r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9541
Expires: Sun, 08 Jan 2023 15:36:55 GMT
Date: Sun, 08 Jan 2023 12:57:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e4bdd77c0369662aa71ce2d01fd3edab
0ab1c5857e200e7e7946424c2c844537bfbb9775
a163c19fcc8fcf985e8df6ad4bd7ce73912b3df892d8236c70f9bc80820b26da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A163C19FCC8FCF985E8DF6AD4BD7CE73912B3DF892D8236C70F9BC80820B26DA"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12482
Expires: Sun, 08 Jan 2023 16:25:56 GMT
Date: Sun, 08 Jan 2023 12:57:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 75f0037a1d53a9a5321a796206ec3e24
70d42c9bf1334f20e1cea4ce3c8212e0e780ee77
80ec1e61f9563e799c9f44ea31e616c37daea1b9670091fbbc6efc39ebafe3d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80EC1E61F9563E799C9F44EA31E616C37DAEA1B9670091FBBC6EFC39EBAFE3D3"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3617
Expires: Sun, 08 Jan 2023 13:58:11 GMT
Date: Sun, 08 Jan 2023 12:57:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 08 Jan 2023 12:48:17 GMT
content-type: application/json
age: 577
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eYGFjvMD0TdGEQdYN1bBMhf4g5c4cKC7x7LtQBbpHBHZnOmNWiYwqp7C6AmTBzEasAp6O3UWkRhAkpqZWU0FgA==
x-amz-request-id: KKSCXQQXK8EZ5TTR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 08 Jan 2023 12:15:46 GMT
age: 2528
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 12:57:54 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
grupwa1117876.tebshu.rocks/
172.67.135.27200 OK 121 B URL HTTP/1.1 grupwa1117876.tebshu.rocks/
IP 172.67.135.27:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 81a333d67a32c7a3ffb2c93ab3acaebc
533a86cedc6a48e3c4eaaa82828bdc109f83b295
bd87e25d5acc57d4bfdb9d7a486224308ad6f3f9cf00997ac231d83d0a821de8
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: grupwa1117876.tebshu.rocks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 12:57:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o17AKRjhqYGOdVASO3rQorzQJ15g1gbzmPq%2FJkswHEgfNcbhFHR9aCikdG5u9aaTH0uLUw1OG%2BpQnSt7HGa30y8RGIkgHyeLR0eP6ggC3Icf5aJIhcC8DzIh4pWZbbQpw2wJoFYpN1jpdkt7qA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651a0139010afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 08 Jan 2023 12:17:21 GMT
age: 2433
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
grupwa1117876.tebshu.rocks/web-pising/web-pising
172.67.135.27301 Moved Permanently 264 B URL HTTP/1.1 grupwa1117876.tebshu.rocks/web-pising/web-pising
IP 172.67.135.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0dee55291251dc6d68b6f0d44847d63a
7bbcdb85aabf9a71d358bd28a937399a83f63ae4
26d833104e31195e0f5008586bbfe9c9508cf5c45ab870bdb1cfd7a66213b5a8
Analyzer Verdict Alert fortinet Phishing
GET /web-pising/web-pising HTTP/1.1
Host: grupwa1117876.tebshu.rocks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 08 Jan 2023 12:57:54 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://grupwa1117876.tebshu.rocks/web-pising/web-pising/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDBlMP0o6ruHf66nVjyO4tusyI9ggb5E0lgLf9RmSZw5WkIZ8r8%2FMZ1sHt3JIIfLUP2BEsqPXQChyxo%2FbP%2FEUlRKn6LzZE49TRpfGFUsFbJvrkLvVdBU4Cf4zq5gZzwRfbH4URo4nM%2BUApBWOA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651a047c2b0afa-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 54ac41a005cad66e958c904071ea1d4f
66932889be57eb15ab99237a69d292b12090c68d
52545e144a7ca5c37c5369d5f5b566b4e5e820b1920ab7fe8e413e7fe022e21b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1426
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 12:57:54 GMT
Last-Modified: Sun, 08 Jan 2023 12:34:08 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.58.27101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.58.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nECbeRaXCofRSQ6uG++KsA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: b78jTuSAiswkOImH14eutdNIDCM=
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 12:57:55 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 145495
expires: Fri, 29 Dec 2023 12:57:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMS2DYc2LQ9XZZzV3IKNriPtNsxFNoKVTSrwo22XH55bV0yCy8pBYOxnEPKRQU5yconSm33DY92B4GGPRg93tC0JlM%2BhaEdbA2MfNvlS2AeLmWMFZektPhByTVxT%2B1pt7NmGOTe0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78651a079c99b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.1.2/css/material-design-iconic-font.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.1.2/css/material-design-iconic-font.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8a9e65fa93d60ad2ff7b95090b8e3669
