firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 14:52:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uwyEluhm8LmN-YlvGX28ga1dXO52nD7IA_dI1GVefa1MMpwlWM-KrQ==
Age: 2909
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5597
Expires: Tue, 20 Sep 2022 17:14:21 GMT
Date: Tue, 20 Sep 2022 15:41:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _ltmXuRMa30B2RLxtv0tFYV1GYC5FMDrLELYJWbbSsSePckYoiN6uw==
age: 39951
X-Firefox-Spdy: h2
chothuesub.com/
103.255.237.204302 Found 683 B IP 103.255.237.204:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 6371befc85069a96b0cb3c52e754a55a
de3def799f60ce2a16721687937ffb2a3f9bd3ae
db6f3663ecb5b124f3c02ce15691739fe69888b7ed6112f03062489470517f77
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: chothuesub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: Apache
Date: Tue, 20 Sep 2022 15:41:04 GMT
Content-Type: text/html
Content-Length: 683
Connection: keep-alive
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: https://chothuesub.com/
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 15:41:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 20 Sep 2022 15:03:22 GMT
Expires: Tue, 20 Sep 2022 15:28:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OsTNNa4lEGmbjIY11wTKB79BVlFQUgL1z-WI0IAcKXMOI4rgf0q9_w==
Age: 2263
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5047
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 15:41:05 GMT
Last-Modified: Tue, 20 Sep 2022 14:16:58 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 09cddee4e562ea0c304b57bb57058780
88f7039e1afec0e900ac006368c89faf6ee40b4a
18a66ecfc1b83449bb512eadf24acc97b4f02cfc9713e5a97c6be949a228cc51
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 15:41:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 22:10:21 GMT
Expires: Sun, 25 Sep 2022 22:10:20 GMT
Etag: "88f7039e1afec0e900ac006368c89faf6ee40b4a"
Cache-Control: max-age=454754,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dba9cc6bdbb506-OSL
push.services.mozilla.com/
52.43.253.52101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.253.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WvELj6pOuvCBPm98VqI7bg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YHVjyrK0l/K7k6OCV+DqkymaBGg=
chothuesub.com/
103.255.237.204200 OK 12 kB IP 103.255.237.204:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (526), with CRLF, LF line terminators
Hash daa507894fd6d17669943d3593ae216c
c23a8906a19e5b40116e1b9f0c6414e18ce9f877
17f34ea3c2bc1978d4ff786914ea163ebab60a5b62b6eb7625104a98c35be108
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: chothuesub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: Apache
Date: Tue, 20 Sep 2022 15:41:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6ImJFRThOejFWQXB0WVJ4ZjU5TkF5dUE9PSIsInZhbHVlIjoiK1NZb0xyZVVJVmtqUWtVYUFOQTVaYmVQU2dNQTRETkxMbG9BNHVqeHl3VTQ2T21rN0xQdXk3RnhIK3JjRDgyNSIsIm1hYyI6ImJkZDg5YzQ5MzA0YmRmYzRkMjE1YTg5ZGNlNjc5OGUyNGRjYzc1Yzc5ZmFiNTg5OWNmMmVkM2ExNDYwOGNiNmMifQ%3D%3D; expires=Tue, 20-Sep-2022 17:41:06 GMT; Max-Age=7200; path=/; secure
chothuesubcom_session=eyJpdiI6InRBaHlXazFUeXROa1l1RHRuam95MUE9PSIsInZhbHVlIjoiVnNacVwvNkY3YWx0SlUySUdHeW1OM1cwSGVxNEhXTjJVRVY1anAyWnJqRXpETm5UcXlqVWN4ZzhjU1V4UzA1TjAiLCJtYWMiOiIwMmI0N2E5MGM0NmI5ODJlNDA3Njk2MjNhNWQ2NmMwNGZlZWM4ZDIzZDQxZTUzZDQzMzA3MjFlZjAyZWNjNWFkIn0%3D; expires=Tue, 20-Sep-2022 17:41:06 GMT; Max-Age=7200; path=/; httponly; secure
content-encoding: br
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 15:41:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e34f594c2e3b9b6a81e4ae9fef80f363
b7f65f5fb0df328d3c863af6c9351923205645f2
bcedda132b602d90a62a5fbe07e7c37f69cce319fb4b84e1bed40b1200e9898b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 15:41:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c53364cae0510b97de38fb4b3396ff56
d6088b7fe775ebc077d116271fbe7fce898c06f0
2df909d86d97fbb9a27dd94ca9335ea29eae8f9325fccc8d0ef00a4f7cd7cdc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 15:41:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.164200 OK 556 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 27b68162c75bebb4dacf518c46e974d5
99abc7e3e02891bec5de3dda3cb18a6f865f82bc
93415a1ed398b656767f092c53ca274ad9ae9c8cb0672831fa3c4ab275f994d1
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 20 Sep 2022 15:41:06 GMT
date: Tue, 20 Sep 2022 15:41:06 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.imgur.com/fnVJZgs.jpg
151.101.84.193200 OK 117 kB IP 151.101.84.193:0
File type JPEG image data, baseline, precision 8, 1280x720, components 3\012- data
Size 117 kB (117323 bytes)
Hash 86219375fd7363d2d970ee16cd506deb
9a48bfe711d9f2412eec903951b82d3df9512264
e0d7a930002b5be7570a987f1a91a0d383ad42b2c7cdce5aec4e2c2caa487bdd
GET /fnVJZgs.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Jul 2021 19:31:02 GMT
etag: "86219375fd7363d2d970ee16cd506deb"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 20 Sep 2022 15:41:06 GMT
age: 3632884
x-served-by: cache-iad-kjyo7100044-IAD, cache-bma1669-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663688466.398563,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 117323
X-Firefox-Spdy: h2
i.imgur.com/beHG1o1.jpg
151.101.84.193200 OK 238 kB IP 151.101.84.193:0
File type JPEG image data, baseline, precision 8, 1280x720, components 3\012- data
Size 238 kB (238164 bytes)
Hash dc7ce3c9512acadabc6e9d414d48eec1
418944881d281aaf4bcaee30d4fd9107cfed9523
aec7ccfaf34c2ecf7435932c06983c1baee1e1602ee3d318871a4444e40ab793
GET /beHG1o1.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Jul 2021 19:35:43 GMT
etag: "dc7ce3c9512acadabc6e9d414d48eec1"
x-amz-storage-class: STANDARD_IA
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 20 Sep 2022 15:41:06 GMT
age: 591161
x-served-by: cache-iad-kcgs7200141-IAD, cache-bma1669-BMA
x-cache: HIT, HIT
x-cache-hits: 12, 1
x-timer: S1663688466.398804,VS0,VE22
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 238164
X-Firefox-Spdy: h2
i.imgur.com/G9LsdQ4.jpg
151.101.84.193200 OK 436 kB IP 151.101.84.193:0
File type JPEG image data, baseline, precision 8, 800x450, components 3\012- data
Size 436 kB (435834 bytes)
Hash 85970e957fa31230d0eb1883782b0183
03a41e69d3e1c74f5dec763a30e5c4f248f795e4
702cda98a1b4b77b374eba1953da39c5f0650fa7d1bcfd774358a74a130c724b
GET /G9LsdQ4.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 17:46:57 GMT
etag: "85970e957fa31230d0eb1883782b0183"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 20 Sep 2022 15:41:06 GMT
age: 1767264
x-served-by: cache-iad-kjyo7100173-IAD, cache-bma1669-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663688466.398563,VS0,VE3
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 435834
X-Firefox-Spdy: h2
i.imgur.com/BXgnH6c.jpg
151.101.84.193200 OK 542 kB IP 151.101.84.193:0
File type JPEG image data, progressive, precision 8, 1067x600, components 3\012- data
Size 542 kB (541964 bytes)
Hash dbb7bb795e606d7537935be3572f1843
799e44db63b40a8f06bdb425ebc58fd71261aaf9
8b10e4cf38a181eec720869049e8d4873d51682f29ae7ea1896d9e7460bd8190
GET /BXgnH6c.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 May 2021 18:47:26 GMT
etag: "dbb7bb795e606d7537935be3572f1843"
x-amz-storage-class: STANDARD_IA
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 20 Sep 2022 15:41:06 GMT
age: 1037939
x-served-by: cache-iad-kcgs7200092-IAD, cache-bma1669-BMA
x-cache: HIT, HIT
x-cache-hits: 37, 1
x-timer: S1663688466.399089,VS0,VE3
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 541964
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e34f594c2e3b9b6a81e4ae9fef80f363
b7f65f5fb0df328d3c863af6c9351923205645f2
bcedda132b602d90a62a5fbe07e7c37f69cce319fb4b84e1bed40b1200e9898b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 15:41:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 15:41:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
chothuesub.com/css/bootstrap.min.css
103.255.237.204200 OK 18 kB URL HTTP/1.1 chothuesub.com/css/bootstrap.min.css
IP 103.255.237.204:0
File type ASCII text, with very long lines (65367), with CRLF line terminators
Hash b79e8218eacbb40fba64436f158c922d
4ec498e62e5437fed0a3390cb431d99ecf2f4d81
50a678556ed0d3b79d17d87f467acebd9b348240bbe462a32aee03d6cf29b304
GET /css/bootstrap.min.css HTTP/1.1
Host: chothuesub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImJFRThOejFWQXB0WVJ4ZjU5TkF5dUE9PSIsInZhbHVlIjoiK1NZb0xyZVVJVmtqUWtVYUFOQTVaYmVQU2dNQTRETkxMbG9BNHVqeHl3VTQ2T21rN0xQdXk3RnhIK3JjRDgyNSIsIm1hYyI6ImJkZDg5YzQ5MzA0YmRmYzRkMjE1YTg5ZGNlNjc5OGUyNGRjYzc1Yzc5ZmFiNTg5OWNmMmVkM2ExNDYwOGNiNmMifQ%3D%3D; chothuesubcom_session=eyJpdiI6InRBaHlXazFUeXROa1l1RHRuam95MUE9PSIsInZhbHVlIjoiVnNacVwvNkY3YWx0SlUySUdHeW1OM1cwSGVxNEhXTjJVRVY1anAyWnJqRXpETm5UcXlqVWN4ZzhjU1V4UzA1TjAiLCJtYWMiOiIwMmI0N2E5MGM0NmI5ODJlNDA3Njk2MjNhNWQ2NmMwNGZlZWM4ZDIzZDQxZTUzZDQzMzA3MjFlZjAyZWNjNWFkIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache
Date: Tue, 20 Sep 2022 15:41:06 GMT
Content-Type: text/css
Content-Length: 18254
Connection: keep-alive
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 15:41:06 GMT
last-modified: Mon, 01 Jul 2019 17:52:04 GMT
accept-ranges: bytes
content-encoding: br
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 15:41:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 15:41:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 15:41:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Hash 3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chothuesub.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 16:04:44 GMT
expires: Sat, 16 Sep 2023 16:04:44 GMT
cache-control: public, max-age=31536000
age: 344182
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.imgur.com/GwyqhNB.jpg
151.101.84.193200 OK 310 kB IP 151.101.84.193:0
File type JPEG image data, progressive, precision 8, 1920x1060, components 3\012- data
Size 310 kB (309489 bytes)
Hash ace96a9bf0d15a4a6a3c81f758939960
0ae1997e79c9eca995c2bdfdd91d25b3590ffaff
ce71f9639c7a7fc9674e251796184e3a09f94a19b21d2d4d5aa74a8b00da38ee
GET /GwyqhNB.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Jul 2021 19:32:08 GMT
etag: "ace96a9bf0d15a4a6a3c81f758939960"
x-amz-storage-class: STANDARD_IA
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 20 Sep 2022 15:41:06 GMT
age: 0
x-served-by: cache-iad-kiad7000023-IAD, cache-bma1669-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1663688466.398600,VS0,VE219
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 309489
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2
142.250.74.163200 OK 5.7 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 5696, version 1.0\012- data
Hash 85fc330e5d5f44827f71c9c87e20fc08
a12bad7ed537f664c3b4ec0c501b3cce2df55921
a443599b665cfcd9a13fc46056624c65f518c06ee47925c4a940c58164b1b799
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chothuesub.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5696
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:38:40 GMT
expires: Thu, 14 Sep 2023 05:38:40 GMT
cache-control: public, max-age=31536000
age: 554546
last-modified: Tue, 19 Apr 2022 18:51:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
142.250.74.163200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 11816, version 1.0\012- data
Hash 7fa68490a833a8fa395e5f3bffafc052
1880e3743548106319713b937e7769eee6b1ce21
30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chothuesub.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 23:49:24 GMT
expires: Wed, 13 Sep 2023 23:49:24 GMT
cache-control: public, max-age=31536000
age: 575502
