firefox.settings.services.mozilla.com/v1/
54.230.111.118200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LlKMTXntlmLor_gC_uahjzFpaclkx4eOoEysyjuUa9rLc3jw-COG6A==
Age: 185599
hottime4you.com/ol/all/fr/ms/2-442857/?cep=lanzomS-vuUcFDv0407UtxiDbgQ7MJZANl5mCy2lenk2lHfJJn3k4kAKBkQTiJJvTrCYxiZIYjnalwoTQdeOEWPiBOH2ookm3YuvZDW64eyFY0ZtoSbhqtnuxoVt1Y7c90CVOeOPkCFQCp5M7Nr249W5XHS4wN_850eXG0AqszMNiNJYJ_dRdBSf-r5m_INrOzjWiok7oVFPpTGAiAa2z533gmy9rOXg2VGU7f-yNJn2xu2dNMVYb4War0J4-RJ2ax_v1MBa228n-gcSEjiBW-DUDD77mZpFi2zpxdNVMPp5HC-oZfAodpMwx6nYQ-w9d-uF55njboXxf7-KTVwxKxF4hhIKBYjQAuHJvJTISTMatOBBohhdXekmDMZmfeA4&lptoken=16df659c13c9521387f7
172.67.212.155200 OK 5.3 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/?cep=lanzomS-vuUcFDv0407UtxiDbgQ7MJZANl5mCy2lenk2lHfJJn3k4kAKBkQTiJJvTrCYxiZIYjnalwoTQdeOEWPiBOH2ookm3YuvZDW64eyFY0ZtoSbhqtnuxoVt1Y7c90CVOeOPkCFQCp5M7Nr249W5XHS4wN_850eXG0AqszMNiNJYJ_dRdBSf-r5m_INrOzjWiok7oVFPpTGAiAa2z533gmy9rOXg2VGU7f-yNJn2xu2dNMVYb4War0J4-RJ2ax_v1MBa228n-gcSEjiBW-DUDD77mZpFi2zpxdNVMPp5HC-oZfAodpMwx6nYQ-w9d-uF55njboXxf7-KTVwxKxF4hhIKBYjQAuHJvJTISTMatOBBohhdXekmDMZmfeA4&lptoken=16df659c13c9521387f7
IP 172.67.212.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash c50e8f6835ad60427026f2df7c3db9eb
a392e369a1487e1ffaff440e8aa981b0df10410f
541be1b02eb9c43d2f96b0a01e1822c9f6aef644bcc6c90fbaf7f63488730856
GET /ol/all/fr/ms/2-442857/?cep=lanzomS-vuUcFDv0407UtxiDbgQ7MJZANl5mCy2lenk2lHfJJn3k4kAKBkQTiJJvTrCYxiZIYjnalwoTQdeOEWPiBOH2ookm3YuvZDW64eyFY0ZtoSbhqtnuxoVt1Y7c90CVOeOPkCFQCp5M7Nr249W5XHS4wN_850eXG0AqszMNiNJYJ_dRdBSf-r5m_INrOzjWiok7oVFPpTGAiAa2z533gmy9rOXg2VGU7f-yNJn2xu2dNMVYb4War0J4-RJ2ax_v1MBa228n-gcSEjiBW-DUDD77mZpFi2zpxdNVMPp5HC-oZfAodpMwx6nYQ-w9d-uF55njboXxf7-KTVwxKxF4hhIKBYjQAuHJvJTISTMatOBBohhdXekmDMZmfeA4&lptoken=16df659c13c9521387f7 HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 19:20:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6iWfQDhIG9s8oNxqR7XwNv3fFBXvonP57JOfV4SvhmMYgj613atWe4QFcTuLSTg3H6HKE6y%2Fu9HI2oS3Nj2xNYWZXCnbRyMNuOtEMog0jsmPK8AsZjatrZezYOyTggChlwY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7568fec0bcfffabc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2782
Expires: Fri, 07 Oct 2022 20:06:59 GMT
Date: Fri, 07 Oct 2022 19:20:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8630
Expires: Fri, 07 Oct 2022 21:44:27 GMT
Date: Fri, 07 Oct 2022 19:20:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: izeQeNfPlj3yKFfZxPuufZkv8fIELAdrp+UwDDjCGsWP3PVbPKda73UnbUy+WuuWyRVAjj0gH1I=
x-amz-request-id: WWV03NQBR54RKJ3H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 18:59:17 GMT
age: 1280
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 19:20:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
hottime4you.com/ol/all/fr/ms/2-442857/js/jquery.js?4
172.67.212.155200 OK 34 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/js/jquery.js?4
IP 172.67.212.155:0
File type ASCII text, with very long lines (32086)
Hash 35838f7f4d8467ad30b25d6e4019f331
61e29db5c5120ce27518533cf9143f7d73c19656
36bb24f3dc82acc8ea2329b4b11fac097a67efeff94c9f11c8e92edfedf5f925
GET /ol/all/fr/ms/2-442857/js/jquery.js?4 HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=lanzomS-vuUcFDv0407UtxiDbgQ7MJZANl5mCy2lenk2lHfJJn3k4kAKBkQTiJJvTrCYxiZIYjnalwoTQdeOEWPiBOH2ookm3YuvZDW64eyFY0ZtoSbhqtnuxoVt1Y7c90CVOeOPkCFQCp5M7Nr249W5XHS4wN_850eXG0AqszMNiNJYJ_dRdBSf-r5m_INrOzjWiok7oVFPpTGAiAa2z533gmy9rOXg2VGU7f-yNJn2xu2dNMVYb4War0J4-RJ2ax_v1MBa228n-gcSEjiBW-DUDD77mZpFi2zpxdNVMPp5HC-oZfAodpMwx6nYQ-w9d-uF55njboXxf7-KTVwxKxF4hhIKBYjQAuHJvJTISTMatOBBohhdXekmDMZmfeA4&lptoken=16df659c13c9521387f7
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 19:20:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 16 May 2022 14:13:26 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4414
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IybdUOxSVE8pf8XeXkzr9L%2FKCLOj4JJ0ucOCE7pSHNO23EDPV6gW%2FVB4TEPBIGuL%2FrZf98nxtSxMI7N3coNmpaSiIvpAimPG6mszhEJA19ig0UWaTz%2BSZw2%2BCXml4kAoGYQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7568fec3cfa4fabc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/fr/ms/2-442857/js/backoffer.js
172.67.212.155200 OK 230 B URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/js/backoffer.js
IP 172.67.212.155:0
File type ASCII text, with very long lines (430), with no line terminators
Hash d1d761e3721375472889577260906f9c
c5e6e54e8b6b84af216d867dca79eb00c2819e42
de8798dd7447b4651ec2d44931c15ceb0d3e5099997b2ddc2452d3f95092a1a2
Analyzer Verdict Alert fortinet Malware
GET /ol/all/fr/ms/2-442857/js/backoffer.js HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=lanzomS-vuUcFDv0407UtxiDbgQ7MJZANl5mCy2lenk2lHfJJn3k4kAKBkQTiJJvTrCYxiZIYjnalwoTQdeOEWPiBOH2ookm3YuvZDW64eyFY0ZtoSbhqtnuxoVt1Y7c90CVOeOPkCFQCp5M7Nr249W5XHS4wN_850eXG0AqszMNiNJYJ_dRdBSf-r5m_INrOzjWiok7oVFPpTGAiAa2z533gmy9rOXg2VGU7f-yNJn2xu2dNMVYb4War0J4-RJ2ax_v1MBa228n-gcSEjiBW-DUDD77mZpFi2zpxdNVMPp5HC-oZfAodpMwx6nYQ-w9d-uF55njboXxf7-KTVwxKxF4hhIKBYjQAuHJvJTISTMatOBBohhdXekmDMZmfeA4&lptoken=16df659c13c9521387f7
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 19:20:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 19 Apr 2016 09:53:16 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4414
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=il0RgEju9kbtJSod2LMlysOhMBx4TBtLqavD%2BpJ1kSTjws9jVMAlD2t6tXHmIIUsE%2FgJE%2Bb5Xwg2WTsnL7UkhVbb7ql5RFZfumUQZ4rZaL1hdP2TGGVtaWxBz3urEqm78pg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7568fec3d8b6b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 1e711fa9a05717159ff81ab0f823ee32
e46e55ae74bf0f3d5376015654da5a4b18793bee
9cbbf1ba380d348fde374ba5480017a0308d0a8a8b85bf17e0505146a39ceb6f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 07 Oct 2022 19:20:37 GMT
Last-Modified: Fri, 07 Oct 2022 17:41:43 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tBI0EYRLr0icLbKf8PJo6QUacaTSg045F6yMN6SJF_g3b80SuUM-4g==
Age: 5934
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 1e711fa9a05717159ff81ab0f823ee32
e46e55ae74bf0f3d5376015654da5a4b18793bee
9cbbf1ba380d348fde374ba5480017a0308d0a8a8b85bf17e0505146a39ceb6f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 07 Oct 2022 19:20:37 GMT
Last-Modified: Fri, 07 Oct 2022 17:32:28 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fohqRjZsPU6Ou9-AFWUgP2CzdCWJUuwGMe_VO0wyFCYDcTJJjlKZhg==
Age: 6489
static.production.almightypush.com/mng/subs_window.js?ver=1651138969
54.230.111.72200 OK 20 kB URL HTTP/2 static.production.almightypush.com/mng/subs_window.js?ver=1651138969
IP 54.230.111.72:0
Hash ae593f4be1dd1f0710123918b49c4933
66fbe30bb873e0a47d3d72e737d68aa4b6916c26
fdf9ff3f74dcf11d0fa456dcd53cb21550f67f0cfdc11dc29bef595f07b56206
GET /mng/subs_window.js?ver=1651138969 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 19491
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 07 Oct 2022 07:05:41 GMT
etag: "ae593f4be1dd1f0710123918b49c4933"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: apFVDKrObtRcyB40a3xMebfpaWnjT7zt4OyNOCPyv3uHShvYx9yCwg==
age: 44141
X-Firefox-Spdy: h2
static.production.almightypush.com/mng/channels/init.min.js?ver=1651138969
54.230.111.72200 OK 22 kB URL HTTP/2 static.production.almightypush.com/mng/channels/init.min.js?ver=1651138969
IP 54.230.111.72:0
Hash 2ea196bb9d9670ec138eb0c8c23e6696
b0876fd8c0c56c5d34368c16a829c040c23cbaba
1475c052ae8dbc220775cd44b20e508e38db9f09168c57d4a73e0a9027f252f7
GET /mng/channels/init.min.js?ver=1651138969 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 21924
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 07 Oct 2022 02:12:01 GMT
etag: "2ea196bb9d9670ec138eb0c8c23e6696"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8yfDDjvI66Gfh4nWo_w_GdCP4whB3KbpnF2s9BqKLrsHIQ0ChHQjpQ==
age: 61789
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 04fb0f1f2cc070e9ca1b5e1d6f5ab161
5c94152c111f3e0d444f72a949774b9a146d532f
52713440ddd1dd9dd4c0b3142081e7a00aa2e6538cf9c4254812e8fea3f74762
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52713440DDD1DD9DD4C0B3142081E7A00AA2E6538CF9C4254812E8FEA3F74762"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1619
Expires: Fri, 07 Oct 2022 19:47:36 GMT
Date: Fri, 07 Oct 2022 19:20:37 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 1e711fa9a05717159ff81ab0f823ee32
e46e55ae74bf0f3d5376015654da5a4b18793bee
9cbbf1ba380d348fde374ba5480017a0308d0a8a8b85bf17e0505146a39ceb6f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 07 Oct 2022 19:20:37 GMT
Server: ECS (dcb/7F3A)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kRldrnPess1H0zylNnUFmjwxHgQYaQUleiRz_rD_8JA8imuunpknUg==
static.production.almightypush.com/mng/subs_window.css?ver=1651138969
54.230.111.72200 OK 6.9 kB URL HTTP/2 static.production.almightypush.com/mng/subs_window.css?ver=1651138969
IP 54.230.111.72:0
Hash bd7dbae15f904a4e1213439ebfefddbe
9f7a33b3d6e7965d8b99f0ff56cbf2e2ebb8f78e
30c08f3bb42d9a16155c65fbc952430048e4a84be70b98cb989b2dc977b49f8a
GET /mng/subs_window.css?ver=1651138969 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 6945
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 07 Oct 2022 06:21:47 GMT
etag: "bd7dbae15f904a4e1213439ebfefddbe"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0MRUl5N832uJe7b0tWeOkEznUArIQr3RdKMIbxDniAWmuszza-RKCw==
age: 46818
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.118200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Fri, 07 Oct 2022 19:05:29 GMT
Cache-Control: max-age=3600
Expires: Fri, 07 Oct 2022 19:19:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: psaASq7MpdwSm4hufR5Xzfdo9jZDyk-vZ9QvIY8tt73aDmc6dD6mLw==
Age: 3057
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d6c404502c7987174a84d8f0a3efab23
fc3a3f6d63acab3f659fb3536b65fd8564ec8628
94b5693df873bd923ffbf31f576fff01d2628e5796af4c6b91306a743e27d19b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4852
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 19:20:38 GMT
Last-Modified: Fri, 07 Oct 2022 17:59:46 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
hottime4you.com/ol/all/fr/ms/2-442857/images/logo.svg
172.67.212.155200 OK 4.1 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/logo.svg
IP 172.67.212.155:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (11634)
Hash 9a783caa8a8251f36166178a67f47a11
9ea6e5b928c5b8f30098cb450e7cc150bb9ec52e
83070d8dfd1a7ee1a070fe1bce65a715f94912c19820cc01dab6d2b0dc0eeea4
Analyzer Verdict Alert fortinet Malware
GET /ol/all/fr/ms/2-442857/images/logo.svg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=lanzomS-vuUcFDv0407UtxiDbgQ7MJZANl5mCy2lenk2lHfJJn3k4kAKBkQTiJJvTrCYxiZIYjnalwoTQdeOEWPiBOH2ookm3YuvZDW64eyFY0ZtoSbhqtnuxoVt1Y7c90CVOeOPkCFQCp5M7Nr249W5XHS4wN_850eXG0AqszMNiNJYJ_dRdBSf-r5m_INrOzjWiok7oVFPpTGAiAa2z533gmy9rOXg2VGU7f-yNJn2xu2dNMVYb4War0J4-RJ2ax_v1MBa228n-gcSEjiBW-DUDD77mZpFi2zpxdNVMPp5HC-oZfAodpMwx6nYQ-w9d-uF55njboXxf7-KTVwxKxF4hhIKBYjQAuHJvJTISTMatOBBohhdXekmDMZmfeA4&lptoken=16df659c13c9521387f7
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 19:20:38 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4414
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKLUfEmiCZROi6HYCeCyp1BH%2BfUtmyitJxAY3KMW3F9bACJomRdKiP7HPsjVjgT8kPsBzrilW8EpNM2yubZ2mbG7MYx0i%2BzY249I%2FdtfPFRiIaDJhxalSmUe1gS9JC7AQ70%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7568fec79d35b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
zeniocloud.com/JAIA.js?sub1=hottime4you.com
167.114.67.56200 OK 84 kB URL HTTP/2 zeniocloud.com/JAIA.js?sub1=hottime4you.com
IP 167.114.67.56:0
Hash d1e283296294a7afa0241b33f01d7270
6192a375c8639335c5ff842ee333df6fa3c7b377
3bad6a7fc324ee461f5d14085cd7d6e7263a4f2579f5b27433e4e32f703a4da4
Analyzer Verdict Alert fortinet Phishing
GET /JAIA.js?sub1=hottime4you.com HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 07 Oct 2022 19:20:38 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2
hottime4you.com/ol/all/fr/ms/2-442857/images/serious-desktop.jpg
172.67.212.155200 OK 67 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/serious-desktop.jpg
IP 172.67.212.155:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x1080, components 3\012- data
Hash 112fc3ea157bf79b88786de55a3be1b8
a7211bb35cdeefd3959d82ab942e1b2886d36756
30ba0d70d139e457f946a920859d706cdcf3aa9f920eeb1fab2b964e35d387b5
