684739353-usd-per-week.blogspot.jp/?p=0vx
172.217.21.161302 Moved Temporarily 196 B URL HTTP/1.1 684739353-usd-per-week.blogspot.jp/?p=0vx
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash f0e8bed2b9d176c97036eec46062c465
8c0c6b2f0d2862f5b700e367d5a5ecccd40a2551
72aa3efbb42aacfa137adec2c523553f1115ac5d1f1aef098c8734f7cc1f1ffc
GET /?p=0vx HTTP/1.1
Host: 684739353-usd-per-week.blogspot.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://684739353-usd-per-week.blogspot.com/?p=0vx
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 00:57:01 GMT
Expires: Mon, 05 Dec 2022 00:57:01 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 196
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14949
Expires: Mon, 05 Dec 2022 05:06:10 GMT
Date: Mon, 05 Dec 2022 00:57:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6540
Expires: Mon, 05 Dec 2022 02:46:01 GMT
Date: Mon, 05 Dec 2022 00:57:01 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3904
Cache-Control: max-age=124760
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:01 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:36:21 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Rq+r+YeZgSeXtpghhg15P5C48Dtv3Q63T2gyLbmgejkwyniaJQ0JnXbHiAcX8499ujKUcu6uDd8+yiqPtV+ZKw==
x-amz-request-id: DYA88STF9ZJEGP8P
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 00:47:11 GMT
age: 590
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 00:20:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2211
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:57:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
684739353-usd-per-week.blogspot.com/?p=0vx
172.217.21.161301 Moved Permanently 196 B URL HTTP/1.1 684739353-usd-per-week.blogspot.com/?p=0vx
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash be22f166dd78cdcfd0a3f8562c4d8b57
a9adfad92a58140b6d5767458f7afc9d869f6c3b
3f0c1425816578be9826b8ae8214c282b46731f593879c8999a780f9bd5e9c0c
GET /?p=0vx HTTP/1.1
Host: 684739353-usd-per-week.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://684739353-usd-per-week.blogspot.com/?p=0vx
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 00:57:01 GMT
Expires: Mon, 05 Dec 2022 00:57:01 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 196
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c1f7594a4097e4dcc9fd7d4a02cafafe
b9dba74fb06bc248a40b26cb26600e750e376695
4dc877df2ca9330da46809359d71469672d18d87edcfee2c825fde13f470bfd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
684739353-usd-per-week.blogspot.com/?p=0vx
172.217.21.161200 OK 15 kB URL HTTP/2 684739353-usd-per-week.blogspot.com/?p=0vx
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6565)
Hash 28d69da95a90232a6fddb6d8ee143651
80afe140310db9fc6573ef8b8cf7d9136ea15b41
d0b5e57e93141ca836c1f4ad56908e008b3562b11de16b9314cdc3b0653f788b
GET /?p=0vx HTTP/1.1
Host: 684739353-usd-per-week.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 05 Dec 2022 00:57:01 GMT
date: Mon, 05 Dec 2022 00:57:01 GMT
cache-control: private, max-age=0
last-modified: Sun, 04 Dec 2022 04:39:22 GMT
etag: W/"00fc7c9579129a6949c4bf845d8b2d5bdbae4b59dad9c8d3dd6a61c3202dacde"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 14992
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c1f7594a4097e4dcc9fd7d4a02cafafe
b9dba74fb06bc248a40b26cb26600e750e376695
4dc877df2ca9330da46809359d71469672d18d87edcfee2c825fde13f470bfd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 00:11:19 GMT
cache-control: public,max-age=3600
age: 2743
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5df1058c9c4b299711f47cdff081467b
c09ae057609ec756e576efcc4aaecb25597d8f4b
b882562c065dfcb613ba2f3deaab194fb76dec71891379b2cc7f2699d3584f66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B882562C065DFCB613BA2F3DEAAB194FB76DEC71891379B2CC7F2699D3584F66"
Last-Modified: Sun, 04 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21529
Expires: Mon, 05 Dec 2022 06:55:51 GMT
Date: Mon, 05 Dec 2022 00:57:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3889
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:02 GMT
Etag: "638c632b-1d7"
Last-Modified: Sun, 04 Dec 2022 23:52:13 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
anvhtqz.com/27?r=35205
94.130.252.85200 OK 909 B IP 94.130.252.85:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash d6b6e9e497e8e2d29d32b3072804e267
fae0597001b8d6d28c724b140759e24d032f248f
609e8488523cfe5cad8f66f4785155d7a40609faeffe6d8bc18eb8a50b479a13
Analyzer Verdict Alert quad9 Sinkholed
GET /27?r=35205 HTTP/1.1
Host: anvhtqz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://684739353-usd-per-week.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 909