last-modified: Tue, 19 Apr 2022 18:52:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 15:41:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
chothuesub.com/js/sweetalert2.min.js
103.255.237.204200 OK 11 kB URL HTTP/1.1 chothuesub.com/js/sweetalert2.min.js
IP 103.255.237.204:0
File type Unicode text, UTF-8 text, with very long lines (37587), with CRLF line terminators
Hash 0d22e378fff920cf4427479909673776
17e655aa4540e73c6266e573459c6f936cf5c785
327ac582ea8d5b515dde10496c97301fefdf4eccb9f5581ddf75e1ece7966d7a
Analyzer Verdict Alert fortinet Phishing
GET /js/sweetalert2.min.js HTTP/1.1
Host: chothuesub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImJFRThOejFWQXB0WVJ4ZjU5TkF5dUE9PSIsInZhbHVlIjoiK1NZb0xyZVVJVmtqUWtVYUFOQTVaYmVQU2dNQTRETkxMbG9BNHVqeHl3VTQ2T21rN0xQdXk3RnhIK3JjRDgyNSIsIm1hYyI6ImJkZDg5YzQ5MzA0YmRmYzRkMjE1YTg5ZGNlNjc5OGUyNGRjYzc1Yzc5ZmFiNTg5OWNmMmVkM2ExNDYwOGNiNmMifQ%3D%3D; chothuesubcom_session=eyJpdiI6InRBaHlXazFUeXROa1l1RHRuam95MUE9PSIsInZhbHVlIjoiVnNacVwvNkY3YWx0SlUySUdHeW1OM1cwSGVxNEhXTjJVRVY1anAyWnJqRXpETm5UcXlqVWN4ZzhjU1V4UzA1TjAiLCJtYWMiOiIwMmI0N2E5MGM0NmI5ODJlNDA3Njk2MjNhNWQ2NmMwNGZlZWM4ZDIzZDQxZTUzZDQzMzA3MjFlZjAyZWNjNWFkIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache
Date: Tue, 20 Sep 2022 15:41:06 GMT
Content-Type: application/javascript
Content-Length: 10864
Connection: keep-alive
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 15:41:06 GMT
last-modified: Mon, 01 Jul 2019 17:52:04 GMT
accept-ranges: bytes
content-encoding: br
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2898
Expires: Tue, 20 Sep 2022 16:29:24 GMT
Date: Tue, 20 Sep 2022 15:41:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca0c1a7f205ad07f1cce80b26448873
0e14f5062e40ce94346494ff947bfcf74b5e88c1
ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:44 GMT
age: 63082
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gLh2EBTPdXvFtZuYKH1NVZebvnz4Rhs-f_rZPtfJpIWNemEk0upeOQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:43 GMT
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
age: 63083
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 10:06:02 GMT
age: 20104
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30fbdfee7ec4513a5ff3dfcb7282f816
a852edb64a7220532aa619ab2a440c3a7e11b97a
4adee59f97bea412c6a0a786d0a27e431a497198b9047a75841b0a530803bdfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -VBFetQNkmIiWeJtW5IOheaPLdDHM9iKhiGPzVcA3_KQk7Qha5VrXg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:14:25 GMT
age: 62801
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a7d863845e96c5927e812f325c08c16
b8484fb5443344b03e52dd56b1d6c5682eb6221a
fcb382029332a44deaf212298b618074a752d674d0c735a1b8b861ab4bb6ff0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2kU9PLuzusMR04mNUdwbU6-120ESVhYJtNaIixERO68Vo9jEfP3JWg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:04:47 GMT
age: 63379
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c283017ec789693602177a2785177e21
ff8286c4d2cf87a1865d56d082bc5235dba60ad7
520db2567ad5529d35d2ac63b94d4186848382e9c86d0c4355ab979b34f0e0ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11145
x-amzn-requestid: dcb726a6-2f43-4170-a53c-4f0d2883309e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7yHfHIAMFu4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-11bf06e96123e01c11854cbb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oJyChyEdTbGx6oQCRy6IVMS8qU22LupFYn6FOii3p4BUVFyKnssQ7Q==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:05:54 GMT
age: 63312
etag: "ff8286c4d2cf87a1865d56d082bc5235dba60ad7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
chothuesub.com/js/bootstrap.min.js
103.255.237.204200 OK 9.5 kB URL HTTP/1.1 chothuesub.com/js/bootstrap.min.js
IP 103.255.237.204:0
File type ASCII text, with very long lines (32033), with CRLF line terminators
Hash c3256c5868126926ed2d97c5d3a25b6e
b66a58c16e263b2920b0dc6a6c183dba43e6128f
43bdff2a9380163536e2729fba3f3de19b2ea5a3fadeea685ebb897d0149aa8a
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap.min.js HTTP/1.1
Host: chothuesub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImJFRThOejFWQXB0WVJ4ZjU5TkF5dUE9PSIsInZhbHVlIjoiK1NZb0xyZVVJVmtqUWtVYUFOQTVaYmVQU2dNQTRETkxMbG9BNHVqeHl3VTQ2T21rN0xQdXk3RnhIK3JjRDgyNSIsIm1hYyI6ImJkZDg5YzQ5MzA0YmRmYzRkMjE1YTg5ZGNlNjc5OGUyNGRjYzc1Yzc5ZmFiNTg5OWNmMmVkM2ExNDYwOGNiNmMifQ%3D%3D; chothuesubcom_session=eyJpdiI6InRBaHlXazFUeXROa1l1RHRuam95MUE9PSIsInZhbHVlIjoiVnNacVwvNkY3YWx0SlUySUdHeW1OM1cwSGVxNEhXTjJVRVY1anAyWnJqRXpETm5UcXlqVWN4ZzhjU1V4UzA1TjAiLCJtYWMiOiIwMmI0N2E5MGM0NmI5ODJlNDA3Njk2MjNhNWQ2NmMwNGZlZWM4ZDIzZDQxZTUzZDQzMzA3MjFlZjAyZWNjNWFkIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache
Date: Tue, 20 Sep 2022 15:41:06 GMT
Content-Type: application/javascript
Content-Length: 9523
Connection: keep-alive
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 15:41:06 GMT
last-modified: Mon, 01 Jul 2019 17:52:04 GMT
accept-ranges: bytes
content-encoding: br
chothuesub.com/js/custom3.js
103.255.237.204200 OK 449 B URL HTTP/1.1 chothuesub.com/js/custom3.js
IP 103.255.237.204:0
File type ASCII text, with very long lines (700)
Hash 3d060dc11982761062529fabdfb3aa5b
f183fce71bdc33d74526644db40fb0eeb39d36df
85f4e0fb58d3846fdba7a3adb92194312594a35b5b6eb41f433876239150c4d5
Analyzer Verdict Alert fortinet Phishing
GET /js/custom3.js HTTP/1.1
Host: chothuesub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImJFRThOejFWQXB0WVJ4ZjU5TkF5dUE9PSIsInZhbHVlIjoiK1NZb0xyZVVJVmtqUWtVYUFOQTVaYmVQU2dNQTRETkxMbG9BNHVqeHl3VTQ2T21rN0xQdXk3RnhIK3JjRDgyNSIsIm1hYyI6ImJkZDg5YzQ5MzA0YmRmYzRkMjE1YTg5ZGNlNjc5OGUyNGRjYzc1Yzc5ZmFiNTg5OWNmMmVkM2ExNDYwOGNiNmMifQ%3D%3D; chothuesubcom_session=eyJpdiI6InRBaHlXazFUeXROa1l1RHRuam95MUE9PSIsInZhbHVlIjoiVnNacVwvNkY3YWx0SlUySUdHeW1OM1cwSGVxNEhXTjJVRVY1anAyWnJqRXpETm5UcXlqVWN4ZzhjU1V4UzA1TjAiLCJtYWMiOiIwMmI0N2E5MGM0NmI5ODJlNDA3Njk2MjNhNWQ2NmMwNGZlZWM4ZDIzZDQxZTUzZDQzMzA3MjFlZjAyZWNjNWFkIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache
Date: Tue, 20 Sep 2022 15:41:06 GMT
Content-Type: application/javascript
Content-Length: 449
Connection: keep-alive
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 15:41:06 GMT
last-modified: Sat, 31 Oct 2020 18:36:58 GMT
accept-ranges: bytes
content-encoding: br
chothuesub.com/images/logo.png
103.255.237.204200 OK 6.2 kB URL HTTP/1.1 chothuesub.com/images/logo.png
IP 103.255.237.204:0
File type PNG image data, 118 x 116, 8-bit/color RGBA, non-interlaced\012- data
Hash c02b743c58447b98cc7790f839dcaf2e
d07265ca48071b4c1f6f78c2655992ab57e04813
965d83936b102577a2b7781665cf9333c19639968456acf35a35217b30ef10e4
GET /images/logo.png HTTP/1.1
Host: chothuesub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImJFRThOejFWQXB0WVJ4ZjU5TkF5dUE9PSIsInZhbHVlIjoiK1NZb0xyZVVJVmtqUWtVYUFOQTVaYmVQU2dNQTRETkxMbG9BNHVqeHl3VTQ2T21rN0xQdXk3RnhIK3JjRDgyNSIsIm1hYyI6ImJkZDg5YzQ5MzA0YmRmYzRkMjE1YTg5ZGNlNjc5OGUyNGRjYzc1Yzc5ZmFiNTg5OWNmMmVkM2ExNDYwOGNiNmMifQ%3D%3D; chothuesubcom_session=eyJpdiI6InRBaHlXazFUeXROa1l1RHRuam95MUE9PSIsInZhbHVlIjoiVnNacVwvNkY3YWx0SlUySUdHeW1OM1cwSGVxNEhXTjJVRVY1anAyWnJqRXpETm5UcXlqVWN4ZzhjU1V4UzA1TjAiLCJtYWMiOiIwMmI0N2E5MGM0NmI5ODJlNDA3Njk2MjNhNWQ2NmMwNGZlZWM4ZDIzZDQxZTUzZDQzMzA3MjFlZjAyZWNjNWFkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache
Date: Tue, 20 Sep 2022 15:41:06 GMT
Content-Type: image/png
Content-Length: 6158
Connection: keep-alive
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 15:41:06 GMT
last-modified: Thu, 08 Sep 2022 17:11:05 GMT
accept-ranges: bytes
chothuesub.com/js/jquery-3.3.1.min.js
103.255.237.204200 OK 30 kB URL HTTP/1.1 chothuesub.com/js/jquery-3.3.1.min.js
IP 103.255.237.204:0
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash b4ea91b82034d3d6d975712383961c52
834490b924a2eb9d457c8e7e7505eda6a220c7f9
32a1d2b33bd963e901916c42be28186835e057638e81cc645ecb344ef605e249
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery-3.3.1.min.js HTTP/1.1
Host: chothuesub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImJFRThOejFWQXB0WVJ4ZjU5TkF5dUE9PSIsInZhbHVlIjoiK1NZb0xyZVVJVmtqUWtVYUFOQTVaYmVQU2dNQTRETkxMbG9BNHVqeHl3VTQ2T21rN0xQdXk3RnhIK3JjRDgyNSIsIm1hYyI6ImJkZDg5YzQ5MzA0YmRmYzRkMjE1YTg5ZGNlNjc5OGUyNGRjYzc1Yzc5ZmFiNTg5OWNmMmVkM2ExNDYwOGNiNmMifQ%3D%3D; chothuesubcom_session=eyJpdiI6InRBaHlXazFUeXROa1l1RHRuam95MUE9PSIsInZhbHVlIjoiVnNacVwvNkY3YWx0SlUySUdHeW1OM1cwSGVxNEhXTjJVRVY1anAyWnJqRXpETm5UcXlqVWN4ZzhjU1V4UzA1TjAiLCJtYWMiOiIwMmI0N2E5MGM0NmI5ODJlNDA3Njk2MjNhNWQ2NmMwNGZlZWM4ZDIzZDQxZTUzZDQzMzA3MjFlZjAyZWNjNWFkIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache
Date: Tue, 20 Sep 2022 15:41:06 GMT
Content-Type: application/javascript
Content-Length: 29665
Connection: keep-alive
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 15:41:06 GMT
last-modified: Mon, 01 Jul 2019 17:52:04 GMT
accept-ranges: bytes
content-encoding: br
chothuesub.com/images/pattern-dark.png
103.255.237.204200 OK 4.5 kB URL HTTP/1.1 chothuesub.com/images/pattern-dark.png
IP 103.255.237.204:0
File type PNG image data, 40 x 40, 8-bit/color RGB, non-interlaced\012- data
Hash 63c255a364c32adb110daed47530a5c9
7ba514a2aa4c894493e08faef6c0c2dcf61a567b
c3efad73d613369f5cdcf3ac9e983586b1a26460ffcfffb4a35a275766d10925
GET /images/pattern-dark.png HTTP/1.1
Host: chothuesub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImJFRThOejFWQXB0WVJ4ZjU5TkF5dUE9PSIsInZhbHVlIjoiK1NZb0xyZVVJVmtqUWtVYUFOQTVaYmVQU2dNQTRETkxMbG9BNHVqeHl3VTQ2T21rN0xQdXk3RnhIK3JjRDgyNSIsIm1hYyI6ImJkZDg5YzQ5MzA0YmRmYzRkMjE1YTg5ZGNlNjc5OGUyNGRjYzc1Yzc5ZmFiNTg5OWNmMmVkM2ExNDYwOGNiNmMifQ%3D%3D; chothuesubcom_session=eyJpdiI6InRBaHlXazFUeXROa1l1RHRuam95MUE9PSIsInZhbHVlIjoiVnNacVwvNkY3YWx0SlUySUdHeW1OM1cwSGVxNEhXTjJVRVY1anAyWnJqRXpETm5UcXlqVWN4ZzhjU1V4UzA1TjAiLCJtYWMiOiIwMmI0N2E5MGM0NmI5ODJlNDA3Njk2MjNhNWQ2NmMwNGZlZWM4ZDIzZDQxZTUzZDQzMzA3MjFlZjAyZWNjNWFkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache
Date: Tue, 20 Sep 2022 15:41:07 GMT
Content-Type: image/png
Content-Length: 4450
Connection: keep-alive
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 15:41:07 GMT
last-modified: Tue, 16 Jul 2019 01:10:18 GMT
accept-ranges: bytes
chothuesub.com/images/background-image.jpg
103.255.237.204200 OK 201 kB URL HTTP/1.1 chothuesub.com/images/background-image.jpg
IP 103.255.237.204:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x4000, components 3\012- data
Size 201 kB (201070 bytes)
Hash 960dcc2f55ac46db2500fd0e954f5362
135ccb41db557dd9872e7882be024194c0b8b84b
be4a8c605f4115823ee99b43e02ea26f13ccbb53b5884bd6b151ec96c8080923
GET /images/background-image.jpg HTTP/1.1
Host: chothuesub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImJFRThOejFWQXB0WVJ4ZjU5TkF5dUE9PSIsInZhbHVlIjoiK1NZb0xyZVVJVmtqUWtVYUFOQTVaYmVQU2dNQTRETkxMbG9BNHVqeHl3VTQ2T21rN0xQdXk3RnhIK3JjRDgyNSIsIm1hYyI6ImJkZDg5YzQ5MzA0YmRmYzRkMjE1YTg5ZGNlNjc5OGUyNGRjYzc1Yzc5ZmFiNTg5OWNmMmVkM2ExNDYwOGNiNmMifQ%3D%3D; chothuesubcom_session=eyJpdiI6InRBaHlXazFUeXROa1l1RHRuam95MUE9PSIsInZhbHVlIjoiVnNacVwvNkY3YWx0SlUySUdHeW1OM1cwSGVxNEhXTjJVRVY1anAyWnJqRXpETm5UcXlqVWN4ZzhjU1V4UzA1TjAiLCJtYWMiOiIwMmI0N2E5MGM0NmI5ODJlNDA3Njk2MjNhNWQ2NmMwNGZlZWM4ZDIzZDQxZTUzZDQzMzA3MjFlZjAyZWNjNWFkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache
Date: Tue, 20 Sep 2022 15:41:06 GMT
Content-Type: image/jpeg
Content-Length: 201070
Connection: keep-alive
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 15:41:06 GMT
last-modified: Tue, 16 Jul 2019 01:08:50 GMT
accept-ranges: bytes
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (581)
Size 158 kB (157726 bytes)
Hash 6519c7c04cf32a57b1c5ee45a73c233e
4939bb921988e9eb13780cc2244f3099776e9bfb
