firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 19:41:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Gchmn8jEnGzroYpselnucbbffQctM4qRRnZMRcf2KzzWdCMqTo7fpw==
Age: 2515
sh022.hostgator.tempwebhost.net/~clustt1q
162.241.123.159301 Moved Permanently 257 B URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 341d6140af51107846d74a946e45b37b
d28857ce1596986d2c638c1433349ad6ed19564c
a0eec4f03b5a91b6dac63a88c207228493915ebc9403e13772b55cc8704ca21e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Sep 2022 20:23:15 GMT
Server: Apache
Location: http://sh022.hostgator.tempwebhost.net/~clustt1q/
Content-Length: 257
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7242
Expires: Thu, 01 Sep 2022 22:23:57 GMT
Date: Thu, 01 Sep 2022 20:23:15 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gRlBRh6C4QRSb2GDrdHSeIttRY8zr3wyA12uy2vkzHzCZS7OtSEBrw==
age: 68879
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 20:23:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
sh022.hostgator.tempwebhost.net/~clustt1q/
162.241.123.159200 OK 12 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (563)
Hash 2e06c392601bd5d03dc93428870b1edf
f82ea1009e7317f80afef555d150006b97973f8a
694c51eeccfda5a8c22d29634ce0d164b8121611400ee869fb4cadf964078fcd
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/ HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11687
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html
sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/vendor/slider.min.css
162.241.123.159200 OK 4.6 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/vendor/slider.min.css
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13389), with no line terminators
Hash c143e3adce2dc011fa9e3c8d308c7b60
121e83be04093b8a148d90ca9a9b53f13fb227d4
7f4914328cd0d7bb3a49b57eea122b1d1ba9fa0a040f02059eec3df195a1f973
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/css/vendor/slider.min.css HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:07:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4601
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b6750faede6836366f73bbe648c14163
d489353c09f0aa01315c63900262859c571d420e
c3d13a9031f3ab49877147b71ec74e93161c3ac17152154c3ae5eeccf713f7f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:23:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2eb022bbcb69557dc09477b624814e87
6030f2c630a01fbc027c887d31e696f84cc60c97
d7a508e276f0ca1b58b6af39720fb7ebb26fb38df50a159eb82d1d2542610b85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6467
Cache-Control: max-age=135079
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:23:16 GMT
Etag: "63106818-1d7"
Expires: Sat, 03 Sep 2022 09:54:35 GMT
Last-Modified: Thu, 01 Sep 2022 08:06:48 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 01 Sep 2022 19:57:05 GMT
Expires: Thu, 01 Sep 2022 19:59:33 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Tt8Sm_o8ZKqnE8v2XcWbWWn7gX0z0KCkFXmBf97vf07kSJVA3jmrNA==
Age: 1571
sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/vendor/bootstrap.min.css
162.241.123.159200 OK 36 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/vendor/bootstrap.min.css
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7d60637a65266ebb034c6069502841e8
31ccbfc6b888056239dfa10591afca2f3af87491
404340d1996ea8510cf03df617d9b443df9d751ce93827dfb53de8a9fd9b5daf
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/css/vendor/bootstrap.min.css HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 25 Aug 2022 09:07:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/default.css
162.241.123.159200 OK 1.1 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/default.css
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 2899691d5e01ba72c1be59f70fa8fc3c
d69ea3621f4c55221ccd9ee7900ea0e28cc3d8c7
72b02981b2191a746a91fd836764bc7cd9649a751048ab94ee6dc16ecec51e53
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/css/default.css HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1086
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/vendor/gallery.min.css
162.241.123.159200 OK 5.2 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/vendor/gallery.min.css
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20549), with no line terminators
Hash c6f9d789f10ec9fef48392ca95e833e7
2654d1cda60d84f611b29ee57c5adff6fbb79262
0aa6129dc4bca67b2b2a6bedc225f9e228ae009a44b876cc754522069192d71e
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/css/vendor/gallery.min.css HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 25 Aug 2022 09:08:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5150
Keep-Alive: timeout=5, max=75
Content-Type: text/css
sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/vendor/cookie-notice.min.css