GET /ol/all/fr/ms/2-442857/images/serious-desktop.jpg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=lanzomS-vuUcFDv0407UtxiDbgQ7MJZANl5mCy2lenk2lHfJJn3k4kAKBkQTiJJvTrCYxiZIYjnalwoTQdeOEWPiBOH2ookm3YuvZDW64eyFY0ZtoSbhqtnuxoVt1Y7c90CVOeOPkCFQCp5M7Nr249W5XHS4wN_850eXG0AqszMNiNJYJ_dRdBSf-r5m_INrOzjWiok7oVFPpTGAiAa2z533gmy9rOXg2VGU7f-yNJn2xu2dNMVYb4War0J4-RJ2ax_v1MBa228n-gcSEjiBW-DUDD77mZpFi2zpxdNVMPp5HC-oZfAodpMwx6nYQ-w9d-uF55njboXxf7-KTVwxKxF4hhIKBYjQAuHJvJTISTMatOBBohhdXekmDMZmfeA4&lptoken=16df659c13c9521387f7
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 19:20:38 GMT
Content-Type: image/jpeg
Content-Length: 67016
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4414
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50ngH1j9egw1ydEwkWQdf3KlSruuNS%2BiY%2F3pCpmVWLFbO9TbCSAcOuf2c2q2gqmW%2FErI4V58lMtUorcViqPxdwNb2hd6JTY2mmL48XpQyJb%2Fjc0vDgKyQkvssIyxJVs7vlk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7568fec7bf04b506-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/fr/ms/2-442857/images/onlinesex-desktop.jpg
172.67.212.155200 OK 63 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/onlinesex-desktop.jpg
IP 172.67.212.155:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x1080, components 3\012- data
Hash 0d79ffb95618867cdef5f21e4f43ae77
0de5b35006c41fce8d81f704acd05e82199a8ef9
61a54e2fd489a966a4e217a4206849ca86c909b7604bf365135525d2e3a3a8ae
GET /ol/all/fr/ms/2-442857/images/onlinesex-desktop.jpg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=lanzomS-vuUcFDv0407UtxiDbgQ7MJZANl5mCy2lenk2lHfJJn3k4kAKBkQTiJJvTrCYxiZIYjnalwoTQdeOEWPiBOH2ookm3YuvZDW64eyFY0ZtoSbhqtnuxoVt1Y7c90CVOeOPkCFQCp5M7Nr249W5XHS4wN_850eXG0AqszMNiNJYJ_dRdBSf-r5m_INrOzjWiok7oVFPpTGAiAa2z533gmy9rOXg2VGU7f-yNJn2xu2dNMVYb4War0J4-RJ2ax_v1MBa228n-gcSEjiBW-DUDD77mZpFi2zpxdNVMPp5HC-oZfAodpMwx6nYQ-w9d-uF55njboXxf7-KTVwxKxF4hhIKBYjQAuHJvJTISTMatOBBohhdXekmDMZmfeA4&lptoken=16df659c13c9521387f7
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 19:20:38 GMT
Content-Type: image/jpeg
Content-Length: 62777
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4414
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5H7ZzILpa1LS5Lw7Wt2xSyCL%2BO4Sgkb2sVF5Iag%2F92W6H94StNg%2FQpYpYorX%2Fc6UxxB02b5%2BdIRy39SrbqBNyXMOk22U2nK3eifEQfguUiMn4GAj6NGrj7qfi8qbAK0I%2FM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7568fec7cd4cb51b-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/fr/ms/2-442857/images/hookup-desktop.jpg
172.67.212.155200 OK 62 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/hookup-desktop.jpg
IP 172.67.212.155:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x1080, components 3\012- data
Hash 8f587d707f7e18f994af0453be2c68d7
52daab9a9944d9b0d2348c9409b1d160aafcd18c
0a2ce539eadc90769ad5c0cf4e49d8b9d3b2046f03df1cbd95b6e498db3183ac
GET /ol/all/fr/ms/2-442857/images/hookup-desktop.jpg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=lanzomS-vuUcFDv0407UtxiDbgQ7MJZANl5mCy2lenk2lHfJJn3k4kAKBkQTiJJvTrCYxiZIYjnalwoTQdeOEWPiBOH2ookm3YuvZDW64eyFY0ZtoSbhqtnuxoVt1Y7c90CVOeOPkCFQCp5M7Nr249W5XHS4wN_850eXG0AqszMNiNJYJ_dRdBSf-r5m_INrOzjWiok7oVFPpTGAiAa2z533gmy9rOXg2VGU7f-yNJn2xu2dNMVYb4War0J4-RJ2ax_v1MBa228n-gcSEjiBW-DUDD77mZpFi2zpxdNVMPp5HC-oZfAodpMwx6nYQ-w9d-uF55njboXxf7-KTVwxKxF4hhIKBYjQAuHJvJTISTMatOBBohhdXekmDMZmfeA4&lptoken=16df659c13c9521387f7
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 19:20:38 GMT
Content-Type: image/jpeg
Content-Length: 61848
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4414
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGVfA2HT%2Fi49FHDaZJYv8a3RUuiyPBkH66Ws7FCKa3Pqlyf61qivtYyfSMmGNBqMpmJHixlofDJmfZqGxSMuKCRf9%2Bn1mDUfffRbhvQD0uP1ig7aEdnTYgM1Yh7T1DmT64Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7568fec7ba1eb4e8-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
IP 142.250.74.3:0
Hash c412179777c2d7622e60a44211fd6d85
139e5e1723ee8bbd162d98c9d32a01fae3893a27
b7135f4c6dc99481034feffca46865de030536220dcb84a04471138f42a9eb36
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 19:20:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 19:20:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
216.58.207.195200 OK 42 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 42336, version 1.0\012- data
Hash fe744073b54b3ba4efbf59b75be93667
737e9cf2c8d55812d1b2290e2146a43e0cefa6c8
c640c6d4c7104b09736c8a8c26f666305963273ffcba78e63b7a06451461cc55
