htmwbstt.com/dofadd/?dofid=p36:o1490:accsdr:bd3be9df5:c&tbc=e600e6&x_agent=PURPLE083&chan=PURPLE083&x_clickid=104057061&dof_click_id=JakeT387bcuahfG9L8YeUbE1s2R49eM8I&rtid=02365896461
278 B URL htmwbstt.com/dofadd/?dofid=p36:o1490:accsdr:bd3be9df5:c&tbc=e600e6&x_agent=PURPLE083&chan=PURPLE083&x_clickid=104057061&dof_click_id=JakeT387bcuahfG9L8YeUbE1s2R49eM8I&rtid=02365896461
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9a9832127a84272f9625a5e43d21be56
6ca7dc1496473df5b6f0986d8d4e7e4e0eb4ed67
90344fa52fca6817781c34298013a00504a94f0db25086d71d2ed6f724e65086
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /dofadd/?dofid=p36:o1490:accsdr:bd3be9df5:c&tbc=e600e6&x_agent=PURPLE083&chan=PURPLE083&x_clickid=104057061&dof_click_id=JakeT387bcuahfG9L8YeUbE1s2R49eM8I&rtid=02365896461 HTTP/1.1
Host: htmwbstt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 22 Sep 2023 21:24:58 GMT
content-type: text/html; charset=UTF-8
content-length: 278
set-cookie: PHPSESSID=55875479f627a9d60ee8335d2e3879a3; path=/; secure; SameSite=None
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 10806065
age: 0
via: 1.1 varnish-65c66bdb8c-wrbtm (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Miss
section-io-id: acd077b487ca1fad7c15eae3fd388f3f
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash cd668941d57fd557130189bf287011aa
9c39fc764a2656e9faae59469e7da28b48b6dbf8
7b02268a9aebc818799cb9178a3654425bb64be886706093f3065618b903da87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 22 Sep 2023 21:24:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash fa30a78a8f3828f521854ce138f2d3c4
627302350a6d9be5a77cd5cc5704f78e77e1d8c5
bab0c7d14f69e434977479581d238606c80a4ece7720e515201f1391a9886c09
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 22 Sep 2023 21:24:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash fa30a78a8f3828f521854ce138f2d3c4
627302350a6d9be5a77cd5cc5704f78e77e1d8c5
bab0c7d14f69e434977479581d238606c80a4ece7720e515201f1391a9886c09
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 22 Sep 2023 21:24:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
htmwbstt.com/common_tpls/compactML/css/rcsexc_3.css
200 OK 5.8 kB URL GET HTTP/2 htmwbstt.com/common_tpls/compactML/css/rcsexc_3.css
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerLet's Encrypt
Subjecthtmwbstt.com
Fingerprint46:AC:AF:F8:54:DF:E3:6D:99:DC:90:0E:AC:F9:9D:4D:01:9D:4B:DE
ValidityWed, 09 Aug 2023 10:31:58 GMT - Tue, 07 Nov 2023 10:31:57 GMT
File type ASCII text, with very long lines (34302), with no line terminators
Hash 831e6d4c0ee1050c7243efc577d90154
09624ecad95f57e8206e38ba32ece5a2c4e82018
da1001bd1013096c0ebcea61ca1e9e37fa6b65026b6d176fd5c03fd3829db934
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /common_tpls/compactML/css/rcsexc_3.css HTTP/1.1
Host: htmwbstt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Cookie: PHPSESSID=55875479f627a9d60ee8335d2e3879a3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 22 Sep 2023 21:24:58 GMT
content-type: text/css
content-length: 5791
last-modified: Wed, 26 Apr 2023 12:36:44 GMT
etag: W/"64491adc-85fe"
content-encoding: gzip
section-io-cache-id: 9d587b7230e92608f58158114de1e3c2
vary: Accept-Encoding
x-varnish: 14060828 426124
age: 9900
via: 1.1 varnish-65c66bdb8c-wrbtm (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 68390d39d74de3cb4bdd468ffcad7ecb
X-Firefox-Spdy: h2
htmwbstt.com/common_tpls/images/ajax-loader.gif
200 OK 3.2 kB URL GET HTTP/2 htmwbstt.com/common_tpls/images/ajax-loader.gif
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerLet's Encrypt
Subjecthtmwbstt.com
Fingerprint46:AC:AF:F8:54:DF:E3:6D:99:DC:90:0E:AC:F9:9D:4D:01:9D:4B:DE
ValidityWed, 09 Aug 2023 10:31:58 GMT - Tue, 07 Nov 2023 10:31:57 GMT
File type GIF image data, version 89a, 32 x 32\012- data
Hash be1cede97289c13920048f238fd37b85
313b867d11fc0dd6bc6ca47c334bbcf18956ca76