8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://chothuesub.com
Connection: keep-alive
Referer: https://chothuesub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:37:29 GMT
expires: Thu, 14 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
content-type: text/javascript
age: 554618
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a16da6a23b1dbb748cfe8380aa2dc387
5548a11aeb8799c7ec396b4f19eaf1e83d42e866
2a44b30143f3c6f1656f3674c3fa53127e25d309b8d0dc9f1a9f4ccb7f618b97
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4039
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 15:41:07 GMT
Last-Modified: Tue, 20 Sep 2022 14:33:48 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1961)
Hash ee2a4d1d74e95ab71e499405a8b96000
20e2952b798e7f07fb4e364fa3dd3712e9ea3b7d
c03294bd47bbec0c362031aa608935dde49f53bc1d1c2539c53a0268f55d7c66
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 0f6ca33ccd92858e76f4afea059aa475
etag: "31643a61379063137c57eca9e7e53057"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 20 Sep 2022 15:53:07 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 7ipNHXTpWrceSZQFqLlgAA==
x-fb-debug: uiC6rPxfcOkCOezyio+aRxBrOEpf4944VvrfeQ+8M5eF4pk0VjxjZ++tW8PVEV7Tmkwhu/IfoyBUUWaEN7h3pw==
content-length: 1686
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:07 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a16da6a23b1dbb748cfe8380aa2dc387
5548a11aeb8799c7ec396b4f19eaf1e83d42e866
2a44b30143f3c6f1656f3674c3fa53127e25d309b8d0dc9f1a9f4ccb7f618b97
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4039
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 15:41:07 GMT
Last-Modified: Tue, 20 Sep 2022 14:33:48 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
chothuesub.com/images/s6_bg.jpg
103.255.237.204200 OK 92 kB URL HTTP/1.1 chothuesub.com/images/s6_bg.jpg
IP 103.255.237.204:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x750, components 3\012- data
Hash 3ec38a559b756ade06f4f96f51109693
5cd6a522b21c3033c819b1de55ca8f826d8d5ba8
9b3284b52526f78cc27d6a65e7a8e3946955c8c9c546c57eac0ccc514227c93e
GET /images/s6_bg.jpg HTTP/1.1
Host: chothuesub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImJFRThOejFWQXB0WVJ4ZjU5TkF5dUE9PSIsInZhbHVlIjoiK1NZb0xyZVVJVmtqUWtVYUFOQTVaYmVQU2dNQTRETkxMbG9BNHVqeHl3VTQ2T21rN0xQdXk3RnhIK3JjRDgyNSIsIm1hYyI6ImJkZDg5YzQ5MzA0YmRmYzRkMjE1YTg5ZGNlNjc5OGUyNGRjYzc1Yzc5ZmFiNTg5OWNmMmVkM2ExNDYwOGNiNmMifQ%3D%3D; chothuesubcom_session=eyJpdiI6InRBaHlXazFUeXROa1l1RHRuam95MUE9PSIsInZhbHVlIjoiVnNacVwvNkY3YWx0SlUySUdHeW1OM1cwSGVxNEhXTjJVRVY1anAyWnJqRXpETm5UcXlqVWN4ZzhjU1V4UzA1TjAiLCJtYWMiOiIwMmI0N2E5MGM0NmI5ODJlNDA3Njk2MjNhNWQ2NmMwNGZlZWM4ZDIzZDQxZTUzZDQzMzA3MjFlZjAyZWNjNWFkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache
Date: Tue, 20 Sep 2022 15:41:07 GMT
Content-Type: image/jpeg
Content-Length: 92518
Connection: keep-alive
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 15:41:07 GMT
last-modified: Tue, 16 Jul 2019 00:34:40 GMT
accept-ranges: bytes
chothuesub.com/favicon.ico
103.255.237.204200 OK 152 kB URL HTTP/1.1 chothuesub.com/favicon.ico
IP 103.255.237.204:0
File type MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Size 152 kB (151518 bytes)
Hash f1dbe55987919a3bd2d17ac1ef7fabbe
d6f705635603267617a497eaf11e02ef185651ab
834f939d2197b4b3791c6799f95001e93a8ec4194b68b01b2b21be44ecc834b0
GET /favicon.ico HTTP/1.1
Host: chothuesub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Cookie: XSRF-TOKEN=eyJpdiI6ImJFRThOejFWQXB0WVJ4ZjU5TkF5dUE9PSIsInZhbHVlIjoiK1NZb0xyZVVJVmtqUWtVYUFOQTVaYmVQU2dNQTRETkxMbG9BNHVqeHl3VTQ2T21rN0xQdXk3RnhIK3JjRDgyNSIsIm1hYyI6ImJkZDg5YzQ5MzA0YmRmYzRkMjE1YTg5ZGNlNjc5OGUyNGRjYzc1Yzc5ZmFiNTg5OWNmMmVkM2ExNDYwOGNiNmMifQ%3D%3D; chothuesubcom_session=eyJpdiI6InRBaHlXazFUeXROa1l1RHRuam95MUE9PSIsInZhbHVlIjoiVnNacVwvNkY3YWx0SlUySUdHeW1OM1cwSGVxNEhXTjJVRVY1anAyWnJqRXpETm5UcXlqVWN4ZzhjU1V4UzA1TjAiLCJtYWMiOiIwMmI0N2E5MGM0NmI5ODJlNDA3Njk2MjNhNWQ2NmMwNGZlZWM4ZDIzZDQxZTUzZDQzMzA3MjFlZjAyZWNjNWFkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache
Date: Tue, 20 Sep 2022 15:41:07 GMT
Content-Type: image/x-icon
Content-Length: 151518
Last-Modified: Tue, 16 Jul 2019 16:28:20 GMT
Connection: keep-alive
ETag: "5d2dfb24-24fde"
Expires: Thu, 20 Oct 2022 15:41:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
connect.facebook.net/en_US/sdk.js?hash=9db1594ace5ffddb687dd126af04567b
157.240.200.14200 OK 89 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=9db1594ace5ffddb687dd126af04567b
IP 157.240.200.14:0
File type ASCII text, with very long lines (18598)
Hash 5eb5abd5e76364e7152762e39b46fbd5
267606ae2d1d801c40ce18ed491a7004e34fe283
c762bbdd6995e4544d713cf6c194d126f4265e0f96684e0024a6711919301337
GET /en_US/sdk.js?hash=9db1594ace5ffddb687dd126af04567b HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://chothuesub.com
Connection: keep-alive
Referer: https://chothuesub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 71bd9bd0a6574686c5bdf0668ffddc27
etag: "3dd367f7939dbcd7a4feadf8a45895cc"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 20 Sep 2023 13:08:54 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: XrWr1edjZOcVJ2Ljm0b71Q==
x-fb-debug: JTbOzvqKwNyxnxA4QID8H0Y/ievT4QV9o2xFth0Qtfid6jH9XWVgLE71smHLg8sRE0wx+d2fuuAUfijJ2bDCkw==
content-length: 88799
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:07 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9405985bfe6aab7c008cf3a305f79b0f
d698b786300ea45e2cd1b9d3fadf2639e71efe5e
28c7a840f64d83b92b41d7255788845fbe83aefbee8acf3d8cb131ffd81f6267
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2874
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 15:41:07 GMT
Last-Modified: Tue, 20 Sep 2022 14:53:13 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 827 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (724)