GET /s/raleway/v22/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hottime4you.com
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 42336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 07 Oct 2022 03:58:08 GMT
expires: Sat, 07 Oct 2023 03:58:08 GMT
cache-control: public, max-age=31536000
age: 55350
last-modified: Tue, 29 Jun 2021 19:44:26 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hottime4you.com/ol/all/fr/ms/2-442857/images/serious.svg
172.67.212.155404 Not Found 238 B URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/serious.svg
IP 172.67.212.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert fortinet Malware
GET /ol/all/fr/ms/2-442857/images/serious.svg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=lanzomS-vuUcFDv0407UtxiDbgQ7MJZANl5mCy2lenk2lHfJJn3k4kAKBkQTiJJvTrCYxiZIYjnalwoTQdeOEWPiBOH2ookm3YuvZDW64eyFY0ZtoSbhqtnuxoVt1Y7c90CVOeOPkCFQCp5M7Nr249W5XHS4wN_850eXG0AqszMNiNJYJ_dRdBSf-r5m_INrOzjWiok7oVFPpTGAiAa2z533gmy9rOXg2VGU7f-yNJn2xu2dNMVYb4War0J4-RJ2ax_v1MBa228n-gcSEjiBW-DUDD77mZpFi2zpxdNVMPp5HC-oZfAodpMwx6nYQ-w9d-uF55njboXxf7-KTVwxKxF4hhIKBYjQAuHJvJTISTMatOBBohhdXekmDMZmfeA4&lptoken=16df659c13c9521387f7
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 19:20:38 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TY%2BaRv74JmSeP0mzS0lNx9L1fa8zPQHcflOzjvvC%2B%2BHQJ7WIjNd%2FtGHrr1ft2ijccJvcFDS3C4P%2BBJSbIXgygaBhPA4gyQisPok9lj6ge9oiYjcfohYkPfkKHFA90lHrYEk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7568fec7bac3fabc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/fr/ms/2-442857/images/onlinesex.svg
172.67.212.155404 Not Found 238 B URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/onlinesex.svg
IP 172.67.212.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert fortinet Malware
GET /ol/all/fr/ms/2-442857/images/onlinesex.svg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=lanzomS-vuUcFDv0407UtxiDbgQ7MJZANl5mCy2lenk2lHfJJn3k4kAKBkQTiJJvTrCYxiZIYjnalwoTQdeOEWPiBOH2ookm3YuvZDW64eyFY0ZtoSbhqtnuxoVt1Y7c90CVOeOPkCFQCp5M7Nr249W5XHS4wN_850eXG0AqszMNiNJYJ_dRdBSf-r5m_INrOzjWiok7oVFPpTGAiAa2z533gmy9rOXg2VGU7f-yNJn2xu2dNMVYb4War0J4-RJ2ax_v1MBa228n-gcSEjiBW-DUDD77mZpFi2zpxdNVMPp5HC-oZfAodpMwx6nYQ-w9d-uF55njboXxf7-KTVwxKxF4hhIKBYjQAuHJvJTISTMatOBBohhdXekmDMZmfeA4&lptoken=16df659c13c9521387f7
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 19:20:38 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkhihzS99YxIcRuhfIspF%2BjNuJkFeTVROmu54wlf7%2Fkud0zJJsyVa5CyQFXUMosMwZxvgcWX%2FscjcZud%2BDhSBYxkHlAYCvM9FA0mG6IF%2FYGpQYXvGnb5tK5axQLlbSGmxKQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7568fec7cd63b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 19:20:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hottime4you.com/ol/all/fr/ms/2-442857/images/hookup.svg
172.67.212.155404 Not Found 238 B URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/hookup.svg
IP 172.67.212.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert fortinet Malware
GET /ol/all/fr/ms/2-442857/images/hookup.svg HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=lanzomS-vuUcFDv0407UtxiDbgQ7MJZANl5mCy2lenk2lHfJJn3k4kAKBkQTiJJvTrCYxiZIYjnalwoTQdeOEWPiBOH2ookm3YuvZDW64eyFY0ZtoSbhqtnuxoVt1Y7c90CVOeOPkCFQCp5M7Nr249W5XHS4wN_850eXG0AqszMNiNJYJ_dRdBSf-r5m_INrOzjWiok7oVFPpTGAiAa2z533gmy9rOXg2VGU7f-yNJn2xu2dNMVYb4War0J4-RJ2ax_v1MBa228n-gcSEjiBW-DUDD77mZpFi2zpxdNVMPp5HC-oZfAodpMwx6nYQ-w9d-uF55njboXxf7-KTVwxKxF4hhIKBYjQAuHJvJTISTMatOBBohhdXekmDMZmfeA4&lptoken=16df659c13c9521387f7
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 19:20:38 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7tWh6LJaFVuC3G%2BUhSuI7iT9%2FOkDtcblw%2FLfiU2lNYmRz8Ln8xd62xd%2Bg5h8fZlKsy5M3Vdyu%2BMnGe3XVfDkJ3ooRG8IFlkd7pTl4vg5o%2F4GqjLwxeIgh2%2BKWqCgT4LgU8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7568fec7c9b1b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
44.242.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fHYU7PbVZiqx63a+v5YsWA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /AWW5e7iH4ddhUfHCs521tMy1tA=
hottime4you.com/ol/all/fr/ms/2-442857/images/apple-touch-icon.png