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Referrer-Policy: no-referrer
Set-Cookie: 43935=1d68ccb0-a537-4cee-866d-6803acef283e; expires=Wed, 04 Jan 2023 00:57:02 GMT; HttpOnly; SameSite=Strict
Connection: close
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 525b818b480e806b8f78abfc59d1d1fb
ac2cc2e71112c3f0127c5f0a8815d63e58314b44
2177154ce8625f714750f42a9a31dd8260a006345ae6a5ab1037bcefe43e68a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2177154CE8625F714750F42A9A31DD8260A006345AE6A5AB1037BCEFE43E68A2"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17919
Expires: Mon, 05 Dec 2022 05:55:41 GMT
Date: Mon, 05 Dec 2022 00:57:02 GMT
Connection: keep-alive
profit-4580-per-day.com/?l=btc_profit_pay_en&click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
164.90.197.12302 Found 0 B URL HTTP/1.1 profit-4580-per-day.com/?l=btc_profit_pay_en&click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?l=btc_profit_pay_en&click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13= HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/7.4.29
Location: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Strict-Transport-Security: max-age=15768000
push.services.mozilla.com/
52.41.253.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.253.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ukz4M9N/IvrGX84Nr6H9mA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Q/sNl/7eoBHepaedLvYrSaOzeJo=
profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
164.90.197.12200 OK 9.4 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (706), with CRLF line terminators
Hash 14600ff2c92fcec1c16e7d53ae56d4c5
4bf8beaf55ca55ea9cc4d1a8683f184a6eb831fb
3c4652ef8c6848e6d2053db96ed977bfb33be6ebdc63eb69df2824b1412a4dc2
GET /akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13= HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.29
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/css/firstLook.css
164.90.197.12200 OK 2.0 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/css/firstLook.css
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
Hash 1fab4ebecb22db78efdd3bdc5308a6c3
6334b9b34eec920cccadd02370cc6690bf3241fa
2bb0f29a9cb7951fd831f16e316c14530b842430e3f2ac299acf63976b28e6c1
GET /akrurox2jo/css/firstLook.css HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 13:02:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62e7cedd-1ffc"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/css/fonts.css
164.90.197.12200 OK 1.0 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/css/fonts.css
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
Hash 2b25ca35ec5aa80788a43a967426be3c
6982c61b925a781335b3d44ce4d5bc22d8cb2e28
40eeb4f625d2f76fed07b96cd6c34ff77e7021c9fed263b912f3ee79730b9527
GET /akrurox2jo/css/fonts.css HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 13:02:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62e7cedd-4c91"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/css/form.css
164.90.197.12200 OK 1.8 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/css/form.css
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
Hash 3a70e65983ae2a36d859185453fd67c5
8fac447c2ff32b34271d21ec1f3dab49e8b20bc3
0b0599291e44cc5581b79a988b0af0d17af7486c94d679ce36713e0bed1627f0
GET /akrurox2jo/css/form.css HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 13:02:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62e7cedd-1e0e"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/css/lato.css
164.90.197.12200 OK 352 B URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/css/lato.css
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
Hash 66d95d4beba9909522024f7e678b5261
ddd35ce0f3bb54d8c4dc1c507d8a008ad7574fa1
86c6095929b83912d1acc4ad4303fed075bcff7da32bcbf3803a44e1e0aab70e
GET /akrurox2jo/css/lato.css HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 13:02:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62e7cede-520"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/css/finish.css
164.90.197.12200 OK 962 B URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/css/finish.css
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
Hash 1d5f9babe25becedbf4d80acc2bede29
ae0f5b37043b1b38a6b56aecc45257833379f3f1
40189193781d33f30a38947eb82539ea693aae62a6cc44a704057d940a9de031
GET /akrurox2jo/css/finish.css HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 13:02:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62e7cedd-e7b"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/css/checkbox-svg.css
