r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9410
Expires: Mon, 30 Jan 2023 01:59:59 GMT
Date: Sun, 29 Jan 2023 23:23:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9119
Expires: Mon, 30 Jan 2023 01:55:08 GMT
Date: Sun, 29 Jan 2023 23:23:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 22:43:10 GMT
content-type: application/json
age: 2399
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4128
Expires: Mon, 30 Jan 2023 00:31:57 GMT
Date: Sun, 29 Jan 2023 23:23:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +P9hQt3A25YtSU4O9iKJxnJTFgYSkG3aCXZYsgmamnAFM86n1ZK8t7GAce2d+X63OYhsqQDsSAMf5UMJg3Uw+g==
x-amz-request-id: 4GNS6ZAX44D4JDXC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 23:21:34 GMT
age: 95
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 23:23:09 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 22:49:04 GMT
age: 2045
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.actualitatea-crestina.ro/
89.42.218.232301 Moved Permanently 0 B URL HTTP/1.1 www.actualitatea-crestina.ro/
IP 89.42.218.232:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.actualitatea-crestina.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
set-cookie: et_pb_ab_view_page_39=7b020ba2c44b817c9c8cefcf9e3e5e13; path=/
x-redirect-by: WordPress
location: https://www.actualitatea-crestina.ro/
content-length: 0
date: Sun, 29 Jan 2023 23:23:09 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7637
Expires: Mon, 30 Jan 2023 01:30:26 GMT
Date: Sun, 29 Jan 2023 23:23:09 GMT
Connection: keep-alive
push.services.mozilla.com/
34.211.126.51101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.211.126.51:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XvqTCT0Gy7JRHvDNpHse9Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yWDGdH5Yg/lbwRXeam8qxHw/nP0=
www.actualitatea-crestina.ro/wp-content/plugins/ultimate-tables/css/ultimate-tables.css?ver=20e647804e703db1648f6b48c54e79f3
89.42.218.232200 OK 3.5 kB URL HTTP/2 www.actualitatea-crestina.ro/wp-content/plugins/ultimate-tables/css/ultimate-tables.css?ver=20e647804e703db1648f6b48c54e79f3
IP 89.42.218.232:0
Hash 9dbc8ad170f519ca96f3108f29d7f7c5
e6c932ee359455c0bb10c793fb911f14d6c66a1c
c306f60f2dad6d65fc37d29e4dab789f4d4131d5ea258d865ebb5e9e4052bcfe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-tables/css/ultimate-tables.css?ver=20e647804e703db1648f6b48c54e79f3 HTTP/1.1
Host: www.actualitatea-crestina.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Cookie: et_pb_ab_view_page_39=1cf4669323d124ae2efe33bbdb390f11
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 23:23:10 GMT
content-type: text/css
last-modified: Mon, 05 Jul 2021 13:58:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3453
date: Sun, 29 Jan 2023 23:23:10 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.actualitatea-crestina.ro/wp-content/plugins/ultimate-tables/css/jquery.dataTables.css?ver=20e647804e703db1648f6b48c54e79f3
89.42.218.232200 OK 2.3 kB URL HTTP/2 www.actualitatea-crestina.ro/wp-content/plugins/ultimate-tables/css/jquery.dataTables.css?ver=20e647804e703db1648f6b48c54e79f3
IP 89.42.218.232:0
Hash 7cecf1d679ff8a2dc6167d4f6c1a6658
b81afcf079a9704450f303e3e70c387eb683bf03
f80de579dd479c0ad84c04ccc88d72662128574269bedd991797e3ab523d8d56
GET /wp-content/plugins/ultimate-tables/css/jquery.dataTables.css?ver=20e647804e703db1648f6b48c54e79f3 HTTP/1.1
Host: www.actualitatea-crestina.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Cookie: et_pb_ab_view_page_39=1cf4669323d124ae2efe33bbdb390f11
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 23:23:10 GMT
content-type: text/css
last-modified: Mon, 05 Jul 2021 13:58:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2318
date: Sun, 29 Jan 2023 23:23:10 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.actualitatea-crestina.ro/wp-content/plugins/custom-share-buttons-with-floating-sidebar/css/csbwfs.css?ver=20e647804e703db1648f6b48c54e79f3
89.42.218.232200 OK 1.6 kB URL HTTP/2 www.actualitatea-crestina.ro/wp-content/plugins/custom-share-buttons-with-floating-sidebar/css/csbwfs.css?ver=20e647804e703db1648f6b48c54e79f3
IP 89.42.218.232:0
File type ASCII text, with CRLF line terminators
Hash 995bb394ee3eca4b0db3c8d7fb39e251
0efd27c1f8808c73987ef0b3d388fbabe0ef370e
fb094f8493a9b905ab1b59aa8beee8bbfabaeb5be7b9afe0cf34d1995900fad7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/custom-share-buttons-with-floating-sidebar/css/csbwfs.css?ver=20e647804e703db1648f6b48c54e79f3 HTTP/1.1
Host: www.actualitatea-crestina.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Cookie: et_pb_ab_view_page_39=1cf4669323d124ae2efe33bbdb390f11
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 23:23:10 GMT
content-type: text/css
last-modified: Wed, 26 Oct 2022 09:24:06 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1551
date: Sun, 29 Jan 2023 23:23:10 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.actualitatea-crestina.ro/
89.42.218.232200 OK 38 kB URL HTTP/2 www.actualitatea-crestina.ro/
IP 89.42.218.232:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26354)
Hash df2d53ad21e5c4526e417aac0a3e06f8
e530a1ef718b9f5b684721496898f54ec67cdf9e
92f34e821661f420fb60f54de5dad3e93b1af3fef98e773ac802d3daf2716acf
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.actualitatea-crestina.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
set-cookie: et_pb_ab_view_page_39=1cf4669323d124ae2efe33bbdb390f11; path=/; secure
link: <https://www.actualitatea-crestina.ro/wp-json/>; rel="https://api.w.org/", <https://www.actualitatea-crestina.ro/wp-json/wp/v2/pages/39>; rel="alternate"; type="application/json", <https://www.actualitatea-crestina.ro/>; rel=shortlink
content-encoding: gzip
vary: Accept-Encoding
date: Sun, 29 Jan 2023 23:23:10 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.actualitatea-crestina.ro/wp-content/uploads/2015/12/logon.jpg
89.42.218.232200 OK 13 kB URL HTTP/2 www.actualitatea-crestina.ro/wp-content/uploads/2015/12/logon.jpg
IP 89.42.218.232:0
File type JPEG image data, progressive, precision 8, 477x137, components 3\012- data
Hash d29c8736fb1a99b65d61e7dab37839b4
f0d9c68d7f6fb2f944978acd56a6fbcf87f9cda6
8873cb9f35e71f8c70cd71df9309ea045c6f9869105051d3959043d395bc2a61
GET /wp-content/uploads/2015/12/logon.jpg HTTP/1.1
Host: www.actualitatea-crestina.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Cookie: et_pb_ab_view_page_39=1cf4669323d124ae2efe33bbdb390f11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 23:23:10 GMT
content-type: image/jpeg
last-modified: Mon, 05 Jul 2021 14:02:03 GMT
accept-ranges: bytes
content-length: 12695
date: Sun, 29 Jan 2023 23:23:10 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.actualitatea-crestina.ro/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
89.42.218.232200 OK 31 kB URL HTTP/2 www.actualitatea-crestina.ro/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 89.42.218.232:0
File type ASCII text, with very long lines (65447)
Hash cc5a8bfbf7d31fbc3022dc05e964a95c
81edda48c2c2c97bf79dea1ec91b89105e4ba00b
651c822702a9ac476c260fd37dccab6c3da8306ff6dd922e9d68cfa7863bfe42
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.actualitatea-crestina.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Cookie: et_pb_ab_view_page_39=1cf4669323d124ae2efe33bbdb390f11
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 23:23:10 GMT
content-type: application/javascript
