec.plala.or.jp/fp/HP?session_id=1fbb153a767719431399e83f5cdf1a77&org_id=2kamd3p6&nonce=de75c3838908e19a&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
91.235.133.182200 OK 5.8 kB URL HTTP/1.1 sec.plala.or.jp/fp/HP?session_id=1fbb153a767719431399e83f5cdf1a77&org_id=2kamd3p6&nonce=de75c3838908e19a&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
IP 91.235.133.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash cde79fcf0caf4029f76a867ec99b2f63
70d960a1403a47af88ba3e8aca9055366136354d
b1cd0577a0d76532bc53b2daf9cd55167c57a8db1ff65df60e8b4dae17d685dc
GET /fp/HP?session_id=1fbb153a767719431399e83f5cdf1a77&org_id=2kamd3p6&nonce=de75c3838908e19a&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/
Cookie: thx_guid=5ac65d2fed0fd1c243f914fad699b18c; tmx_guid=AAzo2CSxXxdOUkZGlLF-PZP7tgC8CB6LSSY40OR1nUnzxYNh9d35YMl6Mu5i0oG5CIVXfVin_RJKsEmEzkI8pZxL0Evb9g
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:02 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-UA-Compatible: IE=Edge
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5794
Keep-Alive: timeout=2, max=97
sec.plala.or.jp/fp/es.js?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&cb=td_4A
91.235.133.182200 OK 130 B URL HTTP/1.1 sec.plala.or.jp/fp/es.js?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&cb=td_4A
IP 91.235.133.182:0
File type ASCII text, with no line terminators
Hash c814fcb7e4c348951a7cb219a3002fd7
bc90b54658fac8431294b8ae2bd306de9aaa48e3
fcdaf75d31bd4d7abecd2b33dc30790a5ea06e34581a845930bfee2dea700178
GET /fp/es.js?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&cb=td_4A HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/
Cookie: thx_guid=5ac65d2fed0fd1c243f914fad699b18c; tmx_guid=AAzo2CSxXxdOUkZGlLF-PZP7tgC8CB6LSSY40OR1nUnzxYNh9d35YMl6Mu5i0oG5CIVXfVin_RJKsEmEzkI8pZxL0Evb9g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:02 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked
sec.plala.or.jp/fp/ls_fp.html;CIS3SID=3D0FC3446894FF8F7A9E08362B390759?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a
91.235.133.182200 OK 14 kB URL HTTP/1.1 sec.plala.or.jp/fp/ls_fp.html;CIS3SID=3D0FC3446894FF8F7A9E08362B390759?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a
IP 91.235.133.182:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash 8f26430f3f7fb9c8cfd85a1900f7d729
5c06a6435b11fef29f0e31bc92b8d383f154b7fe
ebd4671779326913dc2103973ff766840b444456b3a200fd0ef91ef5f0d99a60
GET /fp/ls_fp.html;CIS3SID=3D0FC3446894FF8F7A9E08362B390759?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/
Cookie: thx_guid=5ac65d2fed0fd1c243f914fad699b18c; tmx_guid=AAzo2CSxXxdOUkZGlLF-PZP7tgC8CB6LSSY40OR1nUnzxYNh9d35YMl6Mu5i0oG5CIVXfVin_RJKsEmEzkI8pZxL0Evb9g
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:02 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked
sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&jd=353724246a666c3d352468646835386631603c3f6130673430346537316264356535306361316437603a3a31656d26686676663530323b313a35
91.235.133.182204 No Content 0 B URL HTTP/1.1 sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&jd=353724246a666c3d352468646835386631603c3f6130673430346537316264356535306361316437603a3a31656d26686676663530323b313a35
IP 91.235.133.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&jd=353724246a666c3d352468646835386631603c3f6130673430346537316264356535306361316437603a3a31656d26686676663530323b313a35 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/
Cookie: thx_guid=5ac65d2fed0fd1c243f914fad699b18c; tmx_guid=AAzo2CSxXxdOUkZGlLF-PZP7tgC8CB6LSSY40OR1nUnzxYNh9d35YMl6Mu5i0oG5CIVXfVin_RJKsEmEzkI8pZxL0Evb9g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 08 Dec 2022 08:48:02 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: text/javascript
sec.plala.or.jp/fp/clear.png
91.235.133.182200 OK 81 B URL HTTP/1.1 sec.plala.or.jp/fp/clear.png
IP 91.235.133.182:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*, 2kamd3p6/de75c3838908e19a1fbb153a767719431399e83f5cdf1a77