8da0c877e9e73daa2c0ffa4749ef83f6a329e162
a65ab08c62d12a3a6be874c9602a53fa80c4700327e6385e70b71926036af7d5
GET /ajax/libs/material-design-iconic-font/2.1.2/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 12:57:55 GMT
content-type: text/css; charset=utf-8
content-length: 5630
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-10ad7"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 16226026
expires: Fri, 29 Dec 2023 12:57:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FHhfsNHRRdsq0y3frv%2FaAbQ0axoY5rzbQJ9ch%2BQdLVsfiLE4%2Fc1CJw4My4sZZLqhq8bYpncRcmfcX9CC6vvzTgNidWI%2F%2BHV%2BFhK5fSMDcRV5HIy%2F9s%2Fn4rdeHtUtbA1%2FG21XIlm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78651a079c9cb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/js-base64@3.7.1/base64.min.js
151.101.1.229200 OK 2.1 kB URL HTTP/2 cdn.jsdelivr.net/npm/js-base64@3.7.1/base64.min.js
IP 151.101.1.229:0
File type ASCII text, with very long lines (4800)
Hash 019a7da19fcf8fa4f0a617d750e06e52
84dac2de5cf83ab3d84213fcd88989c0622802bb
42bb09618f2c5be94b4bff0efd8937cb430a8e57a4e0e4f52e7f6b945db86202
GET /npm/js-base64@3.7.1/base64.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.7.1
x-jsd-version-type: version
etag: W/"1403-Iw1GRY+LVjIB//oGCUa3Uouq6NQ"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 08 Jan 2023 12:57:55 GMT
age: 6844991
x-served-by: cache-fra-eddf8230072-FRA, cache-bma1668-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2067
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 63bccc1f66ce9e92e4b40dfb3d397e96
b256695f795919c1fa3d0de461cf4d44fb7573f3
739ed63c77b8f2f8ae1e929d2e6ce784986ea0d3230d2a65cc9f733837c8a581
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 12:57:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 6a2ad734e4af21c02b77da23300b613a
e6fd999dc2f5b1b2dd326a7daaefc74c00a5c25d
e0bab568945698247e5b99d9f2eff23cc2fcf9aa92aec8f286f8b1a1af7a99de
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 12:57:55 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "415C12F35A29AD037CFAE8A7D0DAEE9091A85871"
Expires: Mon, 09 Jan 2023 00:00:00 GMT
Last-Modified: Sun, 08 Jan 2023 12:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1493
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78651a0809590b61-OSL
cdn.statically.io/gh/jQueryMoobilee/footericon/main/silicon.min.js
151.101.193.91200 OK 64 kB URL HTTP/2 cdn.statically.io/gh/jQueryMoobilee/footericon/main/silicon.min.js
IP 151.101.193.91:0
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 5abf24ec9449fda201d314925e1e9a68
a3866d038e2baac2570ebab4ef874622ed3127df
13b40ce20ae19d6941f1810bbf16e6bb8442f7bbdc89b2221da926ba7ca3fce5
GET /gh/jQueryMoobilee/footericon/main/silicon.min.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 3458
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Sun, 08 Jan 2023 12:57:55 GMT
etag: W/"854c83e408372e75a068059374a03aaacb3e7006b5780453c920508c30bc9c69"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10057-SJC, cache-bma1669-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 63877
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash a059e24a32c400cae0bec6c4a0e33aae
4ec27a1e649c35bce5779116aa9d60197c952749
56708fca7d8c855921f21ececcce1c82c7ec24ecc86c87b6a6ab2c33efbc9d4d
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 12:57:55 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "2C632408375F8B63536879E90630404F74E10006"
Expires: Mon, 09 Jan 2023 00:00:00 GMT
Last-Modified: Sun, 08 Jan 2023 12:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 181
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78651a0839920b61-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 63bccc1f66ce9e92e4b40dfb3d397e96
b256695f795919c1fa3d0de461cf4d44fb7573f3
739ed63c77b8f2f8ae1e929d2e6ce784986ea0d3230d2a65cc9f733837c8a581
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 12:57:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
grupwa1117876.tebshu.rocks/web-pising/web-pising/
172.67.135.27200 OK 16 kB URL HTTP/1.1 grupwa1117876.tebshu.rocks/web-pising/web-pising/
IP 172.67.135.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (42921)
Hash 81e9e1f9f7d7ad3e19f59a14353d4ca0
a07f71a40f771a1eb9bf658656a9e8ed53251b14
9e5cc83b33c00d88c7eb6a81094d9b930b848b3a07793432eced9c5da8e4f3ac
Analyzer Verdict Alert fortinet Phishing
GET /web-pising/web-pising/ HTTP/1.1
Host: grupwa1117876.tebshu.rocks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 12:57:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fX%2BHUh6XTpkjYAlQwWpQjcUn7qidN4WbHFOl2Y47JJx2F9dPcmDMBzDZxda4rpBBA3sBmL7wb4fd0%2B9hQDVjZryyGnU36jnfyGL8Drb6dmSp%2BmdevJdezpJUC1kQNB9duKMrspCAqqvwZ7qMkg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651a05cd710afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2bc56b3abf4303a43fb3df3ef3d1f9d6
64203e094b8536bb88997ff05ad6f3af7d7a06d3
fd501e56de4a80949e260ded7b5f31998d04dc92048836f8281f22c7682eb137
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD501E56DE4A80949E260DED7B5F31998D04DC92048836F8281F22C7682EB137"
Last-Modified: Fri, 06 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12824
Expires: Sun, 08 Jan 2023 16:31:39 GMT
Date: Sun, 08 Jan 2023 12:57:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2bc56b3abf4303a43fb3df3ef3d1f9d6
64203e094b8536bb88997ff05ad6f3af7d7a06d3
fd501e56de4a80949e260ded7b5f31998d04dc92048836f8281f22c7682eb137
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD501E56DE4A80949E260DED7B5F31998D04DC92048836F8281F22C7682EB137"
Last-Modified: Fri, 06 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12824
Expires: Sun, 08 Jan 2023 16:31:39 GMT
Date: Sun, 08 Jan 2023 12:57:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2bc56b3abf4303a43fb3df3ef3d1f9d6
64203e094b8536bb88997ff05ad6f3af7d7a06d3
fd501e56de4a80949e260ded7b5f31998d04dc92048836f8281f22c7682eb137
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD501E56DE4A80949E260DED7B5F31998D04DC92048836F8281F22C7682EB137"
Last-Modified: Fri, 06 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12824
Expires: Sun, 08 Jan 2023 16:31:39 GMT
Date: Sun, 08 Jan 2023 12:57:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2bc56b3abf4303a43fb3df3ef3d1f9d6
64203e094b8536bb88997ff05ad6f3af7d7a06d3
fd501e56de4a80949e260ded7b5f31998d04dc92048836f8281f22c7682eb137
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD501E56DE4A80949E260DED7B5F31998D04DC92048836F8281F22C7682EB137"
Last-Modified: Fri, 06 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12824
Expires: Sun, 08 Jan 2023 16:31:39 GMT
Date: Sun, 08 Jan 2023 12:57:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2bc56b3abf4303a43fb3df3ef3d1f9d6
64203e094b8536bb88997ff05ad6f3af7d7a06d3
fd501e56de4a80949e260ded7b5f31998d04dc92048836f8281f22c7682eb137
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD501E56DE4A80949E260DED7B5F31998D04DC92048836F8281F22C7682EB137"
Last-Modified: Fri, 06 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12824
Expires: Sun, 08 Jan 2023 16:31:39 GMT
Date: Sun, 08 Jan 2023 12:57:55 GMT
Connection: keep-alive
j.top4top.io/p_2250kf4vq0.png
135.181.63.70200 OK 27 kB URL HTTP/2 j.top4top.io/p_2250kf4vq0.png
IP 135.181.63.70:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 452x678, components 3\012- data
Hash bb5298aa9920145a4b046d80b5dec48b
d1b7e08d509968296161885bedec18ac1014a5a1
56cc446037f8637ee773bd4b8cd1ceadc4762a860ceacb28f9b3ccd3e06320b2
GET /p_2250kf4vq0.png HTTP/1.1
Host: j.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 12:57:55 GMT
content-type: image/png
content-length: 26995
set-cookie: klj_40d147_downloads=qq4v9; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Mon, 09 Jan 2023 12:34:35 GMT
last-modified: Tue, 01 Mar 2022 00:47:14 GMT
content-disposition: inline; filename="img007.png"
etag: "621d6d12-6973"
expires: Sun, 08 Jan 2023 14:57:55 GMT
cache-control: max-age=7200
x-file-id: x44889381x
accept-ranges: bytes
X-Firefox-Spdy: h2
l.top4top.io/p_2250olxyr0.png
65.21.235.194200 OK 27 kB URL HTTP/2 l.top4top.io/p_2250olxyr0.png
IP 65.21.235.194:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash d20ed4d174297139b3537af4b49374b5
bf34df68f752c5d64aa0f00c87e292099934e205
61e58af7740c55b6d4b7eacd4ecea254db3d501ed8dcf143a69950474f00881c
GET /p_2250olxyr0.png HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 12:57:55 GMT
content-type: image/png
content-length: 27136
set-cookie: klj_40d147_downloads=qq4ub; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Mon, 09 Jan 2023 12:34:35 GMT
last-modified: Tue, 01 Mar 2022 00:45:28 GMT
content-disposition: inline; filename="img005.png"
etag: "621d6ca8-6a00"
expires: Sun, 08 Jan 2023 14:57:55 GMT
cache-control: max-age=7200
x-file-id: x44889347x
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 294742535da40d02498d9e1c865d4014
99d45ec581ccba41915745f22da696aa9c5758ea
645f09beffda2d924626cedd5aa832a5a0e1b136ddf3fdc0b65fd9526f8b5531
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 12:57:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:400,700,300
216.58.207.202200 OK 835 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,700,300
IP 216.58.207.202:0
Hash e6141e93e9b2deb9b79fae6a1a25367d
881e0c3cdef1da9ab777fa2283664140f7b1532a
0e754c2211fd5ff3a5d70f5363fd33b5e2e66dbfa9a958674eba9a9c75ce756e
GET /css?family=Roboto:400,700,300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 08 Jan 2023 12:57:55 GMT
date: Sun, 08 Jan 2023 12:57:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
j.top4top.io/p_2250pajaq0.png
135.181.63.70200 OK 33 kB URL HTTP/2 j.top4top.io/p_2250pajaq0.png
IP 135.181.63.70:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x563, components 3\012- data
Hash 53df708e993ef4287c84f4764585d481
c22d1d16a0fd35861350e06c4403d183411395d4
ef4998d339a351fb262c097fe9dcdc25d0249c63d20692032ab28b3313ee423e
GET /p_2250pajaq0.png HTTP/1.1
Host: j.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 12:57:55 GMT
content-type: image/png
content-length: 33363
set-cookie: klj_40d147_downloads=qq4wl; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Mon, 09 Jan 2023 12:34:35 GMT
last-modified: Tue, 01 Mar 2022 00:49:04 GMT
content-disposition: inline; filename="img008.png"
etag: "621d6d80-8253"
expires: Sun, 08 Jan 2023 14:57:55 GMT
cache-control: max-age=7200
x-file-id: x44889429x
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://grupwa1117876.tebshu.rocks
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 13:33:13 GMT
expires: Sat, 06 Jan 2024 13:33:13 GMT
cache-control: public, max-age=31536000
age: 170682
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
j.top4top.io/p_2250exbmf0.png
135.181.63.70200 OK 22 kB URL HTTP/2 j.top4top.io/p_2250exbmf0.png
IP 135.181.63.70:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x563, components 3\012- data
Hash 298f07e1a9c7a531b5498e2fe8e2a21b
56dc285ad6c1b0a287f64c1bd09e93590bbac0fe
27e69d58f8e0ceb746cce666658bb8c34bd1974c5f7a516915115ac0067e68a8
GET /p_2250exbmf0.png HTTP/1.1
Host: j.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 12:57:55 GMT
content-type: image/png
content-length: 22302
set-cookie: klj_40d147_downloads=qq4x9; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Mon, 09 Jan 2023 12:34:35 GMT
last-modified: Tue, 01 Mar 2022 00:50:27 GMT
content-disposition: inline; filename="img009.png"
etag: "621d6dd3-571e"
expires: Sun, 08 Jan 2023 14:57:55 GMT
cache-control: max-age=7200
x-file-id: x44889453x
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://grupwa1117876.tebshu.rocks
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:33:54 GMT
expires: Thu, 04 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 321841
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
j.top4top.io/p_2250mm2sn0.png
135.181.63.70200 OK 30 kB URL HTTP/2 j.top4top.io/p_2250mm2sn0.png
IP 135.181.63.70:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 554x554, components 3\012- data
Hash c252c54d048ba881d19a358092769287
bc58208586b8f7883ef2f590f8d6561fdaf2dd4a
307c39d3070d0ab6d954253d7891883cc9c1b5e0b46e8414aa5625da890d3d9d
GET /p_2250mm2sn0.png HTTP/1.1
Host: j.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 12:57:55 GMT
content-type: image/png
content-length: 30486
set-cookie: klj_40d147_downloads=qq4xl; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Mon, 09 Jan 2023 12:34:35 GMT
last-modified: Tue, 01 Mar 2022 00:51:12 GMT
content-disposition: inline; filename="img002.png"
etag: "621d6e00-7716"
expires: Sun, 08 Jan 2023 14:57:55 GMT
cache-control: max-age=7200
x-file-id: x44889465x
accept-ranges: bytes
X-Firefox-Spdy: h2
cloud.githubusercontent.com/assets/398893/15136779/4e765036-1639-11e6-9201-67e728e86f39.jpg
185.199.108.133200 OK 225 kB URL HTTP/2 cloud.githubusercontent.com/assets/398893/15136779/4e765036-1639-11e6-9201-67e728e86f39.jpg
IP 185.199.108.133:0
File type gzip compressed data, max compression\012- data
Size 225 kB (225339 bytes)
Hash e3d5f759be69abbd97396866317bc3b8
909d4dd14d384fded231c3828c3480e2c410520e
e913605653a3798ba8398c667596cf62a0c9bef3dff266672ef7800312f880fa
GET /assets/398893/15136779/4e765036-1639-11e6-9201-67e728e86f39.jpg HTTP/1.1
Host: cloud.githubusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 May 2016 05:56:48 GMT
etag: "f9cebf245b82051cf1e25a5c190de77d"
cache-control: max-age=2592000
content-type: image/jpeg
accept-ranges: bytes
date: Sun, 08 Jan 2023 12:57:55 GMT
via: 1.1 varnish
age: 393095
x-served-by: cache-bma1655-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1673182676.568129,VS0,VE13
x-fastly-request-id: 89f880378713c5de7af2e2c93acc83932cda722f
server: GitHub Cloud
timing-allow-origin: https://github.com
content-length: 224922
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 294742535da40d02498d9e1c865d4014
99d45ec581ccba41915745f22da696aa9c5758ea
645f09beffda2d924626cedd5aa832a5a0e1b136ddf3fdc0b65fd9526f8b5531
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 12:57:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rawcdn.githack.com/AlexHostX/all.asset/38984972fb20a70d711e86ac3e6f19e60ea8adc3/AlexHostWA.ttf
104.21.234.231404 Not Found 14 B URL HTTP/2 rawcdn.githack.com/AlexHostX/all.asset/38984972fb20a70d711e86ac3e6f19e60ea8adc3/AlexHostWA.ttf
IP 104.21.234.231:0
File type ASCII text, with no line terminators
Hash 3be7b8b182ccd96e48989b4e57311193
78fb38f212fa49029aff24c669a39648d9b4e68b
d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
GET /AlexHostX/all.asset/38984972fb20a70d711e86ac3e6f19e60ea8adc3/AlexHostWA.ttf HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://grupwa1117876.tebshu.rocks
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sun, 08 Jan 2023 12:57:55 GMT
content-length: 14
x-content-type-options: nosniff
x-github-request-id: D5D0:4121:880276:93B566:63BABCA6
via: 1.1 varnish
x-served-by: cache-hel1410025-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1673182375.889979,VS0,VE151
vary: Authorization,Accept-Encoding,Origin
x-fastly-request-id: 56454f99fcc30f28a7c20ce8378323d3e0ba9f1d
source-age: 0
cache-control: max-age=300, public
x-githack-cache-status: HIT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utTrFoEfHVxjEQAlNEARYsB81vapPEUHn2VwaB5HVfHfOvXCFrY1915YhTtjv56OpKAlT59MqO0AnRMTyN6fwQof1IUI0Ch3Mtk%2FzF9fPimyEoFuoRB%2F5qJxvH77pNvfCw0RcTE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78651a0afbc171c3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
b.top4top.io/p_2319kjl2l1.jpg
51.158.152.62200 OK 257 kB URL HTTP/2 b.top4top.io/p_2319kjl2l1.jpg
IP 51.158.152.62:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1073, components 3\012- data
Size 257 kB (256982 bytes)
Hash 8309c710176eace2451e57ac9757548a
e5e308af2419c9e71ac24148971e276be1ac0e2b
2dced3c741b310c6bab6ac878d83da1ff7ae5d045d83b9a9b93eac77db7fbe0b
GET /p_2319kjl2l1.jpg HTTP/1.1
Host: b.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 12:57:55 GMT
content-type: image/jpeg
content-length: 256982
set-cookie: klj_40d147_downloads=rm0zp; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Mon, 09 Jan 2023 12:34:35 GMT
last-modified: Sun, 08 May 2022 10:47:30 GMT
content-disposition: inline; filename="IMG_20220508_173814.jpg"
etag: "62779fc2-3ebd6"
expires: Sun, 08 Jan 2023 14:57:55 GMT
cache-control: max-age=7200
x-file-id: x46377349x
accept-ranges: bytes
X-Firefox-Spdy: h2
g.top4top.io/p_231907ay40.jpg
163.172.24.234200 OK 284 kB URL HTTP/2 g.top4top.io/p_231907ay40.jpg
IP 163.172.24.234:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1081, components 3\012- data
Size 284 kB (284124 bytes)
Hash 268059c1a5dc7b36fae2539028a19118
89c62cacabfb32feb56e2197b2d9b3122339a9c2
0a116062ebd18aabdb7660e8a6f9d30bbb0ca796a990d4eabbbb97e73b27d437
GET /p_231907ay40.jpg HTTP/1.1
Host: g.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 12:57:55 GMT
content-type: image/jpeg
content-length: 284124
set-cookie: klj_40d147_downloads=rm0ri; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Mon, 09 Jan 2023 12:34:35 GMT
last-modified: Sun, 08 May 2022 10:27:18 GMT
content-disposition: inline; filename="IMG_20220508_172602.jpg"
etag: "62779b06-455dc"
expires: Sun, 08 Jan 2023 14:57:55 GMT
cache-control: max-age=7200
x-file-id: x46377054x
accept-ranges: bytes
X-Firefox-Spdy: h2
g.top4top.io/p_2250j4cs80.png
163.172.24.234200 OK 20 kB URL HTTP/2 g.top4top.io/p_2250j4cs80.png
IP 163.172.24.234:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 448x684, components 3\012- data
Hash 73ea5aa3d7f0920e73a7538949554776
1e7c6518c6f7fa7afbca6857aa395ece92186389
e18d898327a880a0a05d67f92a19833fb4f0b54db817bad05cebf25944bfa44d
GET /p_2250j4cs80.png HTTP/1.1
Host: g.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 12:57:55 GMT
content-type: image/png
content-length: 20443
set-cookie: klj_40d147_downloads=qq4vu; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Mon, 09 Jan 2023 12:34:35 GMT
last-modified: Tue, 01 Mar 2022 00:48:07 GMT
content-disposition: inline; filename="img004.png"
etag: "621d6d47-4fdb"
expires: Sun, 08 Jan 2023 14:57:55 GMT
cache-control: max-age=7200
x-file-id: x44889402x