164.90.197.12200 OK 633 B URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/css/checkbox-svg.css
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1866), with no line terminators
Hash 64a2a925f21861449aed4a6d92a55386
d3147f41138fd2ec3f55dcbae54312c0e2cab926
d330e8a82f2ed9a969b340d203f62f715260d2a7043303af2b57d9121ca4c1b3
GET /akrurox2jo/css/checkbox-svg.css HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 13:02:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62e7cedc-74a"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/css/index.css
164.90.197.12200 OK 3.2 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/css/index.css
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
Hash c0f723ba978704a6a1ec554b0795026d
29b7f243e3c12da9973cf28a3123f4bf6ae7347c
d04950f26cb08901e39fd361588041459a7cba77400f910101ceb30da4378c51
GET /akrurox2jo/css/index.css HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 13:02:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62e7cede-4f88"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/css/swiper-bundle.min.css
164.90.197.12200 OK 4.2 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/css/swiper-bundle.min.css
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (13663)
Hash bc2f208fb112aaf1aba92c5c702eb4af
fb5f5e0bc4ef330c64ffa840faf4fcc714dfc5ac
8138b20d591dfbff361510ab1583c29b4291aaac1d0072157b6ddfeb4ebc5179
GET /akrurox2jo/css/swiper-bundle.min.css HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 13:02:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62e7cede-3660"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 527ec109f6e1d31ffadf09d73e34f233
3a214d9e7ff9796507c93f250a89c5e8f8571410
5753d2d7f52438fdffc4c692b66ff3372ef3fa4779ccbf65d7074e9546139d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3379
Cache-Control: max-age=115584
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:02 GMT
Etag: "638c552b-116"
Expires: Tue, 06 Dec 2022 09:03:26 GMT
Last-Modified: Sun, 04 Dec 2022 08:07:07 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
profit-4580-per-day.com/akrurox2jo/js/jquery.validate.min.js
164.90.197.12200 OK 7.8 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/js/jquery.validate.min.js
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (24304)
Hash 63584cbfd77dec5438ed6d1eeb7141c5
29039688ae96e8bc1bc7cf8047218c60ea800813
8802df4b691f8a83eeceb74ff9d1d3a15ffa7947142f2b1fd6c02b0cf5e8a16d
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/js/jquery.validate.min.js HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: application/javascript
Last-Modified: Mon, 01 Aug 2022 13:02:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62e7ceec-5f7b"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/js/currency.js
164.90.197.12200 OK 556 B URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/js/currency.js
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
Hash d67086aacb5ff1a4ad3541de0e49b90a
74174e2a7d0f476169a1a1915fc4a3a62e48650d
1e103ccb06b3a65e0863e3695c68b5055365e845e5c2240f25b31da0caa9d4a3
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/js/currency.js HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: application/javascript
Last-Modified: Mon, 01 Aug 2022 13:02:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62e7ceea-598"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/js/jquery-3.5.1.min.js
164.90.197.12200 OK 31 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/js/jquery-3.5.1.min.js
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65451)
Hash 12db8938fc485bdb4da752a88abcd310
7717619931ceeeb1633e3372312bf3952d0a62c9
0511d6e7a200eff28bacd40446df4db3be83c529a67759ebcbb6a4f6d385baa6
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/js/jquery-3.5.1.min.js HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: application/javascript
Last-Modified: Mon, 01 Aug 2022 13:02:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62e7ceec-15ec5"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/js/index.js
164.90.197.12200 OK 861 B URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/js/index.js
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
Hash 5dfcb546fc3b8727650a7b456d28ffb2
4e2529a77189e009bf7dcf731c8e731346163591
f3cefe1a6d8dba8ecc277c11b7ef441d3c04933a5470fafd2240935329e8bc9f
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/js/index.js HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: application/javascript
Last-Modified: Mon, 01 Aug 2022 13:02:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62e7ceeb-b58"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/images/logo.svg
164.90.197.12200 OK 10 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/logo.svg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1773)
Hash 23a86ee297f300811e15849117483fb8
b906946677ffbf7e353b6bd0b8d9d203b62b05f1
7181c625cd9f0b51f9ad50aa5d34bc69d60f5fb312b850d0d0703571676a511b
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/images/logo.svg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: image/svg+xml
Content-Length: 10464
Last-Modified: Mon, 01 Aug 2022 13:02:28 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee4-28e0"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/js/device.min.js
164.90.197.12200 OK 750 B URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/js/device.min.js
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (2581)
Hash e8c3d80e1e921d221fe7c4bd62114612
953c177f49e43e47b659b3223fb79849072b3778
c3adf17c755bddf3ab3f292c2d60cb23f2f32447cc0f96821ffc28a85e3c24ba
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/js/device.min.js HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: application/javascript
Last-Modified: Mon, 01 Aug 2022 13:02:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62e7ceeb-a2d"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/js/commonJs.js
164.90.197.12200 OK 6.1 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/js/commonJs.js
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (4372), with CRLF line terminators
Hash 61ce681eeac851a97f4070bbb1beebe1
25b8eb5b20029938702410e363b9cef17077acf2
4629f12ed8906729564ea1409610f67c97b812429bbb641bf8ce091585e18a6c
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/js/commonJs.js HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: application/javascript
Last-Modified: Mon, 01 Aug 2022 13:02:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62e7ceea-4b9f"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/js/custom.js
164.90.197.12200 OK 492 B URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/js/custom.js
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document, ASCII text, with very long lines (304)
Hash aa6bc447b89367a6cccd01d01d1f9d86
c5873ac2eab7cbd6abde4a78f172b9bb0898dcb4
0156ce0edd8a2159298fcd348d3eedc1736c5ae896756c02357d285dbcb7d513
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/js/custom.js HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: application/javascript
Last-Modified: Mon, 01 Aug 2022 13:02:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62e7ceea-3ba"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/js/swiper-bundle.min.js
164.90.197.12200 OK 37 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/js/swiper-bundle.min.js
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65279)
Hash c6403eb60d5be5329246a0791e07a8db
198af8846f3b93d1c2d0a83eca407df1e551ea40
ea9e3d1f6edcd81faf21b9187a866624e0eccb481bb9b0f98e9076bc39d11158
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/js/swiper-bundle.min.js HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: application/javascript
Last-Modified: Mon, 01 Aug 2022 13:02:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62e7ceec-2241d"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/images/trustColor.svg
164.90.197.12200 OK 48 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/trustColor.svg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5805)
Hash 0bc0381b0a28b2093fe857b1fa860f26
b3a3879d9874d153fa51510aba4b5c182c972de0
7daaab18cea77061d9ce4121414f50c22318808d26c301f857515ff6b7acaf1f
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/images/trustColor.svg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: image/svg+xml
Content-Length: 48432
Last-Modified: Mon, 01 Aug 2022 13:02:33 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee9-bd30"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/images/goldcoin.png
164.90.197.12200 OK 7.4 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/goldcoin.png
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 353 x 45, 8-bit colormap, non-interlaced\012- data
Hash 5b08e6f7089296831f0bc57dc4180c82
dde0130183ad150765297580c3d4be75da01a213
0cd0e600ee465a7b915265137dfcc0437726b3f82825651712deee019cf08d28
GET /akrurox2jo/images/goldcoin.png HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: image/png
Content-Length: 7361
Last-Modified: Mon, 01 Aug 2022 13:02:27 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee3-1cc1"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/images/safe.svg
164.90.197.12200 OK 14 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/safe.svg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (14105)
Hash 0e51444c6e8b4142359140e77246676d
cd4ef501af0d43b6886f05d38b40bdc5afe5ab1b
7c9230605583c9e5821882c278c6a9e33c0efde9e7bd2068ae862f08e76ad27e
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/images/safe.svg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: image/svg+xml
Content-Length: 14209
Last-Modified: Mon, 01 Aug 2022 13:02:29 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee5-3781"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/images/slideThumb4.jpg
164.90.197.12200 OK 3.5 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/slideThumb4.jpg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 053b51f54dc550609c2d402eeade79d9
9e84f1cc65c2791c1e50c03fab1530857025ca1a
19b841a5b1c8c6a1ce475ceb3fd5c845561ebf2fc2d393cb562bda485c2c6c7e
GET /akrurox2jo/images/slideThumb4.jpg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: image/jpeg
Content-Length: 3510
Last-Modified: Mon, 01 Aug 2022 13:02:31 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee7-db6"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/fonts/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
164.90.197.12200 OK 16 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/fonts/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 15712, version 1.0\012- data
Hash 9b3766ef4a402ad3fdeef7501a456512
c0173d8cbcced955ac98018e27683ab01c57f81c
edcdf3f60252a5987bedc9c86b5422d972ba509bbbe60d58925310c744a33e28
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/fonts/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/css/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: font/woff2
Content-Length: 15712
Last-Modified: Mon, 01 Aug 2022 13:02:25 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee1-3d60"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/fonts/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
164.90.197.12200 OK 16 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/fonts/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 15872, version 1.0\012- data
Hash 020c97dc8e0463259c2f9df929bb0c69
8f956a31154047d1b6527b63db2ecf0f3a463f24
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/fonts/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/css/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: font/woff2
Content-Length: 15872
Last-Modified: Mon, 01 Aug 2022 13:02:24 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee0-3e00"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 527ec109f6e1d31ffadf09d73e34f233
3a214d9e7ff9796507c93f250a89c5e8f8571410
5753d2d7f52438fdffc4c692b66ff3372ef3fa4779ccbf65d7074e9546139d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3379
Cache-Control: max-age=115584
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:02 GMT
Etag: "638c552b-116"
Expires: Tue, 06 Dec 2022 09:03:26 GMT
Last-Modified: Sun, 04 Dec 2022 08:07:07 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
profit-4580-per-day.com/akrurox2jo/fonts/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
164.90.197.12200 OK 16 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/fonts/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 15816, version 1.0\012- data
Hash 2735a3a69b509faf3577afd25bdf552e
8621aff863b67040010ccc183da5b9079ce6fd1d
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/fonts/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/css/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: font/woff2
Content-Length: 15816
Last-Modified: Mon, 01 Aug 2022 13:02:24 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee0-3dc8"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/fonts/KFOkCnqEu92Fr1MmgVxIIzI.woff2
164.90.197.12200 OK 16 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/fonts/KFOkCnqEu92Fr1MmgVxIIzI.woff2
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 15808, version 1.0\012- data
Hash 7370c3679472e9560965ff48a4399d0b
7d02b9455622a72bfc55a938a3e6bcccfcd57d0e
12823d585605238121554aff8bb060a235dc36f37efd9fb1e7e6ea1a9622bc35
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/fonts/KFOkCnqEu92Fr1MmgVxIIzI.woff2 HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/css/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: font/woff2
Content-Length: 15808
Last-Modified: Mon, 01 Aug 2022 13:02:24 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee0-3dc0"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/fonts/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
164.90.197.12404 Not Found 146 B URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/fonts/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/fonts/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/css/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