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.j4.dfi-japan.com
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:02 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 08 Dec 2022 08:48:02 GMT
Expires: Tue, 07 Dec 2027 08:48:02 GMT
Etag: a5b9e0408ebf4132ad50169d0f0bd8a0
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: https://www.j4.dfi-japan.com
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
sec.plala.or.jp/fp/top_fp.html;CIS3SID=3D0FC3446894FF8F7A9E08362B390759?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a
91.235.133.182200 OK 14 kB URL HTTP/1.1 sec.plala.or.jp/fp/top_fp.html;CIS3SID=3D0FC3446894FF8F7A9E08362B390759?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a
IP 91.235.133.182:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash 09a8e76c91a346aea3042327b6a5bd3b
daf40d867364d10fce37665fb2e468b2335055f2
599b1fb36cbcd87219fee1d85ef55db52cc4f70060c259f8e4af4f60e9f41f44
GET /fp/top_fp.html;CIS3SID=3D0FC3446894FF8F7A9E08362B390759?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/
Cookie: thx_guid=5ac65d2fed0fd1c243f914fad699b18c; tmx_guid=AAzo2CSxXxdOUkZGlLF-PZP7tgC8CB6LSSY40OR1nUnzxYNh9d35YMl6Mu5i0oG5CIVXfVin_RJKsEmEzkI8pZxL0Evb9g
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:48:02 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked
sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&ja=3837352426633f3024783f32266e3d33323a3870313830362663663f31323a3278333232322671787b3f327a302e6472723f3924313a3a322c333030342c333038322e333030302c33303a322c31333b2c333a303024333232362c322c30247163663f3034266e683f6a7676707b253141273a4e253a447577752e68342e6664692f686370616c2e616d6f27324e676d64273a4e737b2730467a7827324632366a696d66757834717a3a346e3663623466316d6e6a3f2c726872253146636e6b656c765d69642733463b4035423e393445373e4c414d46473546454145314143304743363444403747273034726d73726f6c7b6d5f656d6665273346666f706f5f726d7174253036706771726f6673675f767178652d3146636d64672532406b645d766d6b656c25303471616f7865273346677865666b6625304272726f646b6c67273036656f616b6e2731442d3234436d6666656b765d4177746a656e766b6363766b6f6e5d50706d7267727c696773273a3e253a346c6f6c63672533463a383b3430373435363b6035603631366735346c69656c2466723f266a683d3064306460376533603835326761343a643b66616a6d34303b313034333737382468736d3f4e696e7778246871603d4e697065646770253a323330372668736f773f4c6b6c777826687360773f44697a65646f7a2e66686b3f3336246e6f74703f32267678663d555643246f6376687a3d30383b3e6a3830613237676263346464633860633a61363b313b6634616369323231613d3e65393a306132613b6439366361363632643336343460376434313024703f7864756f6b6c5f646c63736827374564636e736523706e77656b6e57776b6e66677f73576f67646b615d706c637b657027374566636c716723726c7d676b6e5d696c6f6a675d6161726d62617627354764636c736721726e776569665f73756b6b6374616f6725374564616c716721726e7767696c5f716a6d616b7f617465273d4d66696e716523706e75676b6c5f7067636c706e617b677027354d66636c716d2970647765696c5f746c635d726c637b677225374564636e716529706e756561665f6c6774616e767025354764616e716721706e75656b6c5d737e675d766b6d7f657a27374564616e736523726c77656b6e5f686174632737456e616e73672e6b636c3f31353a383233&jb=313331246c713f4d6d786b6e6c69253046372638253a322a576b6e666f77712732324c5625323231322c3227334a253030556166363c273142273232783636273340273030727425314333323526302b2530384f656b696d253046303031323231323327323044697067646d782d324431323d2630
91.235.133.182204 204 0 B URL HTTP/1.1 sec.plala.or.jp/fp/clear.png?