Hash 29973cf3b0ef9f16fe31ed981b2f6573
f22eb80b89b5e0ae9ace854aab6676d56eaef6a1
476822c80e0a0ee078edb7a74db59378f8b1d43d2de844e28a9e9c2f68a4c8d8
GET /rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 15 Sep 2023 06:48:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KZc887Dvnxb+Me2YGy9lcw==
x-fb-debug: BWoKeSty6egwJE1HqSdlEHxWsT8EIfiJaW04/EzvcfYdU5s/Q9jvLxzG++a+AE3+hdDZup53g3KTnC0sS9hV6w==
content-length: 827
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:08 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/v2.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff2173723862d6%26domain%3Dchothuesub.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fchothuesub.com%252Ff28a2a83d3c2896%26relation%3Dparent.parent&container_width=260&height=350&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FH%E1%BB%97-Tr%E1%BB%A3-TGO-288791335030773&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false&tabs=messages&width=250
157.240.200.35200 OK 21 kB URL HTTP/2 www.facebook.com/v2.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff2173723862d6%26domain%3Dchothuesub.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fchothuesub.com%252Ff28a2a83d3c2896%26relation%3Dparent.parent&container_width=260&height=350&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FH%E1%BB%97-Tr%E1%BB%A3-TGO-288791335030773&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false&tabs=messages&width=250
IP 157.240.200.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (19857)
Hash 7931f0f2ea03e7968e8b58a2ecf03139
92007f9d9a8feffcab58648df5be65c5327a0858
66a998a70cfa092123fdfb498a4e54b50e969e86442d26ea87ba3fa5557b8497
GET /v2.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff2173723862d6%26domain%3Dchothuesub.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fchothuesub.com%252Ff28a2a83d3c2896%26relation%3Dparent.parent&container_width=260&height=350&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FH%E1%BB%97-Tr%E1%BB%A3-TGO-288791335030773&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false&tabs=messages&width=250 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
facebook-api-version: v8.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 0aWUsIpyyksAGTFiWyGfBtob2uzk0e2pX6U3JSQCgyKoEhlmf/6ovOaRMCLWjwJP3lri1SYAXMu9JHwczYI7xA==
date: Tue, 20 Sep 2022 15:41:08 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yM/r/a3eZamQ9G_u.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 91 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yM/r/a3eZamQ9G_u.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (18569)
Hash 449a21bbd17f4b28e209b62a520f28c0
b63a99e69f6ed688707a0f4851c0a88fe5cb6faa
dda01b644519466b782011bfbd33c652b8b7a691145ac1dfb314ba14ff86077d
GET /rsrc.php/v3/yM/r/a3eZamQ9G_u.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 17 Sep 2023 00:31:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: RJohu9F/SyjiCbYqUg8owA==
x-fb-debug: b/9iM3h/ATaWKSyjpM2mDs84WsCeGkA+2fC9MuFXXf5VbF+0pDM4UQMxrk0nMX8kt+zJVcrKHJQ442C8HlUvIQ==
content-length: 91358
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:08 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yL/r/DJIek1tT3RT.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yL/r/DJIek1tT3RT.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (2052)
Hash 883efc20b86990fd486fab545ffc08f4
da322dda14a98744e03655dcf0da9482b4b1e1d0
e207751970ef4bf6e0a64da5e9480ab3b1ee86408a7904796e2f6e225f8ee612
GET /rsrc.php/v3/yL/r/DJIek1tT3RT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 15 Sep 2023 23:21:54 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: iD78ILhpkP1Ib6tUX/wI9A==
x-fb-debug: fhsLl0YjqSJqoV13JDQuIhdo/OX0Rs1cu8RUFdHOyPNKeiRXL+6eELxvTCu8eNpLboXkpb1VNLUfW2D1iOJqLg==
priority: u=3,i
content-length: 1689
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:08 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yI/r/p7aKdtolv_W.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yI/r/p7aKdtolv_W.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (5329)
Hash adcd01b197549ab05ed54746a81151f8
edb56528c008d8a431e350179ff6df1aa40c2ae6
e6456b195e1064b44db169404417d1c68777133c14d6188bd9ffdfc60e70393c
GET /rsrc.php/v3/yI/r/p7aKdtolv_W.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Sep 2023 00:46:54 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: rc0BsZdUmrBe1UdGqBFR+A==
x-fb-debug: C07wPTKkFnDbXPQ8vUNI3lcu/5k/bTda27QKkFJ9VZyjj7xORU1WFpcBwCcD6MzV+uZmh6QVmeBURIlfIWfoiw==
content-length: 12252
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:08 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.staticflickr.com/65535/51011678310_d8c6ae326d_m.jpg
143.204.48.75200 OK 36 kB URL HTTP/2 live.staticflickr.com/65535/51011678310_d8c6ae326d_m.jpg
IP 143.204.48.75:0
File type JPEG image data, baseline, precision 8, 240x160, components 3\012- data
Hash 44b462a5c3db4aab3b1156561a61f8d9
4229ac3f19eefa001b47be6138754d0d12541673
c16a8e5b76a9daf927f4761591003e6942a130db5bf479dc7e186161bedc60b1
GET /65535/51011678310_d8c6ae326d_m.jpg HTTP/1.1
Host: live.staticflickr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 14 Sep 2022 15:50:15 GMT
edge-control: public, max-age=31536000
surrogate-control: public, max-age=31536000
cache-control: public, max-age=31536000
expires: Thu, 14 Sep 2023 15:50:16 GMT
imagewidth: 240
imageheight: 160
last-modified: Mon, 29 Mar 2021 06:10:25 GMT
etag: "bae34ed9d8d17b4a6ea81eb86450dc06.1"
streaming: false
origintype: X
server: Jubilee
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
powered-by: Mutation/1.0
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
ourvalues: Deliver Awesome (#3 of 5)
x-request-id: 79e246ee
x-frame-options: DENY
p3p: CP="This is not a P3P policy. We respect your privacy."