last-modified: Fri, 16 Dec 2022 15:08:44 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 31046
date: Sun, 29 Jan 2023 23:23:10 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.actualitatea-crestina.ro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
89.42.218.232200 OK 4.2 kB URL HTTP/2 www.actualitatea-crestina.ro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 89.42.218.232:0
File type ASCII text, with very long lines (11126)
Hash c41f3a82e911de81a1817131069bc7d2
1e883290a0b794916cead41e5f0705716fd77b89
e9791f24770f098ea30bb4d25e2e10bdedb97132d0bbf7d2bd79eedac22efa27
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.actualitatea-crestina.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Cookie: et_pb_ab_view_page_39=1cf4669323d124ae2efe33bbdb390f11
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 23:23:10 GMT
content-type: application/javascript
last-modified: Mon, 05 Jul 2021 14:13:58 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4168
date: Sun, 29 Jan 2023 23:23:10 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9vBg.woff2
142.250.74.35200 OK 51 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9vBg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 50900, version 1.0\012- data
Hash 08c655068d5dd3674b4f2eaacb470c03
9430880adc2841ca12c163de1c1b3bf9f18c4375
4fc8591cc545b7b4f70d80b085bf6577fad41d5d30ddd4f0d0c8ab792084c35e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9vBg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.actualitatea-crestina.ro
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 50900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 16:07:43 GMT
expires: Tue, 23 Jan 2024 16:07:43 GMT
cache-control: public, max-age=31536000
age: 544528
last-modified: Wed, 11 May 2022 19:25:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBhc4.woff2
142.250.74.35200 OK 55 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBhc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 54776, version 1.0\012- data
Hash 381dc2442717e08c09385cc42e39f1a9
efc24ea7bc8753f4b897bac010507940ee194dad
a4208a4184a14e8638f7b807e3b3c9e96fb1e1d7690fa9c2ae8216b763dd3a0c
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBhc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.actualitatea-crestina.ro
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 54776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 21:41:41 GMT
expires: Wed, 24 Jan 2024 21:41:41 GMT
cache-control: public, max-age=31536000
age: 438090
last-modified: Wed, 11 May 2022 19:24:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rAlQ.woff2
142.250.74.35200 OK 58 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rAlQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 57560, version 1.0\012- data
Hash 928f104ef796695c1d55533328900299
109b40c4f815d063f0a20e26bd4a484f5dd97c4a
eddfcbd89b7b2645952e9bcbbaebe49f46f0e2c6f62794da0289a2bf2b9a2729
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rAlQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.actualitatea-crestina.ro
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 57560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 00:13:25 GMT
expires: Fri, 26 Jan 2024 00:13:25 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:14:07 GMT
content-type: font/woff2
age: 342586
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPa7l.woff2
142.250.74.35200 OK 38 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPa7l.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 38432, version 1.0\012- data
Hash 5b13a4dce7c3d29ac233f25781c72578
1d1d68d34637e624f6e019bc2bb291d72d666750
7bb3a06ee5e4a590f6e6f95c6fa849e10917e7fab22e3fed8c9bbc8650928272
GET /s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPa7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.actualitatea-crestina.ro
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 38432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 15:54:52 GMT
expires: Sat, 27 Jan 2024 15:54:52 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:19:55 GMT
content-type: font/woff2
age: 199699
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ABc4.woff2
142.250.74.35200 OK 55 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ABc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 55056, version 1.0\012- data
Hash 222aa1b144a3312dacb293212d06553a
8893f804e0a556896c6044bc7aa850f6451d1822
c5252433e79ae3b6d116a39e07a12489edd095aae737ec28cf25cc1c1f9151ce
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ABc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.actualitatea-crestina.ro
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 55056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 18:23:01 GMT
expires: Mon, 29 Jan 2024 18:23:01 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:49 GMT
content-type: font/woff2
age: 18010
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3aOg.woff2
142.250.74.35200 OK 58 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3aOg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 58004, version 1.0\012- data
Hash 1324e1aec06c41faeb36e76fa15cb617
820a580e38fdacfdb504a6ecaad63d108e71109f
844ccd0cc56f52ce6341bd65156cbb9ba4fbe99b738b20185d06ce9cdd9bbf4b
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3aOg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.actualitatea-crestina.ro
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 58004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:02 GMT
expires: Mon, 29 Jan 2024 22:02:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:04:49 GMT
content-type: font/woff2
age: 4869
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlvBg.woff2
142.250.74.35200 OK 50 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlvBg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 50340, version 1.0\012- data
Hash 90f0b37f809b546f34189807169e9a76
ee8c931951df57cd7b7c8758053c72ebebf22297
9dcacf1d025168ee2f84aaf40bad826f08b43c94db12eb59dbe2a06a3e98bfb2
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlvBg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.actualitatea-crestina.ro
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 50340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 05:21:23 GMT
expires: Fri, 26 Jan 2024 05:21:23 GMT
cache-control: public, max-age=31536000
age: 324108
last-modified: Wed, 11 May 2022 19:24:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vAlQ.woff2
142.250.74.35200 OK 57 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vAlQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 57276, version 1.0\012- data
Hash 378ec1011609d10f0b6026d700af0b59
648c04447293ae286228283b8c9b4bc0bff5204b
467d3becf0243b2e4db298ac95433df0832d115c9f869efe8ccaaa8283459ce5
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vAlQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.actualitatea-crestina.ro
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 57276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 12:33:32 GMT
expires: Fri, 26 Jan 2024 12:33:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:14:24 GMT
content-type: font/woff2
age: 298179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.actualitatea-crestina.ro/wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.5
89.42.218.232200 OK 570 B URL HTTP/2 www.actualitatea-crestina.ro/wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.5