172.67.212.155200 OK 15 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/apple-touch-icon.png
IP 172.67.212.155:0
File type PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Hash 06cccf2fbccc024e971c61e25c79371a
7670223c8b94e99051aac5d73a50a586b522c538
e34cc0bbabe9b6e5d76098f9628115351c7b39a46aa8297221b6e5af7cc879e5
GET /ol/all/fr/ms/2-442857/images/apple-touch-icon.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=lanzomS-vuUcFDv0407UtxiDbgQ7MJZANl5mCy2lenk2lHfJJn3k4kAKBkQTiJJvTrCYxiZIYjnalwoTQdeOEWPiBOH2ookm3YuvZDW64eyFY0ZtoSbhqtnuxoVt1Y7c90CVOeOPkCFQCp5M7Nr249W5XHS4wN_850eXG0AqszMNiNJYJ_dRdBSf-r5m_INrOzjWiok7oVFPpTGAiAa2z533gmy9rOXg2VGU7f-yNJn2xu2dNMVYb4War0J4-RJ2ax_v1MBa228n-gcSEjiBW-DUDD77mZpFi2zpxdNVMPp5HC-oZfAodpMwx6nYQ-w9d-uF55njboXxf7-KTVwxKxF4hhIKBYjQAuHJvJTISTMatOBBohhdXekmDMZmfeA4&lptoken=16df659c13c9521387f7
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 19:20:38 GMT
Content-Type: image/png
Content-Length: 15044
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4414
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2OhEQABQuOVxkdr6clUD4GQi%2FYRRdLQ50%2FN7MhNonw2kzi32cQDwGcJswv%2FhSVJ4ZU4a9meNhJpzElOLWY1MEm0uDO5gqJ76sP%2BcM5Lw%2Fvl%2Ba%2BlU3uWjdaJh3ha8O9BUGk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7568fec92f2bb4f9-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/fr/ms/2-442857/images/favicon-16x16.png
172.67.212.155200 OK 1.3 kB URL HTTP/1.1 hottime4you.com/ol/all/fr/ms/2-442857/images/favicon-16x16.png
IP 172.67.212.155:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash d538e176ce147346539d54cbe91d9099
a08de9e15e2d6ca9ddd8a6c940055f51440800d7
fdbf44ab7cc09f4f10014be97d1f7e031452cff785ca3f6f6be9b39671371d4f
GET /ol/all/fr/ms/2-442857/images/favicon-16x16.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hottime4you.com/ol/all/fr/ms/2-442857/?cep=lanzomS-vuUcFDv0407UtxiDbgQ7MJZANl5mCy2lenk2lHfJJn3k4kAKBkQTiJJvTrCYxiZIYjnalwoTQdeOEWPiBOH2ookm3YuvZDW64eyFY0ZtoSbhqtnuxoVt1Y7c90CVOeOPkCFQCp5M7Nr249W5XHS4wN_850eXG0AqszMNiNJYJ_dRdBSf-r5m_INrOzjWiok7oVFPpTGAiAa2z533gmy9rOXg2VGU7f-yNJn2xu2dNMVYb4War0J4-RJ2ax_v1MBa228n-gcSEjiBW-DUDD77mZpFi2zpxdNVMPp5HC-oZfAodpMwx6nYQ-w9d-uF55njboXxf7-KTVwxKxF4hhIKBYjQAuHJvJTISTMatOBBohhdXekmDMZmfeA4&lptoken=16df659c13c9521387f7
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 19:20:38 GMT
Content-Type: image/png
Content-Length: 1342
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 12:32:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4414
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2mS1bv86Zd6iMoY0n%2BbHn07rsZSIZo%2Ft0JshXCqVYPVfs3hUJG7ckvefuV6bWBPUaR1HYeW%2BLU%2Fvo3fEOjYylxkWCPuscxWBv%2F1waTixiFOxoaTiLBWVptFMB1tKpu022s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7568fec92978b506-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
IP 142.250.74.3:0
Hash c412179777c2d7622e60a44211fd6d85
139e5e1723ee8bbd162d98c9d32a01fae3893a27
b7135f4c6dc99481034feffca46865de030536220dcb84a04471138f42a9eb36
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 19:20:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 74b63831a0a449c3e37b584db0009072
929f9f036c4a6a078c51c3b3dc2a7f902c9ee9ac
686845b4cf9a67078f03cb221ce13175a72074f6aa3804ba4fa06623ab856bae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 19:20:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
142.250.74.142302 Found 337 B URL HTTP/2 lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
IP 142.250.74.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 66a43eafe19fd2e9782007272dd06ced
9d5112f8b4482ef224d10b0d0a17bfaf053e8e23
f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb
GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1
Host: lh3.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
cache-control: private
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 07 Oct 2022 19:20:38 GMT
server: fife
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87465c15992fe10c24c62a185f8c171d
fa938b624d06d1e2927c8eda6a44b2a32d930f59
239ef7fe5df8c396d96a928c20d66c842a5ec3e9ff71a3cd7c0068906fc3e537
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 19:20:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f1a6b89e8fbde9b4f9870992a5c3857b
