hottime4you.com/ol/all/fr/ms/2-442857/?cep=eOUUXopMfTQDM55H6hFq89n6GbAcuHnBJMpnGcj2z5T70qJXnyLzWhzQiKwGj28LhLjukDxuqEYlYGyzvJ0xgdvSyZqXAKegybZArIWa7TJGyynP_cTv3UzqmlmJjVI99cgQSOR3xe9p2lFqYSu7wCFNpz9kVvPnvd5gjauTmlKlOGDNj6O7BN8nlOprswtbdaHKbfc7-0_Qx2DagCs-dvaqHqT1NcwKH0XopdFwG2X1cmMeLmXCEjaopUENkY18XSJYCExMsFWaS7fLLqq65iNMKt8GT88EI-zbr_oFFMIDxmQUXZUTOYhCBj5EzkU7xbMJDnuCg05VR_gslSprp38NB1Bg6azwasE2LEVrf2hWnedNB8N1I-DpYUwWkM7V&lptoken=16817879100b594b79d3
172.67.212.155200 OK 5.2 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/?cep=eOUUXopMfTQDM55H6hFq89n6GbAcuHnBJMpnGcj2z5T70qJXnyLzWhzQiKwGj28LhLjukDxuqEYlYGyzvJ0xgdvSyZqXAKegybZArIWa7TJGyynP_cTv3UzqmlmJjVI99cgQSOR3xe9p2lFqYSu7wCFNpz9kVvPnvd5gjauTmlKlOGDNj6O7BN8nlOprswtbdaHKbfc7-0_Qx2DagCs-dvaqHqT1NcwKH0XopdFwG2X1cmMeLmXCEjaopUENkY18XSJYCExMsFWaS7fLLqq65iNMKt8GT88EI-zbr_oFFMIDxmQUXZUTOYhCBj5EzkU7xbMJDnuCg05VR_gslSprp38NB1Bg6azwasE2LEVrf2hWnedNB8N1I-DpYUwWkM7V&lptoken=16817879100b594b79d3
IP 172.67.212.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 1b0f1b09a175577425e65e6335fb1426
53ec74b36436484f3b0047fdcdabd63a2dee7671
83634336c330846fd43a1a76b49143b19cd6ed0c945070fddd357d053985c259
GET /ol/all/fr/ms/2-442857/?cep=eOUUXopMfTQDM55H6hFq89n6GbAcuHnBJMpnGcj2z5T70qJXnyLzWhzQiKwGj28LhLjukDxuqEYlYGyzvJ0xgdvSyZqXAKegybZArIWa7TJGyynP_cTv3UzqmlmJjVI99cgQSOR3xe9p2lFqYSu7wCFNpz9kVvPnvd5gjauTmlKlOGDNj6O7BN8nlOprswtbdaHKbfc7-0_Qx2DagCs-dvaqHqT1NcwKH0XopdFwG2X1cmMeLmXCEjaopUENkY18XSJYCExMsFWaS7fLLqq65iNMKt8GT88EI-zbr_oFFMIDxmQUXZUTOYhCBj5EzkU7xbMJDnuCg05VR_gslSprp38NB1Bg6azwasE2LEVrf2hWnedNB8N1I-DpYUwWkM7V&lptoken=16817879100b594b79d3 HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 12:03:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2p3WM9aYWG666B0mvpC4FAqa46Ytqn7ZwKIXUPnn7qKqKP3sjjiNjvNDlDNmRQrPbYmFQhINAUS0IaQsqIT%2FAWxxuFe2EC%2B9F1eA1BpYtgXLDKZcZ5o7k2JXDO2NaqNH840%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a3a7467ce97b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cf14baed0842431a08367ed54f2346ca
d943be8835b7e4470e3d6fbe09ac39c5464be434
a45fbc8cdddc9f43c0c3c7d73cbb2cdf3cf4c4cd2df20802925b795da5048aa4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A45FBC8CDDDC9F43C0C3C7D73CBB2CDF3CF4C4CD2DF20802925B795DA5048AA4"
Last-Modified: Sun, 05 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14952
Expires: Mon, 06 Mar 2023 16:12:30 GMT
Date: Mon, 06 Mar 2023 12:03:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c8d3b63b0ab9c679c7a50df2ba42b497
7133ccb414f7d8040d0f4a1b1df359485a76c377
4652b9b479b50208073dbff5a0b434fe6e8a1a2c5caa6365a8c5de2ff7fd9865
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4652B9B479B50208073DBFF5A0B434FE6E8A1A2C5CAA6365A8C5DE2FF7FD9865"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6951
Expires: Mon, 06 Mar 2023 13:59:09 GMT
Date: Mon, 06 Mar 2023 12:03:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5034bcceb9691ad6244be6045742ab53
51e77cdc92833432cd26b13f28875791a187c63c
540637d0d69c1201dcb2dd813b40e64cd07c5bd7685d46a7bad4d437a4e7aeea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "540637D0D69C1201DCB2DD813B40E64CD07C5BD7685D46A7BAD4D437A4E7AEEA"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14930
Expires: Mon, 06 Mar 2023 16:12:08 GMT
Date: Mon, 06 Mar 2023 12:03:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Type, Retry-After, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Mar 2023 11:08:35 GMT
content-type: application/json
age: 3283
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WUsqsC5I47k6Cd/s1W1Nr3WPSKBw11Lyfk2yqoRh6sZmfjp+5a4c+3Dy35PG0jucXV1Hni2Kkjlr9TLt1xAkzg==
x-amz-request-id: WJ39TEWJ7EY1JKRN
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Mar 2023 11:17:07 GMT
age: 2771
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 12:03:18 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
static.production.almightypush.com/mng/subs_window.css?ver=1651138969
54.230.111.23200 OK 6.9 kB URL HTTP/2 static.production.almightypush.com/mng/subs_window.css?ver=1651138969