IP 89.42.218.232:0
Hash 1d8373fbd4d0a86ae3c21197f7538f82
c9df13064f796a640a01b7cf6dadd2aaf4bf8a48
4806482259213d4eb30b15f36225e60d7e568fc350f2197940de4f61e51a6e53
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.5 HTTP/1.1
Host: www.actualitatea-crestina.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Cookie: et_pb_ab_view_page_39=1cf4669323d124ae2efe33bbdb390f11
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 23:23:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 10:13:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 570
date: Sun, 29 Jan 2023 23:23:10 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.actualitatea-crestina.ro/wp-content/themes/Divi/includes/builder/scripts/ext/jquery.visible.min.js?ver=4.19.5
89.42.218.232200 OK 1.1 kB URL HTTP/2 www.actualitatea-crestina.ro/wp-content/themes/Divi/includes/builder/scripts/ext/jquery.visible.min.js?ver=4.19.5
IP 89.42.218.232:0
File type ASCII text, with very long lines (802)
Hash 262d94d888d8d9e4288421685482aff6
ad6e8d30c936cb8a4274ac550e672ad4663408a4
9d7e21ec90fa8307660c1875d4aaf9065065a899da40a34d1bf915a917903ee5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/includes/builder/scripts/ext/jquery.visible.min.js?ver=4.19.5 HTTP/1.1
Host: www.actualitatea-crestina.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Cookie: et_pb_ab_view_page_39=1cf4669323d124ae2efe33bbdb390f11
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 23:23:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 10:13:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1098
date: Sun, 29 Jan 2023 23:23:10 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.actualitatea-crestina.ro/wp-content/plugins/custom-share-buttons-with-floating-sidebar/images/hide.png
89.42.218.232200 OK 1.1 kB URL HTTP/2 www.actualitatea-crestina.ro/wp-content/plugins/custom-share-buttons-with-floating-sidebar/images/hide.png
IP 89.42.218.232:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash e8d0dabc3404158e623e63b99117f918
83606469c0f365ed2f8974c010d15ccde25b5dbf
dbf9aa49f454ecd0b72a7823864a1994361d07d88207a6bc693b7e97043f1fdf
GET /wp-content/plugins/custom-share-buttons-with-floating-sidebar/images/hide.png HTTP/1.1
Host: www.actualitatea-crestina.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Cookie: et_pb_ab_view_page_39=1cf4669323d124ae2efe33bbdb390f11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 23:23:10 GMT
content-type: image/png
last-modified: Wed, 26 Oct 2022 09:24:06 GMT
accept-ranges: bytes
content-length: 1066
date: Sun, 29 Jan 2023 23:23:10 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.actualitatea-crestina.ro/wp-content/plugins/custom-share-buttons-with-floating-sidebar/images/hide-l.png
89.42.218.232200 OK 2.4 kB URL HTTP/2 www.actualitatea-crestina.ro/wp-content/plugins/custom-share-buttons-with-floating-sidebar/images/hide-l.png
IP 89.42.218.232:0
File type PNG image data, 30 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash d0e15acdc5d01880a1f1003d2abf4190
0d29012a22c74923bf2d2f9b23109ceebcf8e646
112217c0dc39fd6949d6f5b66a4279a28c9f9add983c17c138842d04118f5592
GET /wp-content/plugins/custom-share-buttons-with-floating-sidebar/images/hide-l.png HTTP/1.1
Host: www.actualitatea-crestina.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Cookie: et_pb_ab_view_page_39=1cf4669323d124ae2efe33bbdb390f11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 23:23:10 GMT
content-type: image/png
last-modified: Wed, 26 Oct 2022 09:24:06 GMT
accept-ranges: bytes
content-length: 2425
date: Sun, 29 Jan 2023 23:23:10 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.actualitatea-crestina.ro/wp-content/plugins/ultimate-tables/js/jquery.dataTables.min.js?ver=1.0
89.42.218.232200 OK 28 kB URL HTTP/2 www.actualitatea-crestina.ro/wp-content/plugins/ultimate-tables/js/jquery.dataTables.min.js?ver=1.0
IP 89.42.218.232:0
File type Unicode text, UTF-8 text, with very long lines (557)
Hash 94e30d37335dee808af8c5006cde88f2
b7e2de5eca1a98ef9f632e2569597ee50195fad7
d6800ea946b92c2d7d0f871421e23bd2e7f0767fed3136755f1649a8c1b73eea
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-tables/js/jquery.dataTables.min.js?ver=1.0 HTTP/1.1
Host: www.actualitatea-crestina.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Cookie: et_pb_ab_view_page_39=1cf4669323d124ae2efe33bbdb390f11
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 23:23:10 GMT
content-type: application/javascript
last-modified: Mon, 05 Jul 2021 13:58:44 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 28288
date: Sun, 29 Jan 2023 23:23:10 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.actualitatea-crestina.ro/wp-content/uploads/2023/01/Imagine1.jpg
89.42.218.232200 OK 115 kB URL HTTP/2 www.actualitatea-crestina.ro/wp-content/uploads/2023/01/Imagine1.jpg
IP 89.42.218.232:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 220x220, segment length 16, baseline, precision 8, 889x445, components 3\012- data
Size 115 kB (115295 bytes)
Hash dde4cb8617b024c621f8fa051ccb8423
7aa85509c67356bb9225992f911201450a564b87
603ecdb5cb6bbbbfbe7606ab5c1f5392a046e8c0fef99d522a9b4c88012ad172
GET /wp-content/uploads/2023/01/Imagine1.jpg HTTP/1.1
Host: www.actualitatea-crestina.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Cookie: et_pb_ab_view_page_39=1cf4669323d124ae2efe33bbdb390f11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 23:23:10 GMT
content-type: image/jpeg
last-modified: Thu, 12 Jan 2023 12:05:29 GMT
accept-ranges: bytes
content-length: 115295
date: Sun, 29 Jan 2023 23:23:10 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.actualitatea-crestina.ro/wp-content/uploads/2014/10/buton_cumpara_ac.png
89.42.218.232200 OK 65 kB URL HTTP/2 www.actualitatea-crestina.ro/wp-content/uploads/2014/10/buton_cumpara_ac.png
IP 89.42.218.232:0
File type PNG image data, 2445 x 540, 8-bit/color RGBA, non-interlaced\012- data
Hash c62dad56b4a4c38431578ddc920b4615
c141a59d0f646fddf5bcc86f37728f7c352afe31
71e74cca4cd4107b9b62fadae3242a8f7146d13744d40a5996e2ad1a63c367a4
GET /wp-content/uploads/2014/10/buton_cumpara_ac.png HTTP/1.1
Host: www.actualitatea-crestina.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Cookie: et_pb_ab_view_page_39=1cf4669323d124ae2efe33bbdb390f11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 23:23:10 GMT
content-type: image/png
last-modified: Mon, 05 Jul 2021 13:59:47 GMT
accept-ranges: bytes
content-length: 64843
date: Sun, 29 Jan 2023 23:23:10 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.actualitatea-crestina.ro/wp-content/uploads/2023/01/pobi-1611588707273-cathopic-1280x854.jpg
89.42.218.232200 OK 118 kB URL HTTP/2 www.actualitatea-crestina.ro/wp-content/uploads/2023/01/pobi-1611588707273-cathopic-1280x854.jpg
IP 89.42.218.232:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, manufacturer=NIKON CORPORATION, model=NIKON D3300, xresolution=140, yresolution=148, resolutionunit=2, software=Adobe Photoshop Lightroom Classic 9.4 (Windows), datetime=2021:01:13 18:45:41], baseline, precision 8, 1280x854, components 3\012- data
Size 118 kB (117605 bytes)
Hash edc3730266436d4fda4ee188b9f46019
14b381ae0e490d60aea506cf79c36830b7ee5f2f
917bfdb55e77aa2cf1278170ba835d825988e05ff9849f26285d78561efc7c86
GET /wp-content/uploads/2023/01/pobi-1611588707273-cathopic-1280x854.jpg HTTP/1.1
Host: www.actualitatea-crestina.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Cookie: et_pb_ab_view_page_39=1cf4669323d124ae2efe33bbdb390f11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 23:23:10 GMT
content-type: image/jpeg
last-modified: Thu, 12 Jan 2023 12:02:32 GMT
accept-ranges: bytes
content-length: 117605
date: Sun, 29 Jan 2023 23:23:10 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3765
Expires: Mon, 30 Jan 2023 00:25:56 GMT
Date: Sun, 29 Jan 2023 23:23:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3765
Expires: Mon, 30 Jan 2023 00:25:56 GMT
Date: Sun, 29 Jan 2023 23:23:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3765
Expires: Mon, 30 Jan 2023 00:25:56 GMT
Date: Sun, 29 Jan 2023 23:23:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3765
Expires: Mon, 30 Jan 2023 00:25:56 GMT
Date: Sun, 29 Jan 2023 23:23:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3765
Expires: Mon, 30 Jan 2023 00:25:56 GMT
Date: Sun, 29 Jan 2023 23:23:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F281d3bcc-ce90-407c-89ce-33d8423b4048.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F281d3bcc-ce90-407c-89ce-33d8423b4048.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a60c45fc1156fadfbe47afe4e9e282da
e8db47e0aa028a846fd631cf2f2d5a979ee51e08
9a91bd22d5174fc3adbc6b24de6197be4f694bc46e8cc32124212a17a5af3f5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F281d3bcc-ce90-407c-89ce-33d8423b4048.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5462
x-amzn-requestid: 4ec670d9-7dfd-45a9-93bc-935dfd991c20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkF8HWWIAMFpnA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6f2-3bda5c87690a91851b2de9e6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IktxPIqbHTkANUYO5E64t0-RHGBrPlJt-MhuQoBxKWSxhbz1wzVDEA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 5403
etag: "e8db47e0aa028a846fd631cf2f2d5a979ee51e08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.actualitatea-crestina.ro/wp-content/uploads/2023/01/coperta-1-ianuarie_page-0001.jpg
89.42.218.232200 OK 859 kB URL HTTP/2 www.actualitatea-crestina.ro/wp-content/uploads/2023/01/coperta-1-ianuarie_page-0001.jpg
IP 89.42.218.232:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, baseline, precision 8, 1182x1565, components 3\012- data
Size 859 kB (859067 bytes)
Hash 2c7f85024cf786063a7bbba553988cb6
211c8ab36f9a2e592602a4d7374f87eed16cfb9d
ceda249b8ecd5483d7d14836e2a12c900415ad110c4d131cd911705b7342b9a3
GET /wp-content/uploads/2023/01/coperta-1-ianuarie_page-0001.jpg HTTP/1.1
Host: www.actualitatea-crestina.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Cookie: et_pb_ab_view_page_39=1cf4669323d124ae2efe33bbdb390f11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 23:23:10 GMT
content-type: image/jpeg
last-modified: Thu, 12 Jan 2023 11:56:19 GMT
accept-ranges: bytes
content-length: 859067
date: Sun, 29 Jan 2023 23:23:10 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 20:46:17 GMT
age: 9414
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d55e9c-b793-48b6-9641-536d9d4b8a49.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d55e9c-b793-48b6-9641-536d9d4b8a49.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ce4f845d4cdd467b4c82d8fbeb9ae0b
68257cdadb6e13a8f7f5e2354aca225286107a79
243b58df1616fd8b78c11302dbf90c97ecb6a3b289abe5f3439252cdbf304892
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d55e9c-b793-48b6-9641-536d9d4b8a49.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9150
x-amzn-requestid: 2b8949c8-5c97-49f5-8784-85daa42adff1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj4NF1moAMFQ9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e69a-2ab06022306835b013c1e46f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NEYfOHRSbqSqgj9m4A-z6jFKKbaiYC9DKmggHLFvSAK88FMnfXMn1Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:23:20 GMT
age: 3591
etag: "68257cdadb6e13a8f7f5e2354aca225286107a79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f49153c1aade8aa30bc6c84db4fa09d7
5cce4e085c87e7fbe82907694a36a91cc1bc9bfc
3285916959352e77cdbea34515dad3b3a0315b74bca7f45a8e5a2de4661203e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6646
x-amzn-requestid: c8a7d4b9-1a13-41c1-8391-853f03f3150c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvRsHiaIAMF4Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d49271-634529cc6844e70829b5750f;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:11:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PXMbaFBZrgdsIRduRmCb8ALPII3zv7dTT4Ikn2B_Waxz3wLcp2giKQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:49:27 GMT
age: 70424
etag: "5cce4e085c87e7fbe82907694a36a91cc1bc9bfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 546f1cb9f94ea553ae884a6f50c6bd3d
fd08d9841bcd8864aaf2e5d93ca61b31246b6db5
5aba48ac6c65e371c6c1aeee43f97670f196d3a3933b9f5812a67be90b7dbdfa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5764
x-amzn-requestid: 33ebf979-ba40-451e-bbdb-3ee4a9dc07ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhksyGRVoAMF5UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7eb-55fcbb4d6d88dbf758409801;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X3lzViVGoynSgoeenp6EIU2E3FMSRlKNGOy73pIOAASV11hOk2B4UA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:11:27 GMT
age: 4304
etag: "fd08d9841bcd8864aaf2e5d93ca61b31246b6db5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: soTFEnYjNcti77h3FpnztwzR7ypv68NbyoI6DxS0NhU412ykFsWAgA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:00:38 GMT
age: 4953
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 71c7233d85279a2f556ac758f70386f9
9acf490880e5d7a8f01cf7682ef3aa92d9596e06
557cc598d158a348c9183f1e7a8be355e80818982d24675780ac7e904a840408
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 23:23:11 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 06:48:37 GMT
Expires: Sat, 04 Feb 2023 06:48:36 GMT
Etag: "9acf490880e5d7a8f01cf7682ef3aa92d9596e06"
Cache-Control: max-age=458124,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7915b6d54fc3b4f3-OSL
online.pubhtml5.com/rupx/brxv/
54.230.111.96200 OK 981 B URL HTTP/2 online.pubhtml5.com/rupx/brxv/
IP 54.230.111.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 41deb0a3a7c837b24108a13579bc8360
5aa6f02acd4a259eef4267578f15c23ebb1cf6a0
64b9a0bfb607b78f5c61a71f00061760fe125b18660377d60387d3180bb8c625
GET /rupx/brxv/ HTTP/1.1
Host: online.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 981
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 11:52:54 GMT
server: AmazonS3
date: Sun, 29 Jan 2023 23:23:12 GMT
cache-control: no-cache
etag: "41deb0a3a7c837b24108a13579bc8360"
x-cache: RefreshHit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B-nqS0_Q94YWDiSibbYcgzDLy-o27MOUTCUn_cPu9JGvgJ6n2ETPgw==
X-Firefox-Spdy: h2
online.pubhtml5.com/rupx/brxv/files/search/book_config.js?1673524258
54.230.111.96200 OK 57 kB URL HTTP/2 online.pubhtml5.com/rupx/brxv/files/search/book_config.js?1673524258
IP 54.230.111.96:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (62988), with no line terminators
Hash db2642f3baa38c1d36de180ccfd5f9d5
12d50ff6d6b053aeee7e9184454f2778d3f937f5
c7a6bf3531433daf5721943db1a1c04b1bc378da27841bf06b088241b6c4d55f
GET /rupx/brxv/files/search/book_config.js?1673524258 HTTP/1.1
Host: online.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/rupx/brxv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 57333
date: Sun, 29 Jan 2023 05:08:28 GMT