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /common_tpls/images/ajax-loader.gif HTTP/1.1
Host: htmwbstt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Cookie: PHPSESSID=55875479f627a9d60ee8335d2e3879a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 22 Sep 2023 21:24:58 GMT
content-type: image/gif
content-length: 3208
last-modified: Mon, 07 Oct 2013 22:49:23 GMT
etag: "52533a73-c88"
section-io-cache-id: ea68b7eb1e4f54705d27e68c990e0f39
x-varnish: 14193370 294945
age: 9847
via: 1.1 varnish-65c66bdb8c-wrbtm (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: ddb47d801d74a0b429823f0627b3c93a
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
200 OK 9.8 kB URL GET HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerDigiCert Inc
Subject*.vo.msecnd.net
Fingerprint0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 28 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (32033)
Hash 5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
GET /ajax/bootstrap/3.3.7/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://htmwbstt.com
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 5514431
cache-control: public,max-age=31536000
content-type: application/javascript
date: Fri, 22 Sep 2023 21:24:58 GMT
etag: "80bdc1e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:59 GMT
server: ECAcc (ska/F6C5)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9839
X-Firefox-Spdy: h2
htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
200 OK 25 kB URL User Request GET HTTP/2 htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
IP
Certificate IssuerLet's Encrypt
Subjecthtmwbstt.com
Fingerprint46:AC:AF:F8:54:DF:E3:6D:99:DC:90:0E:AC:F9:9D:4D:01:9D:4B:DE
ValidityWed, 09 Aug 2023 10:31:58 GMT - Tue, 07 Nov 2023 10:31:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (50598)
Hash 979f0503cc014a036d8848bd6c260caa
d05a729f846c03348c43187281aae2e5ece7dc01
5c9fccd4f30113a85f5e8e41496d275b153c3a7d2b694a1e4dedfc5a51c61670
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /dofadd/?SID=55875479f627a9d60ee8335d2e3879a3 HTTP/1.1
Host: htmwbstt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/dofadd/?dofid=p36:o1490:accsdr:bd3be9df5:c&tbc=e600e6&x_agent=PURPLE083&chan=PURPLE083&x_clickid=104057061&dof_click_id=JakeT387bcuahfG9L8YeUbE1s2R49eM8I&rtid=02365896461
Cookie: PHPSESSID=55875479f627a9d60ee8335d2e3879a3
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 22 Sep 2023 21:24:58 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=55875479f627a9d60ee8335d2e3879a3; path=/; secure; SameSite=None
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 14060824
age: 0
via: 1.1 varnish-65c66bdb8c-wrbtm (Varnish/7.2)
section-io-cache: Miss
section-io-id: f4f148d76e9669410c8a5244c3892466
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
200 OK 31 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type ASCII text, with very long lines (65451)
Hash 220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://htmwbstt.com
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 06:02:39 GMT
expires: Sat, 21 Sep 2024 06:02:39 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 55339
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-208203304-2
200 OK 69 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-208203304-2
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (4179)
Hash 0fecd7263943623855c55b889740e649
2b19f384cf07c0db1b7680efe88fc776cac1c89b
e3946562cae03c7b06e6c6fdff60b391ab2c42765f178c6ce3e50f25a0ff2743
GET /gtag/js?id=UA-208203304-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 22 Sep 2023 21:24:58 GMT
expires: Fri, 22 Sep 2023 21:24:58 GMT
cache-control: private, max-age=900
last-modified: Fri, 22 Sep 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68824
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
htmwbstt.com/common_tpls/images/icons/user.png