IP 54.230.111.23:0
Hash bd7dbae15f904a4e1213439ebfefddbe
9f7a33b3d6e7965d8b99f0ff56cbf2e2ebb8f78e
30c08f3bb42d9a16155c65fbc952430048e4a84be70b98cb989b2dc977b49f8a
GET /mng/subs_window.css?ver=1651138969 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 6945
last-modified: Wed, 18 Jan 2023 12:37:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Mar 2023 09:07:19 GMT
etag: "bd7dbae15f904a4e1213439ebfefddbe"
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: A5CXmZ9sR_8D-ZKl-2_PX6AJhlNiRU_eYIo6UqrhuGgqYePOqtg8LA==
age: 10597
X-Firefox-Spdy: h2
static.production.almightypush.com/mng/subs_window.js?ver=1651138969
54.230.111.23200 OK 20 kB URL HTTP/2 static.production.almightypush.com/mng/subs_window.js?ver=1651138969
IP 54.230.111.23:0
Hash ae593f4be1dd1f0710123918b49c4933
66fbe30bb873e0a47d3d72e737d68aa4b6916c26
fdf9ff3f74dcf11d0fa456dcd53cb21550f67f0cfdc11dc29bef595f07b56206
GET /mng/subs_window.js?ver=1651138969 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 19491
last-modified: Wed, 18 Jan 2023 12:37:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Mar 2023 04:17:42 GMT
etag: "ae593f4be1dd1f0710123918b49c4933"
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DMEja8aZ4YJ7me_9Xbbw3-DigfaXZ-MIuKH50lpkB6BrTXgrZMY-lA==
age: 27973
X-Firefox-Spdy: h2
static.production.almightypush.com/mng/channels/init.min.js?ver=1651138969
54.230.111.23200 OK 23 kB URL HTTP/2 static.production.almightypush.com/mng/channels/init.min.js?ver=1651138969
IP 54.230.111.23:0
Hash 3b6653c5e8ba364d3a55401890bfcd78
ee999f16f02d41b93d1db2bf3a489fab1034e67a
a598ef0100e73e2d81969e0a59374e915ccfe7c312603b4b1375bbd0e75498d5
GET /mng/channels/init.min.js?ver=1651138969 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 22787
last-modified: Wed, 18 Jan 2023 12:37:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Mar 2023 02:19:07 GMT
etag: "3b6653c5e8ba364d3a55401890bfcd78"
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MLQwiJHa1FgiunTmGuzbsJj3SgrvpJWYdNtdy-A3XGiIECgn0Es7JQ==
age: 35168
X-Firefox-Spdy: h2
hottime4you.com/ol/all/fr/ms/2-442857/js/jquery.js?4
172.67.212.155200 OK 34 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/js/jquery.js?4
IP 172.67.212.155:0
File type ASCII text, with very long lines (32086)
Hash 35838f7f4d8467ad30b25d6e4019f331
61e29db5c5120ce27518533cf9143f7d73c19656
36bb24f3dc82acc8ea2329b4b11fac097a67efeff94c9f11c8e92edfedf5f925
GET /ol/all/fr/ms/2-442857/js/jquery.js?4 HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=eOUUXopMfTQDM55H6hFq89n6GbAcuHnBJMpnGcj2z5T70qJXnyLzWhzQiKwGj28LhLjukDxuqEYlYGyzvJ0xgdvSyZqXAKegybZArIWa7TJGyynP_cTv3UzqmlmJjVI99cgQSOR3xe9p2lFqYSu7wCFNpz9kVvPnvd5gjauTmlKlOGDNj6O7BN8nlOprswtbdaHKbfc7-0_Qx2DagCs-dvaqHqT1NcwKH0XopdFwG2X1cmMeLmXCEjaopUENkY18XSJYCExMsFWaS7fLLqq65iNMKt8GT88EI-zbr_oFFMIDxmQUXZUTOYhCBj5EzkU7xbMJDnuCg05VR_gslSprp38NB1Bg6azwasE2LEVrf2hWnedNB8N1I-DpYUwWkM7V&lptoken=16817879100b594b79d3
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 12:03:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 16 May 2022 14:13:26 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAIr2GdiiCsM3imHTXVIStjV4QLxmcCh8e9dmTxpav5dc32ZyUdL1H4msVhs3MH7Dz0x0AOK%2FB5Wq65fYjOFyc9fwy917WrXnW3%2FvyZo%2FLYZUH%2FtVxdUX1Ry90Hfo4%2F%2FFyw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a3a746a19b3b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/fr/ms/2-442857/js/backoffer.js
172.67.212.155200 OK 230 B URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/js/backoffer.js
IP 172.67.212.155:0
File type ASCII text, with very long lines (430), with no line terminators
Hash d1d761e3721375472889577260906f9c
c5e6e54e8b6b84af216d867dca79eb00c2819e42
de8798dd7447b4651ec2d44931c15ceb0d3e5099997b2ddc2452d3f95092a1a2
Analyzer Verdict Alert fortinet Malware
GET /ol/all/fr/ms/2-442857/js/backoffer.js HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=eOUUXopMfTQDM55H6hFq89n6GbAcuHnBJMpnGcj2z5T70qJXnyLzWhzQiKwGj28LhLjukDxuqEYlYGyzvJ0xgdvSyZqXAKegybZArIWa7TJGyynP_cTv3UzqmlmJjVI99cgQSOR3xe9p2lFqYSu7wCFNpz9kVvPnvd5gjauTmlKlOGDNj6O7BN8nlOprswtbdaHKbfc7-0_Qx2DagCs-dvaqHqT1NcwKH0XopdFwG2X1cmMeLmXCEjaopUENkY18XSJYCExMsFWaS7fLLqq65iNMKt8GT88EI-zbr_oFFMIDxmQUXZUTOYhCBj5EzkU7xbMJDnuCg05VR_gslSprp38NB1Bg6azwasE2LEVrf2hWnedNB8N1I-DpYUwWkM7V&lptoken=16817879100b594b79d3
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 12:03:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 19 Apr 2016 09:53:16 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=li0kG1qzFx%2Fgr%2FLjm%2Bj9JsLXQeYC1%2FHUOFTsjnEikEYLkwap8rH8%2BG%2FejC2ASTS6amCaOszB%2Bs8c%2F%2FrjE0tOjkxchvhuFBufu5YqHO4IcQiEI2meudx1ghOBLBYk2uLi2OU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a3a746a2e33b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c9958a054b994b6369ff69d1e849d3a1
4884eb69b307ec2b553f6421f5cf169176b22080
7920c04015fa782b22534874130275fdc248a3b13e6a212b2f2c3270f0016395
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7920C04015FA782B22534874130275FDC248A3B13E6A212B2F2C3270F0016395"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5983
Expires: Mon, 06 Mar 2023 13:43:02 GMT
Date: Mon, 06 Mar 2023 12:03:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Cache-Control, Expires, Alert, Content-Type, Pragma, Retry-After, Last-Modified, Backoff, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Mar 2023 11:03:41 GMT
age: 3578
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e44d064b81b73efe46cc420f8ae34410
229b99f9754fdce4f543513a0942ba63f67dc057
69b84b87493304be0456180f60ddf01f51a96fffa86fe8dddc8dd920fb262f06
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69B84B87493304BE0456180F60DDF01F51A96FFFA86FE8DDDC8DD920FB262F06"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15026
Expires: Mon, 06 Mar 2023 16:13:45 GMT
Date: Mon, 06 Mar 2023 12:03:19 GMT
Connection: keep-alive
hottime4you.com/ol/all/fr/ms/2-442857/images/logo.svg
172.67.212.155200 OK 4.1 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/logo.svg
IP 172.67.212.155:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (11634)
Hash 9a783caa8a8251f36166178a67f47a11
9ea6e5b928c5b8f30098cb450e7cc150bb9ec52e
83070d8dfd1a7ee1a070fe1bce65a715f94912c19820cc01dab6d2b0dc0eeea4
Analyzer Verdict Alert fortinet Malware
GET /ol/all/fr/ms/2-442857/images/logo.svg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=eOUUXopMfTQDM55H6hFq89n6GbAcuHnBJMpnGcj2z5T70qJXnyLzWhzQiKwGj28LhLjukDxuqEYlYGyzvJ0xgdvSyZqXAKegybZArIWa7TJGyynP_cTv3UzqmlmJjVI99cgQSOR3xe9p2lFqYSu7wCFNpz9kVvPnvd5gjauTmlKlOGDNj6O7BN8nlOprswtbdaHKbfc7-0_Qx2DagCs-dvaqHqT1NcwKH0XopdFwG2X1cmMeLmXCEjaopUENkY18XSJYCExMsFWaS7fLLqq65iNMKt8GT88EI-zbr_oFFMIDxmQUXZUTOYhCBj5EzkU7xbMJDnuCg05VR_gslSprp38NB1Bg6azwasE2LEVrf2hWnedNB8N1I-DpYUwWkM7V&lptoken=16817879100b594b79d3
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 12:03:19 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktq2cvsNEZkJlwJ1pzwCAwK20aaTEJ6Jp3stEdk8H0tPiCWCMuZ9oo%2BS2cuqiAQ1mw9mhaeehpjCq1CmrVyXMkoStfQ00v%2BTTOg3Kx9mKeEBzHljJrW3W41iCgwL%2FM2A9sk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a3a746e7d37b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0b2a6c80075ac612fdd0c0db8ecc7508
816bcd2a7acf9dbf93e52adbe3549a2945d4cbfb
f5b916b912ad2c776304ec956a0d8c6e383551ae5f4c9c15bdf82b2db499d02b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 12:03:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hottime4you.com/ol/all/fr/ms/2-442857/images/back-laststep-desktop.jpg
172.67.212.155200 OK 84 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/back-laststep-desktop.jpg
IP 172.67.212.155:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Hash e431ac80dda05f7e37ada8ed197a9652
74056d9a5976eca4566cd43e419d406a2512afd6
5e2882cf781a0d9768e563e46e9f2ba10510cd42c1c6d9228727ce5fdda3844a
GET /ol/all/fr/ms/2-442857/images/back-laststep-desktop.jpg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=eOUUXopMfTQDM55H6hFq89n6GbAcuHnBJMpnGcj2z5T70qJXnyLzWhzQiKwGj28LhLjukDxuqEYlYGyzvJ0xgdvSyZqXAKegybZArIWa7TJGyynP_cTv3UzqmlmJjVI99cgQSOR3xe9p2lFqYSu7wCFNpz9kVvPnvd5gjauTmlKlOGDNj6O7BN8nlOprswtbdaHKbfc7-0_Qx2DagCs-dvaqHqT1NcwKH0XopdFwG2X1cmMeLmXCEjaopUENkY18XSJYCExMsFWaS7fLLqq65iNMKt8GT88EI-zbr_oFFMIDxmQUXZUTOYhCBj5EzkU7xbMJDnuCg05VR_gslSprp38NB1Bg6azwasE2LEVrf2hWnedNB8N1I-DpYUwWkM7V&lptoken=16817879100b594b79d3
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 12:03:19 GMT
Content-Type: image/jpeg
Content-Length: 83565
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQtsFXuE4oJ90p7Hyure7khU%2F1dJH54Ig%2FKuRn%2BOoE6t25DGtVu%2Bii45HSahoLoY%2FEvciCIkeM1xEfskTHElYE37uiTNvpVn8JUxBkJABXlU6tp7ghnS1%2FwhRGBWxXAmG50%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a3a746e9f7fb4f7-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/fr/ms/2-442857/images/serious-desktop.jpg
172.67.212.155200 OK 67 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/serious-desktop.jpg
IP 172.67.212.155:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x1080, components 3\012- data
Hash 112fc3ea157bf79b88786de55a3be1b8
a7211bb35cdeefd3959d82ab942e1b2886d36756
30ba0d70d139e457f946a920859d706cdcf3aa9f920eeb1fab2b964e35d387b5
GET /ol/all/fr/ms/2-442857/images/serious-desktop.jpg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=eOUUXopMfTQDM55H6hFq89n6GbAcuHnBJMpnGcj2z5T70qJXnyLzWhzQiKwGj28LhLjukDxuqEYlYGyzvJ0xgdvSyZqXAKegybZArIWa7TJGyynP_cTv3UzqmlmJjVI99cgQSOR3xe9p2lFqYSu7wCFNpz9kVvPnvd5gjauTmlKlOGDNj6O7BN8nlOprswtbdaHKbfc7-0_Qx2DagCs-dvaqHqT1NcwKH0XopdFwG2X1cmMeLmXCEjaopUENkY18XSJYCExMsFWaS7fLLqq65iNMKt8GT88EI-zbr_oFFMIDxmQUXZUTOYhCBj5EzkU7xbMJDnuCg05VR_gslSprp38NB1Bg6azwasE2LEVrf2hWnedNB8N1I-DpYUwWkM7V&lptoken=16817879100b594b79d3
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 12:03:19 GMT
Content-Type: image/jpeg
Content-Length: 67016
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zszAb6HCu2GarJeVs04kqhddsQxNDFYFYME59ELobgqAAPh7O1wGzcygxuPXqRdchg54798UVr%2FT7BZICbwX7E6lhOnSUFHWCtZ9F3v8vXhR1LS%2B5zQ95RCHuZ9xASybaZQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a3a746eafcf0b49-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/fr/ms/2-442857/images/hookup-desktop.jpg
172.67.212.155200 OK 62 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/hookup-desktop.jpg
IP 172.67.212.155:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x1080, components 3\012- data
Hash 8f587d707f7e18f994af0453be2c68d7
52daab9a9944d9b0d2348c9409b1d160aafcd18c
0a2ce539eadc90769ad5c0cf4e49d8b9d3b2046f03df1cbd95b6e498db3183ac
GET /ol/all/fr/ms/2-442857/images/hookup-desktop.jpg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=eOUUXopMfTQDM55H6hFq89n6GbAcuHnBJMpnGcj2z5T70qJXnyLzWhzQiKwGj28LhLjukDxuqEYlYGyzvJ0xgdvSyZqXAKegybZArIWa7TJGyynP_cTv3UzqmlmJjVI99cgQSOR3xe9p2lFqYSu7wCFNpz9kVvPnvd5gjauTmlKlOGDNj6O7BN8nlOprswtbdaHKbfc7-0_Qx2DagCs-dvaqHqT1NcwKH0XopdFwG2X1cmMeLmXCEjaopUENkY18XSJYCExMsFWaS7fLLqq65iNMKt8GT88EI-zbr_oFFMIDxmQUXZUTOYhCBj5EzkU7xbMJDnuCg05VR_gslSprp38NB1Bg6azwasE2LEVrf2hWnedNB8N1I-DpYUwWkM7V&lptoken=16817879100b594b79d3
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 12:03:19 GMT
Content-Type: image/jpeg
Content-Length: 61848
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6JJQd3CJv%2BifQZav4F5IB0xyEp38lvRz1bo3zEeYYR2j74fagc%2FP2CWeJYXSVNP1UNOFSPrDUP4XgOBg0Q1rH%2FBRFPib3lE5J7D%2BiM1AZAGOhlUA4XjKRA8%2FiWX4D%2BdNac%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a3a746eaf6ab506-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/fr/ms/2-442857/images/hookup.svg
172.67.212.155404 Not Found 238 B URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/hookup.svg
IP 172.67.212.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert fortinet Malware
GET /ol/all/fr/ms/2-442857/images/hookup.svg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=eOUUXopMfTQDM55H6hFq89n6GbAcuHnBJMpnGcj2z5T70qJXnyLzWhzQiKwGj28LhLjukDxuqEYlYGyzvJ0xgdvSyZqXAKegybZArIWa7TJGyynP_cTv3UzqmlmJjVI99cgQSOR3xe9p2lFqYSu7wCFNpz9kVvPnvd5gjauTmlKlOGDNj6O7BN8nlOprswtbdaHKbfc7-0_Qx2DagCs-dvaqHqT1NcwKH0XopdFwG2X1cmMeLmXCEjaopUENkY18XSJYCExMsFWaS7fLLqq65iNMKt8GT88EI-zbr_oFFMIDxmQUXZUTOYhCBj5EzkU7xbMJDnuCg05VR_gslSprp38NB1Bg6azwasE2LEVrf2hWnedNB8N1I-DpYUwWkM7V&lptoken=16817879100b594b79d3
