fressh.fr/wp-content/plugins/umbrella-core/uncocked/centipede_discern.html?ames=fz7g
151.101.66.159301 Moved Permanently 162 B URL HTTP/1.1 fressh.fr/wp-content/plugins/umbrella-core/uncocked/centipede_discern.html?ames=fz7g
IP 151.101.66.159:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/plugins/umbrella-core/uncocked/centipede_discern.html?ames=fz7g HTTP/1.1
Host: fressh.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Location: https://fressh.fr/wp-content/plugins/umbrella-core/uncocked/centipede_discern.html?ames=fz7g
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-FW-Server: Flywheel/5.1.0
X-FW-Hash: e5fmlg1e1r
X-FW-Version: 5.0.0
Server: Flywheel/5.1.0
Accept-Ranges: bytes
Date: Fri, 17 Mar 2023 21:30:15 GMT
X-Served-By: cache-bma1636-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1679088615.015894,VS0,VE1
Vary: Authorization
X-FW-Serve: TRUE
X-FW-Static: NO
X-FW-Type: VISIT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2857be6f18459c7a4a7f00f6cd6076f1
570609086d72a9be57cde7bfefd25663c1035fba
bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F"
Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2656
Expires: Fri, 17 Mar 2023 22:14:31 GMT
Date: Fri, 17 Mar 2023 21:30:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 443a700f85619f4fd8a548421c5c23e2
a58764a07feafb2bb4b340c020b5104c55b35195
0bc80613f3d493ea081bf5672ab76f6f33a1dcc0710fe1431de83c46d7e8d31d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BC80613F3D493EA081BF5672AB76F6F33A1DCC0710FE1431DE83C46D7E8D31D"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10551
Expires: Sat, 18 Mar 2023 00:26:06 GMT
Date: Fri, 17 Mar 2023 21:30:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 17 Mar 2023 21:26:47 GMT
content-type: application/json
age: 208
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 003080c91d03081096b019a53f63a8e9
b3d742e037ae313261033338d05d8155f1bf7e6b
d64a58d2f2bca32cb33f6fb8581978238ffa9919a3b2ffb4ce056a57fb7c9917
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D64A58D2F2BCA32CB33F6FB8581978238FFA9919A3B2FFB4CE056A57FB7C9917"
Last-Modified: Wed, 15 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12500
Expires: Sat, 18 Mar 2023 00:58:35 GMT
Date: Fri, 17 Mar 2023 21:30:15 GMT
Connection: keep-alive
fressh.fr/wp-content/plugins/umbrella-core/uncocked/centipede_discern.html?ames=fz7g
151.101.66.159200 OK 119 B URL HTTP/2 fressh.fr/wp-content/plugins/umbrella-core/uncocked/centipede_discern.html?ames=fz7g
IP 151.101.66.159:0
File type HTML document, ASCII text
Hash 4c2cc5566e049cd400a66ad4d66d290c
cc8e59bcd06a00361128c0f668a011db4e555f32
935cd80df8ad7d9a41979dfc869f8c906e5eccf4066f7d02fefa53b7301ad834
GET /wp-content/plugins/umbrella-core/uncocked/centipede_discern.html?ames=fz7g HTTP/1.1
Host: fressh.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
last-modified: Wed, 08 Mar 2023 22:11:06 GMT
etag: W/"640907fa-73"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: e5fmlg1e1r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 17 Mar 2023 21:30:15 GMT
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1679088615.207984,VS0,VE2
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 119
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9s40hOkimPV6zJ+ORWBEKE2q8aNR4GrbcVFJ2XJQ0NE0UNSCvbT+BY5zsrBMYQ0tXxMojh+sRWw=
x-amz-request-id: TK2B92SH4DDYXB32
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 17 Mar 2023 20:57:35 GMT
age: 1960
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 21:30:15 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
rainbowhookup.com/hookup1/index.html
46.161.40.116200 OK 145 B URL HTTP/1.1 rainbowhookup.com/hookup1/index.html
IP 46.161.40.116:0
ASN #209272 Alviva Holding Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 53003b49c7124040b08079b4e8354c7e
40ca43a51bdb48b118701dd366e06fe6f9bc9731
377f055292fa60d8aab5f7ed614573c77fe7d23e48a66e42f138af9b2bf7c3ab
Analyzer Verdict Alert fortinet Phishing
GET /hookup1/index.html HTTP/1.1
Host: rainbowhookup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 21:30:15 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 15 Mar 2023 14:12:14 GMT
ETag: "bc-5f6f0ee4a8b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 145
Keep-Alive: timeout=2, max=100
Content-Type: text/html
rainbowhookup.com/hookup1/style.css
46.161.40.116200 OK 142 B URL HTTP/1.1 rainbowhookup.com/hookup1/style.css
IP 46.161.40.116:0
ASN #209272 Alviva Holding Limited
File type ASCII text, with CRLF line terminators
Hash 591020de79cb492e2d0f03ac2cdda629
e875b8eb3de6f4e2370cc36e44a7af1275098969
6e6b667b1c6eb80802b079e06b6f92f6284b113098b7be8365651714ff90d71a
GET /hookup1/style.css HTTP/1.1
Host: rainbowhookup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowhookup.com/hookup1/index.html
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 21:30:15 GMT
Server: Apache/2
Last-Modified: Tue, 14 Mar 2023 22:12:58 GMT