162.241.123.159200 OK 2.3 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/vendor/cookie-notice.min.css
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 5341285cba702a3e65885f11a736f121
f9fee5d24460cf9ca75107b8ac1b3d163d574914
50a6a416e9eda1aab0ff570084bae8ac48f1420f538c66406374ea4e63319601
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/css/vendor/cookie-notice.min.css HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 25 Aug 2022 09:08:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2347
Keep-Alive: timeout=5, max=75
Content-Type: text/css
sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/vendor/animation.min.css
162.241.123.159200 OK 2.2 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/vendor/animation.min.css
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (26053), with no line terminators
Hash 0813dc07eb1522349ea7c501238c5cec
d6539ed824d358a37ae97ff8ba46d20f84bc39d1
34b996cb44078494a34ab2ba54269279d36dc29b8078db5678201abedf9aff8c
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/css/vendor/animation.min.css HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 25 Aug 2022 09:07:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2191
Keep-Alive: timeout=5, max=75
Content-Type: text/css
sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/main.css
162.241.123.159200 OK 23 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/main.css
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type assembler source, ASCII text, with very long lines (492), with CRLF line terminators
Hash 56459c0917d3fe0547a484a1b170d716
83ca4ca519810adb7d4ae47afc905f01fd2425c9
4667d9307d4874078d5cc9e0bc9549a2cfb3c7a6cc7e54af8af14650f8fb8fa6
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/css/main.css HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 25 Aug 2022 09:07:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
sh022.hostgator.tempwebhost.net/~clustt1q/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
162.241.123.159404 Not Found 358 B URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e6380e0c65d744670ca2bdfdebf952e7
72010e09611689dba83d615d7d4e14525584f574
a5a070dc995c94a5ecc33cec32455618639d9ea695e8a58df9bb22eee7e9ab09
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 404 Not Found
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Sun, 28 Mar 2021 08:01:13 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 358
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html
sh022.hostgator.tempwebhost.net/~clustt1q/recaptcha/api.js?render=6Lf-NwEVAAAAAPo_wwOYxFW18D9_EKvwxJxeyUx7
162.241.123.159404 Not Found 358 B URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/recaptcha/api.js?render=6Lf-NwEVAAAAAPo_wwOYxFW18D9_EKvwxJxeyUx7
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e6380e0c65d744670ca2bdfdebf952e7
72010e09611689dba83d615d7d4e14525584f574
a5a070dc995c94a5ecc33cec32455618639d9ea695e8a58df9bb22eee7e9ab09
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/recaptcha/api.js?render=6Lf-NwEVAAAAAPo_wwOYxFW18D9_EKvwxJxeyUx7 HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 404 Not Found
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Sun, 28 Mar 2021 08:01:13 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 358
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/html
sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/jquery.easing.min.js
162.241.123.159200 OK 891 B URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/jquery.easing.min.js
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3601), with no line terminators
Hash aa3de442adff4f36ddeab47f3a94f0fb
f43e6343712865a0abb20f817f49a4915895cef3
5fabb5fa92bc14441e58315633ec19dfb3b3fd93f5219c2bcf0af4e59020094b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/assets/js/vendor/jquery.easing.min.js HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 891
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/jquery.inview.min.js
162.241.123.159200 OK 770 B URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/jquery.inview.min.js
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1437), with CRLF line terminators
Hash cd0cd4c6edbaa08f6f4d605db3279add
f62ee3d61cf6f3c3aafb300ecb7ba10fe2cc993f
a220eb85563bc57375b08b59a1387cdc203f46a5c571a366731f0108e2142aaf
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/assets/js/vendor/jquery.inview.min.js HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 770
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3608.4478910853495!2d55.299806017443835!3d25.255514399999996!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3e5f43254acb00ad%3A0xdbc6ee1faaf3a3c6!2sBank%20Street%20Building%20-%20UBL%20Buidling%20Bur%20Dubai%2C%20Dubai%20-%20D79%20-%20Al%20Mankhool%20-%20Dubai%20-%20United%20Arab%20Emirates!5e0!3m2!1sen!2sin!4v1659506452147!5m2!1sen!2sin
142.250.74.164200 OK 950 B URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3608.4478910853495!2d55.299806017443835!3d25.255514399999996!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3e5f43254acb00ad%3A0xdbc6ee1faaf3a3c6!2sBank%20Street%20Building%20-%20UBL%20Buidling%20Bur%20Dubai%2C%20Dubai%20-%20D79%20-%20Al%20Mankhool%20-%20Dubai%20-%20United%20Arab%20Emirates!5e0!3m2!1sen!2sin!4v1659506452147!5m2!1sen!2sin
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1779)
Hash 25b896cd7f7393074b51526d889d4598
4ca5715db5b6fce425ba1dbaf558a77d2ec69b88
cb6646d626240a6373948d7a391d6c738809a4269bc73ed7a47d81d039c54780
GET /maps/embed?pb=!1m18!1m12!1m3!1d3608.4478910853495!2d55.299806017443835!3d25.255514399999996!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3e5f43254acb00ad%3A0xdbc6ee1faaf3a3c6!2sBank%20Street%20Building%20-%20UBL%20Buidling%20Bur%20Dubai%2C%20Dubai%20-%20D79%20-%20Al%20Mankhool%20-%20Dubai%20-%20United%20Arab%20Emirates!5e0!3m2!1sen!2sin!4v1659506452147!5m2!1sen!2sin HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Thu, 01 Sep 2022 20:23:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-cB5U-5LG_02dtGLEiQRFmA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 950
x-xss-protection: 0
server-timing: gfet4t7; dur=143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dc076b754adaddcb000f3f987b6c5df2
01e9b40591692b8b2a6a94729e9481c7e600d248
9dbf2e71e1cbad91a71154b729e8ef496eda7544828a8bfd4f64e6dd70c4f64d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:23:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/popper.min.js
162.241.123.159200 OK 8.0 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/popper.min.js
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18857), with no line terminators
Hash 343386fae33ed0361642281da7f37929
2f8ff4ce1e47dff85c7904d28fcbd7e3b1470250
60b6e30e46e6b208b830e8853efeb85fd133c5c047b1571658566644e7708b54
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/assets/js/vendor/popper.min.js HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7953
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/bootstrap.min.js
162.241.123.159200 OK 24 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/bootstrap.min.js
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (59729), with no line terminators
Hash bf87af7645013f39995811e038d57751
d454e9948978c206450a3525311a86c93f9f4ad5
a77978ed5ae3224df4f20e5f4113524ffce93acae8d950129f8883fe44e8d99e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/assets/js/vendor/bootstrap.min.js HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/ponyfill.min.js
162.241.123.159200 OK 9.2 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/ponyfill.min.js
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (21624), with no line terminators
Hash ab942cb7356690fef6a2aa006bf1a6e3
02c57eb77f5dd44ba121c24fa44c27a3170e5584
2d5e54caf3eca5bccc0e9be47bc2e659dedef394071ad8410232aae5f51c5278
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/assets/js/vendor/ponyfill.min.js HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9238
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/animation.min.js
162.241.123.159200 OK 6.8 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/animation.min.js
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14522), with no line terminators
Hash 4f38521a0565556d958bb8ab86648e4c
dc59af45d01ba61e6fc66dfd4f5fd55da31fa61c
18ee0643dbab95f44649cbaf1eedf88060a3a774a712aa6d1d220631834c3df7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/assets/js/vendor/animation.min.js HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6831
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
push.services.mozilla.com/
54.148.77.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.77.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: b0CYrJB+RxpWriL5Oe1epw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zRySyGUXxSi2duxq6Z7actHz8Ao=
sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/progress-radial.min.js
162.241.123.159200 OK 1.9 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/progress-radial.min.js
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4173), with no line terminators
Hash c13199af7e96ce1ee422c056cf390d68
c8eacc70ff53053ac4ad14e11b013116e4dfdebe
a8068fcc5f0bd1f29fd95a0df6c8adbfafc4324bec078046de99ee7b3cf87cfa
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/assets/js/vendor/progress-radial.min.js HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1854
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/bricklayer.min.js
162.241.123.159200 OK 1.9 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/bricklayer.min.js