200 OK 1.5 kB URL GET HTTP/2 htmwbstt.com/common_tpls/images/icons/user.png
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerLet's Encrypt
Subjecthtmwbstt.com
Fingerprint46:AC:AF:F8:54:DF:E3:6D:99:DC:90:0E:AC:F9:9D:4D:01:9D:4B:DE
ValidityWed, 09 Aug 2023 10:31:58 GMT - Tue, 07 Nov 2023 10:31:57 GMT
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash d2ace1024969666b8ecfd48b0091a0fd
fb2988bb4203176476469b8ad12abc3cf8ce2113
a28165011050b8c217837b2ce4692f49413e27b7b259144cd128d0a9db9f63dc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /common_tpls/images/icons/user.png HTTP/1.1
Host: htmwbstt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Cookie: PHPSESSID=55875479f627a9d60ee8335d2e3879a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 22 Sep 2023 21:24:58 GMT
content-type: image/png
content-length: 1491
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-5d3"
section-io-cache-id: 2e65554f0825363be29d2a503d5a7452
x-varnish: 13488979 426167
age: 9868
via: 1.1 varnish-65c66bdb8c-wrbtm (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 3d8282b42bd75bd1f70ac2ae6200002e
X-Firefox-Spdy: h2
htmwbstt.com/common_tpls/compactML/img/rcsexc/profile_icon.png
200 OK 3.2 kB URL GET HTTP/2 htmwbstt.com/common_tpls/compactML/img/rcsexc/profile_icon.png
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerLet's Encrypt
Subjecthtmwbstt.com
Fingerprint46:AC:AF:F8:54:DF:E3:6D:99:DC:90:0E:AC:F9:9D:4D:01:9D:4B:DE
ValidityWed, 09 Aug 2023 10:31:58 GMT - Tue, 07 Nov 2023 10:31:57 GMT
File type PNG image data, 86 x 89, 8-bit/color RGBA, non-interlaced\012- data
Hash dbe5dac57b97c0fe961116066e51dbf3
5dcc27dddc71a607d100c1a4cc3028af021e63fd
84f6c1537b0c3adb92a630440b2fd731a1a9bfe43ca973374e59be31ee45445b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /common_tpls/compactML/img/rcsexc/profile_icon.png HTTP/1.1
Host: htmwbstt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Cookie: PHPSESSID=55875479f627a9d60ee8335d2e3879a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 22 Sep 2023 21:24:58 GMT
content-type: image/png
content-length: 3220
last-modified: Wed, 17 Jul 2019 16:21:45 GMT
etag: "5d2f4b19-c94"
section-io-cache-id: a62349cf3f3a16929bc1b88115115272
x-varnish: 9165099 590100
age: 9625
via: 1.1 varnish-65c66bdb8c-wrbtm (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: e6743cc02b9c3e53bb8d365b37cefa97
X-Firefox-Spdy: h2
htmwbstt.com/common_tpls/images/icons/password.png
200 OK 1.5 kB URL GET HTTP/2 htmwbstt.com/common_tpls/images/icons/password.png
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerLet's Encrypt
Subjecthtmwbstt.com
Fingerprint46:AC:AF:F8:54:DF:E3:6D:99:DC:90:0E:AC:F9:9D:4D:01:9D:4B:DE
ValidityWed, 09 Aug 2023 10:31:58 GMT - Tue, 07 Nov 2023 10:31:57 GMT
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash 6f100f1cdbdce928118ffa4c9293ca5b
6b1a3593e792d4c00187d60560dd03fb42df1156
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /common_tpls/images/icons/password.png HTTP/1.1
Host: htmwbstt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Cookie: PHPSESSID=55875479f627a9d60ee8335d2e3879a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 22 Sep 2023 21:24:58 GMT
content-type: image/png
content-length: 1452
last-modified: Tue, 22 Aug 2017 16:34:59 GMT
etag: "599c5d33-5ac"
section-io-cache-id: cbf97bdcb2fbab3d4e2b002b16810d79
x-varnish: 9165100 1769733
age: 9847
via: 1.1 varnish-65c66bdb8c-wrbtm (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: b62e4f61e3849925d4e69170cab08747
X-Firefox-Spdy: h2
htmwbstt.com/common_tpls/images/icons/email.png
200 OK 1.3 kB URL GET HTTP/2 htmwbstt.com/common_tpls/images/icons/email.png
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerLet's Encrypt
Subjecthtmwbstt.com
Fingerprint46:AC:AF:F8:54:DF:E3:6D:99:DC:90:0E:AC:F9:9D:4D:01:9D:4B:DE
ValidityWed, 09 Aug 2023 10:31:58 GMT - Tue, 07 Nov 2023 10:31:57 GMT