x-env: a=live, b=jubilee, c=21738c41, e=b1cfc1fdb4a90fbd7ed7449176940c7c057c6af1
x-ttfb: 0.1764
x-ttdb-l: 19890
mib: 2
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CXgrPeXT9dKlSmi7AJnwyXZqh7lGdl0w8zHuTFvI-7n2_xaPxG6-zA==
age: 517852
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iLl54/y-/l/en_US/FcvJBB0C3rJ.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 8.5 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLl54/y-/l/en_US/FcvJBB0C3rJ.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (2973)
Hash ffe7b79ce7ca26f6f708ddd1d38ee3e7
6380b17543d221a6934c145232fc385aa965fa1d
9c68febd9ec67b45b9142a70128f1ab52fe3ec35b1d5749d15387ea514c8743a
GET /rsrc.php/v3iLl54/y-/l/en_US/FcvJBB0C3rJ.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 17 Sep 2023 01:59:47 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: /+e3nOfKJvb3CN3R047j5w==
x-fb-debug: VvIm+055x0mIOYcGWjtHfkCxCgqQwx7DNk0cC4vXPehgpyX+0OkJIJxLJml7mUn/FNP+JBRLAN0MC50x6FnKWg==
priority: u=3,i
content-length: 8455
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:08 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yC/r/5RJiTHn6lGN.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 9.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yC/r/5RJiTHn6lGN.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (9954)
Hash be64cd173090e3a98e38a422d5930c56
5c196fb94edb4d634bad160a99f3918260d23be3
0ffe4a73f2d08fa7dae5286e54d9e1f779422452cedfb44422a90ed24d409617
GET /rsrc.php/v3/yC/r/5RJiTHn6lGN.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 17 Sep 2023 00:01:15 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: vmTNFzCQ46mOOKQi1ZMMVg==
x-fb-debug: 7sN2xnZ9tBBcCnVQkthUAh512h2J9yropQsN7AC0enGYxL5jZxiWCYsdlSYO37SfOzlAYVwcgOcKEC6bxpcTPQ==
content-length: 9071
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:08 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 338 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (327)
Hash 76f593e842677f73cd0a06232874b2c3
25a13f79478d5a0e286a2299dca2f3b296463079
74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 17 Sep 2023 00:11:14 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dvWT6EJnf3PNCgYjKHSyww==
x-fb-debug: GGZU41/6Z3sSBrvSSR/Xv2Vo3Azq9sdBtvima5pKC2meCDlj6cuqmUZeoWWh6Q1xm0VdAhU2xavV/8mp2X6VZw==
content-length: 338
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:08 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yx/r/kl5QvbCz5Lo.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 7.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yx/r/kl5QvbCz5Lo.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4129)
Hash 7614efba617e235ae864911e15a63a27
5eb6ee4e1d2db3866ebcbc35b76352c719c36255
3c2783c57f48e1b749c1065ddcdf2f5184582a2bc799b1ee832fdf79c62b9557
GET /rsrc.php/v3/yx/r/kl5QvbCz5Lo.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 17 Sep 2023 03:27:45 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dhTvumF+I1roZJEeFaY6Jw==
x-fb-debug: 2ZtUQ4wgO5Z23/DCiQ/qOxXb6+NIYojSYr+ojcZ7ormkku6ZN6kqxOnalpTKHLvfGY/LxWF7VdaBbOK7S6tQ5w==
priority: u=3,i
content-length: 7311
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:08 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y4/l/en_US/aToexfaV0S1.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 23 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/y4/l/en_US/aToexfaV0S1.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (42045)
Hash 58dbeeb1a23bb44fabf2c50e0884a170
c3c6a7b58d90c4b7b135758d99911465794dd9a2
b49ba6b6ba373668ac5d82d37a0aa689d913579384477b5a7b8be059c2c2bd96
GET /rsrc.php/v3iEpO4/y4/l/en_US/aToexfaV0S1.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 17 Sep 2023 03:28:06 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: WNvusaI7tE+r8sUOCIShcA==
x-fb-debug: oq1+0XwJ/l7Y+1p4pKPf8/izK4F1q9DyzOR6jTvfLzp0khZaNRSWo56ZhORHMvEe5nyea1vgkVDip2G5avL6cg==
priority: u=3,i
content-length: 23388
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:08 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
157.240.200.14200 OK 1.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
IP 157.240.200.14:0
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash ac1e1c4d6f16359701b059ed4e8246b4
ff19b30a3b3d8d1765c239b25dbc98cb3263786a
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
GET /rsrc.php/v3/yH/r/xgVgalBG80z.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/H8ot5psuu7W.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: rB4cTW8WNZcBsFntToJGtA==
expires: Sun, 17 Sep 2023 02:38:59 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: TlSpIZY20EsPfcTAf7SbyPfalrygVBl7jfE3W+UkBbtZUVQQybe0LSDqZBFJQ+G7+t6I6PetrHN+TxVv5vnnEA==
content-length: 1315
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:08 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/xMkABpaNwwg.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 707 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/xMkABpaNwwg.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (1385)
Hash a3ac633a67d1841fd6c837ad821493f7
3d244204d5041618f0999c38fb5a6078ec6a7307
4a449a7a369be96c14bc2e318d400b79e4d7cb3839e0a1b2c2598420ab083d1e
GET /rsrc.php/v3/yp/l/0,cross/xMkABpaNwwg.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 19 Sep 2023 16:06:15 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: o6xjOmfRhB/WyDetghST9w==
x-fb-debug: E1nal4YsmtqpZIIRAI5gslCNQ0BJbgYQ9LHwH702cwA+czW50874wyFvhsnbfFq86vHgSHa9i/kReIPzxNyPzw==
content-length: 707
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:08 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEBX4/yV/l/en_US/CBpXBwkeiMb.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 13 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEBX4/yV/l/en_US/CBpXBwkeiMb.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (15896), with no line terminators
Hash 688e96f5c533c6d0d55546c40d39df4d
3e227f9704fdef4b97c787a9c7487a14bf6f4093
502eeff3cb796e5cdd1e3f97844f985724c8cec775ba81c4e1457f18272d0613