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&ja=3837352426633f3024783f32266e3d33323a3870313830362663663f31323a3278333232322671787b3f327a302e6472723f3924313a3a322c333030342c333038322e333030302c33303a322c31333b2c333a303024333232362c322c30247163663f3034266e683f6a7676707b253141273a4e253a447577752e68342e6664692f686370616c2e616d6f27324e676d64273a4e737b2730467a7827324632366a696d66757834717a3a346e3663623466316d6e6a3f2c726872253146636e6b656c765d69642733463b4035423e393445373e4c414d46473546454145314143304743363444403747273034726d73726f6c7b6d5f656d6665273346666f706f5f726d7174253036706771726f6673675f767178652d3146636d64672532406b645d766d6b656c25303471616f7865273346677865666b6625304272726f646b6c67273036656f616b6e2731442d3234436d6666656b765d4177746a656e766b6363766b6f6e5d50706d7267727c696773273a3e253a346c6f6c63672533463a383b3430373435363b6035603631366735346c69656c2466723f266a683d3064306460376533603835326761343a643b66616a6d34303b313034333737382468736d3f4e696e7778246871603d4e697065646770253a323330372668736f773f4c6b6c777826687360773f44697a65646f7a2e66686b3f3336246e6f74703f32267678663d555643246f6376687a3d30383b3e6a3830613237676263346464633860633a61363b313b6634616369323231613d3e65393a306132613b6439366361363632643336343460376434313024703f7864756f6b6c5f646c63736827374564636e736523706e77656b6e57776b6e66677f73576f67646b615d706c637b657027374566636c716723726c7d676b6e5d696c6f6a675d6161726d62617627354764636c736721726e776569665f73756b6b6374616f6725374564616c716721726e7767696c5f716a6d616b7f617465273d4d66696e716523706e75676b6c5f7067636c706e617b677027354d66636c716d2970647765696c5f746c635d726c637b677225374564636e716529706e756561665f6c6774616e767025354764616e716721706e75656b6c5d737e675d766b6d7f657a27374564616e736523726c77656b6e5f686174632737456e616e73672e6b636c3f31353a383233&jb=313331246c713f4d6d786b6e6c69253046372638253a322a576b6e666f77712732324c5625323231322c3227334a253030556166363c273142273232783636273340273030727425314333323526302b2530384f656b696d253046303031323231323327323044697067646d782d324431323d2630
IP 91.235.133.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=2kamd3p6&session_id=1fbb153a767719431399e83f5cdf1a77&nonce=de75c3838908e19a&ja=3837352426633f3024783f32266e3d33323a3870313830362663663f31323a3278333232322671787b3f327a302e6472723f3924313a3a322c333030342c333038322e333030302c33303a322c31333b2c333a303024333232362c322c30247163663f3034266e683f6a7676707b253141273a4e253a447577752e68342e6664692f686370616c2e616d6f27324e676d64273a4e737b2730467a7827324632366a696d66757834717a3a346e3663623466316d6e6a3f2c726872253146636e6b656c765d69642733463b4035423e393445373e4c414d46473546454145314143304743363444403747273034726d73726f6c7b6d5f656d6665273346666f706f5f726d7174253036706771726f6673675f767178652d3146636d64672532406b645d766d6b656c25303471616f7865273346677865666b6625304272726f646b6c67273036656f616b6e2731442d3234436d6666656b765d4177746a656e766b6363766b6f6e5d50706d7267727c696773273a3e253a346c6f6c63672533463a383b3430373435363b6035603631366735346c69656c2466723f266a683d3064306460376533603835326761343a643b66616a6d34303b313034333737382468736d3f4e696e7778246871603d4e697065646770253a323330372668736f773f4c6b6c777826687360773f44697a65646f7a2e66686b3f3336246e6f74703f32267678663d555643246f6376687a3d30383b3e6a3830613237676263346464633860633a61363b313b6634616369323231613d3e65393a306132613b6439366361363632643336343460376434313024703f7864756f6b6c5f646c63736827374564636e736523706e77656b6e57776b6e66677f73576f67646b615d706c637b657027374566636c716723726c7d676b6e5d696c6f6a675d6161726d62617627354764636c736721726e776569665f73756b6b6374616f6725374564616c716721726e7767696c5f716a6d616b7f617465273d4d66696e716523706e75676b6c5f7067636c706e617b677027354d66636c716d2970647765696c5f746c635d726c637b677225374564636e716529706e756561665f6c6774616e767025354764616e716721706e75656b6c5d737e675d766b6d7f657a27374564616e736523726c77656b6e5f686174632737456e616e73672e6b636c3f31353a383233&jb=313331246c713f4d6d786b6e6c69253046372638253a322a576b6e666f77712732324c5625323231322c3227334a253030556166363c273142273232783636273340273030727425314333323526302b2530384f656b696d253046303031323231323327323044697067646d782d324431323d2630 HTTP/1.1
Host: sec.plala.or.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.j4.dfi-japan.com/
Cookie: thx_guid=5ac65d2fed0fd1c243f914fad699b18c; tmx_guid=AAzo2CSxXxdOUkZGlLF-PZP7tgC8CB6LSSY40OR1nUnzxYNh9d35YMl6Mu5i0oG5CIVXfVin_RJKsEmEzkI8pZxL0Evb9g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Thu, 08 Dec 2022 08:48:02 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive