r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12030
Expires: Fri, 02 Dec 2022 05:04:11 GMT
Date: Fri, 02 Dec 2022 01:43:41 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4905
Cache-Control: max-age=122956
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:43:41 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:52:57 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
en.quocduy.com.vn/wp-content/uploads/apppresser/physitism/limnimetric_reprobateness.html
45.77.172.186301 Moved Permanently 449 B URL HTTP/1.1 en.quocduy.com.vn/wp-content/uploads/apppresser/physitism/limnimetric_reprobateness.html
IP 45.77.172.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 81b86344e90d8d322dab8353036efd50
befcfa244bee748f35c94f45a65ef754fdad3fc2
86f19cb22656df46165dd8ad27285900b450fa09a030c8e7c53cb62839772116
GET /wp-content/uploads/apppresser/physitism/limnimetric_reprobateness.html HTTP/1.1
Host: en.quocduy.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
content-type: text/html
date: Fri, 02 Dec 2022 01:43:41 GMT
server: LiteSpeed
location: https://en.quocduy.com.vn/wp-content/uploads/apppresser/physitism/limnimetric_reprobateness.html
content-encoding: gzip
vary: Accept-Encoding
transfer-encoding: chunked
connection: Keep-Alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9914
Expires: Fri, 02 Dec 2022 04:28:55 GMT
Date: Fri, 02 Dec 2022 01:43:41 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 01:19:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1431
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LHU10CsI3IXz5wD3uvZuxmjUFT2U4C3hOcISn1PkBAbyO74whSdZPPyi50BPILSTAcC6Kw3Bi68=
x-amz-request-id: KJPBNJFTN54KE2DP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 00:46:30 GMT
age: 3431
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 01:43:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 01:11:15 GMT
cache-control: public,max-age=3600
age: 1946
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
en.quocduy.com.vn/wp-content/uploads/apppresser/physitism/limnimetric_reprobateness.html
45.77.172.186200 OK 104 B URL HTTP/2 en.quocduy.com.vn/wp-content/uploads/apppresser/physitism/limnimetric_reprobateness.html
IP 45.77.172.186:0
File type HTML document, ASCII text
Hash d2b918a2973dbfb29b590cfc8adb437b
7089f7cbc0a88105188bfa15bda1f5e586df059e
b62cd2daf593ae7fb5853a7ce3d4da8d64e586a2c7f8e12bdfdfc71873ebdf8c
GET /wp-content/uploads/apppresser/physitism/limnimetric_reprobateness.html HTTP/1.1
Host: en.quocduy.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
etag: "68-6334d284-1a5e07a;;;"
last-modified: Wed, 28 Sep 2022 23:02:28 GMT
content-type: text/html
content-length: 104
accept-ranges: bytes
date: Fri, 02 Dec 2022 01:43:42 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4900
Cache-Control: max-age=117887
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:43:42 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:28:29 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
onlinedates.ru/?land=88579
185.36.100.24302 Found 0 B URL HTTP/1.1 onlinedates.ru/?land=88579
IP 185.36.100.24:0
ASN #62403 Disk Group Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /?land=88579 HTTP/1.1
Host: onlinedates.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 02 Dec 2022 01:43:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/5.6.40
Location: http://www.todayhotties.ru/s/5af3ff4b5a866
push.services.mozilla.com/
54.149.51.98101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.51.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DYmWd6ilKexmORKFQojNCg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xvqdwo8/UB/gPNDCz30Rwxllaa8=
www.todayhotties.ru/s/5af3ff4b5a866
178.162.199.80200 OK 2.2 kB URL HTTP/1.1 www.todayhotties.ru/s/5af3ff4b5a866
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 82ae9381ac3798f00442a466e9bcfccd
739c1f7c40b0fbd4e3e8251c67aee18cd24e7812
0c37a54b200bf84e8c50de9dafb56bb5cf4e66ab97116ecb9bf94253e84e8991
Analyzer Verdict Alert fortinet Phishing
GET /s/5af3ff4b5a866 HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: s=YTbgrZ80KQ7xql4wSKZxQcCCfKlrExduUMdY9qV1JMnjzuKzTbptXftTdRxrmpayzHbOyaZk9knqED%2FUSHYzFCB%2BNvinGqNb%2FRS4b%2BbIBYZta1yDgUalp5hrLYxAQIKue3n06xk34GNPAf555MhtYEojSp2mBGdx2E6TghfV7W3bGddBhjwUDZRbkvi4NzUNtt%2FvoKzPJl3HVOwWc2L5XkNlFR5OT0sa9B7jc3D9%2FAiZf0jRK7B1oMntYvAXoOPdPUoFbDoAsft0dSrRCc4Yx%2BTU3sXQZxjXqWTT9%2By%2Fc3iMruS9Y9%2F%2FTF5xnkoxIzgRykJBsyc6mxOxXzHbjQdJPRUX%2FUT6%2Fh3hpHwkBuLIrv1YhhgqixocaNnhKgcBqDGWIbHiPwvFlo1Ex0H5AcM%2BFNw7G%2BanrgLafuuTu6FoHuQN5a0zwSGZNxE7V95hTkznuze795Gf1B6QrHJbKPgGJtb5pOADOuhgaJwUzADYXLw64GDLFKH%2FYTuB2sgo%2FC%2FwxQ8GdeuSU4dASc986K6S5FMgN5yGeekABb127mRPXDWopOmAUz4eNTtFOUMJBkGfCf8KG1Vn%2BWzEMxyrNyg6akzFJ8OgYOk9YUsLX57xsyVa339H%2BAaihJoms0H2q9X9U6Z%2FJJRforcKPDrXm7bcclMXwp%2BZJ485jDNDHXFISDmBYYDrEtIudLkUB3ovPShy2udCfJbkOeL3jvgeyKYqMmzMDNyTX16%2Bq7%2Bx%2FyFayRTBkANhGxpNqpn7YGq5WQ7T3Z3YXQWmDiCIfM8ul4U3veA458ehqWbpRcrriO7ZXXVr3aSpSRFslqK9I0EhVRfsKaq2iRHZ946Op3UFq0aBkK%2BYoYX%2BmYpHza3YR2Oz6Tl2CsWHBxOkGxKmTgzj%2FgrCGqJNr7XANJm2ktZquK5PMd5MWWrug0pkelJstNfvQ9DSdL1o%2FZ%2BDmZFHWKWVe5Ntg8%2BWFBdjEk48FdiArNxAoYQOtLXqDngUBP5t4PDs9REAPtNiRVUjxHC9UGytrnL3n0rJiYpEznWneScJYE6wI5DXPXmn9Qm5WPCqnX241lERitrBK0ghV7qcozvnI%2BS29JqKy1Po76VcxmDyd8w6UH3ElUD%2B973Pqt5JOkAzGhKk%2F8tq%2BkPhFghQaZKZzOzDqxNdRth07sjU3v0OeQ0736SXZGDxDH7ElweGXqJzahR3pyVM2rmdfBH4bNt4ZunvjoVazd%2BZ9vjy%2BX%2FnkjLqqH2wD2RCvOAR6F4mG8OZM3PwEBw1I5GdcIUlaVCw9mKyJJKo%2Bg%2BfXXGG8PKi9FiZojtajGo3p3JjBn%2BvN5QTJkbFfVKk1qLrrwaIsvSlNTmkQQwQFeC9SWJPwF8GPel%2BbT5W66MOIOkBys%2F%2BqOY%2FcWC9%2BGVv%2FhM2XESS2BFoq%2FRqla0b6%2FOANVqLoJ6Juoz7GKU1QO8Fj0%2FP3JLn19IdnuiQV2qD4pOaRJLN0K0%2BPISF%2B7XPw37vL23H%2FwnjgBgeQu%2BeW2VlJZFDkjH4WmYGZlMarvob2kLjtRra12yPgMgJCfVJQirT13g0j6K8Nj3jB0D%2F6FhVN00XRq9DtA2uPkbWGXs%3D; expires=Sat, 03-Dec-2022 01:43:42 GMT; Max-Age=86400; path=/; domain=todayhotties.ru
SID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=todayhotties.ru
ESID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=todayhotties.ru
Content-Encoding: gzip
ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
142.250.74.42200 OK 33 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32089)
Hash bf899cc5ba60c522341e4d712a5246bf
2c92c54c9919c8b81b4e77a97bfd4d8f202e1a6a
4f8b9bf1630c24cf17444ec093052451c370c9371212db74b4bf8b4fd71a2817
GET /ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33018
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 14:19:03 GMT
Expires: Tue, 28 Nov 2023 14:19:03 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 300279
www.todayhotties.ru/bundle/421/assets/css/style.css
178.162.199.80200 OK 24 kB URL HTTP/1.1 www.todayhotties.ru/bundle/421/assets/css/style.css
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash bdaeaf388c0a108edd5373536bedff4c
9f02aa8224b84a0338fd1e7ff99d1760745257ee
da6221de3931704d9dda90bf91597fcdab5c79375c5dfa3cf098d1ad366c236a
GET /bundle/421/assets/css/style.css HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=YTbgrZ80KQ7xql4wSKZxQcCCfKlrExduUMdY9qV1JMnjzuKzTbptXftTdRxrmpayzHbOyaZk9knqED%2FUSHYzFCB%2BNvinGqNb%2FRS4b%2BbIBYZta1yDgUalp5hrLYxAQIKue3n06xk34GNPAf555MhtYEojSp2mBGdx2E6TghfV7W3bGddBhjwUDZRbkvi4NzUNtt%2FvoKzPJl3HVOwWc2L5XkNlFR5OT0sa9B7jc3D9%2FAiZf0jRK7B1oMntYvAXoOPdPUoFbDoAsft0dSrRCc4Yx%2BTU3sXQZxjXqWTT9%2By%2Fc3iMruS9Y9%2F%2FTF5xnkoxIzgRykJBsyc6mxOxXzHbjQdJPRUX%2FUT6%2Fh3hpHwkBuLIrv1YhhgqixocaNnhKgcBqDGWIbHiPwvFlo1Ex0H5AcM%2BFNw7G%2BanrgLafuuTu6FoHuQN5a0zwSGZNxE7V95hTkznuze795Gf1B6QrHJbKPgGJtb5pOADOuhgaJwUzADYXLw64GDLFKH%2FYTuB2sgo%2FC%2FwxQ8GdeuSU4dASc986K6S5FMgN5yGeekABb127mRPXDWopOmAUz4eNTtFOUMJBkGfCf8KG1Vn%2BWzEMxyrNyg6akzFJ8OgYOk9YUsLX57xsyVa339H%2BAaihJoms0H2q9X9U6Z%2FJJRforcKPDrXm7bcclMXwp%2BZJ485jDNDHXFISDmBYYDrEtIudLkUB3ovPShy2udCfJbkOeL3jvgeyKYqMmzMDNyTX16%2Bq7%2Bx%2FyFayRTBkANhGxpNqpn7YGq5WQ7T3Z3YXQWmDiCIfM8ul4U3veA458ehqWbpRcrriO7ZXXVr3aSpSRFslqK9I0EhVRfsKaq2iRHZ946Op3UFq0aBkK%2BYoYX%2BmYpHza3YR2Oz6Tl2CsWHBxOkGxKmTgzj%2FgrCGqJNr7XANJm2ktZquK5PMd5MWWrug0pkelJstNfvQ9DSdL1o%2FZ%2BDmZFHWKWVe5Ntg8%2BWFBdjEk48FdiArNxAoYQOtLXqDngUBP5t4PDs9REAPtNiRVUjxHC9UGytrnL3n0rJiYpEznWneScJYE6wI5DXPXmn9Qm5WPCqnX241lERitrBK0ghV7qcozvnI%2BS29JqKy1Po76VcxmDyd8w6UH3ElUD%2B973Pqt5JOkAzGhKk%2F8tq%2BkPhFghQaZKZzOzDqxNdRth07sjU3v0OeQ0736SXZGDxDH7ElweGXqJzahR3pyVM2rmdfBH4bNt4ZunvjoVazd%2BZ9vjy%2BX%2FnkjLqqH2wD2RCvOAR6F4mG8OZM3PwEBw1I5GdcIUlaVCw9mKyJJKo%2Bg%2BfXXGG8PKi9FiZojtajGo3p3JjBn%2BvN5QTJkbFfVKk1qLrrwaIsvSlNTmkQQwQFeC9SWJPwF8GPel%2BbT5W66MOIOkBys%2F%2BqOY%2FcWC9%2BGVv%2FhM2XESS2BFoq%2FRqla0b6%2FOANVqLoJ6Juoz7GKU1QO8Fj0%2FP3JLn19IdnuiQV2qD4pOaRJLN0K0%2BPISF%2B7XPw37vL23H%2FwnjgBgeQu%2BeW2VlJZFDkjH4WmYGZlMarvob2kLjtRra12yPgMgJCfVJQirT13g0j6K8Nj3jB0D%2F6FhVN00XRq9DtA2uPkbWGXs%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:42 GMT
Content-Type: text/css
Content-Length: 23836
Connection: keep-alive
Last-Modified: Fri, 27 Nov 2020 19:43:18 GMT
Vary: Accept-Encoding
ETag: "5fc156d6-5d1c"
Accept-Ranges: bytes
www.todayhotties.ru/js/click.js?8
178.162.199.80200 OK 5.3 kB URL HTTP/1.1 www.todayhotties.ru/js/click.js?8
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
Hash 8207d083c909c6386927c5197eff584c
a5f1148a0e9923191d3f8ed4c1750240374af2a9
f71ae9723255b00dcc8e3631fe419cbbb56a80b3034f184ca5292127d7b3eea9
Analyzer Verdict Alert fortinet Phishing
GET /js/click.js?8 HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=YTbgrZ80KQ7xql4wSKZxQcCCfKlrExduUMdY9qV1JMnjzuKzTbptXftTdRxrmpayzHbOyaZk9knqED%2FUSHYzFCB%2BNvinGqNb%2FRS4b%2BbIBYZta1yDgUalp5hrLYxAQIKue3n06xk34GNPAf555MhtYEojSp2mBGdx2E6TghfV7W3bGddBhjwUDZRbkvi4NzUNtt%2FvoKzPJl3HVOwWc2L5XkNlFR5OT0sa9B7jc3D9%2FAiZf0jRK7B1oMntYvAXoOPdPUoFbDoAsft0dSrRCc4Yx%2BTU3sXQZxjXqWTT9%2By%2Fc3iMruS9Y9%2F%2FTF5xnkoxIzgRykJBsyc6mxOxXzHbjQdJPRUX%2FUT6%2Fh3hpHwkBuLIrv1YhhgqixocaNnhKgcBqDGWIbHiPwvFlo1Ex0H5AcM%2BFNw7G%2BanrgLafuuTu6FoHuQN5a0zwSGZNxE7V95hTkznuze795Gf1B6QrHJbKPgGJtb5pOADOuhgaJwUzADYXLw64GDLFKH%2FYTuB2sgo%2FC%2FwxQ8GdeuSU4dASc986K6S5FMgN5yGeekABb127mRPXDWopOmAUz4eNTtFOUMJBkGfCf8KG1Vn%2BWzEMxyrNyg6akzFJ8OgYOk9YUsLX57xsyVa339H%2BAaihJoms0H2q9