30bb453caa8a9d0fdc055bf95b6286ae182fe9f6
77449f73248b4aa265dca1e7277e528b4576ebb1389984e160768d65c9f14d4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 19:20:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
216.58.207.237302 Found 409 B URL HTTP/2 accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (387)
Hash b5e665a99268968970ac88b6f827fadd
672b25874b9f31731d8a699f1668ad9cdb297906
fd9984d2dc2c58b78b86d4f94ff1da0ef16aa132d8be248c297dee92d1230916
GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 07 Oct 2022 19:20:38 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-2147113646%3A1665170438792537&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo0vf_yHmszH7ru23SFoDD-0LtmKExEGAZCtw3fuoBJdWaEsg0uMoOIXpI5220EZ68uf7rlpw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-vH66dWpO-5xUrQ8r0XPiuQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 409
server: GSE
set-cookie: __Host-GAPS=1:zsMtb9rRHOTukorVHxEGSuPPkEn5KA:-gWPMJqZ0fnSvPc7;Path=/;Expires=Sun, 06-Oct-2024 19:20:38 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4082
Expires: Fri, 07 Oct 2022 20:28:41 GMT
Date: Fri, 07 Oct 2022 19:20:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4082
Expires: Fri, 07 Oct 2022 20:28:41 GMT
Date: Fri, 07 Oct 2022 19:20:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4082
Expires: Fri, 07 Oct 2022 20:28:41 GMT
Date: Fri, 07 Oct 2022 19:20:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16339989f5c6c229a3dcc0ed1e52032f
a1ea26d6e4eb4a72cc8c87100b40035dab69d285
16703f888ee6f974bb89e1c4c16a75186b31b64130abcd1a3bcd3741159d912c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13437
x-amzn-requestid: ec801fbc-c339-46ce-ac5f-18d064e5ef21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_HdeoAMFyOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-02b52b770e6e76cf52b26e47;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Iesqk_XbGiZE-n3mTa1_1WtlXiyEqz-4qfyt3_609O1eujdLcFu3zA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:01:58 GMT
etag: "a1ea26d6e4eb4a72cc8c87100b40035dab69d285"
content-type: image/jpeg
age: 76721
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
alexatracker.com/jscode/JAIA.js?sub1=hottime4you.com&sub2=&sub3=&sub4=&sub5=&prid=
104.21.85.99200 OK 11 kB URL HTTP/2 alexatracker.com/jscode/JAIA.js?sub1=hottime4you.com&sub2=&sub3=&sub4=&sub5=&prid=
IP 104.21.85.99:0
File type ASCII text, with very long lines (9325), with no line terminators
Hash bb2456d1f0a73874040a9f26fa845860
3dcf71f26ab23c94c3b4e1fa67ca0567fd66002a
bec8a24a7d20c8757b28c8b82ed4074ccd2a6d01d0589e4b6918d90037ed12db
GET /jscode/JAIA.js?sub1=hottime4you.com&sub2=&sub3=&sub4=&sub5=&prid= HTTP/1.1
Host: alexatracker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 19:20:38 GMT
content-type: application/json; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: BYPASS
set-cookie: trbarid=014d4cfce6e485e2cd7d8f38c0807bf75713056fa2a514a9843809f924aaa478a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A5045345934507015174%3B%7D; expires=Fri, 11-Oct-2024 19:20:38 GMT; Max-Age=63504000; path=/; secure; HttpOnly; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0MpCqlkOxv5zkXCYzKk%2F4TNGOFu47U%2BSL4%2Ff%2F2kUTw1Rry2F3YWWDm1Dz7LU1UUlp%2Fjvbmtm1oroTCF9v5FIYsmXoYihQ7fcmjFamafobG9YTP5OqEyMhhpHuy3ji%2FMYv3g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7568fec80f0eb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53b7ffdc3799e0ac7a225145242579ef
c47f0525fe5354ee13fe63c0ec31f0f826a58005
4bb518afc9b3e7bfb976d343e46b306155834adbe71fa35b0d6f509959f78aca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10987
x-amzn-requestid: c2ab1012-1afd-4d74-8114-97977b43da24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZgCHwGdGoAMFvyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cb097-3237927a0c1e081d22c902f7;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 22:15:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: iClOZEPMiFmpeprT8McJ2HI0dCmyxkhEdfYr0qP0YK3U_Pcd9N0Fhg==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 11:08:01 GMT
age: 29558
etag: "c47f0525fe5354ee13fe63c0ec31f0f826a58005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4572451a09430ca7a9203f14ddc035ba