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash a86d99b9176d82a211cfa29b2f0b353f
62947ddfd87e3a21869818885e4bfa4e55ad0c11
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /common_tpls/images/icons/email.png HTTP/1.1
Host: htmwbstt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Cookie: PHPSESSID=55875479f627a9d60ee8335d2e3879a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 22 Sep 2023 21:24:58 GMT
content-type: image/png
content-length: 1254
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-4e6"
section-io-cache-id: 9a7e72f3dca090d48bcac81314318203
x-varnish: 13488980 1900642
age: 9877
via: 1.1 varnish-65c66bdb8c-wrbtm (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: f7dd3a8042fa979d0a42dcaaf4b33647
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash fa30a78a8f3828f521854ce138f2d3c4
627302350a6d9be5a77cd5cc5704f78e77e1d8c5
bab0c7d14f69e434977479581d238606c80a4ece7720e515201f1391a9886c09
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 22 Sep 2023 21:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash fa30a78a8f3828f521854ce138f2d3c4
627302350a6d9be5a77cd5cc5704f78e77e1d8c5
bab0c7d14f69e434977479581d238606c80a4ece7720e515201f1391a9886c09
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 22 Sep 2023 21:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash cd668941d57fd557130189bf287011aa
9c39fc764a2656e9faae59469e7da28b48b6dbf8
7b02268a9aebc818799cb9178a3654425bb64be886706093f3065618b903da87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 22 Sep 2023 21:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kit.fontawesome.com/b314bdf1b3/110588222/kit-upload.css
200 OK 0 B URL GET HTTP/2 kit.fontawesome.com/b314bdf1b3/110588222/kit-upload.css
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b314bdf1b3/110588222/kit-upload.css HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://htmwbstt.com/
Origin: https://htmwbstt.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 22 Sep 2023 21:24:59 GMT
content-type: text/css
content-length: 0
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926, public, must-revalidate
etag: 54af53b207eef226d6511e0a88e3038e
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F4SaRIxfBobfVqiFZQOh
cf-cache-status: HIT
age: 733541
accept-ranges: bytes
server: cloudflare
cf-ray: 80ad9e2f4882b4f9-OSL
X-Firefox-Spdy: h2
htmwbstt.com/common_tpls/js/iframeResizer.contentWindow.min.js
200 OK 7.6 kB URL GET HTTP/2 htmwbstt.com/common_tpls/js/iframeResizer.contentWindow.min.js
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerLet's Encrypt
Subjecthtmwbstt.com
Fingerprint46:AC:AF:F8:54:DF:E3:6D:99:DC:90:0E:AC:F9:9D:4D:01:9D:4B:DE
ValidityWed, 09 Aug 2023 10:31:58 GMT - Tue, 07 Nov 2023 10:31:57 GMT
File type ASCII text, with very long lines (27832)
Hash 607fff637b95a8eac449bf7e3826f287
ebc0abf023a30c4bca49100eaf34ee915f951076
e0088225a19ce077e447d720adc53141c4bf852d4998e270d351268353920a2e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: htmwbstt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Cookie: PHPSESSID=55875479f627a9d60ee8335d2e3879a3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 22 Sep 2023 21:24:58 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:06:03 GMT
etag: W/"56b368db-3445"
section-io-cache-id: 5765c613f1137d1c1e7db4f561c35809
x-varnish: 9165101 2949196
age: 10150
via: 1.1 varnish-65c66bdb8c-wrbtm (Varnish/7.2)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 6a96aae15ce6342a11c3397786fa6f88
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
200 OK 4.2 kB URL GET HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (26366)
Hash 715826d7cea0f100c00238e5e5dc92b4
ea2a076f73ed3826287a726f35ae5e54136f2cee
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://htmwbstt.com/
Origin: https://htmwbstt.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 22 Sep 2023 21:24:59 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 170157