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Mon, 06 Mar 2023 12:03:19 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iF2KIQbbkS68rKhixUg9yBLw27VlwjfRbQ8910qURJtcC6BTkC0T9jK0enBr6f0yDgAmP08Yaagi7THZ75eNMsNwbetUIbEhZkgv2VRW3p1GT471PFR5Z07CkIAVYjWwLqw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a3a746eaaafb529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/fr/ms/2-442857/images/serious.svg
172.67.212.155404 Not Found 238 B URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/serious.svg
IP 172.67.212.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert fortinet Malware
GET /ol/all/fr/ms/2-442857/images/serious.svg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=eOUUXopMfTQDM55H6hFq89n6GbAcuHnBJMpnGcj2z5T70qJXnyLzWhzQiKwGj28LhLjukDxuqEYlYGyzvJ0xgdvSyZqXAKegybZArIWa7TJGyynP_cTv3UzqmlmJjVI99cgQSOR3xe9p2lFqYSu7wCFNpz9kVvPnvd5gjauTmlKlOGDNj6O7BN8nlOprswtbdaHKbfc7-0_Qx2DagCs-dvaqHqT1NcwKH0XopdFwG2X1cmMeLmXCEjaopUENkY18XSJYCExMsFWaS7fLLqq65iNMKt8GT88EI-zbr_oFFMIDxmQUXZUTOYhCBj5EzkU7xbMJDnuCg05VR_gslSprp38NB1Bg6azwasE2LEVrf2hWnedNB8N1I-DpYUwWkM7V&lptoken=16817879100b594b79d3
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Mon, 06 Mar 2023 12:03:19 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QM4gaKUo5smUHXCEQIJ5EtJgiO8gvMW%2FQpJ%2FMO58ydBe6fqSQBslAmuxUUwHy7aGZA0ECS8RguUIwT1EbWT8MwazSDPn2K3P0oOHE1tpf7jsisyJ8QiQ8CPqIAjfqFpIRgA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a3a746ead87b4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
142.250.74.35200 OK 42 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 42336, version 1.0\012- data
Hash fe744073b54b3ba4efbf59b75be93667
737e9cf2c8d55812d1b2290e2146a43e0cefa6c8
c640c6d4c7104b09736c8a8c26f666305963273ffcba78e63b7a06451461cc55
GET /s/raleway/v22/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hottime4you.com
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 42336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Mar 2023 14:26:22 GMT
expires: Fri, 01 Mar 2024 14:26:22 GMT
cache-control: public, max-age=31536000
age: 337017
last-modified: Tue, 29 Jun 2021 19:44:26 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hottime4you.com/ol/all/fr/ms/2-442857/images/onlinesex.svg
172.67.212.155404 Not Found 238 B URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/onlinesex.svg
IP 172.67.212.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert fortinet Malware
GET /ol/all/fr/ms/2-442857/images/onlinesex.svg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=eOUUXopMfTQDM55H6hFq89n6GbAcuHnBJMpnGcj2z5T70qJXnyLzWhzQiKwGj28LhLjukDxuqEYlYGyzvJ0xgdvSyZqXAKegybZArIWa7TJGyynP_cTv3UzqmlmJjVI99cgQSOR3xe9p2lFqYSu7wCFNpz9kVvPnvd5gjauTmlKlOGDNj6O7BN8nlOprswtbdaHKbfc7-0_Qx2DagCs-dvaqHqT1NcwKH0XopdFwG2X1cmMeLmXCEjaopUENkY18XSJYCExMsFWaS7fLLqq65iNMKt8GT88EI-zbr_oFFMIDxmQUXZUTOYhCBj5EzkU7xbMJDnuCg05VR_gslSprp38NB1Bg6azwasE2LEVrf2hWnedNB8N1I-DpYUwWkM7V&lptoken=16817879100b594b79d3
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Mon, 06 Mar 2023 12:03:19 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3ixolubJUqAxeY1W2Ep5g6da3QM3V8iUEJ4qc8AuIf1DhLyNGCODAVJ7W9FjzSQFgQkNkk2L6zenBKR6kIO%2F1kKQWr%2FbFC8yTCKrje5wlKrgNRTKGpefrvP%2BS7TTZW3IrQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a3a746f1813b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0b2a6c80075ac612fdd0c0db8ecc7508
816bcd2a7acf9dbf93e52adbe3549a2945d4cbfb
f5b916b912ad2c776304ec956a0d8c6e383551ae5f4c9c15bdf82b2db499d02b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 12:03:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hottime4you.com/ol/all/fr/ms/2-442857/images/onlinesex-desktop.jpg
172.67.212.155200 OK 63 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/onlinesex-desktop.jpg
IP 172.67.212.155:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x1080, components 3\012- data
Hash 0d79ffb95618867cdef5f21e4f43ae77
0de5b35006c41fce8d81f704acd05e82199a8ef9