ETag: "c2-5f6e387afae80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 142
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/css
rainbowhookup.com/hookup1/redirect.js
46.161.40.116200 OK 339 B URL HTTP/1.1 rainbowhookup.com/hookup1/redirect.js
IP 46.161.40.116:0
ASN #209272 Alviva Holding Limited
File type ASCII text, with CRLF line terminators
Hash ea7d0223231ba3ef2891eb02968bc5ff
f933c4d4483079d595b942bfac5e933f600c67a4
7314bc11c9a6b610131be0455eb5622e7eea4561b4ed2b7f4147ad9c5436bdd7
Analyzer Verdict Alert fortinet Phishing
GET /hookup1/redirect.js HTTP/1.1
Host: rainbowhookup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowhookup.com/hookup1/index.html
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 21:30:15 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 16 Mar 2023 13:54:08 GMT
ETag: "209-5f704cb66e000-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 339
Keep-Alive: timeout=2, max=100
Content-Type: application/javascript
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Pragma, Content-Type, Content-Length, Cache-Control, Expires, Backoff, Alert, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 17 Mar 2023 21:14:32 GMT
age: 943
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
rainbowhookup.com/favicon.ico
46.161.40.116404 Not Found 200 B URL HTTP/1.1 rainbowhookup.com/favicon.ico
IP 46.161.40.116:0
ASN #209272 Alviva Holding Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 74e53b854c829f27b99eb3700dd7cd60
721d8d7b5162ee609a37c45f341dab5ff3e46cbd
50782c0a554d9f6847bf5620f692b8fe29dab5601af5d85f7cbdd8ce6d55c851
GET /favicon.ico HTTP/1.1
Host: rainbowhookup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rainbowhookup.com/hookup1/index.html
HTTP/1.1 404 Not Found
Date: Fri, 17 Mar 2023 21:30:15 GMT
Server: Apache/2
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 200
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/html
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 70f795f7a73fb087a4b08eebe6e2a970
faaa9283e766256900f3c3e00dee00973e7da2a6
4f7e4813f82f60ebf9c536d9342726307686931df7309a4c367f3b658602efde
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F7E4813F82F60EBF9C536D9342726307686931DF7309A4C367F3B658602EFDE"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4044
Expires: Fri, 17 Mar 2023 22:37:39 GMT
Date: Fri, 17 Mar 2023 21:30:15 GMT
Connection: keep-alive
push.services.mozilla.com/
54.203.233.147101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.203.233.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2Og10E3TJBpmAt52eJUj5g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZDz3ZpMGZBRmgThPVGEx/8z6byc=
png.monster/wp-content/uploads/2021/06/png.monster-12.png
170.130.40.160200 OK 19 kB URL HTTP/2 png.monster/wp-content/uploads/2021/06/png.monster-12.png
IP 170.130.40.160:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 35b55623fc0f1329f74bd5b3dbda21df
9f836420c21161aed9f5ddaca301efade997d8f8
9897a309d70ad90203f2863ca2e36922f9851341bf9cfd269e9801b99f0f1106
GET /wp-content/uploads/2021/06/png.monster-12.png HTTP/1.1
Host: png.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rainbowhookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 21:30:16 GMT
content-type: image/webp
content-length: 18762
last-modified: Sun, 27 Jun 2021 19:10:17 GMT
etag: "60d8cd19-494a"
expires: Sun, 16 Apr 2023 21:30:16 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 071e1e0f583d6ccd2ca20d98f43e375f
72f3d0f399509f9972b19c740bdf4e945a3d6247
1c9f99cad01369bedc4f91b05ac62df77fef17537cb4eda8d0134f009bbe4b75
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C9F99CAD01369BEDC4F91B05AC62DF77FEF17537CB4EDA8D0134F009BBE4B75"
Last-Modified: Thu, 16 Mar 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5933
Expires: Fri, 17 Mar 2023 23:09:09 GMT
Date: Fri, 17 Mar 2023 21:30:16 GMT
Connection: keep-alive
www.hugshub.life/s/62cf1c2230951
178.162.199.80200 OK 2.2 kB URL HTTP/1.1 www.hugshub.life/s/62cf1c2230951
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321)
Hash 7387d128a15d7a1bc0b7a8862b997f75
2326b9f22dabe29ac3a7aa887c7ea7e454b8a64f
0a53304ff0b9b92e001724816e368ec29696521d46a0d395fae54b154b38aa51
Analyzer Verdict Alert fortinet Phishing
GET /s/62cf1c2230951 HTTP/1.1