46e17c44fba23988d7a9d9832c411ba2810136c3
fa54e73c4b32d8e109504ebcd46e4316de8143f44b7eae20a44ba63d14a6f24b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8445
x-amzn-requestid: 7d295b3b-29d6-4b2e-8314-c9055d1def80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmju5FxwoAMFeQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4cc5-3f58c18b1159ad512c60422b;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:46:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: DC1ECXhkAhfdrU8ZyMhhDdwydsq4PQfzzGOPd-REjCkCsDbXQLnLiA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:01:57 GMT
etag: "46e17c44fba23988d7a9d9832c411ba2810136c3"
content-type: image/jpeg
age: 76722
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2ac0ed19ef64f2f765ce7adb2a8fa7c
b6ea582befd01324dd456d59d3f610101dcf910c
d324c9f67b0efc38a935195076488dd0a62f61b893706ecf40ad1f2c5550a7d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11492
x-amzn-requestid: 7ac7e364-5204-4101-87f6-89fbdf3c5cb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_GKSoAMFdkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-4ae692e2617657225c88e5fb;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: jddNzOBqcXe8oUyYEEC82u0w35f4lAdk7Xf4ruu40Ngj2eY-r1Qyww==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "b6ea582befd01324dd456d59d3f610101dcf910c"
content-type: image/jpeg
age: 77781
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed3fa86bbe319c9a2f81ff625e677cb0
e3d5210207f6ff922bc28e328285059c19a523a4
5919694bd942a4f25d5b7ffc3f8aee1af6cdb8461d4ba3dba9a2e72cf19164c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7261
x-amzn-requestid: e1bdf299-b29e-4f58-9c8a-33f5dacdb081
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmirBELYoAMFfgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b13-1969b32c6f4f7e5749e7caa0;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: V3fTgH8URZ1iWMxWPy49--20mtdJvMK6XTG_aPKk68pvwCxPl8lULw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
age: 77781
etag: "e3d5210207f6ff922bc28e328285059c19a523a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfb29b1-34eb-4ec3-8390-1145a644534c.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfb29b1-34eb-4ec3-8390-1145a644534c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06283ec49d3981b60b28731fd8a9940d
10c0d991f7ad234557792c175fdbf81e3356416a
0d8d932cd46fa377ce3dfe5fe1287ab1cd0daad0ef52a42baad2462d10e5a80f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfb29b1-34eb-4ec3-8390-1145a644534c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6052
x-amzn-requestid: 6c8abd32-7499-4636-bf8a-3baaa88bf1ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi-HWOoAMFalA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-464364630dd2dbfa0d69f6f5;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: L13zNwITYkfg7x7UlAs_eVjJWRJsdxV5R7g5GHSAE8BgjN-1FB1AHQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:16 GMT
etag: "10c0d991f7ad234557792c175fdbf81e3356416a"
content-type: image/jpeg
age: 76350
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-2147113646%3A1665170438792537&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo0vf_yHmszH7ru23SFoDD-0LtmKExEGAZCtw3fuoBJdWaEsg0uMoOIXpI5220EZ68uf7rlpw
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-2147113646%3A1665170438792537&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo0vf_yHmszH7ru23SFoDD-0LtmKExEGAZCtw3fuoBJdWaEsg0uMoOIXpI5220EZ68uf7rlpw
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S-2147113646%3A1665170438792537&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo0vf_yHmszH7ru23SFoDD-0LtmKExEGAZCtw3fuoBJdWaEsg0uMoOIXpI5220EZ68uf7rlpw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 07 Oct 2022 19:20:38 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-esVnhl7N63N0QiFjweyxNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=aAdm3B9K-4NIKDr5zbbypN1PJOQzMg2bLk5NxBP3k4tOMjMDKvGuef5lKrJ62uKA3-t5u5qJ5p6v2PeVJKEh2QJzVqqftczUp0rLw2YugZJRXZ98HUJJssXa9ccIYq4hlHeH_y-9AIIh7fXO4uSVhAY_oBpKdX3URcQlRbbF-Go; expires=Sat, 08-Apr-2023 19:20:38 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2