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5027), with no line terminators
Hash 0be77f8f695b761ca0299af59982412b
2c78dc76ae4e9c06fd04c890f9f47057d58478f4
36fdc4f2eeb3f5f20542e264b1a36d38f5943fb2fa30235e2d7d3a72833cc8de
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/assets/js/vendor/bricklayer.min.js HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1894
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/gallery.min.js
162.241.123.159200 OK 18 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/gallery.min.js
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (31836), with CRLF line terminators
Hash 935b21a97ca5599d3f3c07c5b53a82cd
407aadbdcb8351212e56bd90b05a3892719bb697
38a02cb1eef87b41944d0aebf1083e2923d02d7ae9ff3d9df5d7e59ea48df97d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/assets/js/vendor/gallery.min.js HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/shuffle.min.js
162.241.123.159200 OK 8.0 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/shuffle.min.js
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20404), with CRLF line terminators
Hash c637c25e216b326098893483d491d71f
0ea0afd335c3bfc026f296ceea4d22c5cc520db5
5c9c3238fd66e6eb8717d29b5315cc694f88454faf08eebd93921304959ca58a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/assets/js/vendor/shuffle.min.js HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8006
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/cookie-notice.min.js
162.241.123.159200 OK 3.5 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/cookie-notice.min.js
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (9171), with no line terminators
Hash 0f8a1ed0b25402eed552fc42dba042fb
72a4939aa71548f1a745abbb48e6dd03799dadf3
0ed15e1e12c2f6b2789816564b7853bd9e55580096cc00f03e8e3df3391dffa7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/assets/js/vendor/cookie-notice.min.js HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3518
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/slider.min.js
162.241.123.159200 OK 47 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/slider.min.js
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash a38957d84f3b500ed1d3219315546cf3
8b5fc6f0355cb33d8137f6478ef55b2cd44056ec
04bf9b4ed07e3b696f9a6b57b7b84f6bb8d8810dce1b037a42419c9648a14fb0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/assets/js/vendor/slider.min.js HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/main.js
162.241.123.159200 OK 7.7 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/main.js
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1062), with CRLF line terminators
Hash 4512f90c58cd596cd674ed95c00f5e02
18aef8c1f51cb1d2ab3343af415bca55f1477926
8a61ecd10d9252dcd427167628ea6094c5395c1327f38ef1148c6490be3169ee
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/assets/js/main.js HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7690
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/vendor/icons.min.css
162.241.123.159200 OK 2.7 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/vendor/icons.min.css
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11659), with no line terminators
Hash 0f57d54ae1fa23ab07c54a04bcf5fe75
b152461ba880f70a37aca350fc3ba235c7372ee4
db15ca62d41f6e0e5dda4387682c19e4a6b8e12cc127d40be38f43cd239e1312
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/css/vendor/icons.min.css HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2730
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/css
sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/vendor/icons-fa.min.css
162.241.123.159200 OK 12 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/vendor/icons-fa.min.css
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (58418), with no line terminators
Hash 0a55f4211df6731ebad6e485e46acfac
f7e185ea7aa42f977394dfcd2168d4238e73cf0f
2d72d65bcb3a92874981a95f3601416b3c7c13d7fa1b29183311905434b8ccb9
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/css/vendor/icons-fa.min.css HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:17 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:07:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12476
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/css
sh022.hostgator.tempwebhost.net/~clustt1q/css2
162.241.123.159404 Not Found 358 B URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/css2
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e6380e0c65d744670ca2bdfdebf952e7
72010e09611689dba83d615d7d4e14525584f574
a5a070dc995c94a5ecc33cec32455618639d9ea695e8a58df9bb22eee7e9ab09
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/css2 HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/main.css
HTTP/1.1 404 Not Found
Date: Thu, 01 Sep 2022 20:23:17 GMT
Server: Apache
Last-Modified: Sun, 28 Mar 2021 08:01:13 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 358
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/html
sh022.hostgator.tempwebhost.net/~clustt1q/css2-1
162.241.123.159404 Not Found 358 B URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/css2-1
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e6380e0c65d744670ca2bdfdebf952e7
72010e09611689dba83d615d7d4e14525584f574
a5a070dc995c94a5ecc33cec32455618639d9ea695e8a58df9bb22eee7e9ab09
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/css2-1 HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/main.css
HTTP/1.1 404 Not Found
Date: Thu, 01 Sep 2022 20:23:17 GMT
Server: Apache
Last-Modified: Sun, 28 Mar 2021 08:01:13 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 358
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/html
sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/logo-5.png
162.241.123.159200 OK 3.4 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/logo-5.png
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 105 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 9a99b034bad2bd39305c49a500b80547
fc19af4abf8558272bff4b30cc6750c43b3d06ab
b0ae41e3434dbe051c5b13b2573c2293188e2aca4001d201c122d020ed75a839
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/images/logo-5.png HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:17 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:18 GMT
Accept-Ranges: bytes
Content-Length: 3404
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/png
sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/logo.png
162.241.123.159200 OK 16 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/logo.png
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1000 x 287, 8-bit/color RGBA, non-interlaced\012- data
Hash eaadb14deeaa76543f561337333a1cc5
959e3770935a2d58f831b67233307bdd7437abd3
95043cbcc19e079479fb42f649be45478af95457f6405070a419d1a93cc5372b
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/images/logo.png HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:17 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:08 GMT
Accept-Ranges: bytes
Content-Length: 16203
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/png
sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/logo-4.png
162.241.123.159200 OK 3.4 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/logo-4.png
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 138 x 39, 8-bit/color RGBA, non-interlaced\012- data
Hash 3faf57d158ed0b402f062ac8ccc0ce99
2a326189692c26c2232cd259b049a54d63bfc0e8
210292a58afad5373f6bc342d7c8f540e56d770ce6e311b511ab0991dc1f856a
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/images/logo-4.png HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:17 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:16 GMT
Accept-Ranges: bytes
Content-Length: 3436
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 59bdc2e0a449c6388eb0c96da3586600
c61d2414961c4f05c9bcf400d6a1d9792fbe9093
2b3c911dddbf9fad01ea3232354ac2f0e6731541ab3a7e916ef09682dd43cf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:23:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=in&callback=onApiLoad
216.58.207.202200 OK 57 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=in&callback=onApiLoad
IP 216.58.207.202:0
File type ASCII text, with very long lines (2577)
Hash d7f4a6630d6aaccf34be83c3b481e1c1
e27e5d4bfeff68d0350368aeef2cd5837f26e615
d6dc9b776e15013dda1d1b2cde798045cd3791a7e5084f66cb5e0c558756a044
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=in&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56703
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=13
date: Thu, 01 Sep 2022 19:53:34 GMT
expires: Thu, 01 Sep 2022 20:23:34 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 1783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 59bdc2e0a449c6388eb0c96da3586600
c61d2414961c4f05c9bcf400d6a1d9792fbe9093
2b3c911dddbf9fad01ea3232354ac2f0e6731541ab3a7e916ef09682dd43cf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:23:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sh022.hostgator.tempwebhost.net/~clustt1q/assets/textures/bullets.png
162.241.123.159200 OK 7.6 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/textures/bullets.png
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 494 x 494, 8-bit/color RGBA, non-interlaced\012- data
Hash 7b54c55af27ff3590013d7857f1f8562
e59892ef2e72d34bd2cd2bb4319cab4823447ce5
2c1dec15ba256383d75289bda15fc239e7370b4effb12fac814481ad7df61ae1
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/textures/bullets.png HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/main.css
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:17 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:07:28 GMT