Host: www.hugshub.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rainbowhookup.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 17 Mar 2023 21:30:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: s=tO2fOeF2Q%2FxIKzURiY2EVZUzj2deq%2FxWms0RWfPNjT7zjqaZR5QAnOrpD80sYKFhG0I5kz485nXPejhAR%2BerZyB%2BNvmRHptV%2BTS4d6yb1vNlKQkSJa%2BW8tahXjzp6oDYAPEy4l3jhI%2Bw0t%2FincrQnIj0lLQtDOlP0%2FgC0%2F1vPcAPYLKPNOCXm4kbt1CTkevysi4OCu%2FDArguwaDmrli6EEvXIh2UlThW328CdgDA%2FW1A88DXYlFRhS%2BX0Ty4wwglEYkeP3TtN65BQMJuPf1lffiKFv1Sd%2By422jmQd%2BtZ8Mm3aJ2UJImjn85MrREPd1oe44rgduFNLx5Qvn2KAvrIlB80umbaz%2BmGF74a%2FBum01NODzXqdowX%2FS1yW5RQ%2BPIPP9goumThzAV05O9xGStf1l0rqIYfNTaqp5ibuSALR99CiW8Rw6%2BKkbs2DIsuw923S%2B%2FF5M6jTLSpt1w4rVkRG02niJ%2B%2FBb6A94CnfoTAKYoF7wkFEnZ%2BTVe883T0mZWeir0w8AYswX38of12J14wJ5K69BS6%2BP4S1%2FgnevN95Nd%2B7yROAfxdEZEG1Bq1s3xYfKEJNbw0jiPikOnwoxsJPttzWzwhJblmCxgDq1cW778aWt7zuNk%2FOrvyXSdXk0qwVTAIDoSPRFjS9GupNRhuIlkCCjIGuzmYpnR9u1X%2B%2B9SGvYi7R9Zf0JRSQEe%2FbS9a5ZyODCTOW8m7X8uHlBsycEy8zbixtc1KLvmWeYJmG1Ge5jW7UsmpXYkjuRQ8kKSq3JQRuf0NR%2F%2BqV1W0nWshQyVBq8lowQpb%2FPypxWsOppfJlJnehh5FufqhfFBDdu6rujDnIDkbTxiFLMCW67QKLdrot%2B0dkKRHO5Tkv9Fs4aA1h7bNwnEaVPSXb%2FDSpWG1r%2FKkoMcv4PS2Wxu80ZJyHWjBVy0aF3AVqubK%2B9fpw85htuSFw4NJGjZ0OrQPux45O0C5ZfOASkggjlxUUwPsBvDGZlGAdmN9l%2BE%2B7Nt4U0wc9Jxz2vdrPt7ysSWTqp6JxasIiVkwXkBy1zbHitJ4Bfw959j%2BqwQ7b0JrffCnsJTfu7d9bmAxtJssvWRxoEOf1LoAkvszHaJDT%2BZzpej%2BNzlJKwQq7Z3phr%2Bybf9fh2otK7Otj1EVvB591SA7cU%2F2lALoAA8k%2FTdNCRaZlXQIVUi5oTB7Bsv0T%2F3Wd%2BAcxsayIHHMDf%2F9SEg6sjBf%2Bthy4dtvauTWYxujRtG0Qo2Lek0wdqOlqZx4iZPfGOjdI8AHhaidRE9zNgPybGQt3yU1T8mMYERK6QEtMn%2FH3QgzvY60VNjqpX7quAEkXoNMrXmwDO5X7BLcS7IxmEFmL9FdhqD36rJFisLqWswAQjBDunqkXZ1QttRFwELXEhwExfBYMO9eOZvDswmnvRl7gZKk3xe12eBFZYVEfLyKikiMxSm91xjiYeSClf29jjcXU%2Bz2Ebqm0%2B7hRT8PdaXDV0c7TmTKPl8kU6%2FhuKxRw%2B2Oatt2TYPJptHd2o7ufRK3ga0LQomgrzi8tv%2BrfunruXi00QRX09xLE%2BaAZSQro10Rw2nXVS%2Br5TncrW9lyJe62TfQyvcmz61xKYRJWXgyvhds%2FHOSYDan2hCrVpjWQyGYGm7k3XlNUghl1xPoHwA53zeF%2Fwu966OYAwTUaTRwwgzNaSqWWb%2FPvfBAvoGU6GdYQ%3D%3D; expires=Sat, 18-Mar-2023 21:30:17 GMT; Max-Age=86400; path=/; domain=hugshub.life
SID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=hugshub.life
ESID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=hugshub.life
Content-Encoding: gzip
www.hugshub.life/bundle/812/assets/css/style.css
178.162.199.80200 OK 8.8 kB URL HTTP/1.1 www.hugshub.life/bundle/812/assets/css/style.css
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with CRLF line terminators
Hash 9e738c328cfc2625f9840d1b4c52b524
14e5febbaeb61227b5c996efd81bf2f73f2df793
29d9d65e863856bbcd8d70cb5c1f05f5c1777c1b7667ed6a5f65f7dc9f43b5b7
GET /bundle/812/assets/css/style.css HTTP/1.1
Host: www.hugshub.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugshub.life/s/62cf1c2230951
Cookie: s=tO2fOeF2Q%2FxIKzURiY2EVZUzj2deq%2FxWms0RWfPNjT7zjqaZR5QAnOrpD80sYKFhG0I5kz485nXPejhAR%2BerZyB%2BNvmRHptV%2BTS4d6yb1vNlKQkSJa%2BW8tahXjzp6oDYAPEy4l3jhI%2Bw0t%2FincrQnIj0lLQtDOlP0%2FgC0%2F1vPcAPYLKPNOCXm4kbt1CTkevysi4OCu%2FDArguwaDmrli6EEvXIh2UlThW328CdgDA%2FW1A88DXYlFRhS%2BX0Ty4wwglEYkeP3TtN65BQMJuPf1lffiKFv1Sd%2By422jmQd%2BtZ8Mm3aJ2UJImjn85MrREPd1oe44rgduFNLx5Qvn2KAvrIlB80umbaz%2BmGF74a%2FBum01NODzXqdowX%2FS1yW5RQ%2BPIPP9goumThzAV05O9xGStf1l0rqIYfNTaqp5ibuSALR99CiW8Rw6%2BKkbs2DIsuw923S%2B%2FF5M6jTLSpt1w4rVkRG02niJ%2B%2FBb6A94CnfoTAKYoF7wkFEnZ%2BTVe883T0mZWeir0w8AYswX38of12J14wJ5K69BS6%2BP4S1%2FgnevN95Nd%2B7yROAfxdEZEG1Bq1s3xYfKEJNbw0jiPikOnwoxsJPttzWzwhJblmCxgDq1cW778aWt7zuNk%2FOrvyXSdXk0qwVTAIDoSPRFjS9GupNRhuIlkCCjIGuzmYpnR9u1X%2B%2B9SGvYi7R9Zf0JRSQEe%2FbS9a5ZyODCTOW8m7X8uHlBsycEy8zbixtc1KLvmWeYJmG1Ge5jW7UsmpXYkjuRQ8kKSq3JQRuf0NR%2F%2BqV1W0nWshQyVBq8lowQpb%2FPypxWsOppfJlJnehh5FufqhfFBDdu6rujDnIDkbTxiFLMCW67QKLdrot%2B0dkKRHO5Tkv9Fs4aA1h7bNwnEaVPSXb%2FDSpWG1r%2FKkoMcv4PS2Wxu80ZJyHWjBVy0aF3AVqubK%2B9fpw85htuSFw4NJGjZ0OrQPux45O0C5ZfOASkggjlxUUwPsBvDGZlGAdmN9l%2BE%2B7Nt4U0wc9Jxz2vdrPt7ysSWTqp6JxasIiVkwXkBy1zbHitJ4Bfw959j%2BqwQ7b0JrffCnsJTfu7d9bmAxtJssvWRxoEOf1LoAkvszHaJDT%2BZzpej%2BNzlJKwQq7Z3phr%2Bybf9fh2otK7Otj1EVvB591SA7cU%2F2lALoAA8k%2FTdNCRaZlXQIVUi5oTB7Bsv0T%2F3Wd%2BAcxsayIHHMDf%2F9SEg6sjBf%2Bthy4dtvauTWYxujRtG0Qo2Lek0wdqOlqZx4iZPfGOjdI8AHhaidRE9zNgPybGQt3yU1T8mMYERK6QEtMn%2FH3QgzvY60VNjqpX7quAEkXoNMrXmwDO5X7BLcS7IxmEFmL9FdhqD36rJFisLqWswAQjBDunqkXZ1QttRFwELXEhwExfBYMO9eOZvDswmnvRl7gZKk3xe12eBFZYVEfLyKikiMxSm91xjiYeSClf29jjcXU%2Bz2Ebqm0%2B7hRT8PdaXDV0c7TmTKPl8kU6%2FhuKxRw%2B2Oatt2TYPJptHd2o7ufRK3ga0LQomgrzi8tv%2BrfunruXi00QRX09xLE%2BaAZSQro10Rw2nXVS%2Br5TncrW9lyJe62TfQyvcmz61xKYRJWXgyvhds%2FHOSYDan2hCrVpjWQyGYGm7k3XlNUghl1xPoHwA53zeF%2Fwu966OYAwTUaTRwwgzNaSqWWb%2FPvfBAvoGU6GdYQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 17 Mar 2023 21:30:17 GMT
Content-Type: text/css
Content-Length: 8841
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 13:45:29 GMT
Vary: Accept-Encoding
ETag: "636fa379-2289"
Accept-Ranges: bytes
www.hugshub.life/bundle/812/assets/js/functions.js
178.162.199.80200 OK 754 B URL HTTP/1.1 www.hugshub.life/bundle/812/assets/js/functions.js
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with CRLF line terminators
Hash 72c89fc242792d00d123b17a27042f45
34a3c5a5ffc54c41b51c2dc64a94077f17e51f43
962a67baba919fcbc5dbfca75742e7855a3afef4d250829c3b8e02007e1294e2
Analyzer Verdict Alert fortinet Phishing
GET /bundle/812/assets/js/functions.js HTTP/1.1
Host: www.hugshub.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugshub.life/s/62cf1c2230951