profit-4580-per-day.com/akrurox2jo/images/slide3.jpg
164.90.197.12200 OK 44 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/slide3.jpg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 578x540, components 3\012- data
Hash 0a50fa8ccb7807ce974ba384b9a33964
d02888cc8871b32927521365c830532fc21c8916
12c8b1d78f900f993ed7cd1a134a92bd530d02cec780f871184bfa31c7faee62
GET /akrurox2jo/images/slide3.jpg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: image/jpeg
Content-Length: 44059
Last-Modified: Mon, 01 Aug 2022 13:02:30 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee6-ac1b"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
profit-4580-per-day.com/akrurox2jo/images/slideThumb2.jpg
164.90.197.12200 OK 4.3 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/slideThumb2.jpg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash ccf2411a1fce48f83b1f8f45c9ee9b8a
edcf1eedde1662cdc2b79306b01ccf367f29c6f4
a5978d96ced9e8e1ebbef89a393c9e3020d5b72a045e80ae8c508c40cbea5e52
GET /akrurox2jo/images/slideThumb2.jpg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: image/jpeg
Content-Length: 4269
Last-Modified: Mon, 01 Aug 2022 13:02:31 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee7-10ad"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/images/laptop.png
164.90.197.12200 OK 4.9 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/laptop.png
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 781 x 451, 8-bit colormap, non-interlaced\012- data
Hash f6a01ccae5c5b1251a2d0a40f554318c
3656f33a71e9da5d6f8d302a369f98f4b2454f8d
7bc3d2a94e1792aeeae3a0b4d7a771195c400684a458024fb5d78f134c38f0fd
GET /akrurox2jo/images/laptop.png HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/css/firstLook.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: image/png
Content-Length: 4860
Last-Modified: Mon, 01 Aug 2022 13:02:27 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee3-12fc"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/images/slideThumb1.jpg
164.90.197.12200 OK 2.3 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/slideThumb1.jpg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 98a9f1d6e8d099290563e20e0eae19b0
9f6c1c616e28aa38cb1e17f48273924c6143e995
4686b8628f06ab0919c3ca53eb502e837314e364a0d13fa5b540616ecc0dd18c
GET /akrurox2jo/images/slideThumb1.jpg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: image/jpeg
Content-Length: 2257
Last-Modified: Mon, 01 Aug 2022 13:02:31 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee7-8d1"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/images/slideThumb3.jpg
164.90.197.12200 OK 1.9 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/slideThumb3.jpg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 706b95eaec1ce4897f3afb97c6a554d0
95095c88b32e5be30d9dfbf35815f71cfa086aa1
5cf81920ec2de8222834fe2233d3f0ddeecaa304dee77f84ab045cada0fafda1
GET /akrurox2jo/images/slideThumb3.jpg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: image/jpeg
Content-Length: 1870
Last-Modified: Mon, 01 Aug 2022 13:02:31 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee7-74e"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/images/nextSlide.svg
164.90.197.12200 OK 312 B URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/nextSlide.svg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 347b584079475a7dfadf9509bc6dac1d
cd102d9ad9427107a4bdfdfa0d456c124b3713eb
c86f92395c64eb2a38d8d0eebc2dfc29d86e4d270557b41f086156bf593d1bb4
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/images/nextSlide.svg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: image/svg+xml
Content-Length: 312
Last-Modified: Mon, 01 Aug 2022 13:02:28 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee4-138"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/images/slide1.jpg
164.90.197.12200 OK 58 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/slide1.jpg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 578x540, components 3\012- data
Hash 24d97ea1382687e293ad12e93e1455f0
91a52260d3d3d47e40cdfdcbbacecaf370640f59
84a89a9c18afecf6c2aec21880c64f3f596a35dc26ddf52844ec1ffa25a7b0f1
GET /akrurox2jo/images/slide1.jpg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: image/jpeg
Content-Length: 58421
Last-Modified: Mon, 01 Aug 2022 13:02:30 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee6-e435"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cbee23896ae310b537fd1983dda5582
2da8637abcde9f7f229d30944e8af01d98044981
7c8dad8c4d0c312a9e9e67f892b6c96732c042b93efe47293d4f8bcaf4276624