accept-ranges: bytes
server: cloudflare
cf-ray: 80ad9e2fa8b6b4f9-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
200 OK 54 kB URL GET HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65397)
Hash 486b13730aafe2a39cdaf1666679fa5b
aa0f52f048688ada20d921fef78cf15684a25f04
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
GET /releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://htmwbstt.com/
Origin: https://htmwbstt.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 22 Sep 2023 21:24:59 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 733541
accept-ranges: bytes
server: cloudflare
cf-ray: 80ad9e2ff8ebb4f9-OSL
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-P78KC7L
200 OK 44 kB URL GET HTTP/3 www.googletagmanager.com/gtm.js?id=GTM-P78KC7L
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (2213)
Hash e450e04db8b2c8acbfa2d527ca994e9e
ef44faf745eb560967bf04f9a9034618b901cb51
580e0adfac753c6e635a762a0065f26330e0cd7ac09070bc6a8b3afdaf860703
GET /gtm.js?id=GTM-P78KC7L HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 22 Sep 2023 21:24:59 GMT
expires: Fri, 22 Sep 2023 21:24:59 GMT
cache-control: private, max-age=900
last-modified: Fri, 22 Sep 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44525
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash c0e9d4a0739a6d60bff154bb1372fc10
7c0a2983b7d0d7a1d989c09d96b8f2f06d55c99a
a2bffa75555dfc457ce2357d25e6e960f692fdaad7398fefe5dbcb104544eb0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 22 Sep 2023 21:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash c0e9d4a0739a6d60bff154bb1372fc10
7c0a2983b7d0d7a1d989c09d96b8f2f06d55c99a
a2bffa75555dfc457ce2357d25e6e960f692fdaad7398fefe5dbcb104544eb0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 22 Sep 2023 21:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-Q4MSSW9CNK&l=dataLayer&cx=c
200 OK 81 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-Q4MSSW9CNK&l=dataLayer&cx=c
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (5788)
Hash 4cd018cea68a14834a39cc2f6e7492d9
319633ce263a32ecefd969c39815afc98e0d05c1
80eb5e17e12a9860836d883b0e028f6ecb42f57aaa4a1a101fc4f588613055f9
GET /gtag/js?id=G-Q4MSSW9CNK&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 22 Sep 2023 21:24:59 GMT
expires: Fri, 22 Sep 2023 21:24:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81232
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash c0e9d4a0739a6d60bff154bb1372fc10
7c0a2983b7d0d7a1d989c09d96b8f2f06d55c99a
a2bffa75555dfc457ce2357d25e6e960f692fdaad7398fefe5dbcb104544eb0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 22 Sep 2023 21:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc9.ttf
200 OK 21 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc9.ttf
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto MediumRegularVersion 2.137; 2017Roboto-Med\012- data
Hash 54feedcd3c51096071c45ab2e0054b35
b7e7056a1d3ad8946f0d8f729909fb3dd1587c6d
1ceb245a8f768b65c2ae250d96f5457b96e9537326da2feb2310b707736817aa
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc9.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://htmwbstt.com
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 22:58:04 GMT
expires: Wed, 18 Sep 2024 22:58:04 GMT
cache-control: public, max-age=31536000
age: 253615
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf
200 OK 21 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-Regularhtt\012- data
Hash a0d084a3e8176664e75f8eca3ebea96c
324ec20b91392a6871d7846e0ff2972447a1b2b8
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://htmwbstt.com
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 09:00:45 GMT
expires: Tue, 17 Sep 2024 09:00:45 GMT
cache-control: public, max-age=31536000
age: 390254
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
200 OK 21 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2020 The Open Sans Project Authors (https://github.com/googlefonts/opensans)Open SansR\012- data