Cookie: s=tO2fOeF2Q%2FxIKzURiY2EVZUzj2deq%2FxWms0RWfPNjT7zjqaZR5QAnOrpD80sYKFhG0I5kz485nXPejhAR%2BerZyB%2BNvmRHptV%2BTS4d6yb1vNlKQkSJa%2BW8tahXjzp6oDYAPEy4l3jhI%2Bw0t%2FincrQnIj0lLQtDOlP0%2FgC0%2F1vPcAPYLKPNOCXm4kbt1CTkevysi4OCu%2FDArguwaDmrli6EEvXIh2UlThW328CdgDA%2FW1A88DXYlFRhS%2BX0Ty4wwglEYkeP3TtN65BQMJuPf1lffiKFv1Sd%2By422jmQd%2BtZ8Mm3aJ2UJImjn85MrREPd1oe44rgduFNLx5Qvn2KAvrIlB80umbaz%2BmGF74a%2FBum01NODzXqdowX%2FS1yW5RQ%2BPIPP9goumThzAV05O9xGStf1l0rqIYfNTaqp5ibuSALR99CiW8Rw6%2BKkbs2DIsuw923S%2B%2FF5M6jTLSpt1w4rVkRG02niJ%2B%2FBb6A94CnfoTAKYoF7wkFEnZ%2BTVe883T0mZWeir0w8AYswX38of12J14wJ5K69BS6%2BP4S1%2FgnevN95Nd%2B7yROAfxdEZEG1Bq1s3xYfKEJNbw0jiPikOnwoxsJPttzWzwhJblmCxgDq1cW778aWt7zuNk%2FOrvyXSdXk0qwVTAIDoSPRFjS9GupNRhuIlkCCjIGuzmYpnR9u1X%2B%2B9SGvYi7R9Zf0JRSQEe%2FbS9a5ZyODCTOW8m7X8uHlBsycEy8zbixtc1KLvmWeYJmG1Ge5jW7UsmpXYkjuRQ8kKSq3JQRuf0NR%2F%2BqV1W0nWshQyVBq8lowQpb%2FPypxWsOppfJlJnehh5FufqhfFBDdu6rujDnIDkbTxiFLMCW67QKLdrot%2B0dkKRHO5Tkv9Fs4aA1h7bNwnEaVPSXb%2FDSpWG1r%2FKkoMcv4PS2Wxu80ZJyHWjBVy0aF3AVqubK%2B9fpw85htuSFw4NJGjZ0OrQPux45O0C5ZfOASkggjlxUUwPsBvDGZlGAdmN9l%2BE%2B7Nt4U0wc9Jxz2vdrPt7ysSWTqp6JxasIiVkwXkBy1zbHitJ4Bfw959j%2BqwQ7b0JrffCnsJTfu7d9bmAxtJssvWRxoEOf1LoAkvszHaJDT%2BZzpej%2BNzlJKwQq7Z3phr%2Bybf9fh2otK7Otj1EVvB591SA7cU%2F2lALoAA8k%2FTdNCRaZlXQIVUi5oTB7Bsv0T%2F3Wd%2BAcxsayIHHMDf%2F9SEg6sjBf%2Bthy4dtvauTWYxujRtG0Qo2Lek0wdqOlqZx4iZPfGOjdI8AHhaidRE9zNgPybGQt3yU1T8mMYERK6QEtMn%2FH3QgzvY60VNjqpX7quAEkXoNMrXmwDO5X7BLcS7IxmEFmL9FdhqD36rJFisLqWswAQjBDunqkXZ1QttRFwELXEhwExfBYMO9eOZvDswmnvRl7gZKk3xe12eBFZYVEfLyKikiMxSm91xjiYeSClf29jjcXU%2Bz2Ebqm0%2B7hRT8PdaXDV0c7TmTKPl8kU6%2FhuKxRw%2B2Oatt2TYPJptHd2o7ufRK3ga0LQomgrzi8tv%2BrfunruXi00QRX09xLE%2BaAZSQro10Rw2nXVS%2Br5TncrW9lyJe62TfQyvcmz61xKYRJWXgyvhds%2FHOSYDan2hCrVpjWQyGYGm7k3XlNUghl1xPoHwA53zeF%2Fwu966OYAwTUaTRwwgzNaSqWWb%2FPvfBAvoGU6GdYQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 17 Mar 2023 21:30:17 GMT
Content-Type: application/javascript
Content-Length: 754
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 13:45:30 GMT
Vary: Accept-Encoding
ETag: "636fa37a-2f2"
Accept-Ranges: bytes
cdn.jsdelivr.net/npm/jquery-background-video@1.1.0/jquery.background-video.min.js
151.101.65.229200 OK 1.5 kB URL HTTP/2 cdn.jsdelivr.net/npm/jquery-background-video@1.1.0/jquery.background-video.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (2760)
Hash 30dde27cc04fd354f8c23360ccb4db86
85c0406c2257108e7998bbbcaedfb1c73be7c769
fea9872472c31c5d56ba8901cb7cdb631f416bd6c879066cdfd592f7c6005cc4
GET /npm/jquery-background-video@1.1.0/jquery.background-video.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugshub.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.1.0
x-jsd-version-type: version
etag: W/"c2c-rk12AHoQRv8E9UcxhQwjPVHVc68"
content-encoding: br
accept-ranges: bytes
date: Fri, 17 Mar 2023 21:30:17 GMT
age: 203426
x-served-by: cache-fra-eddf8230132-FRA, cache-bma1625-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1527
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.3.1.min.js
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65451)
Hash d549b312f7a7d228b4ec229a6547dfdc
0766794582ad530ec0f8c2595f741086afffa312
f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44
GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hugshub.life
Connection: keep-alive
Referer: https://www.hugshub.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 17 Mar 2023 21:30:17 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1679088617.dop219.sk1.t,1679088617.cds249.sk1.hn,1679088617.cds240.sk1.c
X-Firefox-Spdy: h2
www.hugshub.life/js/click.js?9
178.162.199.80200 OK 6.4 kB URL HTTP/1.1 www.hugshub.life/js/click.js?9
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
Hash b5854bc72fe9d6347725baca222138c4
a2513361e42e33ffbd63a8c9e4094be69143f3ae
b9f1c39a20a76c81597029e11b2592c3ab1f7f90234a08f9eaab5bb0555d5cbc
Analyzer Verdict Alert fortinet Phishing
GET /js/click.js?9 HTTP/1.1
Host: www.hugshub.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugshub.life/s/62cf1c2230951
Cookie: s=tO2fOeF2Q%2FxIKzURiY2EVZUzj2deq%2FxWms0RWfPNjT7zjqaZR5QAnOrpD80sYKFhG0I5kz485nXPejhAR%2BerZyB%2BNvmRHptV%2BTS4d6yb1vNlKQkSJa%2BW8tahXjzp6oDYAPEy4l3jhI%2Bw0t%2FincrQnIj0lLQtDOlP0%2FgC0%2F1vPcAPYLKPNOCXm4kbt1CTkevysi4OCu%2FDArguwaDmrli6EEvXIh2UlThW328CdgDA%2FW1A88DXYlFRhS%2BX0Ty4wwglEYkeP3TtN65BQMJuPf1lffiKFv1Sd%2By422jmQd%2BtZ8Mm3aJ2UJImjn85MrREPd1oe44rgduFNLx5Qvn2KAvrIlB80umbaz%2BmGF74a%2FBum01NODzXqdowX%2FS1yW5RQ%2BPIPP9goumThzAV05O9xGStf1l0rqIYfNTaqp5ibuSALR99CiW8Rw6%2BKkbs2DIsuw923S%2B%2FF5M6jTLSpt1w4rVkRG02niJ%2B%2FBb6A94CnfoTAKYoF7wkFEnZ%2BTVe883T0mZWeir0w8AYswX38of12J14wJ5K69BS6%2BP4S1%2FgnevN95Nd%2B7yROAfxdEZEG1Bq1s3xYfKEJNbw0jiPikOnwoxsJPttzWzwhJblmCxgDq1cW778aWt7zuNk%2FOrvyXSdXk0qwVTAIDoSPRFjS9GupNRhuIlkCCjIGuzmYpnR9u1X%2B%2B9SGvYi7R9Zf0JRSQEe%2FbS9a5ZyODCTOW8m7X8uHlBsycEy8zbixtc1KLvmWeYJmG1Ge5jW7UsmpXYkjuRQ8kKSq3JQRuf0NR%2F%2BqV1W0nWshQyVBq8lowQpb%2FPypxWsOppfJlJnehh5FufqhfFBDdu6rujDnIDkbTxiFLMCW67QKLdrot%2B0dkKRHO5Tkv9Fs4aA1h7bNwnEaVPSXb%2FDSpWG1r%2FKkoMcv4PS2Wxu80ZJyHWjBVy0aF3AVqubK%2B9fpw85htuSFw4NJGjZ0OrQPux45O0C5ZfOASkggjlxUUwPsBvDGZlGAdmN9l%2BE%2B7Nt4U0wc9Jxz2vdrPt7ysSWTqp6JxasIiVkwXkBy1zbHitJ4Bfw959j%2BqwQ7b0JrffCnsJTfu7d9bmAxtJssvWRxoEOf1LoAkvszHaJDT%2BZzpej%2BNzlJKwQq7Z3phr%2Bybf9fh2otK7Otj1EVvB591SA7cU%2F2lALoAA8k%2FTdNCRaZlXQIVUi5oTB7Bsv0T%2F3Wd%2BAcxsayIHHMDf%2F9SEg6sjBf%2Bthy4dtvauTWYxujRtG0Qo2Lek0wdqOlqZx4iZPfGOjdI8AHhaidRE9zNgPybGQt3yU1T8mMYERK6QEtMn%2FH3QgzvY60VNjqpX7quAEkXoNMrXmwDO5X7BLcS7IxmEFmL9FdhqD36rJFisLqWswAQjBDunqkXZ1QttRFwELXEhwExfBYMO9eOZvDswmnvRl7gZKk3xe12eBFZYVEfLyKikiMxSm91xjiYeSClf29jjcXU%2Bz2Ebqm0%2B7hRT8PdaXDV0c7TmTKPl8kU6%2FhuKxRw%2B2Oatt2TYPJptHd2o7ufRK3ga0LQomgrzi8tv%2BrfunruXi00QRX09xLE%2BaAZSQro10Rw2nXVS%2Br5TncrW9lyJe62TfQyvcmz61xKYRJWXgyvhds%2FHOSYDan2hCrVpjWQyGYGm7k3XlNUghl1xPoHwA53zeF%2Fwu966OYAwTUaTRwwgzNaSqWWb%2FPvfBAvoGU6GdYQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 17 Mar 2023 21:30:17 GMT
Content-Type: application/javascript
Content-Length: 6404
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 14:01:16 GMT
Vary: Accept-Encoding
ETag: "6413212c-1904"
Accept-Ranges: bytes
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash d221961d0586b03814df0564f7fad0dd
00e3349c16733d6a848e7d594f398617cb4c1ed6
712f8f9545250e9a78b6910a326ab8ff2697461e52661f5edfaf5dc63660d9b1
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 21:30:17 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "77D3C7D6951952235D3EEFA3F8AF14DC1B3CCAF5"
Expires: Sat, 18 Mar 2023 08:00:00 GMT
Last-Modified: Fri, 17 Mar 2023 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1543
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a9856123d3efac0-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 886a55065537b0624371a82292fe26c2
5ff87d6a26d94e0ed10f0cb55d0ac0237efb135a
a0811f584403bcdb37925007e7d9df722591566885dcedf330fb13fed891905f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Mar 2023 21:30:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 886a55065537b0624371a82292fe26c2
5ff87d6a26d94e0ed10f0cb55d0ac0237efb135a
a0811f584403bcdb37925007e7d9df722591566885dcedf330fb13fed891905f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Mar 2023 21:30:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hugshub.life/bundle/812/assets/images/d1.jpg
178.162.199.80200 OK 78 kB URL HTTP/1.1 www.hugshub.life/bundle/812/assets/images/d1.jpg
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 99", progressive, precision 8, 1280x853, components 3\012- data
Hash 079aa3084946fc388a529f14d9034a5b
20c92b4329bdc75731f0093f3e6f92ba1944481c
d02f3f1209f253dd365c61eb3b721865b652eef237e8d9391bd93128f5381ef7
GET /bundle/812/assets/images/d1.jpg HTTP/1.1
Host: www.hugshub.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugshub.life/s/62cf1c2230951
Cookie: s=tO2fOeF2Q%2FxIKzURiY2EVZUzj2deq%2FxWms0RWfPNjT7zjqaZR5QAnOrpD80sYKFhG0I5kz485nXPejhAR%2BerZyB%2BNvmRHptV%2BTS4d6yb1vNlKQkSJa%2BW8tahXjzp6oDYAPEy4l3jhI%2Bw0t%2FincrQnIj0lLQtDOlP0%2FgC0%2F1vPcAPYLKPNOCXm4kbt1CTkevysi4OCu%2FDArguwaDmrli6EEvXIh2UlThW328CdgDA%2FW1A88DXYlFRhS%2BX0Ty4wwglEYkeP3TtN65BQMJuPf1lffiKFv1Sd%2By422jmQd%2BtZ8Mm3aJ2UJImjn85MrREPd1oe44rgduFNLx5Qvn2KAvrIlB80umbaz%2BmGF74a%2FBum01NODzXqdowX%2FS1yW5RQ%2BPIPP9goumThzAV05O9xGStf1l0rqIYfNTaqp5ibuSALR99CiW8Rw6%2BKkbs2DIsuw923S%2B%2FF5M6jTLSpt1w4rVkRG02niJ%2B%2FBb6A94CnfoTAKYoF7wkFEnZ%2BTVe883T0mZWeir0w8AYswX38of12J14wJ5K69BS6%2BP4S1%2FgnevN95Nd%2B7yROAfxdEZEG1Bq1s3xYfKEJNbw0jiPikOnwoxsJPttzWzwhJblmCxgDq1cW778aWt7zuNk%2FOrvyXSdXk0qwVTAIDoSPRFjS9GupNRhuIlkCCjIGuzmYpnR9u1X%2B%2B9SGvYi7R9Zf0JRSQEe%2FbS9a5ZyODCTOW8m7X8uHlBsycEy8zbixtc1KLvmWeYJmG1Ge5jW7UsmpXYkjuRQ8kKSq3JQRuf0NR%2F%2BqV1W0nWshQyVBq8lowQpb%2FPypxWsOppfJlJnehh5FufqhfFBDdu6rujDnIDkbTxiFLMCW67QKLdrot%2B0dkKRHO5Tkv9Fs4aA1h7bNwnEaVPSXb%2FDSpWG1r%2FKkoMcv4PS2Wxu80ZJyHWjBVy0aF3AVqubK%2B9fpw85htuSFw4NJGjZ0OrQPux45O0C5ZfOASkggjlxUUwPsBvDGZlGAdmN9l%2BE%2B7Nt4U0wc9Jxz2vdrPt7ysSWTqp6JxasIiVkwXkBy1zbHitJ4Bfw959j%2BqwQ7b0JrffCnsJTfu7d9bmAxtJssvWRxoEOf1LoAkvszHaJDT%2BZzpej%2BNzlJKwQq7Z3phr%2Bybf9fh2otK7Otj1EVvB591SA7cU%2F2lALoAA8k%2FTdNCRaZlXQIVUi5oTB7Bsv0T%2F3Wd%2BAcxsayIHHMDf%2F9SEg6sjBf%2Bthy4dtvauTWYxujRtG0Qo2Lek0wdqOlqZx4iZPfGOjdI8AHhaidRE9zNgPybGQt3yU1T8mMYERK6QEtMn%2FH3QgzvY60VNjqpX7quAEkXoNMrXmwDO5X7BLcS7IxmEFmL9FdhqD36rJFisLqWswAQjBDunqkXZ1QttRFwELXEhwExfBYMO9eOZvDswmnvRl7gZKk3xe12eBFZYVEfLyKikiMxSm91xjiYeSClf29jjcXU%2Bz2Ebqm0%2B7hRT8PdaXDV0c7TmTKPl8kU6%2FhuKxRw%2B2Oatt2TYPJptHd2o7ufRK3ga0LQomgrzi8tv%2BrfunruXi00QRX09xLE%2BaAZSQro10Rw2nXVS%2Br5TncrW9lyJe62TfQyvcmz61xKYRJWXgyvhds%2FHOSYDan2hCrVpjWQyGYGm7k3XlNUghl1xPoHwA53zeF%2Fwu966OYAwTUaTRwwgzNaSqWWb%2FPvfBAvoGU6GdYQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 17 Mar 2023 21:30:17 GMT
Content-Type: image/jpeg
Content-Length: 78369
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 13:45:29 GMT
ETag: "636fa379-13221"
Accept-Ranges: bytes