X9U6Z%2FJJRforcKPDrXm7bcclMXwp%2BZJ485jDNDHXFISDmBYYDrEtIudLkUB3ovPShy2udCfJbkOeL3jvgeyKYqMmzMDNyTX16%2Bq7%2Bx%2FyFayRTBkANhGxpNqpn7YGq5WQ7T3Z3YXQWmDiCIfM8ul4U3veA458ehqWbpRcrriO7ZXXVr3aSpSRFslqK9I0EhVRfsKaq2iRHZ946Op3UFq0aBkK%2BYoYX%2BmYpHza3YR2Oz6Tl2CsWHBxOkGxKmTgzj%2FgrCGqJNr7XANJm2ktZquK5PMd5MWWrug0pkelJstNfvQ9DSdL1o%2FZ%2BDmZFHWKWVe5Ntg8%2BWFBdjEk48FdiArNxAoYQOtLXqDngUBP5t4PDs9REAPtNiRVUjxHC9UGytrnL3n0rJiYpEznWneScJYE6wI5DXPXmn9Qm5WPCqnX241lERitrBK0ghV7qcozvnI%2BS29JqKy1Po76VcxmDyd8w6UH3ElUD%2B973Pqt5JOkAzGhKk%2F8tq%2BkPhFghQaZKZzOzDqxNdRth07sjU3v0OeQ0736SXZGDxDH7ElweGXqJzahR3pyVM2rmdfBH4bNt4ZunvjoVazd%2BZ9vjy%2BX%2FnkjLqqH2wD2RCvOAR6F4mG8OZM3PwEBw1I5GdcIUlaVCw9mKyJJKo%2Bg%2BfXXGG8PKi9FiZojtajGo3p3JjBn%2BvN5QTJkbFfVKk1qLrrwaIsvSlNTmkQQwQFeC9SWJPwF8GPel%2BbT5W66MOIOkBys%2F%2BqOY%2FcWC9%2BGVv%2FhM2XESS2BFoq%2FRqla0b6%2FOANVqLoJ6Juoz7GKU1QO8Fj0%2FP3JLn19IdnuiQV2qD4pOaRJLN0K0%2BPISF%2B7XPw37vL23H%2FwnjgBgeQu%2BeW2VlJZFDkjH4WmYGZlMarvob2kLjtRra12yPgMgJCfVJQirT13g0j6K8Nj3jB0D%2F6FhVN00XRq9DtA2uPkbWGXs%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:42 GMT
Content-Type: application/javascript
Content-Length: 5260
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 12:43:08 GMT
Vary: Accept-Encoding
ETag: "63762c5c-148c"
Accept-Ranges: bytes
www.todayhotties.ru/bundle/421/assets/js/functions.js
178.162.199.80200 OK 4.4 kB URL HTTP/1.1 www.todayhotties.ru/bundle/421/assets/js/functions.js
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with CRLF line terminators
Hash 50e622c17f69346789f2131341566018
17b1ce8d0c8692a647241548fc9f57209f8ee4ae
547a987cc5b52ca3724168abeb650ac6ebd3bb9378a8c31e3d54b66fdf9c6aff
Analyzer Verdict Alert fortinet Phishing
GET /bundle/421/assets/js/functions.js HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=YTbgrZ80KQ7xql4wSKZxQcCCfKlrExduUMdY9qV1JMnjzuKzTbptXftTdRxrmpayzHbOyaZk9knqED%2FUSHYzFCB%2BNvinGqNb%2FRS4b%2BbIBYZta1yDgUalp5hrLYxAQIKue3n06xk34GNPAf555MhtYEojSp2mBGdx2E6TghfV7W3bGddBhjwUDZRbkvi4NzUNtt%2FvoKzPJl3HVOwWc2L5XkNlFR5OT0sa9B7jc3D9%2FAiZf0jRK7B1oMntYvAXoOPdPUoFbDoAsft0dSrRCc4Yx%2BTU3sXQZxjXqWTT9%2By%2Fc3iMruS9Y9%2F%2FTF5xnkoxIzgRykJBsyc6mxOxXzHbjQdJPRUX%2FUT6%2Fh3hpHwkBuLIrv1YhhgqixocaNnhKgcBqDGWIbHiPwvFlo1Ex0H5AcM%2BFNw7G%2BanrgLafuuTu6FoHuQN5a0zwSGZNxE7V95hTkznuze795Gf1B6QrHJbKPgGJtb5pOADOuhgaJwUzADYXLw64GDLFKH%2FYTuB2sgo%2FC%2FwxQ8GdeuSU4dASc986K6S5FMgN5yGeekABb127mRPXDWopOmAUz4eNTtFOUMJBkGfCf8KG1Vn%2BWzEMxyrNyg6akzFJ8OgYOk9YUsLX57xsyVa339H%2BAaihJoms0H2q9X9U6Z%2FJJRforcKPDrXm7bcclMXwp%2BZJ485jDNDHXFISDmBYYDrEtIudLkUB3ovPShy2udCfJbkOeL3jvgeyKYqMmzMDNyTX16%2Bq7%2Bx%2FyFayRTBkANhGxpNqpn7YGq5WQ7T3Z3YXQWmDiCIfM8ul4U3veA458ehqWbpRcrriO7ZXXVr3aSpSRFslqK9I0EhVRfsKaq2iRHZ946Op3UFq0aBkK%2BYoYX%2BmYpHza3YR2Oz6Tl2CsWHBxOkGxKmTgzj%2FgrCGqJNr7XANJm2ktZquK5PMd5MWWrug0pkelJstNfvQ9DSdL1o%2FZ%2BDmZFHWKWVe5Ntg8%2BWFBdjEk48FdiArNxAoYQOtLXqDngUBP5t4PDs9REAPtNiRVUjxHC9UGytrnL3n0rJiYpEznWneScJYE6wI5DXPXmn9Qm5WPCqnX241lERitrBK0ghV7qcozvnI%2BS29JqKy1Po76VcxmDyd8w6UH3ElUD%2B973Pqt5JOkAzGhKk%2F8tq%2BkPhFghQaZKZzOzDqxNdRth07sjU3v0OeQ0736SXZGDxDH7ElweGXqJzahR3pyVM2rmdfBH4bNt4ZunvjoVazd%2BZ9vjy%2BX%2FnkjLqqH2wD2RCvOAR6F4mG8OZM3PwEBw1I5GdcIUlaVCw9mKyJJKo%2Bg%2BfXXGG8PKi9FiZojtajGo3p3JjBn%2BvN5QTJkbFfVKk1qLrrwaIsvSlNTmkQQwQFeC9SWJPwF8GPel%2BbT5W66MOIOkBys%2F%2BqOY%2FcWC9%2BGVv%2FhM2XESS2BFoq%2FRqla0b6%2FOANVqLoJ6Juoz7GKU1QO8Fj0%2FP3JLn19IdnuiQV2qD4pOaRJLN0K0%2BPISF%2B7XPw37vL23H%2FwnjgBgeQu%2BeW2VlJZFDkjH4WmYGZlMarvob2kLjtRra12yPgMgJCfVJQirT13g0j6K8Nj3jB0D%2F6FhVN00XRq9DtA2uPkbWGXs%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:42 GMT
Content-Type: application/javascript
Content-Length: 4390
Connection: keep-alive
Last-Modified: Fri, 27 Nov 2020 19:43:18 GMT
Vary: Accept-Encoding
ETag: "5fc156d6-1126"
Accept-Ranges: bytes
www.todayhotties.ru/bundle/421/assets/img/loadingbar.gif
178.162.199.80200 OK 5.8 kB URL HTTP/1.1 www.todayhotties.ru/bundle/421/assets/img/loadingbar.gif
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type GIF image data, version 89a, 208 x 13\012- data
Hash e7476fddd806e1ad72356ec86ae2a35a
162d8b87e6d1c3ef0ed5839ffd54cf5ac0c23e54
dfa0ad12a293332f47c0c0b7c4d7681d3670915a2f75f086aaf61b9a2835b24a
GET /bundle/421/assets/img/loadingbar.gif HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=YTbgrZ80KQ7xql4wSKZxQcCCfKlrExduUMdY9qV1JMnjzuKzTbptXftTdRxrmpayzHbOyaZk9knqED%2FUSHYzFCB%2BNvinGqNb%2FRS4b%2BbIBYZta1yDgUalp5hrLYxAQIKue3n06xk34GNPAf555MhtYEojSp2mBGdx2E6TghfV7W3bGddBhjwUDZRbkvi4NzUNtt%2FvoKzPJl3HVOwWc2L5XkNlFR5OT0sa9B7jc3D9%2FAiZf0jRK7B1oMntYvAXoOPdPUoFbDoAsft0dSrRCc4Yx%2BTU3sXQZxjXqWTT9%2By%2Fc3iMruS9Y9%2F%2FTF5xnkoxIzgRykJBsyc6mxOxXzHbjQdJPRUX%2FUT6%2Fh3hpHwkBuLIrv1YhhgqixocaNnhKgcBqDGWIbHiPwvFlo1Ex0H5AcM%2BFNw7G%2BanrgLafuuTu6FoHuQN5a0zwSGZNxE7V95hTkznuze795Gf1B6QrHJbKPgGJtb5pOADOuhgaJwUzADYXLw64GDLFKH%2FYTuB2sgo%2FC%2FwxQ8GdeuSU4dASc986K6S5FMgN5yGeekABb127mRPXDWopOmAUz4eNTtFOUMJBkGfCf8KG1Vn%2BWzEMxyrNyg6akzFJ8OgYOk9YUsLX57xsyVa339H%2BAaihJoms0H2q9X9U6Z%2FJJRforcKPDrXm7bcclMXwp%2BZJ485jDNDHXFISDmBYYDrEtIudLkUB3ovPShy2udCfJbkOeL3jvgeyKYqMmzMDNyTX16%2Bq7%2Bx%2FyFayRTBkANhGxpNqpn7YGq5WQ7T3Z3YXQWmDiCIfM8ul4U3veA458ehqWbpRcrriO7ZXXVr3aSpSRFslqK9I0EhVRfsKaq2iRHZ946Op3UFq0aBkK%2BYoYX%2BmYpHza3YR2Oz6Tl2CsWHBxOkGxKmTgzj%2FgrCGqJNr7XANJm2ktZquK5PMd5MWWrug0pkelJstNfvQ9DSdL1o%2FZ%2BDmZFHWKWVe5Ntg8%2BWFBdjEk48FdiArNxAoYQOtLXqDngUBP5t4PDs9REAPtNiRVUjxHC9UGytrnL3n0rJiYpEznWneScJYE6wI5DXPXmn9Qm5WPCqnX241lERitrBK0ghV7qcozvnI%2BS29JqKy1Po76VcxmDyd8w6UH3ElUD%2B973Pqt5JOkAzGhKk%2F8tq%2BkPhFghQaZKZzOzDqxNdRth07sjU3v0OeQ0736SXZGDxDH7ElweGXqJzahR3pyVM2rmdfBH4bNt4ZunvjoVazd%2BZ9vjy%2BX%2FnkjLqqH2wD2RCvOAR6F4mG8OZM3PwEBw1I5GdcIUlaVCw9mKyJJKo%2Bg%2BfXXGG8PKi9FiZojtajGo3p3JjBn%2BvN5QTJkbFfVKk1qLrrwaIsvSlNTmkQQwQFeC9SWJPwF8GPel%2BbT5W66MOIOkBys%2F%2BqOY%2FcWC9%2BGVv%2FhM2XESS2BFoq%2FRqla0b6%2FOANVqLoJ6Juoz7GKU1QO8Fj0%2FP3JLn19IdnuiQV2qD4pOaRJLN0K0%2BPISF%2B7XPw37vL23H%2FwnjgBgeQu%2BeW2VlJZFDkjH4WmYGZlMarvob2kLjtRra12yPgMgJCfVJQirT13g0j6K8Nj3jB0D%2F6FhVN00XRq9DtA2uPkbWGXs%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:43 GMT
Content-Type: image/gif
Content-Length: 5837
Connection: keep-alive
Last-Modified: Fri, 27 Nov 2020 19:43:18 GMT
ETag: "5fc156d6-16cd"
Accept-Ranges: bytes
www.todayhotties.ru/bundle/421/assets/img/6.jpg
178.162.199.80200 OK 18 kB URL HTTP/1.1 www.todayhotties.ru/bundle/421/assets/img/6.jpg
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 420x540, components 3\012- data
Hash 55ee671833c579f2e004eb8377a1db86
ac1753f935fb775de6498375c63849310c66d239
5d05fc51e308b468e5440135b300d9a7bd2bebb1760b33e795311d92de07ee23