accept-ranges: bytes
X-Firefox-Spdy: h2
grupwa1117876.tebshu.rocks/web-pising/web-pising/img/jquery.min.js
172.67.135.27404 Not Found 238 B URL HTTP/1.1 grupwa1117876.tebshu.rocks/web-pising/web-pising/img/jquery.min.js
IP 172.67.135.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
Analyzer Verdict Alert fortinet Phishing
GET /web-pising/web-pising/img/jquery.min.js HTTP/1.1
Host: grupwa1117876.tebshu.rocks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/web-pising/web-pising/
HTTP/1.1 404 Not Found
Date: Sun, 08 Jan 2023 12:57:55 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBVJi9tDax%2B8XETYAin9OH8%2BqbLjaMstwZkjcI%2BRSWvMtmc%2BmK5poL30B%2Fj17l7s8ksX7f9G910faBvnxVSeL4AVtItpGm6y%2FCRt4PkVvvM86Siw8Xmzf6o51%2Bcw%2Fam67vS6ilHqHWuheX1gSg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78651a0988130b59-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
grupwa1117876.tebshu.rocks/web-pising/web-pising/img/fb-login.png
172.67.135.27200 OK 31 kB URL HTTP/1.1 grupwa1117876.tebshu.rocks/web-pising/web-pising/img/fb-login.png
IP 172.67.135.27:0
File type PNG image data, 1652 x 411, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ae3b6bc1ebde6c97f1cf4eff5c0f61f
ac60fb3fc5f5a96d30f133f1d60ff116ac329b86
feda321bb681dc8593f1cc761778fe3b2ba6447399d3a152cf3c65917df6b147
GET /web-pising/web-pising/img/fb-login.png HTTP/1.1
Host: grupwa1117876.tebshu.rocks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/web-pising/web-pising/
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 12:57:55 GMT
Content-Type: image/png
Content-Length: 31218
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 12:00:22 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLd68%2BK8xbOoTpIj6ZMxaC4qvMbIGDl0IE%2BddhGoYDAIRc3%2B9vrnBbtNt%2FC5i9mBxwNuacrUo%2BI%2BBBlqVzseTpz9FNX%2BrQEFA7q%2B4hh0qN5cLOauZYNiPo8NHUy40B9%2FRfVyNmsrxmmEarN27Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78651a0988c90afa-OSL
alt-svc: h2=":443"; ma=60
raw.githubusercontent.com/AlexHostX/all.asset/c529c239acac01cd8bc1a76f349f7c3caebba766/580b57fcd9996e24bc43c543.png
185.199.108.133404 Not Found 14 B URL HTTP/2 raw.githubusercontent.com/AlexHostX/all.asset/c529c239acac01cd8bc1a76f349f7c3caebba766/580b57fcd9996e24bc43c543.png
IP 185.199.108.133:0
File type ASCII text, with no line terminators
Hash 3be7b8b182ccd96e48989b4e57311193
78fb38f212fa49029aff24c669a39648d9b4e68b
d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
GET /AlexHostX/all.asset/c529c239acac01cd8bc1a76f349f7c3caebba766/580b57fcd9996e24bc43c543.png HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://grupwa1117876.tebshu.rocks/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
content-type: text/plain; charset=utf-8
x-github-request-id: E07E:7747:4C163B:665782:63BABDD4
accept-ranges: bytes
date: Sun, 08 Jan 2023 12:57:56 GMT
via: 1.1 varnish
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1673182676.013806,VS0,VE100
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
x-fastly-request-id: 14f2cc5556cb4f2f54a2c4e70dcf5a457c2e8339
expires: Sun, 08 Jan 2023 13:02:56 GMT
source-age: 0
content-length: 14
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1b604c51fed73ccf32e05acc8a42d04f
d89baddc3412ec3ce8cea1ef9e8db3c69fbd13ab
74b7b3bd5775d7c4323c8864e826874420757d6fe591926d98d95821e45f87b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5420
Cache-Control: max-age=111825
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 12:57:56 GMT
Etag: "63b9ba79-117"
Expires: Mon, 09 Jan 2023 20:01:41 GMT
Last-Modified: Sat, 07 Jan 2023 18:31:21 GMT
Server: ECS (amb/6B73)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1b604c51fed73ccf32e05acc8a42d04f
d89baddc3412ec3ce8cea1ef9e8db3c69fbd13ab
74b7b3bd5775d7c4323c8864e826874420757d6fe591926d98d95821e45f87b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5420
Cache-Control: max-age=111825
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 12:57:56 GMT
Etag: "63b9ba79-117"
Expires: Mon, 09 Jan 2023 20:01:41 GMT
Last-Modified: Sat, 07 Jan 2023 18:31:21 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9839
Expires: Sun, 08 Jan 2023 15:41:55 GMT
Date: Sun, 08 Jan 2023 12:57:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9839
Expires: Sun, 08 Jan 2023 15:41:55 GMT
Date: Sun, 08 Jan 2023 12:57:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9839
Expires: Sun, 08 Jan 2023 15:41:55 GMT
Date: Sun, 08 Jan 2023 12:57:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9839
Expires: Sun, 08 Jan 2023 15:41:55 GMT