fonts.googleapis.com/css?family=Montserrat&subset=latin-ext
142.250.74.74200 OK 971 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat&subset=latin-ext
IP 142.250.74.74:0
Hash b3ef39ca45b30ceec5e418a356ad92aa
b0819941bd57d753e9ebec58de005b198d283ed3
f293f1db8bbd2b98abf8a381d32ee8ce61ddc010d3e50027fe247ac607acb071
GET /css?family=Montserrat&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugshub.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 17 Mar 2023 21:30:17 GMT
date: Fri, 17 Mar 2023 21:30:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Hash b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hugshub.life
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Mar 2023 02:06:11 GMT
expires: Sat, 16 Mar 2024 02:06:11 GMT
cache-control: public, max-age=31536000
age: 69846
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7739
Expires: Fri, 17 Mar 2023 23:39:16 GMT
Date: Fri, 17 Mar 2023 21:30:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7739
Expires: Fri, 17 Mar 2023 23:39:16 GMT
Date: Fri, 17 Mar 2023 21:30:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7739
Expires: Fri, 17 Mar 2023 23:39:16 GMT
Date: Fri, 17 Mar 2023 21:30:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7739
Expires: Fri, 17 Mar 2023 23:39:16 GMT
Date: Fri, 17 Mar 2023 21:30:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7739
Expires: Fri, 17 Mar 2023 23:39:16 GMT
Date: Fri, 17 Mar 2023 21:30:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6272d07-0ccd-41ba-a86f-72932f0783bd.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6272d07-0ccd-41ba-a86f-72932f0783bd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05b82ec8d7e99e9499e8b5a980008c60
280fe711e384d60749c6225ddcc7f57c48845719
305b82d6aa40f5af58100de5007ac484c73c0a49ab7c5715b8ab6e83e10270f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6272d07-0ccd-41ba-a86f-72932f0783bd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5828
x-amzn-requestid: 8361aeb7-1c8a-491d-b50d-59b3d6a061ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B5K4lGhXIAMFlFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64138b69-7b1d2aa5075294e04d976ad9;Sampled=0
x-amzn-remapped-date: Thu, 16 Mar 2023 21:34:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: VYAI-v5_r6-RO5c5aTrA4JJnM1iRUtwDL349__B7TVNKYs_XqfiEhA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 22:06:15 GMT
age: 84242
etag: "280fe711e384d60749c6225ddcc7f57c48845719"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: bka10YWXvoKBRkwgvJNMzm1SSv_J1USzdugO9lPduHxe2uYFYkXh4w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 07:02:34 GMT
age: 52063
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdad4172a-505a-4014-9bcf-f13aa53b1686.webp
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdad4172a-505a-4014-9bcf-f13aa53b1686.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8154be92a2d44a0162f1cc673921529f
d56d45d301ddd803f7d9e69dee60694cb9cbc598
1ce79bc57af6f1b848992c86f300589070ed7343f8ac9cf1911e9f53f1278dcb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdad4172a-505a-4014-9bcf-f13aa53b1686.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8758
x-amzn-requestid: 7c07a43a-3a52-4bea-8ff0-f2e0247c680d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B14rgEQfIAMF2Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64123b16-5f46de1a5896bb08271f930d;Sampled=0
x-amzn-remapped-date: Wed, 15 Mar 2023 21:39:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 3zxt_zNW_W4xw7Fsqylm6dkjtVBFZDaI6FLSe5f541G1xgNcKrloaQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 21:51:45 GMT
age: 85112
etag: "d56d45d301ddd803f7d9e69dee60694cb9cbc598"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10addb30-9797-4bfb-ab40-27590dcd8a0c.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10addb30-9797-4bfb-ab40-27590dcd8a0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8d0d0c23818e0992d7081d19d86d752a
5f96d26521f4db9c8858b72d5c60f5b06fd0bba1
092427d520bfea7cf5cac7f160624001496ad5f54e8c8554a1c8aea942a7db87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10addb30-9797-4bfb-ab40-27590dcd8a0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6871
x-amzn-requestid: 56a9e84e-6436-4726-a8b3-efc08485eb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BmtHXG6IIAMFRTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640c2895-6dc08086321fb6c016eb88e9;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 07:07:01 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: SDQGfzJOO-MuuJXlOI2vqvE8pgmDt0NOGI6aDLPTvG78ZWaXxM-mGg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ea699166e6ec77aa410ff505b0a8ce18.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 21:22:57 GMT
age: 440
etag: "5f96d26521f4db9c8858b72d5c60f5b06fd0bba1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.hugshub.life/bundle/812/assets/images/favicon.png