GET /bundle/421/assets/img/6.jpg HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=YTbgrZ80KQ7xql4wSKZxQcCCfKlrExduUMdY9qV1JMnjzuKzTbptXftTdRxrmpayzHbOyaZk9knqED%2FUSHYzFCB%2BNvinGqNb%2FRS4b%2BbIBYZta1yDgUalp5hrLYxAQIKue3n06xk34GNPAf555MhtYEojSp2mBGdx2E6TghfV7W3bGddBhjwUDZRbkvi4NzUNtt%2FvoKzPJl3HVOwWc2L5XkNlFR5OT0sa9B7jc3D9%2FAiZf0jRK7B1oMntYvAXoOPdPUoFbDoAsft0dSrRCc4Yx%2BTU3sXQZxjXqWTT9%2By%2Fc3iMruS9Y9%2F%2FTF5xnkoxIzgRykJBsyc6mxOxXzHbjQdJPRUX%2FUT6%2Fh3hpHwkBuLIrv1YhhgqixocaNnhKgcBqDGWIbHiPwvFlo1Ex0H5AcM%2BFNw7G%2BanrgLafuuTu6FoHuQN5a0zwSGZNxE7V95hTkznuze795Gf1B6QrHJbKPgGJtb5pOADOuhgaJwUzADYXLw64GDLFKH%2FYTuB2sgo%2FC%2FwxQ8GdeuSU4dASc986K6S5FMgN5yGeekABb127mRPXDWopOmAUz4eNTtFOUMJBkGfCf8KG1Vn%2BWzEMxyrNyg6akzFJ8OgYOk9YUsLX57xsyVa339H%2BAaihJoms0H2q9X9U6Z%2FJJRforcKPDrXm7bcclMXwp%2BZJ485jDNDHXFISDmBYYDrEtIudLkUB3ovPShy2udCfJbkOeL3jvgeyKYqMmzMDNyTX16%2Bq7%2Bx%2FyFayRTBkANhGxpNqpn7YGq5WQ7T3Z3YXQWmDiCIfM8ul4U3veA458ehqWbpRcrriO7ZXXVr3aSpSRFslqK9I0EhVRfsKaq2iRHZ946Op3UFq0aBkK%2BYoYX%2BmYpHza3YR2Oz6Tl2CsWHBxOkGxKmTgzj%2FgrCGqJNr7XANJm2ktZquK5PMd5MWWrug0pkelJstNfvQ9DSdL1o%2FZ%2BDmZFHWKWVe5Ntg8%2BWFBdjEk48FdiArNxAoYQOtLXqDngUBP5t4PDs9REAPtNiRVUjxHC9UGytrnL3n0rJiYpEznWneScJYE6wI5DXPXmn9Qm5WPCqnX241lERitrBK0ghV7qcozvnI%2BS29JqKy1Po76VcxmDyd8w6UH3ElUD%2B973Pqt5JOkAzGhKk%2F8tq%2BkPhFghQaZKZzOzDqxNdRth07sjU3v0OeQ0736SXZGDxDH7ElweGXqJzahR3pyVM2rmdfBH4bNt4ZunvjoVazd%2BZ9vjy%2BX%2FnkjLqqH2wD2RCvOAR6F4mG8OZM3PwEBw1I5GdcIUlaVCw9mKyJJKo%2Bg%2BfXXGG8PKi9FiZojtajGo3p3JjBn%2BvN5QTJkbFfVKk1qLrrwaIsvSlNTmkQQwQFeC9SWJPwF8GPel%2BbT5W66MOIOkBys%2F%2BqOY%2FcWC9%2BGVv%2FhM2XESS2BFoq%2FRqla0b6%2FOANVqLoJ6Juoz7GKU1QO8Fj0%2FP3JLn19IdnuiQV2qD4pOaRJLN0K0%2BPISF%2B7XPw37vL23H%2FwnjgBgeQu%2BeW2VlJZFDkjH4WmYGZlMarvob2kLjtRra12yPgMgJCfVJQirT13g0j6K8Nj3jB0D%2F6FhVN00XRq9DtA2uPkbWGXs%3D
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:43 GMT
Content-Type: image/jpeg
Content-Length: 17976
Connection: keep-alive
Last-Modified: Fri, 27 Nov 2020 19:43:18 GMT
ETag: "5fc156d6-4638"
Accept-Ranges: bytes
www.todayhotties.ru/js/fp2.min.js
178.162.199.80200 OK 31 kB URL HTTP/1.1 www.todayhotties.ru/js/fp2.min.js
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (30507)
Hash e7d6b85edb141824af8951e19333337c
76600b2cb1978ca24d9fe39b1412f052da855ddb
6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e
Analyzer Verdict Alert fortinet Phishing
GET /js/fp2.min.js HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=YTbgrZ80KQ7xql4wSKZxQcCCfKlrExduUMdY9qV1JMnjzuKzTbptXftTdRxrmpayzHbOyaZk9knqED%2FUSHYzFCB%2BNvinGqNb%2FRS4b%2BbIBYZta1yDgUalp5hrLYxAQIKue3n06xk34GNPAf555MhtYEojSp2mBGdx2E6TghfV7W3bGddBhjwUDZRbkvi4NzUNtt%2FvoKzPJl3HVOwWc2L5XkNlFR5OT0sa9B7jc3D9%2FAiZf0jRK7B1oMntYvAXoOPdPUoFbDoAsft0dSrRCc4Yx%2BTU3sXQZxjXqWTT9%2By%2Fc3iMruS9Y9%2F%2FTF5xnkoxIzgRykJBsyc6mxOxXzHbjQdJPRUX%2FUT6%2Fh3hpHwkBuLIrv1YhhgqixocaNnhKgcBqDGWIbHiPwvFlo1Ex0H5AcM%2BFNw7G%2BanrgLafuuTu6FoHuQN5a0zwSGZNxE7V95hTkznuze795Gf1B6QrHJbKPgGJtb5pOADOuhgaJwUzADYXLw64GDLFKH%2FYTuB2sgo%2FC%2FwxQ8GdeuSU4dASc986K6S5FMgN5yGeekABb127mRPXDWopOmAUz4eNTtFOUMJBkGfCf8KG1Vn%2BWzEMxyrNyg6akzFJ8OgYOk9YUsLX57xsyVa339H%2BAaihJoms0H2q9X9U6Z%2FJJRforcKPDrXm7bcclMXwp%2BZJ485jDNDHXFISDmBYYDrEtIudLkUB3ovPShy2udCfJbkOeL3jvgeyKYqMmzMDNyTX16%2Bq7%2Bx%2FyFayRTBkANhGxpNqpn7YGq5WQ7T3Z3YXQWmDiCIfM8ul4U3veA458ehqWbpRcrriO7ZXXVr3aSpSRFslqK9I0EhVRfsKaq2iRHZ946Op3UFq0aBkK%2BYoYX%2BmYpHza3YR2Oz6Tl2CsWHBxOkGxKmTgzj%2FgrCGqJNr7XANJm2ktZquK5PMd5MWWrug0pkelJstNfvQ9DSdL1o%2FZ%2BDmZFHWKWVe5Ntg8%2BWFBdjEk48FdiArNxAoYQOtLXqDngUBP5t4PDs9REAPtNiRVUjxHC9UGytrnL3n0rJiYpEznWneScJYE6wI5DXPXmn9Qm5WPCqnX241lERitrBK0ghV7qcozvnI%2BS29JqKy1Po76VcxmDyd8w6UH3ElUD%2B973Pqt5JOkAzGhKk%2F8tq%2BkPhFghQaZKZzOzDqxNdRth07sjU3v0OeQ0736SXZGDxDH7ElweGXqJzahR3pyVM2rmdfBH4bNt4ZunvjoVazd%2BZ9vjy%2BX%2FnkjLqqH2wD2RCvOAR6F4mG8OZM3PwEBw1I5GdcIUlaVCw9mKyJJKo%2Bg%2BfXXGG8PKi9FiZojtajGo3p3JjBn%2BvN5QTJkbFfVKk1qLrrwaIsvSlNTmkQQwQFeC9SWJPwF8GPel%2BbT5W66MOIOkBys%2F%2BqOY%2FcWC9%2BGVv%2FhM2XESS2BFoq%2FRqla0b6%2FOANVqLoJ6Juoz7GKU1QO8Fj0%2FP3JLn19IdnuiQV2qD4pOaRJLN0K0%2BPISF%2B7XPw37vL23H%2FwnjgBgeQu%2BeW2VlJZFDkjH4WmYGZlMarvob2kLjtRra12yPgMgJCfVJQirT13g0j6K8Nj3jB0D%2F6FhVN00XRq9DtA2uPkbWGXs%3D; CF=VrF9Kuz2rpyFu9xq3sxI/g__
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:43 GMT
Content-Type: application/javascript
Content-Length: 30685
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 12:43:08 GMT
Vary: Accept-Encoding
ETag: "63762c5c-77dd"
Accept-Ranges: bytes
www.todayhotties.ru/bundle/421/assets/img/favicon.png
178.162.199.80200 OK 6.2 kB URL HTTP/1.1 www.todayhotties.ru/bundle/421/assets/img/favicon.png
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 024b79c399646cd754c99e8d4b0a5e87
e42de65ba384b1db6bfcc56bcedbb2b80df229e4
014a887229b9cd82de1090f8f53a6860c00a468269f31e1f5f15dd88cc5c3284
GET /bundle/421/assets/img/favicon.png HTTP/1.1
Host: www.todayhotties.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.todayhotties.ru/s/5af3ff4b5a866
Cookie: s=YTbgrZ80KQ7xql4wSKZxQcCCfKlrExduUMdY9qV1JMnjzuKzTbptXftTdRxrmpayzHbOyaZk9knqED%2FUSHYzFCB%2BNvinGqNb%2FRS4b%2BbIBYZta1yDgUalp5hrLYxAQIKue3n06xk34GNPAf555MhtYEojSp2mBGdx2E6TghfV7W3bGddBhjwUDZRbkvi4NzUNtt%2FvoKzPJl3HVOwWc2L5XkNlFR5OT0sa9B7jc3D9%2FAiZf0jRK7B1oMntYvAXoOPdPUoFbDoAsft0dSrRCc4Yx%2BTU3sXQZxjXqWTT9%2By%2Fc3iMruS9Y9%2F%2FTF5xnkoxIzgRykJBsyc6mxOxXzHbjQdJPRUX%2FUT6%2Fh3hpHwkBuLIrv1YhhgqixocaNnhKgcBqDGWIbHiPwvFlo1Ex0H5AcM%2BFNw7G%2BanrgLafuuTu6FoHuQN5a0zwSGZNxE7V95hTkznuze795Gf1B6QrHJbKPgGJtb5pOADOuhgaJwUzADYXLw64GDLFKH%2FYTuB2sgo%2FC%2FwxQ8GdeuSU4dASc986K6S5FMgN5yGeekABb127mRPXDWopOmAUz4eNTtFOUMJBkGfCf8KG1Vn%2BWzEMxyrNyg6akzFJ8OgYOk9YUsLX57xsyVa339H%2BAaihJoms0H2q9X9U6Z%2FJJRforcKPDrXm7bcclMXwp%2BZJ485jDNDHXFISDmBYYDrEtIudLkUB3ovPShy2udCfJbkOeL3jvgeyKYqMmzMDNyTX16%2Bq7%2Bx%2FyFayRTBkANhGxpNqpn7YGq5WQ7T3Z3YXQWmDiCIfM8ul4U3veA458ehqWbpRcrriO7ZXXVr3aSpSRFslqK9I0EhVRfsKaq2iRHZ946Op3UFq0aBkK%2BYoYX%2BmYpHza3YR2Oz6Tl2CsWHBxOkGxKmTgzj%2FgrCGqJNr7XANJm2ktZquK5PMd5MWWrug0pkelJstNfvQ9DSdL1o%2FZ%2BDmZFHWKWVe5Ntg8%2BWFBdjEk48FdiArNxAoYQOtLXqDngUBP5t4PDs9REAPtNiRVUjxHC9UGytrnL3n0rJiYpEznWneScJYE6wI5DXPXmn9Qm5WPCqnX241lERitrBK0ghV7qcozvnI%2BS29JqKy1Po76VcxmDyd8w6UH3ElUD%2B973Pqt5JOkAzGhKk%2F8tq%2BkPhFghQaZKZzOzDqxNdRth07sjU3v0OeQ0736SXZGDxDH7ElweGXqJzahR3pyVM2rmdfBH4bNt4ZunvjoVazd%2BZ9vjy%2BX%2FnkjLqqH2wD2RCvOAR6F4mG8OZM3PwEBw1I5GdcIUlaVCw9mKyJJKo%2Bg%2BfXXGG8PKi9FiZojtajGo3p3JjBn%2BvN5QTJkbFfVKk1qLrrwaIsvSlNTmkQQwQFeC9SWJPwF8GPel%2BbT5W66MOIOkBys%2F%2BqOY%2FcWC9%2BGVv%2FhM2XESS2BFoq%2FRqla0b6%2FOANVqLoJ6Juoz7GKU1QO8Fj0%2FP3JLn19IdnuiQV2qD4pOaRJLN0K0%2BPISF%2B7XPw37vL23H%2FwnjgBgeQu%2BeW2VlJZFDkjH4WmYGZlMarvob2kLjtRra12yPgMgJCfVJQirT13g0j6K8Nj3jB0D%2F6FhVN00XRq9DtA2uPkbWGXs%3D; CF=VrF9Kuz2rpyFu9xq3sxI/g__
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Fri, 02 Dec 2022 01:43:43 GMT
Content-Type: image/png
Content-Length: 6152
Connection: keep-alive
Last-Modified: Fri, 27 Nov 2020 19:43:18 GMT