Date: Sun, 08 Jan 2023 12:57:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4c877ef-76ec-4130-a623-3cfe6579a770.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4c877ef-76ec-4130-a623-3cfe6579a770.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30c53ae078b112f7186e910c38898233
d3c58c28f0734f98bed64a26ede077464c3ad3f2
8f7dd1cf9f1472468a7caaf67a8f9c15bfe8836badcfb3249a9a8a7a6c3c0533
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4c877ef-76ec-4130-a623-3cfe6579a770.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13787
x-amzn-requestid: 2598b4fe-a032-47d7-8e6c-cfdcfbe9d64a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDvYE35IAMF1Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e662-574eb7370aac63dd531d6b75;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hoqjdZug31XPMxkMVZ0LWQsA62rGeP8GYXr-pe9rmkmzlGKeGSkNFQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 21:51:20 GMT
age: 54396
etag: "d3c58c28f0734f98bed64a26ede077464c3ad3f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F753d022b-5cb9-4f9b-b520-756c952710b3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F753d022b-5cb9-4f9b-b520-756c952710b3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2abe0388f11bae93f827a971bd29802
a57915c3b8388bc23c3a677ba12cc0525d949c2c
d23c15ca723fe73f6893703c7d1830034182fb1c9c620837313774c62368fa06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F753d022b-5cb9-4f9b-b520-756c952710b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10544
x-amzn-requestid: 04bdd2a7-b3dd-434b-833c-7101a1da9da7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDy1E_goAMFmgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e678-3468e4a9174280c146f28962;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:39:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eRS6IJNRzjavNsFqQVAtknTprnuBQwa6NyW5hXr8gFQvqiI9h8VGRw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 21:58:04 GMT
age: 53992
etag: "a57915c3b8388bc23c3a677ba12cc0525d949c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3750e6a-c5c3-4c07-8912-be2b2eaf7e4f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3750e6a-c5c3-4c07-8912-be2b2eaf7e4f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 073554b46cc8ac731a6ae967ff367f70
d1a8816ad1296220be03d2191f6505f4b9fe6837
918e2a1addecb099a2b00ac33288ec1b7cd8d2a1ea9a9f90c5f1d2c54367cef1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3750e6a-c5c3-4c07-8912-be2b2eaf7e4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11629
x-amzn-requestid: d7d6047b-9b34-4c5b-a44b-d810f5e29dd1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTNhgHxRIAMFfsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b78fa3-55f45ccb715a49cc0ed25de2;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 03:04:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MVeEwkEI6rBPAdB9vnHOZCFZvy_ScsvrQcY6BxFa-4Ot7JTzDNNDEg==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 04:22:14 GMT
age: 30942
etag: "d1a8816ad1296220be03d2191f6505f4b9fe6837"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
assets.stickpng.com/images/580b57fcd9996e24bc43c543.png
104.21.234.254403 Forbidden 14 kB URL HTTP/2 assets.stickpng.com/images/580b57fcd9996e24bc43c543.png
IP 104.21.234.254:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 7ef3020109ff845236945d1b20857df4
744c628cd7571abf141e3d11ebe3e14d520ebcf0
dbde212dc39d676deceda74b4e1cb00ba7e9aa2a86aa448fcd4d0d866b08bb28
GET /images/580b57fcd9996e24bc43c543.png HTTP/1.1
Host: assets.stickpng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sun, 08 Jan 2023 12:57:56 GMT
content-type: text/html; charset=utf-8
x-amz-request-id: F5CRQASGXMNAG80R
x-amz-id-2: uIE+fUU3SZ497457QBuIMpDsRoGqjeHpAegsyO7LZnX4Otuq6udAvXiW4PDCwE4dZw8SPCRoDzU=
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1XSW2eVVU8k5jPNkUxe0ZYu1QJYqQ0lbTIkHDn9Zw9x668hHnYe%2BlqaJpxfPfx1zbNxqD3bsOMjAlbCMsSaDxxxPm46Vss6uy5NhxlUnfxjPlC7R1Op5svrDwxNkw3ZcDfkP7Uo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78651a0fbee372ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea675957-36a1-4a10-8735-4cba73296e89.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea675957-36a1-4a10-8735-4cba73296e89.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5dc193698e3154c6727f0f8a468f4896
ac3e055c64cc024e55bbdc2bdfdb07799f06f83b
4e7fa4cc65a3514cd05a6582a7bcafa3b898cf9cf5fcc5f580c4b05c2b09e5e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea675957-36a1-4a10-8735-4cba73296e89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14548