61a54e2fd489a966a4e217a4206849ca86c909b7604bf365135525d2e3a3a8ae
GET /ol/all/fr/ms/2-442857/images/onlinesex-desktop.jpg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=eOUUXopMfTQDM55H6hFq89n6GbAcuHnBJMpnGcj2z5T70qJXnyLzWhzQiKwGj28LhLjukDxuqEYlYGyzvJ0xgdvSyZqXAKegybZArIWa7TJGyynP_cTv3UzqmlmJjVI99cgQSOR3xe9p2lFqYSu7wCFNpz9kVvPnvd5gjauTmlKlOGDNj6O7BN8nlOprswtbdaHKbfc7-0_Qx2DagCs-dvaqHqT1NcwKH0XopdFwG2X1cmMeLmXCEjaopUENkY18XSJYCExMsFWaS7fLLqq65iNMKt8GT88EI-zbr_oFFMIDxmQUXZUTOYhCBj5EzkU7xbMJDnuCg05VR_gslSprp38NB1Bg6azwasE2LEVrf2hWnedNB8N1I-DpYUwWkM7V&lptoken=16817879100b594b79d3
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 12:03:19 GMT
Content-Type: image/jpeg
Content-Length: 62777
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbLNN51gyyea5PNNheBZv9tBswg8b2TqUJZ7MPR6zD3zOEdubRZvPoGVT29Eq8uoYextaJbk9GNpSBk72CgtSelFFLJ2dcyuSptH%2F4OveS%2FM%2FfvznrcTPm16qhF7T0Gym1I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a3a746efe97b524-OSL
alt-svc: h2=":443"; ma=60
zeniocloud.com/JAIA.js?sub1=hottime4you.com
167.114.67.56200 OK 334 B URL HTTP/2 zeniocloud.com/JAIA.js?sub1=hottime4you.com
IP 167.114.67.56:0
Hash 494c5d95f57e09c23ad567bd46c99340
08ce83fcbeef279552117da55e5bacfbc5a45b37
06842458ef491f0396dff451beeaefe1276db318b50e0fc2b459f17321aa7ad8
Analyzer Verdict Alert fortinet Phishing
GET /JAIA.js?sub1=hottime4you.com HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 06 Mar 2023 12:03:19 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2
hottime4you.com/ol/all/fr/ms/2-442857/images/apple-touch-icon.png
172.67.212.155200 OK 15 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/apple-touch-icon.png
IP 172.67.212.155:0
File type PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Hash 06cccf2fbccc024e971c61e25c79371a
7670223c8b94e99051aac5d73a50a586b522c538
e34cc0bbabe9b6e5d76098f9628115351c7b39a46aa8297221b6e5af7cc879e5
GET /ol/all/fr/ms/2-442857/images/apple-touch-icon.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=eOUUXopMfTQDM55H6hFq89n6GbAcuHnBJMpnGcj2z5T70qJXnyLzWhzQiKwGj28LhLjukDxuqEYlYGyzvJ0xgdvSyZqXAKegybZArIWa7TJGyynP_cTv3UzqmlmJjVI99cgQSOR3xe9p2lFqYSu7wCFNpz9kVvPnvd5gjauTmlKlOGDNj6O7BN8nlOprswtbdaHKbfc7-0_Qx2DagCs-dvaqHqT1NcwKH0XopdFwG2X1cmMeLmXCEjaopUENkY18XSJYCExMsFWaS7fLLqq65iNMKt8GT88EI-zbr_oFFMIDxmQUXZUTOYhCBj5EzkU7xbMJDnuCg05VR_gslSprp38NB1Bg6azwasE2LEVrf2hWnedNB8N1I-DpYUwWkM7V&lptoken=16817879100b594b79d3
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 12:03:19 GMT
Content-Type: image/png
Content-Length: 15044
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60B77erMhMl%2BRtrh50boyHyVM6d92xvzyx7gLMiI4VZvMOsEirVCBzKKsU02trZA%2FDNrt1IoW9WqEEZ%2FgQS%2FitlJIun2I5AwRAxdkp%2BcjD9VZx%2FbYEAu2WajVPIORTDHq38%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a3a7470298b0b49-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/fr/ms/2-442857/images/favicon-16x16.png
172.67.212.155200 OK 1.3 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/favicon-16x16.png
IP 172.67.212.155:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash d538e176ce147346539d54cbe91d9099
a08de9e15e2d6ca9ddd8a6c940055f51440800d7
fdbf44ab7cc09f4f10014be97d1f7e031452cff785ca3f6f6be9b39671371d4f
GET /ol/all/fr/ms/2-442857/images/favicon-16x16.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=eOUUXopMfTQDM55H6hFq89n6GbAcuHnBJMpnGcj2z5T70qJXnyLzWhzQiKwGj28LhLjukDxuqEYlYGyzvJ0xgdvSyZqXAKegybZArIWa7TJGyynP_cTv3UzqmlmJjVI99cgQSOR3xe9p2lFqYSu7wCFNpz9kVvPnvd5gjauTmlKlOGDNj6O7BN8nlOprswtbdaHKbfc7-0_Qx2DagCs-dvaqHqT1NcwKH0XopdFwG2X1cmMeLmXCEjaopUENkY18XSJYCExMsFWaS7fLLqq65iNMKt8GT88EI-zbr_oFFMIDxmQUXZUTOYhCBj5EzkU7xbMJDnuCg05VR_gslSprp38NB1Bg6azwasE2LEVrf2hWnedNB8N1I-DpYUwWkM7V&lptoken=16817879100b594b79d3
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 12:03:19 GMT
Content-Type: image/png
Content-Length: 1342
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bc3pdHWkHTJuUHlm6gX3SFtHnspkJwq1r1Kl2KIxg8zy3OlPZb8oqZ8pvDZ1KZZdtykMQE%2FKNRvQsvHch3vJ8sK3j9%2FP4%2FXd%2B%2BfuhTuWaLDz1SAQzKx4EzAWqgp9THEg%2BDw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a3a747028c3b524-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