GET /rsrc.php/v3iEBX4/yV/l/en_US/CBpXBwkeiMb.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 17 Sep 2023 02:21:54 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: juxbgiLk4grn/enp7AP6Ww==
x-fb-debug: OeZ6OIjh8Vhq96AdRN2FfJrmZC0HIQsDlTC8LyXjl/cjBdXTj4HOfTzTq2/nD+ASykzAM53hIUmlhfFaMyteJA==
content-length: 8502
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:08 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/r/rWMYwnsHqve.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 6.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/r/rWMYwnsHqve.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4556)
Hash d162f6af013f19ae6c43e3cfc69a2db4
806a400dc8510158b36d430ac4d2f054da090a83
1a243df2e9541c1c1ab933f2d0bc049426a5de8c8f937e6b53a3093c6d9dea97
GET /rsrc.php/v3/ys/r/rWMYwnsHqve.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 19 Sep 2023 15:49:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 0WL2rwE/Ga5sQ+PPxpottA==
x-fb-debug: p6qANsfnBxVgh0brT/W9N8I+JHRCawPq68RMJzW2Y0VNQcri01NUVwacHeE7nlI/dBv4magunmiUYjL2aG/JFg==
priority: u=3,i
content-length: 6691
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:08 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yr/r/52AQ2_Oeh-E.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 5.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yr/r/52AQ2_Oeh-E.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with no line terminators
Hash 781e50d153a1e77f38d34ba534bf82aa
a97d7094b934b9a4e5d70cad015365fae506db83
b25ecd7498e98bd88f4219ba74a8f828023bbca9e8545cd8c211be8fc96ea023
GET /rsrc.php/v3/yr/r/52AQ2_Oeh-E.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 19 Sep 2023 15:49:21 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: nivb56k7L3CB74K58EhRiQ==
x-fb-debug: xSOHPjhfS5TVivp/BrFuVJtP/wu9OX5uWEYXUNmjvDoqBIwIr976xDKb7ZIrNBb7slqEf9gYxnKIEZFUbBmAIQ==
content-length: 5319
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:08 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3izWV4/yA/l/en_US/HCWiu2EtOt4.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 42 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3izWV4/yA/l/en_US/HCWiu2EtOt4.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (10866)
Hash 55fb7d13c78cbc871e15b9e9caeba30a
9a401688cac622c500e404bc9b0474e967bfeab6
5f7787b3be63778dd543ce933394081938a99a518c75e1556c610a5e861eb5bd
GET /rsrc.php/v3izWV4/yA/l/en_US/HCWiu2EtOt4.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 17 Sep 2023 01:04:12 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Vft9E8eMvIceFbnpyuujCg==
x-fb-debug: EZ8RS5kltdlcWhyBbjLP7xUG8DC0dX/sWbK5uDNEWI47r+/z3OaKp3JQ0fgEEbFug6VOrpJnYaimiVhUlH5AuQ==
priority: u=3,i
content-length: 42294
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:08 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yi/r/XtGJdZn8dDD.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 19 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yi/r/XtGJdZn8dDD.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (8678)
Hash 371723bd4d5adcc7d471488047bab03a
5e7a1f68a835d220822ff14dcaad317bb06826f1
98d5085c53568c6a34312c435a25ee89ed103c4740c46cd255b15baf6662de01
GET /rsrc.php/v3/yi/r/XtGJdZn8dDD.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Sep 2023 00:46:55 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: NxcjvU1a3MfUcUiAR7qwOg==
x-fb-debug: U/C6vvirqU/3CWQiDB65F3JaGIJsHqoFG9v2mEFkur7m0gV+0HGi2he4LCL6rCWSYJu3XN/SB2FhESYIhNUHPQ==
content-length: 18651
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:08 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe763d5d6-1a5c-4160-9667-8ed7c6b1e265.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe763d5d6-1a5c-4160-9667-8ed7c6b1e265.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3463c46d2b7a87a91ff1a701a438d80e
92c78b27f4e31609c1b78670b26e68b4f991a8ed
b95b290832f12f97c7da51382fe92feba2fa93a5ec0470d48a533a58a13dc474
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe763d5d6-1a5c-4160-9667-8ed7c6b1e265.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5985
x-amzn-requestid: 6797727b-78c7-470f-bee8-7b55e64d36ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugzxH6qoAMF67w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e1b1-0d574a815d19636b21376c91;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:40:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RIRyR6BXSZrTZq2joFYjssEpZAqxuWYgdoU5um35md0Yt_m0UzZpiw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 21:51:37 GMT
age: 64176
etag: "92c78b27f4e31609c1b78670b26e68b4f991a8ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Sedgwick+Ave&display=swap
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Sedgwick+Ave&display=swap
IP 216.58.211.10:0
GET /css?family=Sedgwick+Ave&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 15:41:06 GMT
date: Tue, 20 Sep 2022 15:41:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3ivrH4/yy/l/en_US/IZ-dbgt7nKM.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 0 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3ivrH4/yy/l/en_US/IZ-dbgt7nKM.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
GET /rsrc.php/v3ivrH4/yy/l/en_US/IZ-dbgt7nKM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 17 Sep 2023 03:00:52 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: OYy8v2jUES7FzOKh4Oc8Hg==
x-fb-debug: xD64HmyOAzGzDrYcujDBCch32CFid5YnwjVjIIxYPv8Em2y49QEh2e088+EaBNxMZpmf6i+90yCtgO3rsLq9yw==
content-length: 80147
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 15:41:08 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto+Condensed&display=swap
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed&display=swap
IP 216.58.211.10:0
GET /css?family=Roboto+Condensed&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chothuesub.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 15:41:06 GMT
date: Tue, 20 Sep 2022 15:41:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2