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C8DAD8C4D0C312A9E9E67F892B6C96732C042B93EFE47293D4F8BCAF4276624"
Last-Modified: Sun, 04 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17959
Expires: Mon, 05 Dec 2022 05:56:22 GMT
Date: Mon, 05 Dec 2022 00:57:03 GMT
Connection: keep-alive
profit-4580-per-day.com/akrurox2jo/images/step1.jpg
164.90.197.12200 OK 24 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/step1.jpg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 393x390, components 3\012- data
Hash 2837d583f517298db92c6f6923c0095c
2dbd8eafc57818a19e2188cdcdc418b0f0fe7aeb
b1b07378de2e1fa04d8c04559a4647a9d8d2d7a110e573bb78c3b366d08711e4
GET /akrurox2jo/images/step1.jpg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: image/jpeg
Content-Length: 23792
Last-Modified: Mon, 01 Aug 2022 13:02:32 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee8-5cf0"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/images/slide4.jpg
164.90.197.12200 OK 83 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/slide4.jpg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 578x540, components 3\012- data
Hash 293908d578182d83245c3671ca59d1a5
dd0d57bf1c92629fe644d2c7ec58a91cca58202e
0919f4a73d27fe150b9ad9d32c650b945d0e49f4d472805d601bd960d6c9f938
GET /akrurox2jo/images/slide4.jpg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: image/jpeg
Content-Length: 83009
Last-Modified: Mon, 01 Aug 2022 13:02:30 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee6-14441"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/images/slide2.jpg
164.90.197.12200 OK 47 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/slide2.jpg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 578x540, components 3\012- data
Hash f0e8845c2bc48ea9be9033cb85085943
44402dd7e52cd37806891949c1be924dcda41a0e
84f313bc9daa0c7d23aed6f57061ab6262fb16cb395765e73a4e1b788214eba8
GET /akrurox2jo/images/slide2.jpg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:02 GMT
Content-Type: image/jpeg
Content-Length: 47165
Last-Modified: Mon, 01 Aug 2022 13:02:30 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee6-b83d"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/images/step3.jpg
164.90.197.12200 OK 15 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/step3.jpg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 393x390, components 3\012- data
Hash 90a5081ab33ce471ecf956727cefc669
03a2656043fd5d7c5ddf4701b02ea3abb18f7018
680d8e151eb040de07abe3dd4740820d4fe991e4dacb262af770238f9f9eba7d
GET /akrurox2jo/images/step3.jpg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: image/jpeg
Content-Length: 15175
Last-Modified: Mon, 01 Aug 2022 13:02:32 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee8-3b47"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-3580-per-day.com/eng/form/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=&land=https%3A%2F%2Fprofit-4580-per-day.com%2Fbtc_profit_pay_en%2F
164.90.197.12200 OK 5.7 kB URL HTTP/1.1 profit-3580-per-day.com/eng/form/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=&land=https%3A%2F%2Fprofit-4580-per-day.com%2Fbtc_profit_pay_en%2F
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (480), with CRLF line terminators
Hash 1db03eb7d253d07ab6fa4e02e5ee21d6
5736208fe17bc17bc149563f12437eb6f25a7e51
fecaeb7a0fd0674d5131af3519d959caac09b71ddf0a17fbaf60afbae1fea225
GET /eng/form/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=&land=https%3A%2F%2Fprofit-4580-per-day.com%2Fbtc_profit_pay_en%2F HTTP/1.1
Host: profit-3580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.29
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/images/phone.png
164.90.197.12200 OK 29 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/phone.png
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 380 x 457, 8-bit colormap, non-interlaced\012- data
Hash 943f9abbfacdab916b4220985e6d6d37
f987e0fe50aa425792960978befc18236b0470dd
6b3ab3fdc603469db4a80edc4f0d44c21c3250e03dfdad06f1b11a4e6c11c17e
GET /akrurox2jo/images/phone.png HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: image/png
Content-Length: 28611
Last-Modified: Mon, 01 Aug 2022 13:02:28 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee4-6fc3"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/images/trust.svg
164.90.197.12200 OK 48 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/trust.svg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5813)
Hash 660d582484674f189c95f036a938388d
f6a8215280d8c1100ef9a364fe3fcb0f3b60926b
187549de8c61cefcd35e7769ea376ec4937e94350b640699b5ab6e3b84916a22