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 11:52:51 GMT
etag: "db2642f3baa38c1d36de180ccfd5f9d5"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TX06inVcSeX-0AKsL6c8-VvaOOtt6DddCnJ9BjydlHNhtXjTgOxceg==
age: 65684
X-Firefox-Spdy: h2
online.pubhtml5.com/rupx/brxv/slide_javascript/slideJS.js?1673524258
54.230.111.96200 OK 32 B URL HTTP/2 online.pubhtml5.com/rupx/brxv/slide_javascript/slideJS.js?1673524258
IP 54.230.111.96:0
File type ASCII text, with no line terminators
Hash 831ce57f410466b93779ee06613e796a
0bd97826a2c13822d11d6c941d431ef652f7c7bd
55b366d2780a9f9af0ea55f09c79e624a2eca26028a21f7d03f6bbb861e870ea
GET /rupx/brxv/slide_javascript/slideJS.js?1673524258 HTTP/1.1
Host: online.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/rupx/brxv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 32
date: Sun, 29 Jan 2023 23:23:12 GMT
cache-control: no-cache
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 11:52:54 GMT
etag: "831ce57f410466b93779ee06613e796a"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g_6BCzii5vUPazmEYa39cjbNNPOGezPFO1jSX4g2hGLRB-M4xeiU-g==
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 0caa9ddc75f3c5b13626b64963ca1931
f02e497e892c9c820bd27d996eb9c2f617bca39f
20e2ef516c405ea6fbfb04cdcd91aab6a6a53c6584c0a280ade021e77d0f1c3a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 29 Jan 2023 23:23:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 29 Jan 2023 19:25:54 GMT
Expires: Mon, 30 Jan 2023 19:25:54 GMT
ETag: "f02e497e892c9c820bd27d996eb9c2f617bca39f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 0caa9ddc75f3c5b13626b64963ca1931
f02e497e892c9c820bd27d996eb9c2f617bca39f
20e2ef516c405ea6fbfb04cdcd91aab6a6a53c6584c0a280ade021e77d0f1c3a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 29 Jan 2023 23:23:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 29 Jan 2023 19:25:54 GMT
Expires: Mon, 30 Jan 2023 19:25:54 GMT
ETag: "f02e497e892c9c820bd27d996eb9c2f617bca39f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 0caa9ddc75f3c5b13626b64963ca1931
f02e497e892c9c820bd27d996eb9c2f617bca39f
20e2ef516c405ea6fbfb04cdcd91aab6a6a53c6584c0a280ade021e77d0f1c3a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 29 Jan 2023 23:23:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 29 Jan 2023 19:25:54 GMT
Expires: Mon, 30 Jan 2023 19:25:54 GMT
ETag: "f02e497e892c9c820bd27d996eb9c2f617bca39f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.actualitatea-crestina.ro/wp-content/themes/Divi/js/scripts.min.js?ver=4.19.5
89.42.218.232200 OK 2.9 kB URL HTTP/2 www.actualitatea-crestina.ro/wp-content/themes/Divi/js/scripts.min.js?ver=4.19.5
IP 89.42.218.232:0
File type ASCII text, with very long lines (3532), with CRLF line terminators
Hash e9b3fcb4595e82ed4f2fe31b680a3b2b
df179c4b262d13016271e5073bc601f0b6d2c4b2
6e33640becf0e1cc0820dec622d189561aa97538ef123b7000df9b56e1f10713
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.19.5 HTTP/1.1
Host: www.actualitatea-crestina.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.actualitatea-crestina.ro/
Cookie: et_pb_ab_view_page_39=1cf4669323d124ae2efe33bbdb390f11
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 23:23:10 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 10:13:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 70426
date: Sun, 29 Jan 2023 23:23:10 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 14681339fc16ac120967600c85c37d96
589ed56dc45067e35e26a667ad3d9a12d0f61884
c7a020eb97f372e9325a03c89aa4d97d023f8583ea94af56ae1ffc2363ab8547
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6004
Cache-Control: max-age=97571
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:23:12 GMT
Etag: "63d5c28f-1d7"
Expires: Tue, 31 Jan 2023 02:29:23 GMT
Last-Modified: Sun, 29 Jan 2023 00:49:19 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 2ea1656a28b47004371b8c2965bd0057
af94788bfebdd554737c83d242ce5d0731dffcd9
9745fe0d7448f27e26ee79c3d548ab8f3456786bb4e21a5658b195f091de1b82
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 4b51227c28936a448678fa6568d6c689
etag: "3a140adb28a2f792c2d854ac0c7ccbd9"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 29 Jan 2023 23:23:56 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: LqFlaii0cAQ3G4wpZb0AVw==
x-fb-debug: 9efOTxKska6viaWBdwDBMrZ/zF85IDOJw6yQWv8ke5EnU/74eGtpWyr7pfKgIV7MKCFsJbTvZcV8TsqbNQt8RQ==
content-length: 1686
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 23:23:12 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.pubhtml5.com/book/template/Handy/style/player.css
54.230.111.79200 OK 7.4 kB URL HTTP/2 static.pubhtml5.com/book/template/Handy/style/player.css
IP 54.230.111.79:0
Hash 2b1ce7b76275f99954f3654aad060e98
5698b2e9601382d137e9be87b151c0bfb8f60785
ac81e0cd352061511e7b3ef8f204006f0a66864da687870eb91c6013b3027990
GET /book/template/Handy/style/player.css HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
server: nginx
last-modified: Thu, 19 Nov 2020 07:51:59 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 19:37:46 GMT
expires: Mon, 30 Jan 2023 07:37:46 GMT
cache-control: max-age=43200
etag: W/"5fb6241f-edfb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2HRFzwWo7TsHph6widyJ8X0sKHOzQZCDfMSoVqIU0RthLuG2abb3WA==
age: 13386
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=c12e9879bb812e83d2e5d168c3e8a2ce
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=c12e9879bb812e83d2e5d168c3e8a2ce
IP 31.13.72.12:0
File type ASCII text, with very long lines (18530)
Hash d8c755c2bb810744138b4af68c64f06c
4392ecb9b8350484ff5e416e7ea4dece77fa5ff7
1dd8539f3b509fac4cd180b8d44520a9d701696ca01d64d8863f202c34a0f06d
GET /en_US/sdk.js?hash=c12e9879bb812e83d2e5d168c3e8a2ce HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://online.pubhtml5.com
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 00521661cff0f039a0d9dae666db6b68
etag: "526dcb0b21038d459fa72487255d8864"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 29 Jan 2024 21:08:40 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 2MdVwruBB0QTi0r2jGTwbA==
x-fb-debug: QNkeQ/A6AC0J5bQDcGTPw8CougjwdY+v0J2eoy9kQnHfg6ojhbH8wu0Xj//cT5deSYpSRQ+P5+pC5qIVCBewyQ==
priority: u=3,i
content-length: 88414
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 23:23:12 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.pubhtml5.com/book/js/visitinfo.js?_=1675034601509
54.230.111.79200 OK 293 kB URL HTTP/2 static.pubhtml5.com/book/js/visitinfo.js?_=1675034601509
IP 54.230.111.79:0
Size 293 kB (293120 bytes)
Hash 570ec2ed4b87f9d225776260c1baa51f
583a0b2ded110be075304c0ef25a0aeee1a221c0
e102d506195f00d9c4cdaadd938c6079c1d67fd0a4832792731d656bfbda657f
GET /book/js/visitinfo.js?_=1675034601509 HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
last-modified: Tue, 06 Dec 2022 05:45:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 17:53:30 GMT
expires: Mon, 30 Jan 2023 05:48:23 GMT
cache-control: max-age=43200
etag: W/"638ed6fb-1d86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: M70SULWzVaUpHzEpmU02uJaod617JoBxOFZsjBb7e3Rg1_KSoe6ipw==
age: 19949
X-Firefox-Spdy: h2
static.pubhtml5.com/book/template/Handy/style/icon/slide_leftButton.png
54.230.111.79200 OK 1.0 kB URL HTTP/2 static.pubhtml5.com/book/template/Handy/style/icon/slide_leftButton.png
IP 54.230.111.79:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 68de6ad55e1e63a56f0b2d1cd52ad31e