Accept-Ranges: bytes
Content-Length: 7629
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0df4349f922a424e3feb92b8037a644b
515b467c1248b527a30dd7b806cf421dd8c58ed5
d62b59f7ebdb3e7dd80e7c3373846612c7d6f5953bdb0511c50a6343f92896b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:23:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/maps-api-v3/embed/js/50/3/init_embed.js
142.250.74.163200 OK 70 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/50/3/init_embed.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (2713)
Hash 44d713660ad67a70dcf5edbe2df816be
3cb392aee264813bfdf73bc760a5d8f54a93ea40
c8d1536b59156df4a135fff1b1fde87415eb3bee7f4800415c5e2e200ea610f1
GET /maps-api-v3/embed/js/50/3/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69459
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 18:32:11 GMT
expires: Thu, 31 Aug 2023 18:32:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Aug 2022 21:32:06 GMT
content-type: text/javascript
age: 93066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0df4349f922a424e3feb92b8037a644b
515b467c1248b527a30dd7b806cf421dd8c58ed5
d62b59f7ebdb3e7dd80e7c3373846612c7d6f5953bdb0511c50a6343f92896b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:23:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sh022.hostgator.tempwebhost.net/~clustt1q/assets/fonts/icons-fa/fa-solid-900.woff
162.241.123.159200 OK 80 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/fonts/icons-fa/fa-solid-900.woff
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 80328, version 331.589\012- data
Hash 412a43d6840addd683665ec12c30f810
f3be6605dbff23cf22ec3abddd1141a81a99e3aa
0bf1b8d8ac1b4ef0caea0db8cbe1b6a35f8a84a2f5fffa2421936cc11a1a91fc
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/assets/fonts/icons-fa/fa-solid-900.woff HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/vendor/icons-fa.min.css
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:17 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:07:52 GMT
Accept-Ranges: bytes
Content-Length: 80328
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: font/woff
sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/logo-1.png
162.241.123.159200 OK 4.5 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/logo-1.png
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 186 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash df283675f121ea0f064bc970f687bde9
afd04d5af251acb9cecf21ad2d12ea24ac3d76a0
f4ca8dcdeab20f4a4aa84e6a33ee4a38230b05500467cf6331a578a651c1fcc1
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/images/logo-1.png HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:17 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:14 GMT
Accept-Ranges: bytes
Content-Length: 4475
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/png
sh022.hostgator.tempwebhost.net/~clustt1q/assets/fonts/icons/Icons-Line.woff
162.241.123.159200 OK 30 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/fonts/icons/Icons-Line.woff
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 30064, version 1.0\012- data
Hash 0cb0b9c589c0624c9c78dd3d83e946f6
5da603104d4d6e362824ec9e7db32eb2d617949a
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/assets/fonts/icons/Icons-Line.woff HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/assets/css/vendor/icons.min.css
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:17 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:07:30 GMT
Accept-Ranges: bytes
Content-Length: 30064
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: font/woff
sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/logo-2.png
162.241.123.159200 OK 5.0 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/logo-2.png
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 186 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash 98a9de3387ebdc7488048e19e61d75a0
0a76d7dd8fb051da13f02a77c40bd5f1a0b3a767
5ef9ed47dd02b58bf4f0efddd24f2488810ab5f64feebede6bd83a2e194a2b5d
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/images/logo-2.png HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:17 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:14 GMT
Accept-Ranges: bytes
Content-Length: 4950
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/png
sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/logo-3.png
162.241.123.159200 OK 4.2 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/logo-3.png
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 156 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash 0c69181102839f0b9bd663747d8430d8
254722841689c37e8ea3adf70f833f0df1a33c4f
06a646518344213ad87528b16311bf8ffeae8aca82cc8640541dfb2fd7b6f05e