ETag: "5fc156d6-1808"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18966
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 01:43:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18966
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 01:43:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18966
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 01:43:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18966
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 01:43:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:15:42 GMT
age: 66481
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 14936
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2cfbf1-2aef-40a6-97e1-99a756e32924.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2cfbf1-2aef-40a6-97e1-99a756e32924.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16a112f00456d38c4c9e051ccf40e105
8fe32fffe672f0e91ce773af0e4be960f55bad08
43517bbcd17ec6d05d09a4c0d183610acdc7e2fa4767cb786cb8b936d5f44402
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2cfbf1-2aef-40a6-97e1-99a756e32924.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13461
x-amzn-requestid: 8c0121a6-cf29-4cd0-bd42-d9f67af62b84
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQsyGhGoAMF1-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7eb-593f28367320530e2dcafbfb;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:03:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: npt-A-TEzjd-QRTVhv5FMJhwlYujCRCF7tyYbathxjCdCFFEwh_vEQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 04:59:42 GMT
age: 74641
etag: "8fe32fffe672f0e91ce773af0e4be960f55bad08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60ccdde4ce64b4a3fe6fc2a059b3bde1
5ce119089f4a4cd139b523889b6cd84cd79191f4
2089225a6dc13845ab8e031416920d16952ae1461ca10d72c408ad001ed8f27b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 6bc8fa91-5696-4bc6-b1e7-3c36b2c01801
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGxTFxyoAMFRzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e6e-3e85b78905aaa73726eef85a;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UraCGe--VISONXzaUBpA7vuLuD5l7zihtQIph7LVn1QsS8MjLBbvKw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 14092
etag: "5ce119089f4a4cd139b523889b6cd84cd79191f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:19:21 GMT
age: 66262
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0842726-801f-4648-a54d-c0cb2cf5348a.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0842726-801f-4648-a54d-c0cb2cf5348a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89502a302863c914b4de5e8c6a7f6846
898d50ac6e372609656fccee27de3d036bc0281c
9bc1f83d570d70b7e17e5de7a1546885851431ea989d915852ae7130387c422f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0842726-801f-4648-a54d-c0cb2cf5348a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5675
x-amzn-requestid: a47e049a-6f76-4af4-8064-fd7722bcfb17
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepGYEIAMFeQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-09e13afe27c4dc5b44e828be;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: U_3ah2pFrsQl9IVVqm9EVI99FnF79b9zOUFVBGX966JAjkDg6UF--A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 14147
etag: "898d50ac6e372609656fccee27de3d036bc0281c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2