Hash 4e6feb3d0ab3cb546db1152394983bdb
8feb43afdb5a47fc1c8c03b53be6822c72f845b3
294ed1734fd63bdeca41e4ac6d668c513ea6932b0030ee10c605d09efba1900e
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://htmwbstt.com
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21006
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 10:50:01 GMT
expires: Fri, 20 Sep 2024 10:50:01 GMT
cache-control: public, max-age=31536000
age: 124498
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash c0e9d4a0739a6d60bff154bb1372fc10
7c0a2983b7d0d7a1d989c09d96b8f2f06d55c99a
a2bffa75555dfc457ce2357d25e6e960f692fdaad7398fefe5dbcb104544eb0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 22 Sep 2023 21:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
htmwbstt.com/favicon.ico
404 Not Found 162 B IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerLet's Encrypt
Subjecthtmwbstt.com
Fingerprint46:AC:AF:F8:54:DF:E3:6D:99:DC:90:0E:AC:F9:9D:4D:01:9D:4B:DE
ValidityWed, 09 Aug 2023 10:31:58 GMT - Tue, 07 Nov 2023 10:31:57 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: htmwbstt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Cookie: PHPSESSID=55875479f627a9d60ee8335d2e3879a3; _ga_Q4MSSW9CNK=GS1.1.1695417900.1.0.1695417900.0.0.0; _ga=GA1.1.1338419121.1695417900
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Fri, 22 Sep 2023 21:24:59 GMT
content-type: text/html
content-length: 162
x-varnish: 5030350 6211335
age: 90
via: 1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
section-io-cache: Hit
section-io-id: 0954801a40149a4318896f079a6b5e9d
X-Firefox-Spdy: h2
htmwbstt.com/dofadd/trk/?rtid=02365896461
200 OK 21 B URL GET HTTP/2 htmwbstt.com/dofadd/trk/?rtid=02365896461
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerLet's Encrypt
Subjecthtmwbstt.com
Fingerprint46:AC:AF:F8:54:DF:E3:6D:99:DC:90:0E:AC:F9:9D:4D:01:9D:4B:DE
ValidityWed, 09 Aug 2023 10:31:58 GMT - Tue, 07 Nov 2023 10:31:57 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash eb94a39240cae0bb889113aec457e9c6
e886d769bbbc7c267653b7955720219a9d2f9fcf
94b2b84706e5d12833c512b8b46cbdbdf02ab829e0dbfb72657599203e0698da
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /dofadd/trk/?rtid=02365896461 HTTP/1.1
Host: htmwbstt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Cookie: PHPSESSID=55875479f627a9d60ee8335d2e3879a3; _ga_Q4MSSW9CNK=GS1.1.1695417900.1.0.1695417900.0.0.0; _ga=GA1.1.1338419121.1695417900
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 22 Sep 2023 21:25:00 GMT
content-type: text/json;charset=UTF-8
content-length: 21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 14517318
age: 0
via: 1.1 varnish-65c66bdb8c-wrbtm (Varnish/7.2)
section-io-cache: Miss
section-io-id: 44565dc31544f1bcd6d0a263df81cfef
X-Firefox-Spdy: h2
kit.fontawesome.com/b314bdf1b3.js
200 OK 12 kB URL GET HTTP/2 kit.fontawesome.com/b314bdf1b3.js
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (11213)
Hash 4fc6cefe553c0690d16534ebf9d89181
aa7c5a51a88e2dcbdf8b67e8648d35682d19e31f
8f3a8661dafbfffde857c6bbc7abc7c63e929047dfc5e6cc1a805ab8e98dacbb
GET /b314bdf1b3.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://htmwbstt.com
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 22 Sep 2023 21:24:58 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F4SaRIDswhg9kE46BcBC
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 80ad9e2badedb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
htmwbstt.com/common_tpls/js/form_support.js?v=1101202201
200 OK 3.8 kB URL GET HTTP/2 htmwbstt.com/common_tpls/js/form_support.js?v=1101202201
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerLet's Encrypt
Subjecthtmwbstt.com
Fingerprint46:AC:AF:F8:54:DF:E3:6D:99:DC:90:0E:AC:F9:9D:4D:01:9D:4B:DE
ValidityWed, 09 Aug 2023 10:31:58 GMT - Tue, 07 Nov 2023 10:31:57 GMT