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/images/logo-3.png HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:17 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:16 GMT
Accept-Ranges: bytes
Content-Length: 4153
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/png
sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/jquery.min.js
162.241.123.159200 OK 39 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/js/vendor/jquery.min.js
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4d62509de22bf628d4c391ca484931d0
1d5fd9752b7f4dc49becf1ce4c95819c85381604
8b459d10eefebb0610124e63414c3fdc73aaaa6e12103ec898c243ec6b75ac21
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /~clustt1q/assets/js/vendor/jquery.min.js HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:16 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/about-5.jpg
162.241.123.159200 OK 378 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/about-5.jpg
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1080x1080, components 3\012- data
Size 378 kB (378320 bytes)
Hash 8213c8eaf81d23a422716bb24c69f6fe
5bc8e22990f57023fe3bd65067aa18cd11fa1cbe
afb57e5303e17c604faca91e53f0edd0951c8670992bbb9999ce7138b2177943
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/images/about-5.jpg HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:17 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:12 GMT
Accept-Ranges: bytes
Content-Length: 378320
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/jpeg
sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/bg-4.jpg
162.241.123.159200 OK 315 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/bg-4.jpg
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1064, components 3\012- data
Size 315 kB (315282 bytes)
Hash c4f08eb6c288cee96fc1ce11de2497cb
d9f5e9a43cdc05b1def7efc5073b472afc9c7727
0b84b8f4d35891a5cc73794aafe75dada56eade3d8b0275f3f7dc03e96c4b044
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/images/bg-4.jpg HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:17 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:10 GMT
Accept-Ranges: bytes
Content-Length: 315282
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/jpeg
sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/apple-touch-icon-114x114.png
162.241.123.159200 OK 3.6 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/apple-touch-icon-114x114.png
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 114 x 114, 8-bit/color RGBA, non-interlaced\012- data
Hash 550843f3fb002090ff3ce054baa59591
5b526fe3a12ff06b5f5f736da2e2d79f8c04cbc1
0804adfddec072797afa7a5f07cafdbf7aec27b6468dc3d15063f00587047517
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/images/apple-touch-icon-114x114.png HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:17 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:22 GMT
Accept-Ranges: bytes
Content-Length: 3577
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/png
sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/logo1.png
162.241.123.159200 OK 33 kB URL HTTP/1.1 sh022.hostgator.tempwebhost.net/~clustt1q/assets/images/logo1.png
IP 162.241.123.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 545 x 624, 8-bit/color RGBA, non-interlaced\012- data
Hash ca79fde5c284c7f819047a52f8db875c
ec25470279e98a0ffb113225d3732198f2e22656
4a37557c05ca809dadaccc543ee5eb738fc40155f06b2318fce67ad7c26f55b0
Analyzer Verdict Alert quad9 Sinkholed
GET /~clustt1q/assets/images/logo1.png HTTP/1.1
Host: sh022.hostgator.tempwebhost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sh022.hostgator.tempwebhost.net/~clustt1q/
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 20:23:17 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 09:08:18 GMT
Accept-Ranges: bytes
Content-Length: 33140
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18437
Expires: Fri, 02 Sep 2022 01:30:35 GMT
Date: Thu, 01 Sep 2022 20:23:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18437
Expires: Fri, 02 Sep 2022 01:30:35 GMT
Date: Thu, 01 Sep 2022 20:23:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18437
Expires: Fri, 02 Sep 2022 01:30:35 GMT
Date: Thu, 01 Sep 2022 20:23:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18437
Expires: Fri, 02 Sep 2022 01:30:35 GMT
Date: Thu, 01 Sep 2022 20:23:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18437
Expires: Fri, 02 Sep 2022 01:30:35 GMT
Date: Thu, 01 Sep 2022 20:23:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba98f63d9bef7deebb9a8d1b3126d396
d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef
b8f6c1c6b34ec452a6aa3090c30ebf3a68cb3b4d45a7b134ed32e1959f4f0682
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10777