ec470633038c2cf46cb401c78c4987dc6c3dd849
d36d1fb0349577043a6283d3848301e12cac72d2b1d3251615f226975fb6107b
GET /book/template/Handy/style/icon/slide_leftButton.png HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1001
server: nginx
date: Tue, 24 Jan 2023 02:05:56 GMT
last-modified: Mon, 15 Aug 2016 07:12:47 GMT
etag: "57b16b6f-3e9"
expires: Thu, 23 Feb 2023 02:05:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BXe7UegU-pLIL9OhoCIrGx81xaNojGI08DSnDgTr9WMn7m1RM_ly1g==
age: 508505
X-Firefox-Spdy: h2
static.pubhtml5.com/book/template/Handy/style/icon/catalog_firstButton.png
54.230.111.79200 OK 997 B URL HTTP/2 static.pubhtml5.com/book/template/Handy/style/icon/catalog_firstButton.png
IP 54.230.111.79:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 39d07e07d49e7b5edb6614f56433f8de
ed623dedf7bcf09d7609871f474d58d90cfe3b2e
cad5fe3536cbcd430aa1b099b009c7fafc26724f35ba7a86d34d34bc29d6618c
GET /book/template/Handy/style/icon/catalog_firstButton.png HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 997
server: nginx
date: Tue, 24 Jan 2023 03:54:37 GMT
last-modified: Thu, 19 Nov 2020 07:52:01 GMT
etag: "5fb62421-3e5"
expires: Thu, 23 Feb 2023 03:54:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: You6dab3Vu2KfRfSlgdbuQM4xyMlz_ze8F1bsQoVkn7C5h3dD9QOTg==
age: 501983
X-Firefox-Spdy: h2
static.pubhtml5.com/book/template/Handy/style/icon/slide_rightButton.png
54.230.111.79200 OK 1.0 kB URL HTTP/2 static.pubhtml5.com/book/template/Handy/style/icon/slide_rightButton.png
IP 54.230.111.79:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a8618e406dceb7056d7c3a81d924146
abb119c82300121886699f5943aee347f44b2fd1
0b9853c00043a78a950436d62da38ccde2b4b0e1ed7e74f5b4c745ffd7b4ba67
GET /book/template/Handy/style/icon/slide_rightButton.png HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1005
server: nginx
date: Tue, 24 Jan 2023 02:05:56 GMT
last-modified: Mon, 15 Aug 2016 07:12:49 GMT
etag: "57b16b71-3ed"
expires: Thu, 23 Feb 2023 02:05:56 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lgm_83DmfdZT-Flp1HB8sLUeyCyk8vGiHpnUKq4WProxvnX3p-NUpA==
age: 508505
X-Firefox-Spdy: h2
static.pubhtml5.com/book/template/Handy/style/icon/catalog_lastButton.png
54.230.111.79200 OK 998 B URL HTTP/2 static.pubhtml5.com/book/template/Handy/style/icon/catalog_lastButton.png
IP 54.230.111.79:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash f4385ed32685592aeacb61687ade2952
81f143bbd34edd3b837627e606bebe7fd802b19f
18f6cd6462deb8a37505ca697b81acfe0e49e7d07084ec589506d810fa4c7324
GET /book/template/Handy/style/icon/catalog_lastButton.png HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 998
server: nginx
date: Sun, 22 Jan 2023 20:49:59 GMT
last-modified: Thu, 19 Nov 2020 07:52:01 GMT
etag: "5fb62421-3e6"
expires: Tue, 21 Feb 2023 20:49:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4n0syOoAKWemuSVgIOdhDjHZbR1h1UeMcAqB7MtCnPcbPgQQeLxIUQ==
age: 613863
X-Firefox-Spdy: h2
online.pubhtml5.com/rupx/brxv/files/thumb/1.jpg?1673524258
54.230.111.96200 OK 40 kB URL HTTP/2 online.pubhtml5.com/rupx/brxv/files/thumb/1.jpg?1673524258
IP 54.230.111.96:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 362x480, components 3\012- data
Hash f37200a8ee181b6456ac9dd845f4b53e
709584aa7d8608c635bb9b74223593e8e8c3c6c5
5ed0ca909d3e26cc997eadfffeb932bb4fd6ef04217e1d40dffeeb4b03494555
GET /rupx/brxv/files/thumb/1.jpg?1673524258 HTTP/1.1
Host: online.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/rupx/brxv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 39617
date: Sun, 29 Jan 2023 16:15:39 GMT
last-modified: Thu, 12 Jan 2023 11:52:44 GMT
etag: "f37200a8ee181b6456ac9dd845f4b53e"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _ZM8k1EqA0D_BayKc2SU-8B1Z-LsK0H9vp3_wuiQRePfl_poUqOuNA==
age: 25654
X-Firefox-Spdy: h2
static.pubhtml5.com/book/template/Handy/javascript/main.js
54.230.111.79200 OK 628 kB URL HTTP/2 static.pubhtml5.com/book/template/Handy/javascript/main.js
IP 54.230.111.79:0
Size 628 kB (627821 bytes)
Hash 34fe3fa52ddaf50ba218e97b49d5e53c
5a8be9d9337e2c98b8298272095b460e5912017a
627766adc4e553eff6d196218194fb7c5d794e175f20f9ae5107947c97d1feaa
GET /book/template/Handy/javascript/main.js HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
last-modified: Thu, 15 Jul 2021 07:03:52 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 19:05:07 GMT
expires: Mon, 30 Jan 2023 07:05:07 GMT
cache-control: max-age=43200
etag: W/"60efddd8-255a67"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: asVg_59AlwlPI2nfL41bLqyfynmwJD6oVFCk2JdfcSUCOC3XP5P8CA==
age: 15344
X-Firefox-Spdy: h2
static.pubhtml5.com/book/template/Handy/style/icon/more.svg
54.230.111.79200 OK 692 B URL HTTP/2 static.pubhtml5.com/book/template/Handy/style/icon/more.svg
IP 54.230.111.79:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 71c5694901188dc392074a18cfda867e
e9254e21384927d6851a6023b73bc3956b674f89
c31cb453d637d84a3e350065bb7962aa6d97e6700e6dba1fca7c5095ca6d542a
GET /book/template/Handy/style/icon/more.svg HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 692
server: nginx
last-modified: Tue, 26 Nov 2019 05:41:56 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Sun, 29 Jan 2023 07:06:49 GMT
etag: "5ddcbb24-2b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YqGtSYvoqsT2N-JvpbV2ur4agep0p9jdx3nOxdkGpxFJsxl78yqHCQ==
age: 58444
X-Firefox-Spdy: h2
static.pubhtml5.com/book/template/Handy/style/icon/poster.svg
54.230.111.79200 OK 1.8 kB URL HTTP/2 static.pubhtml5.com/book/template/Handy/style/icon/poster.svg
IP 54.230.111.79:0
Hash 1b9b9d7bdc6bcc709d241d346f61f60d
5aec9f153ab7c690eec4ee3a5e5ae2b55845a147
4991714c769d3bd31e47c49af298f79903de832bac9687d2d7b17d16fc0085b1
GET /book/template/Handy/style/icon/poster.svg HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
last-modified: Thu, 19 Nov 2020 07:52:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 07:06:49 GMT
etag: W/"5fb62424-519"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t0fK9UK04gBQJ3wJK6uCPGhh0vonxlp-85bo45iBrMaiKH-Pn1cARw==
age: 58444
X-Firefox-Spdy: h2
static.pubhtml5.com/book/template/Handy/style/icon/digg.svg
54.230.111.79200 OK 4.0 kB URL HTTP/2 static.pubhtml5.com/book/template/Handy/style/icon/digg.svg
IP 54.230.111.79:0
Hash 403fb2229696cf66b7b51304a4aebf0d
82cd603e4b1ae13cda9c8b8a1371084142f46ff8
7f72fecaee93743ab413788f8dc9b320f228e1d2d28879ac5238e3120a5bbb1b
GET /book/template/Handy/style/icon/digg.svg HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
last-modified: Tue, 26 Nov 2019 05:41:53 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 07:06:49 GMT
etag: W/"5ddcbb21-a77"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Gipm_JPlB0OjGHRh6dl-Ha3UR3lGLDR1wetm4Ren9k_iEfrFIhnn9w==
age: 58444
X-Firefox-Spdy: h2
static.pubhtml5.com/book/js/jquery-1.9.1.min.js
54.230.111.79200 OK 36 kB URL HTTP/2 static.pubhtml5.com/book/js/jquery-1.9.1.min.js
IP 54.230.111.79:0
Hash dcfd34a72cec42ae18fe5702ab0d73ea
d4b7031e2ece976dd806d4e6fd6994b9919cd7c3
e5ed8983a09e6717c92aa8bba2dc5852e298e5f78784ef7e2e30e8cf8d9b18d4
GET /book/js/jquery-1.9.1.min.js HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
last-modified: Tue, 26 Nov 2019 05:47:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 14:19:51 GMT
expires: Mon, 30 Jan 2023 02:19:51 GMT
cache-control: max-age=43200
etag: W/"5ddcbc86-16b52"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KY51XTjKHQc4-PvqcxwY931hW9FPxHUono1EFvj6K_A8DTME5ZgGjA==