100.20.3.157101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.3.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RAxagogwLrYKyHcMWbdTUA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QoBUpSmWOst1wg4gscgE6MS3o/E=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9965
Expires: Mon, 06 Mar 2023 14:49:25 GMT
Date: Mon, 06 Mar 2023 12:03:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9965
Expires: Mon, 06 Mar 2023 14:49:25 GMT
Date: Mon, 06 Mar 2023 12:03:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9965
Expires: Mon, 06 Mar 2023 14:49:25 GMT
Date: Mon, 06 Mar 2023 12:03:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9965
Expires: Mon, 06 Mar 2023 14:49:25 GMT
Date: Mon, 06 Mar 2023 12:03:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9965
Expires: Mon, 06 Mar 2023 14:49:25 GMT
Date: Mon, 06 Mar 2023 12:03:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc4fc791-0fcf-48b3-a3fa-00548c2bff9f.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc4fc791-0fcf-48b3-a3fa-00548c2bff9f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bc38d40f9431067b1de69da19834da17
b9a46b3bde27762b1e71ee871126daf531477c3a
ddaddeb8804444883556d93c2c94899ac8543f9b27017a4a62ab7edc98c99656
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc4fc791-0fcf-48b3-a3fa-00548c2bff9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6740
x-amzn-requestid: 4326e8fa-b85a-4fd8-ab47-c989e968f4c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6RjESxIAMFyKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050a70-18a08cb93f89f1de252c04c2;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:32:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 1lXte9I2bdA2FiX-DuK5aHDeRQoBwUxUm0d2hm-6brHG1LxBp-Fkdw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 6af3b573d8970d5db2a4d03354335b84.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 21:54:21 GMT
age: 50939
etag: "b9a46b3bde27762b1e71ee871126daf531477c3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F267aed50-750e-4cf1-b3b6-2e527c45cfcf.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F267aed50-750e-4cf1-b3b6-2e527c45cfcf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34b0da1124fe262afa1e9e5cf10e454e
97598bc5e8094e9bc4899ba3b77e409f888e736d
58984e0b346a4bec848a2dac5875a0e971ccbaef2feaeaffdb9168b49a9c1f3b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F267aed50-750e-4cf1-b3b6-2e527c45cfcf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7483
x-amzn-requestid: d9827096-c051-4103-9e6b-c4a0e37ce695
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6ROEqsIAMF0QA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050a6d-71fb98302ffda28d721da260;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:32:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: NUNZRbzIqZCPFZ0bCou0ldLz3uA-T1_lgnMeUapBCbKYldUsLUu2aQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 3f3347264bcaae7af741e2a2f692c6a0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 21:45:13 GMT
age: 51487
etag: "97598bc5e8094e9bc4899ba3b77e409f888e736d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4726917eabc29a977873ad26e264e70d
4619a0418ee08d6618ead537f31823c98f355b5a
d3c6b43d46ccff30f0003a063b6c4c78d4a782262bfdeb138e6c015555ce2dcb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3381
x-amzn-requestid: 8b89e7ab-b8b3-45cd-af3a-cc419e61f1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A-PNPFynoAMFn8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fbf8ba-616bedc230d1c2b13a09beae;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 00:26:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Qd5FIKUZwnnKiIzEnrA7ZcC_yWa9_iP1r7xUaCP4f6I7m_z3ChB-2A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 11:26:53 GMT
age: 2187
etag: "4619a0418ee08d6618ead537f31823c98f355b5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c09ef55-602f-4eb8-aa1a-e701b5dc7903.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c09ef55-602f-4eb8-aa1a-e701b5dc7903.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02cd95c30a65a0c80928e653abedeefa