x-amzn-requestid: 2e9a081f-2ae4-49b9-b9d4-79cae2b7eae9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3kRFiJIAMFgNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2e7-2f9eec0b239ceb6d617431b6;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: w9ACDg_Mxbl2GSEDeDAqdMlKjkCiMyWExvCUa2jHquaQy6U-4EJtbQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:19 GMT
age: 81959
etag: "d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6b2c036e67f8c39c136f6c69b0922eb1
98e27f0dafd7b1b49e159ee038b41a811096a2d0
9dc9e00e6f63a22dd85f54ba26326a9733f6c1d7a19c7b1636f14fca2722e6eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8009
x-amzn-requestid: 6d716dae-efa3-449a-a505-fb5f3d99c2df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XsvlaFEaoAMFwDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e92ef-708228ce7e1fb3cb770cb490;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 22:45:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Gwk8Z-MzgO1APlMgvdN3-5KGdQ2K4I959yy-YdbVUD5AOZTQ0mjYhQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 00:00:46 GMT
age: 73352
etag: "98e27f0dafd7b1b49e159ee038b41a811096a2d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0f6c541f6335bb709d2270147bd5aed
b691ef5e7a302e2678302818130a9637c3efbe3a
e63922331a4463519e6df77ae7a1ad3316a36e54dd03c00ff6b119ee3fa684c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 79dc68ea-ea2e-4eab-bab9-1c89b0a955a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjMSvHJ-oAMF6Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ac0de-2370cf5363d5f308121f0ca4;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 01:11:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qAEve6mBQ9a1hr2fBR8xq42pxeG9Kjn4yWaMr4z4On46QC9R1K91pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 14:45:21 GMT
age: 20277
etag: "b691ef5e7a302e2678302818130a9637c3efbe3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: 6950a3c5-2cdc-4a21-854c-10d925e32ecd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XiYLvHRSIAMFotQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a6d7e-6e98b9a77e592bd01afb1d97;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 19:16:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3eBLhLH4APXLyj9kLHXNCFT9ccS_bnBp5INvMI93IFvOuBMERe_GgQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 13:35:58 GMT
age: 24440
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c3b7580a37e6eb7e5bd18491f1d4dd6
288b82ad8f924eb9570ae1c55da84d041f862366
046d1ef76448c53446068ef5f8315b7299484996cdebfd9d1e749b4ded9c7d3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5079
x-amzn-requestid: 3b19c77a-2e9b-499f-890b-36fc4ee72ba7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslOVEtZIAMFv1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e825b-01b7b71617b59f7414a0e5e5;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: et3ZsWRVoBNMpArUk9CohTyMpS5F0eKiR6cZJRfwAEiiFJUaeay58g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:44:24 GMT
age: 81534
etag: "288b82ad8f924eb9570ae1c55da84d041f862366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac4d5b101c9dc6a6f7e4bf252bfa9ca7
b844f3dcb14a2995644312406a80842e3f02a114
e81f08ce6d9c7670f6e291f3d6a674b624386bd550d5c364264c3ff8fb7c797a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10137
x-amzn-requestid: 7d5f19c4-7c9b-4aad-928c-bb44da795f1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaISzFY1IAMF-zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630720de-0ea5331041f0167a196f9820;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:12:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: h1ELVJBwpf4d3Fbspah-2KCSXx08D8_ZAgcZZjQSJdkMIUmtNmGJOw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 04:59:05 GMT
age: 55453
etag: "b844f3dcb14a2995644312406a80842e3f02a114"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79bea3b3-c558-48ed-979e-3282a56393da.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79bea3b3-c558-48ed-979e-3282a56393da.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0773269fad1678055c52b480b9e87750
456dbbf8f3dfcfd63aab4201a04efd20262b9385
6a65d7520e705c6c20ef97254ed1d6116daca506258368292c58f5f728987191
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79bea3b3-c558-48ed-979e-3282a56393da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8550
x-amzn-requestid: 6a3fd299-a5ef-4069-b686-74356344d6d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XikiaFbaoAMFyaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8142-1b7fe4644a7045ff0284c401;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 20:40:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -XnfcwJdAT4GvO2JAT-tQLma4lZ9ubwi_MonWPUQZHDx-giA-rElRQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 18:08:09 GMT
age: 8116
etag: "456dbbf8f3dfcfd63aab4201a04efd20262b9385"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2