age: 32461
X-Firefox-Spdy: h2
static.pubhtml5.com/book/template/Handy/style/icon/loading.gif
54.230.111.79200 OK 6.6 kB URL HTTP/2 static.pubhtml5.com/book/template/Handy/style/icon/loading.gif
IP 54.230.111.79:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 1fdf9f82ca69434465bfcd33a8b2a8d1
1ba209a4901bef611edcafefb8d6564a2ad3b2b4
90932da6ab1ac5c16794b6268f2d8f6710ab32dc5064b6a043d030da059e3e86
GET /book/template/Handy/style/icon/loading.gif HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 6592
server: nginx
date: Sun, 15 Jan 2023 00:44:32 GMT
last-modified: Fri, 18 Dec 2015 08:29:38 GMT
etag: "5673c3f2-19c0"
expires: Tue, 14 Feb 2023 00:44:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TEyaj8Df0jNCw1r581-JGE9UaurepF7QrA7mbGfsJRfUNk4Vtimkhg==
age: 1291001
X-Firefox-Spdy: h2
online.pubhtml5.com/booklogo.png?1673524258&1673524258
54.230.111.96200 OK 4.0 kB URL HTTP/2 online.pubhtml5.com/booklogo.png?1673524258&1673524258
IP 54.230.111.96:0
File type PNG image data, 145 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 8a1a186d2f88add50dab503d0edd79a6
8d813c1f2ffc99234bf6c80082dbf326b430e4a6
785b7126ea703737572cec631259005bb8f20787868f54d5ad97ff24c3ee6aa6
GET /booklogo.png?1673524258&1673524258 HTTP/1.1
Host: online.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/rupx/brxv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3987
date: Sun, 29 Jan 2023 16:15:39 GMT
x-amz-meta-cb-modifiedtime: Thu, 12 Feb 2015 09:13:34 GMT
last-modified: Thu, 12 Feb 2015 09:16:19 GMT
etag: "8a1a186d2f88add50dab503d0edd79a6"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: te4Ltaj2imWF88xCaL3T8NQEAzZ9avnBjANhCw2qIJPzRutbL5QCMQ==
age: 25654
X-Firefox-Spdy: h2
online.pubhtml5.com/rupx/brxv/files/large/1.jpg?1673524258
54.230.111.96200 OK 331 kB URL HTTP/2 online.pubhtml5.com/rupx/brxv/files/large/1.jpg?1673524258
IP 54.230.111.96:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1358x1800, components 3\012- data
Size 331 kB (330917 bytes)
Hash 92e5c69ead4183cc4a992b4d6c92635e
1d39ba49192a187d9dd803efbda9d30ca60b296f
6544b9287affefafac8bb9031a56e762b2b38a6063f4dba3a9d801319e0f7b8c
GET /rupx/brxv/files/large/1.jpg?1673524258 HTTP/1.1
Host: online.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/rupx/brxv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 330917
date: Sun, 29 Jan 2023 16:15:39 GMT
last-modified: Thu, 12 Jan 2023 11:52:44 GMT
etag: "92e5c69ead4183cc4a992b4d6c92635e"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9y5vBFhq6p25bcpU78b47aKMnHZFYW2xgueYYo7-6Ukc_XoLclHnOA==
age: 25654
X-Firefox-Spdy: h2
online.pubhtml5.com/rupx/brxv/files/large/2.jpg?1673524258
54.230.111.96200 OK 492 kB URL HTTP/2 online.pubhtml5.com/rupx/brxv/files/large/2.jpg?1673524258
IP 54.230.111.96:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1358x1800, components 3\012- data
Size 492 kB (491460 bytes)
Hash 98b38092edd0cdd7528e309b86ec17b1
88ae46e23e6223ad66d4b02e5ae83df7570733b8
b4144ec768e73c8f66d9aabc0df11ed762a028de1f6ef1d4851c56e428fcbfc7
GET /rupx/brxv/files/large/2.jpg?1673524258 HTTP/1.1
Host: online.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/rupx/brxv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 491460
date: Sun, 29 Jan 2023 16:15:39 GMT
last-modified: Thu, 12 Jan 2023 11:52:44 GMT
etag: "98b38092edd0cdd7528e309b86ec17b1"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wa3PSEkbdT9kwvj-pb7kTXH2Drr4SsGBwSYG9rLxEDDCNj-OOTFfTg==
age: 25654
X-Firefox-Spdy: h2
static.pubhtml5.com/book/template/Handy/style/icon/twitter.svg
54.230.111.79200 OK 408 kB URL HTTP/2 static.pubhtml5.com/book/template/Handy/style/icon/twitter.svg
IP 54.230.111.79:0
Size 408 kB (408246 bytes)
Hash 8d06f9041339f8d4211fc2519f9aa97c
330ca8372db77007e40abd0ebf855e1e1770e5ff
664ac36a3d4c8d3ac58f8d7f518dbca6f0f1397171abeffcd80d94b15a1483d3
GET /book/template/Handy/style/icon/twitter.svg HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
last-modified: Tue, 26 Nov 2019 05:42:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 03:06:38 GMT
etag: W/"5ddcbb2c-a44"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zqPLQ9DOXhHAzVRbMrIrB3fwZeguo58w0GZ_N7mCWyCITLKxVbBUCQ==
age: 72855
X-Firefox-Spdy: h2
stat.pubhtml5.com/bookvisitinfo.html?uLink=rupx&bLink=brxv&type=1&page=1&code=16750346010787&_=1675034601510
172.104.210.190200 OK 0 B URL HTTP/1.1 stat.pubhtml5.com/bookvisitinfo.html?uLink=rupx&bLink=brxv&type=1&page=1&code=16750346010787&_=1675034601510
IP 172.104.210.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bookvisitinfo.html?uLink=rupx&bLink=brxv&type=1&page=1&code=16750346010787&_=1675034601510 HTTP/1.1
Host: stat.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 23:23:15 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Thu, 27 Sep 2018 09:58:40 GMT
Connection: keep-alive
ETag: "5baca9d0-0"
Accept-Ranges: bytes
online.pubhtml5.com/rupx/getuserinfo.js?_=1675034601511
54.230.111.96200 OK 33 B URL HTTP/2 online.pubhtml5.com/rupx/getuserinfo.js?_=1675034601511
IP 54.230.111.96:0
File type ASCII text, with no line terminators
Hash 11be42df2cf8c51213ee70bf92a46446
60e10a45ff1e85389b4883491aac7c36a2a18be4
97da1d5316af07f3b8c5f90c893aa85b8efa22e224f1bc4859d21da78fe1df42
GET /rupx/getuserinfo.js?_=1675034601511 HTTP/1.1
Host: online.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://online.pubhtml5.com/rupx/brxv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 33
date: Sun, 29 Jan 2023 23:23:15 GMT
cache-control: no-cache
last-modified: Fri, 02 Dec 2022 07:50:50 GMT
etag: "11be42df2cf8c51213ee70bf92a46446"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FuFXiQt04mcKbIu1LX-kuY0V2vzGRv8NjVrNP2ccQHJlv-aQlRN0kg==
X-Firefox-Spdy: h2
static.pubhtml5.com/book/banner/ph_small.png
54.230.111.79200 OK 12 kB URL HTTP/2 static.pubhtml5.com/book/banner/ph_small.png
IP 54.230.111.79:0
File type PNG image data, 320 x 50, 8-bit/color RGB, non-interlaced\012- data
Hash 48abc8fc1ac1624c9d89cb087cf5bae4
bb52524b482fbdfd4f82cd2b6944403f8e4eb316
882ceeed9c4545ac54277c7e93d14c0cc93c66a1f3c6c4c47473c0ef29fd02a4
GET /book/banner/ph_small.png HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 11895
server: nginx
date: Tue, 24 Jan 2023 01:34:37 GMT
last-modified: Thu, 25 Apr 2019 05:41:45 GMT
etag: "5cc14899-2e77"
expires: Thu, 23 Feb 2023 01:34:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x2pzeJy6NeXIE5YCRr9ipHLjeVoU6mAWhLYBSYQDm7kCyrtP_71NQA==
age: 510385
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:23:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.pubhtml5.com/book/template/Handy/style/style.css
54.230.111.79200 OK 92 kB URL HTTP/2 static.pubhtml5.com/book/template/Handy/style/style.css
IP 54.230.111.79:0
Hash 42dc24cc851673d9ab4a923556d7d2bc
007c3ed1b1521500695ad43b976d4b8eb6cdfa47
b45db37bb00ca0ee6d940eb301b9ca89846b88aa1754c50de6a866c5d1f1ddd6
GET /book/template/Handy/style/style.css HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
server: nginx
last-modified: Thu, 19 Nov 2020 07:52:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 17:06:58 GMT
expires: Mon, 30 Jan 2023 05:00:28 GMT
cache-control: max-age=43200
etag: W/"5fb62420-43931"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hjDLqHYzo5j6JlfDUiO4-1yj2L5X4rMC_vU96z8NtBMm3ZJfc8p9kQ==
age: 22824
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:23:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html