1099ae20c50109211fc9318ece50a784fec998f9
08162a68f91d9149ace613460e3dfae80ceac1dbe505c79642138032100335bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c09ef55-602f-4eb8-aa1a-e701b5dc7903.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6155
x-amzn-requestid: 99998e44-c2f0-4973-bede-44c33036ba4d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU7U7HA-oAMFQww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050c1f-7f8fe3f96531b57c69584754;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:39:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: zEWUxG77GT-uaewuPLzCl7DptXf5xbmQtBX7_tEaichah3kC3tmKAA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 22:16:20 GMT
age: 49620
etag: "1099ae20c50109211fc9318ece50a784fec998f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd016e3e-cec7-484b-8151-f72ea54dc958.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd016e3e-cec7-484b-8151-f72ea54dc958.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49dbeca46074e859a5a2958fdec9b28b
c649916591826b4db490b98cbe530533818daf0d
cb33caa142deb6570ce9e8a382d7fce45ba0101cdbc65ee6319dd23693f22086
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd016e3e-cec7-484b-8151-f72ea54dc958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7250
x-amzn-requestid: 5ae814e4-592b-4811-a724-d807b69ebd2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6hUHslIAMF26w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050ad4-051cb0632863689209d81d45;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:34:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: zlrwir3_2rfYf_Sr-2fQok_Sm2sLNVZfELD1DR3vdFL3avdVcsXJ4Q==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 21:56:28 GMT
age: 50812
etag: "c649916591826b4db490b98cbe530533818daf0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5642d287-8c21-49d9-9a11-2bfa6ee1a2f2.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5642d287-8c21-49d9-9a11-2bfa6ee1a2f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab3964124c43755909f9891e162d3c7
c912f5fcb7985842877c76686c6bcd356b5977ff
34627773ad1d710b054986c725eb8e8a4c7d8fbac31e6724e83217dc06cfaaad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5642d287-8c21-49d9-9a11-2bfa6ee1a2f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10332
x-amzn-requestid: bcb59433-4093-4bb3-b6d3-69f5489d5ef9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6iVE07oAMF28A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050adb-757a083b7be05f886d8d6edc;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:34:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: VQHHejqNu7eIU2c9SrcpSjyZ0h9jEHoz3QdUEy8-5vJ8n-PTe5IZPw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 22:00:32 GMT
age: 50568
etag: "c912f5fcb7985842877c76686c6bcd356b5977ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa169d27-d4e2-4120-996d-3e708709465a.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa169d27-d4e2-4120-996d-3e708709465a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 71c25a364e8787b187bb8678670dec28
0c31c92a548f4181a72ddd9bd0b2ee56e31b76f3
41063e64c3e5d29e2eea021ed09244fbae7cdda30c5fa31405d6e68146540c59
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa169d27-d4e2-4120-996d-3e708709465a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9916
x-amzn-requestid: e1fcb47d-2282-470d-8ec1-0f7e9cf4ab03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6QPG2QIAMF9Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050a67-2f079e4a1caffe1d74498de3;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: URdGtJbmZGOJVz8P62RSCsCMFNTCudyvXH1VKrTwoajYKwjL0sYQYQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 f268a165a18929fd0a24a3189fbd16b2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 21:43:08 GMT
age: 51619
etag: "0c31c92a548f4181a72ddd9bd0b2ee56e31b76f3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2