File type ASCII text, with very long lines (4261), with no line terminators
Hash bd72340aa5a6ac08cf9a0fdbd650579c
c0550503cbb35b4abcc5618fc78a0cb18c26c89c
783abe18fe8132421d19b383088f95e95a9ee6ac64b85bd2e2b178b481ab2ca4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /common_tpls/js/form_support.js?v=1101202201 HTTP/1.1
Host: htmwbstt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Cookie: PHPSESSID=55875479f627a9d60ee8335d2e3879a3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 22 Sep 2023 21:24:58 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 18 Nov 2022 21:23:38 GMT
etag: W/"6377f7da-ed7"
section-io-cache-id: ce6291671bbb7c73fbaf6fd69ffa7964
x-varnish: 14193369 2949343
age: 10068
via: 1.1 varnish-65c66bdb8c-wrbtm (Varnish/7.2)
section-io-cache: Hit
content-encoding: gzip
section-io-id: e8676b59614d90661d9c4089d7ed4abb
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
200 OK 565 B URL GET HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type ASCII text, with very long lines (588), with no line terminators
Hash bdcf60bde5544e1017e1f2e60888a9c7
6fb24309b7ff90c1c99d19c0c7a127a16508840e
d701601406acfca6bfc0c58b411446e3e0e96c659f35c143355d3dd72c390952
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 22 Sep 2023 21:24:58 GMT
date: Fri, 22 Sep 2023 21:24:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
htmwbstt.com/common_tpls/js/validate_form_v2.js?jsv=33
200 OK 26 kB URL GET HTTP/2 htmwbstt.com/common_tpls/js/validate_form_v2.js?jsv=33
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerLet's Encrypt
Subjecthtmwbstt.com
Fingerprint46:AC:AF:F8:54:DF:E3:6D:99:DC:90:0E:AC:F9:9D:4D:01:9D:4B:DE
ValidityWed, 09 Aug 2023 10:31:58 GMT - Tue, 07 Nov 2023 10:31:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /common_tpls/js/validate_form_v2.js?jsv=33 HTTP/1.1
Host: htmwbstt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Cookie: PHPSESSID=55875479f627a9d60ee8335d2e3879a3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 22 Sep 2023 21:24:58 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 13 Feb 2023 23:40:03 GMT
etag: W/"63eaca53-63ed"
section-io-cache-id: 5b1e987fcbc0ca8c78e5fe7c64c35181
x-varnish: 14060829 426026
age: 10043
via: 1.1 varnish-65c66bdb8c-wrbtm (Varnish/7.2)
section-io-cache: Hit
content-encoding: gzip
section-io-id: e8a764d80922e1e5ccc07fedbeb47f7b
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
200 OK 121 kB URL GET HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerDigiCert Inc
Subject*.vo.msecnd.net
Fingerprint0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 28 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (65371)
Size 121 kB (121200 bytes)
Hash ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
GET /ajax/bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://htmwbstt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 14604579
cache-control: public,max-age=31536000
content-type: text/css
date: Fri, 22 Sep 2023 21:24:58 GMT
etag: "0e914f2cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:10:18 GMT
server: ECAcc (ska/F740)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19629
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
200 OK 28 kB URL GET HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
IP
Requested by https://htmwbstt.com/dofadd/?SID=55875479f627a9d60ee8335d2e3879a3
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (27832)
Hash 1cb05a2f9541200e1fa0a2cd0abc7663
fdf3292a6db22945eb79e08d847834205b749c6f
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60
GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://htmwbstt.com/
Origin: https://htmwbstt.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 22 Sep 2023 21:24:59 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 733541
accept-ranges: bytes
server: cloudflare
cf-ray: 80ad9e2fa8b3b4f9-OSL
X-Firefox-Spdy: h2
207.120.33.37
104.18.23.52
0.0.0.0