x-amzn-requestid: 5b7bca56-608c-43a4-b082-2c44534377c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZmqdEPHoAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba1e42-1555e2f52c04321c48a72a62;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 01:37:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zVGn_81T5E6rBNgnwEZRb0r9ePl0UkoqyLZJd481FElYin_LIEcZ-w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 07:48:19 GMT
age: 18577
etag: "ac3e055c64cc024e55bbdc2bdfdb07799f06f83b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc647e729-b53f-49f8-a6ab-2ce5f8545fb6.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc647e729-b53f-49f8-a6ab-2ce5f8545fb6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 72302799dca34901be4db1c732277abb
34c149aa1986ba9bbefeddae4f19ff58f4b5093b
f017823817627b30cc424f10babc7cea1470158788026a06ef537435bf7d495c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc647e729-b53f-49f8-a6ab-2ce5f8545fb6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6536
x-amzn-requestid: 231fb617-4d68-4069-9627-135017be4a93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDufFHeIAMFiYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e65c-53903c7d05368c07629f4156;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:38:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CgCLMZPEe18AbIV0uxNOAC2kvwDiy-myo9Q103jA2IS-l0ANK0_EhQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 21:42:39 GMT
age: 54917
etag: "34c149aa1986ba9bbefeddae4f19ff58f4b5093b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.starratings.com.au/assets/img/loading.gif
54.252.28.172200 OK 81 kB URL HTTP/2 www.starratings.com.au/assets/img/loading.gif
IP 54.252.28.172:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash b8a9081b653f8877c48920a27bf00b88
d86943a9fedc2de088673f1c46e82918482c788b
0056d4572becb0fc7c6b497cff821e8f4e98ba5ed4f9fbb69ccdd60247ef091c
GET /assets/img/loading.gif HTTP/1.1
Host: www.starratings.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 12:57:56 GMT
content-type: image/gif
content-length: 80553
last-modified: Thu, 30 Dec 2021 07:01:24 GMT
etag: "61cd5944-13aa9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc3fbba-c748-477d-b1a9-4218da052cc0.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc3fbba-c748-477d-b1a9-4218da052cc0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fc604aed78008733f09b024b71a6fda9
0f3f633b0b34ac3662febdc45704362c49622a42
7c4f5871e571148c25f83b8676846ab1b0e82be3f4a1b3fb7c05bfe23e29c1b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc3fbba-c748-477d-b1a9-4218da052cc0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9644
x-amzn-requestid: 63281b3f-e673-4836-9729-7f595b0fb8b3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDu5FkioAMF9tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e65f-5869b987090de6f758472be9;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:38:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JsNm98uTnFfNyDnk651OGxB92JTaNKc7H92yP3FCBhUb9BBsFs-Ygg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 21:44:42 GMT
age: 54801
etag: "0f3f633b0b34ac3662febdc45704362c49622a42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/watermark.css
104.21.234.231200 OK 0 B URL HTTP/2 rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/watermark.css
IP 104.21.234.231:0
GET /AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/watermark.css HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://grupwa1117876.tebshu.rocks/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 12:57:55 GMT
content-type: text/css; charset=utf-8
etag: W/"8cbc601be6a6a4a8de11e874a08f4635bb2103954e29be8f44a2287251cf89b8"
x-content-type-options: nosniff
x-github-request-id: 5B3C:4976:637B93:6ABF09:62C0A41D
via: 1.1 varnish
x-served-by: cache-hel1410027-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1656792093.487857,VS0,VE218
vary: Authorization,Accept-Encoding,Origin
x-fastly-request-id: 7d426eef06f3d9def44ebd751dc65235333b1c3c
source-age: 0
expires: Sat, 05 Aug 2023 05:59:43 GMT
cache-control: max-age=31536000, public, immutable
x-robots-tag: none
access-control-allow-origin: *
x-githack-cache-status: HIT
cf-cache-status: HIT
age: 464041
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g78RflJ6LNCV7%2FFuHfEIsolHbHBPeEnfdKStq93baUEOUEMCxFdLbfrtaqEnfyUHeSBIoZ36D0re87fGi%2BIVPmqsaq6VA7mGS6Ys89VSyBugp5s4SqB%2FUjrg5EBQ1YbtI0KA57E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78651a0a4d4c7535-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2