142.250.74.130200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230124/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sun, 29 Jan 2023 12:06:26 GMT
expires: Sun, 12 Feb 2023 12:06:26 GMT
cache-control: public, max-age=1209600
age: 40608
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:23:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:23:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=online.pubhtml5.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=online.pubhtml5.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=online.pubhtml5.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 29 Jan 2023 23:23:14 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=online.pubhtml5.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=online.pubhtml5.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=online.pubhtml5.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 29 Jan 2023 23:23:14 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:23:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:23:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6790797b1383d154dd96b9c7d96431d0
c10a4246e678333b636a3e7f8db4ddc4a9ad0efe
41d0d96842fc087c2f14bafc019b489a4ae9b6a05b2d626dcc12304f929978c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:23:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.1200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.1:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 29 Jan 2023 23:23:15 GMT
expires: Sun, 29 Jan 2023 23:23:15 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.1200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 10:00:29 GMT
expires: Mon, 29 Jan 2024 10:00:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 48166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b67335a8e235eacf68e4b7f98cc5dc40
887a9b34cf2ba9371bbe8c93e362c174668cf812
1ad2f6328af6d819acd85f4e4646afcafd945e17e555d5eeb54244db83cd48fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:23:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
216.58.211.4200 OK 515 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 216.58.211.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 5824d1801db612e3463251f3983e0ff5
f4a24d5e77d4c3b9717a11a4f9dc31aab6872fa5
93796aac5246305b143841a15d9fd00137f140c24c0d06f08feba719545b1437
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 29 Jan 2023 23:23:15 GMT
date: Sun, 29 Jan 2023 23:23:15 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-K1QL64UOY_ABeHf9-d58vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:23:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
142.250.74.74200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
IP 142.250.74.74:0
Hash 3c23cefe06a882802cd7d80b20f007b9
c451cb97a1093aeb85acee5e807f4470efef7868
fd7838390fe50bebc3634602e3a45fb094675f623e6d032f20151d5361a0d756
GET /css?family=Google%20Sans%3A400%2C500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 23:23:15 GMT
date: Sun, 29 Jan 2023 23:23:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.pubhtml5.com/book/banner/close.png
54.230.111.79200 OK 1.0 kB URL HTTP/2 static.pubhtml5.com/book/banner/close.png
IP 54.230.111.79:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash ab7b5aeeeaac45d3dc4b03b5ef14e399
f8405828509a43859331ccc8819289e0f82d6b34
aa7677962393e13c05d9d8da9fe2e16d525952956a9899846318135bd839e7d0
GET /book/banner/close.png HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1015
server: nginx
date: Sat, 14 Jan 2023 05:35:19 GMT
last-modified: Fri, 30 Mar 2018 07:48:34 GMT
etag: "5abdebd2-3f7"
expires: Mon, 13 Feb 2023 05:35:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B88sMwCLsxZC6d83N2OwYfNNYEE6FPRpHnYp3hjwbpoAEfkQnzjf8A==
age: 1359959
X-Firefox-Spdy: h2
static.pubhtml5.com/book/template/Handy/style/icon/email.svg
54.230.111.79200 OK 0 B URL HTTP/2 static.pubhtml5.com/book/template/Handy/style/icon/email.svg
IP 54.230.111.79:0
GET /book/template/Handy/style/icon/email.svg HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
last-modified: Tue, 26 Nov 2019 05:41:53 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 04:55:02 GMT
etag: W/"5ddcbb21-3fe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XAiy02vXKPfiXi5cpkmszjwiN4URNtMOwnaZ0LdL7EIp591YvCMHZw==
age: 66351
X-Firefox-Spdy: h2
static.pubhtml5.com/book/css/hiSlider2.min.css
54.230.111.79200 OK 0 B URL HTTP/2 static.pubhtml5.com/book/css/hiSlider2.min.css
IP 54.230.111.79:0
GET /book/css/hiSlider2.min.css HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
last-modified: Thu, 27 Apr 2017 03:58:07 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:07:58 GMT
expires: Mon, 30 Jan 2023 04:03:21 GMT
cache-control: max-age=43200
etag: W/"59016c4f-c24a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sZCrSzX4baZMboHeoopOjxc8jcnfTj_kHh9Lo1VK8DI7pA9mH4wfIw==
age: 26250
X-Firefox-Spdy: h2
static.pubhtml5.com/book/js/flipHtml5.hiSlider2.min.js
54.230.111.79200 OK 0 B URL HTTP/2 static.pubhtml5.com/book/js/flipHtml5.hiSlider2.min.js
IP 54.230.111.79:0
GET /book/js/flipHtml5.hiSlider2.min.js HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
last-modified: Tue, 26 Nov 2019 05:47:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 17:53:29 GMT
expires: Mon, 30 Jan 2023 05:47:32 GMT
cache-control: max-age=43200
etag: W/"5ddcbc86-690a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RS3gjdbKaBCwbHJO7GGd9h3RD2__8yi9InSYOiMj8-NtJ2_3CN6fMQ==
age: 20000
X-Firefox-Spdy: h2
static.pubhtml5.com/book/template/Handy/style/template.css
54.230.111.79200 OK 0 B URL HTTP/2 static.pubhtml5.com/book/template/Handy/style/template.css
IP 54.230.111.79:0
GET /book/template/Handy/style/template.css HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
last-modified: Thu, 19 Nov 2020 07:51:59 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 19:09:24 GMT
expires: Mon, 30 Jan 2023 07:09:24 GMT
cache-control: max-age=43200
etag: W/"5fb6241f-758c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8vtqXmHSF83VHbw43E0CNP3xBUU3b8cSKAOCdyqeUWQs0iIyEdD7xw==
age: 15088
X-Firefox-Spdy: h2
static.pubhtml5.com/book/template/Handy/style/phoneTemplate.css
54.230.111.79200 OK 0 B URL HTTP/2 static.pubhtml5.com/book/template/Handy/style/phoneTemplate.css
IP 54.230.111.79:0
GET /book/template/Handy/style/phoneTemplate.css HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
server: nginx
last-modified: Thu, 19 Nov 2020 07:51:59 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 18:03:58 GMT
expires: Mon, 30 Jan 2023 05:47:31 GMT
cache-control: max-age=43200
etag: W/"5fb6241f-7d12"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kvHQ9y1DAS_EGBBstTMe6CULQiInqp1lDsSmmWTwxNxaPbQtJchmRw==
age: 20001
X-Firefox-Spdy: h2
static.pubhtml5.com/book/js/LoadingJS.js
54.230.111.79200 OK 0 B URL HTTP/2 static.pubhtml5.com/book/js/LoadingJS.js
IP 54.230.111.79:0
GET /book/js/LoadingJS.js HTTP/1.1
Host: static.pubhtml5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://online.pubhtml5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
last-modified: Thu, 19 Nov 2020 07:50:08 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 29 Jan 2023 16:13:24 GMT
expires: Mon, 30 Jan 2023 04:07:29 GMT
cache-control: max-age=43200
etag: W/"5fb623b0-526f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: z2TNjXHwHv2BQrCxB2BKuczvTRZWOAeRpqZwMryF0DXLY7DUs8qGyw==
age: 26003
X-Firefox-Spdy: h2