178.162.199.80200 OK 3.5 kB URL HTTP/1.1 www.hugshub.life/bundle/812/assets/images/favicon.png
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash cc86e90f22b2a8c36fef53568d5fbee9
547fb463d586ef2781970233dc0fb72d57813927
21bd9a17dd1badae75cad5e54d11c40e085662b91e4f7486f35e54371dc40e12
GET /bundle/812/assets/images/favicon.png HTTP/1.1
Host: www.hugshub.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugshub.life/s/62cf1c2230951
Cookie: s=tO2fOeF2Q%2FxIKzURiY2EVZUzj2deq%2FxWms0RWfPNjT7zjqaZR5QAnOrpD80sYKFhG0I5kz485nXPejhAR%2BerZyB%2BNvmRHptV%2BTS4d6yb1vNlKQkSJa%2BW8tahXjzp6oDYAPEy4l3jhI%2Bw0t%2FincrQnIj0lLQtDOlP0%2FgC0%2F1vPcAPYLKPNOCXm4kbt1CTkevysi4OCu%2FDArguwaDmrli6EEvXIh2UlThW328CdgDA%2FW1A88DXYlFRhS%2BX0Ty4wwglEYkeP3TtN65BQMJuPf1lffiKFv1Sd%2By422jmQd%2BtZ8Mm3aJ2UJImjn85MrREPd1oe44rgduFNLx5Qvn2KAvrIlB80umbaz%2BmGF74a%2FBum01NODzXqdowX%2FS1yW5RQ%2BPIPP9goumThzAV05O9xGStf1l0rqIYfNTaqp5ibuSALR99CiW8Rw6%2BKkbs2DIsuw923S%2B%2FF5M6jTLSpt1w4rVkRG02niJ%2B%2FBb6A94CnfoTAKYoF7wkFEnZ%2BTVe883T0mZWeir0w8AYswX38of12J14wJ5K69BS6%2BP4S1%2FgnevN95Nd%2B7yROAfxdEZEG1Bq1s3xYfKEJNbw0jiPikOnwoxsJPttzWzwhJblmCxgDq1cW778aWt7zuNk%2FOrvyXSdXk0qwVTAIDoSPRFjS9GupNRhuIlkCCjIGuzmYpnR9u1X%2B%2B9SGvYi7R9Zf0JRSQEe%2FbS9a5ZyODCTOW8m7X8uHlBsycEy8zbixtc1KLvmWeYJmG1Ge5jW7UsmpXYkjuRQ8kKSq3JQRuf0NR%2F%2BqV1W0nWshQyVBq8lowQpb%2FPypxWsOppfJlJnehh5FufqhfFBDdu6rujDnIDkbTxiFLMCW67QKLdrot%2B0dkKRHO5Tkv9Fs4aA1h7bNwnEaVPSXb%2FDSpWG1r%2FKkoMcv4PS2Wxu80ZJyHWjBVy0aF3AVqubK%2B9fpw85htuSFw4NJGjZ0OrQPux45O0C5ZfOASkggjlxUUwPsBvDGZlGAdmN9l%2BE%2B7Nt4U0wc9Jxz2vdrPt7ysSWTqp6JxasIiVkwXkBy1zbHitJ4Bfw959j%2BqwQ7b0JrffCnsJTfu7d9bmAxtJssvWRxoEOf1LoAkvszHaJDT%2BZzpej%2BNzlJKwQq7Z3phr%2Bybf9fh2otK7Otj1EVvB591SA7cU%2F2lALoAA8k%2FTdNCRaZlXQIVUi5oTB7Bsv0T%2F3Wd%2BAcxsayIHHMDf%2F9SEg6sjBf%2Bthy4dtvauTWYxujRtG0Qo2Lek0wdqOlqZx4iZPfGOjdI8AHhaidRE9zNgPybGQt3yU1T8mMYERK6QEtMn%2FH3QgzvY60VNjqpX7quAEkXoNMrXmwDO5X7BLcS7IxmEFmL9FdhqD36rJFisLqWswAQjBDunqkXZ1QttRFwELXEhwExfBYMO9eOZvDswmnvRl7gZKk3xe12eBFZYVEfLyKikiMxSm91xjiYeSClf29jjcXU%2Bz2Ebqm0%2B7hRT8PdaXDV0c7TmTKPl8kU6%2FhuKxRw%2B2Oatt2TYPJptHd2o7ufRK3ga0LQomgrzi8tv%2BrfunruXi00QRX09xLE%2BaAZSQro10Rw2nXVS%2Br5TncrW9lyJe62TfQyvcmz61xKYRJWXgyvhds%2FHOSYDan2hCrVpjWQyGYGm7k3XlNUghl1xPoHwA53zeF%2Fwu966OYAwTUaTRwwgzNaSqWWb%2FPvfBAvoGU6GdYQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 17 Mar 2023 21:30:17 GMT
Content-Type: image/png
Content-Length: 3481
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 13:45:29 GMT
ETag: "636fa379-d99"
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32661b66-c29d-4fb2-8a6d-e8d32af65c0c.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32661b66-c29d-4fb2-8a6d-e8d32af65c0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b237b4b09287ed50ed4b41b5a4bfb339
5114fb56e5d9847562d2c493dbe684ee1057ffba
a78555499f140649e47a5c0a561f36a8002abbceb2ab13189e91faefa6dd298c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32661b66-c29d-4fb2-8a6d-e8d32af65c0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6291
x-amzn-requestid: 55afe02a-821a-48a1-ab71-77d42ae4adf8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B3lUdFqIoAMFQqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6412e8e9-7f5e230e44eac3b31e963b38;Sampled=0
x-amzn-remapped-date: Thu, 16 Mar 2023 10:01:13 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 7OQVogzC2etvZVgTCnc4vf3SnOuKRE0ouTzDK-vWZlzExAraw_Bwhg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6af3b573d8970d5db2a4d03354335b84.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 12:12:07 GMT
age: 33490
etag: "5114fb56e5d9847562d2c493dbe684ee1057ffba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F283cce37-c692-4203-ad27-597093d4e1d7.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F283cce37-c692-4203-ad27-597093d4e1d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ab1194f894e79ce8de9c4a02925415e8
b06c689355301378aedbe12d01782debc8e2559e
1113a17eb74f317f3879f781f7b2fcb86f7e7da9ff6e18b44288f379cd5a21c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F283cce37-c692-4203-ad27-597093d4e1d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5906
x-amzn-requestid: 81b47546-f999-40fc-887b-1f8e3d9e49b0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bz5_JGH2oAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64117060-303925a47d9431f63bf5afaa;Sampled=0
x-amzn-remapped-date: Wed, 15 Mar 2023 07:14:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: yhJQJKgvv9AxHjr1CFyDo6t5owgihxDs9W-HLMSV2bOb32s8KFFkAw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 01:19:03 GMT
age: 72674
etag: "b06c689355301378aedbe12d01782debc8e2559e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 17 Mar 2023 21:30:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hugshub.life/js/fp2.min.js
178.162.199.80200 OK 31 kB URL HTTP/1.1 www.hugshub.life/js/fp2.min.js
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (30507)
Hash e7d6b85edb141824af8951e19333337c
76600b2cb1978ca24d9fe39b1412f052da855ddb
6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e
Analyzer Verdict Alert fortinet Phishing
GET /js/fp2.min.js HTTP/1.1
Host: www.hugshub.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugshub.life/s/62cf1c2230951
Cookie: s=tO2fOeF2Q%2FxIKzURiY2EVZUzj2deq%2FxWms0RWfPNjT7zjqaZR5QAnOrpD80sYKFhG0I5kz485nXPejhAR%2BerZyB%2BNvmRHptV%2BTS4d6yb1vNlKQkSJa%2BW8tahXjzp6oDYAPEy4l3jhI%2Bw0t%2FincrQnIj0lLQtDOlP0%2FgC0%2F1vPcAPYLKPNOCXm4kbt1CTkevysi4OCu%2FDArguwaDmrli6EEvXIh2UlThW328CdgDA%2FW1A88DXYlFRhS%2BX0Ty4wwglEYkeP3TtN65BQMJuPf1lffiKFv1Sd%2By422jmQd%2BtZ8Mm3aJ2UJImjn85MrREPd1oe44rgduFNLx5Qvn2KAvrIlB80umbaz%2BmGF74a%2FBum01NODzXqdowX%2FS1yW5RQ%2BPIPP9goumThzAV05O9xGStf1l0rqIYfNTaqp5ibuSALR99CiW8Rw6%2BKkbs2DIsuw923S%2B%2FF5M6jTLSpt1w4rVkRG02niJ%2B%2FBb6A94CnfoTAKYoF7wkFEnZ%2BTVe883T0mZWeir0w8AYswX38of12J14wJ5K69BS6%2BP4S1%2FgnevN95Nd%2B7yROAfxdEZEG1Bq1s3xYfKEJNbw0jiPikOnwoxsJPttzWzwhJblmCxgDq1cW778aWt7zuNk%2FOrvyXSdXk0qwVTAIDoSPRFjS9GupNRhuIlkCCjIGuzmYpnR9u1X%2B%2B9SGvYi7R9Zf0JRSQEe%2FbS9a5ZyODCTOW8m7X8uHlBsycEy8zbixtc1KLvmWeYJmG1Ge5jW7UsmpXYkjuRQ8kKSq3JQRuf0NR%2F%2BqV1W0nWshQyVBq8lowQpb%2FPypxWsOppfJlJnehh5FufqhfFBDdu6rujDnIDkbTxiFLMCW67QKLdrot%2B0dkKRHO5Tkv9Fs4aA1h7bNwnEaVPSXb%2FDSpWG1r%2FKkoMcv4PS2Wxu80ZJyHWjBVy0aF3AVqubK%2B9fpw85htuSFw4NJGjZ0OrQPux45O0C5ZfOASkggjlxUUwPsBvDGZlGAdmN9l%2BE%2B7Nt4U0wc9Jxz2vdrPt7ysSWTqp6JxasIiVkwXkBy1zbHitJ4Bfw959j%2BqwQ7b0JrffCnsJTfu7d9bmAxtJssvWRxoEOf1LoAkvszHaJDT%2BZzpej%2BNzlJKwQq7Z3phr%2Bybf9fh2otK7Otj1EVvB591SA7cU%2F2lALoAA8k%2FTdNCRaZlXQIVUi5oTB7Bsv0T%2F3Wd%2BAcxsayIHHMDf%2F9SEg6sjBf%2Bthy4dtvauTWYxujRtG0Qo2Lek0wdqOlqZx4iZPfGOjdI8AHhaidRE9zNgPybGQt3yU1T8mMYERK6QEtMn%2FH3QgzvY60VNjqpX7quAEkXoNMrXmwDO5X7BLcS7IxmEFmL9FdhqD36rJFisLqWswAQjBDunqkXZ1QttRFwELXEhwExfBYMO9eOZvDswmnvRl7gZKk3xe12eBFZYVEfLyKikiMxSm91xjiYeSClf29jjcXU%2Bz2Ebqm0%2B7hRT8PdaXDV0c7TmTKPl8kU6%2FhuKxRw%2B2Oatt2TYPJptHd2o7ufRK3ga0LQomgrzi8tv%2BrfunruXi00QRX09xLE%2BaAZSQro10Rw2nXVS%2Br5TncrW9lyJe62TfQyvcmz61xKYRJWXgyvhds%2FHOSYDan2hCrVpjWQyGYGm7k3XlNUghl1xPoHwA53zeF%2Fwu966OYAwTUaTRwwgzNaSqWWb%2FPvfBAvoGU6GdYQ%3D%3D; CF=yDX8d0vGmzzUNX7T9M1Lkw__
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 17 Mar 2023 21:30:17 GMT
Content-Type: application/javascript
Content-Length: 30685
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 14:01:16 GMT
Vary: Accept-Encoding
ETag: "6413212c-77dd"
Accept-Ranges: bytes
www.hugshub.life/bundle/812/assets/images/v1.mp4
178.162.199.80206 Partial Content 0 B URL HTTP/1.1 www.hugshub.life/bundle/812/assets/images/v1.mp4
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
Analyzer Verdict Alert fortinet Phishing
GET /bundle/812/assets/images/v1.mp4 HTTP/1.1
Host: www.hugshub.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.hugshub.life/s/62cf1c2230951
Cookie: s=tO2fOeF2Q%2FxIKzURiY2EVZUzj2deq%2FxWms0RWfPNjT7zjqaZR5QAnOrpD80sYKFhG0I5kz485nXPejhAR%2BerZyB%2BNvmRHptV%2BTS4d6yb1vNlKQkSJa%2BW8tahXjzp6oDYAPEy4l3jhI%2Bw0t%2FincrQnIj0lLQtDOlP0%2FgC0%2F1vPcAPYLKPNOCXm4kbt1CTkevysi4OCu%2FDArguwaDmrli6EEvXIh2UlThW328CdgDA%2FW1A88DXYlFRhS%2BX0Ty4wwglEYkeP3TtN65BQMJuPf1lffiKFv1Sd%2By422jmQd%2BtZ8Mm3aJ2UJImjn85MrREPd1oe44rgduFNLx5Qvn2KAvrIlB80umbaz%2BmGF74a%2FBum01NODzXqdowX%2FS1yW5RQ%2BPIPP9goumThzAV05O9xGStf1l0rqIYfNTaqp5ibuSALR99CiW8Rw6%2BKkbs2DIsuw923S%2B%2FF5M6jTLSpt1w4rVkRG02niJ%2B%2FBb6A94CnfoTAKYoF7wkFEnZ%2BTVe883T0mZWeir0w8AYswX38of12J14wJ5K69BS6%2BP4S1%2FgnevN95Nd%2B7yROAfxdEZEG1Bq1s3xYfKEJNbw0jiPikOnwoxsJPttzWzwhJblmCxgDq1cW778aWt7zuNk%2FOrvyXSdXk0qwVTAIDoSPRFjS9GupNRhuIlkCCjIGuzmYpnR9u1X%2B%2B9SGvYi7R9Zf0JRSQEe%2FbS9a5ZyODCTOW8m7X8uHlBsycEy8zbixtc1KLvmWeYJmG1Ge5jW7UsmpXYkjuRQ8kKSq3JQRuf0NR%2F%2BqV1W0nWshQyVBq8lowQpb%2FPypxWsOppfJlJnehh5FufqhfFBDdu6rujDnIDkbTxiFLMCW67QKLdrot%2B0dkKRHO5Tkv9Fs4aA1h7bNwnEaVPSXb%2FDSpWG1r%2FKkoMcv4PS2Wxu80ZJyHWjBVy0aF3AVqubK%2B9fpw85htuSFw4NJGjZ0OrQPux45O0C5ZfOASkggjlxUUwPsBvDGZlGAdmN9l%2BE%2B7Nt4U0wc9Jxz2vdrPt7ysSWTqp6JxasIiVkwXkBy1zbHitJ4Bfw959j%2BqwQ7b0JrffCnsJTfu7d9bmAxtJssvWRxoEOf1LoAkvszHaJDT%2BZzpej%2BNzlJKwQq7Z3phr%2Bybf9fh2otK7Otj1EVvB591SA7cU%2F2lALoAA8k%2FTdNCRaZlXQIVUi5oTB7Bsv0T%2F3Wd%2BAcxsayIHHMDf%2F9SEg6sjBf%2Bthy4dtvauTWYxujRtG0Qo2Lek0wdqOlqZx4iZPfGOjdI8AHhaidRE9zNgPybGQt3yU1T8mMYERK6QEtMn%2FH3QgzvY60VNjqpX7quAEkXoNMrXmwDO5X7BLcS7IxmEFmL9FdhqD36rJFisLqWswAQjBDunqkXZ1QttRFwELXEhwExfBYMO9eOZvDswmnvRl7gZKk3xe12eBFZYVEfLyKikiMxSm91xjiYeSClf29jjcXU%2Bz2Ebqm0%2B7hRT8PdaXDV0c7TmTKPl8kU6%2FhuKxRw%2B2Oatt2TYPJptHd2o7ufRK3ga0LQomgrzi8tv%2BrfunruXi00QRX09xLE%2BaAZSQro10Rw2nXVS%2Br5TncrW9lyJe62TfQyvcmz61xKYRJWXgyvhds%2FHOSYDan2hCrVpjWQyGYGm7k3XlNUghl1xPoHwA53zeF%2Fwu966OYAwTUaTRwwgzNaSqWWb%2FPvfBAvoGU6GdYQ%3D%3D
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Server: openresty/1.19.3.1
Date: Fri, 17 Mar 2023 21:30:17 GMT
Content-Type: video/mp4
Content-Length: 964329
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 13:45:30 GMT
ETag: "636fa37a-eb6e9"
Content-Range: bytes 0-964328/964329