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/images/trust.svg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: image/svg+xml
Content-Length: 48201
Last-Modified: Mon, 01 Aug 2022 13:02:32 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee8-bc49"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/js/youtubeUP.js
164.90.197.12200 OK 825 B URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/js/youtubeUP.js
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (858)
Hash 5f0e30ce7898633cc247f1d8fd8b14dd
0d5547934d7a31eb5bc0710c4eac1d53ef444f00
7a4378564564b41839ad865a5c733476a237f9c505cac4db3f521e92f103be83
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/js/youtubeUP.js HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: application/javascript
Last-Modified: Mon, 01 Aug 2022 13:02:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62e7ceed-6d8"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/images/step2.jpg
164.90.197.12200 OK 16 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/step2.jpg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 394x390, components 3\012- data
Hash ef75511d3898acb069593a194d68f9c9
734ee227de64b475920f19e7c6389eebcebf66c5
c2e5a82447d8faf9323fffe8c419cf87ac28218f58d30a04fbe43dcf290d86e2
GET /akrurox2jo/images/step2.jpg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: image/jpeg
Content-Length: 15863
Last-Modified: Mon, 01 Aug 2022 13:02:32 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee8-3df7"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/images/paySystems.svg
164.90.197.12200 OK 80 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/paySystems.svg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (64900)
Hash efeae9625b44927989aba8743552f351
b52259b3ea74ddf170ff1662f8d1a2da60c41fc4
16aa26037134f2f3342efbcc379154503e1f440d1973e68b16fdf4649322a94a
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/images/paySystems.svg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: image/svg+xml
Content-Length: 80534
Last-Modified: Mon, 01 Aug 2022 13:02:28 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee4-13a96"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b394f0f64ae30b54045a441726ae267
c8d48b923bc6d858c46703243ff35f9b2c682f77
6fc1da5635b272f50b277aeeb5ea147d76e661bfa3f083922bc962b4754abd86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FC1DA5635B272F50B277AEEB5EA147D76E661BFA3F083922BC962B4754ABD86"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 05 Dec 2022 06:57:03 GMT
Date: Mon, 05 Dec 2022 00:57:03 GMT
Connection: keep-alive
profit-4580-per-day.com/akrurox2jo/images/volume.png
164.90.197.12200 OK 875 B URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/volume.png
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 256 x 256, 1-bit colormap, non-interlaced\012- data
Hash 25209f54cceeb6ac42097d82256cbfab
a2cbcfb42b1ce89a17aed8bf640b90f057319390
cf53ba9a7f63136e884da82519c4f9343a04b1f56c4ad19b8014a91078f88e77
GET /akrurox2jo/images/volume.png HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: image/png
Content-Length: 875
Last-Modified: Mon, 01 Aug 2022 13:02:33 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee9-36b"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/images/manager.png
164.90.197.12200 OK 15 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/manager.png
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash a78f9e53f806f4aebf8d2dcdaf34efd2
f62c886a6489ab883dbbf9252412dc14785a4eb9
6dd061127e18d837f3b3e7234033f0f3e9d916a97ce44a8f091544c4b9066ddc
GET /akrurox2jo/images/manager.png HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: image/png
Content-Length: 14960
Last-Modified: Mon, 01 Aug 2022 13:02:28 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee4-3a70"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/images/bgFooter.jpg
164.90.197.12200 OK 63 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/bgFooter.jpg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1440x1144, components 3\012- data
Hash ede696e983a1c1f61dd81caa50b0131b
210abfbafa545a7300dcf405073e794f8975482c
a4c1dd28d3d4c1f11a7957ed6db76c6792832652aff38cd8747ac4f480d8bfad
GET /akrurox2jo/images/bgFooter.jpg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/css/index.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: image/jpeg
Content-Length: 63311
Last-Modified: Mon, 01 Aug 2022 13:02:26 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee2-f74f"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/fonts/S6uyw4BMUTPHjx4wXg.woff2
164.90.197.12200 OK 24 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/fonts/S6uyw4BMUTPHjx4wXg.woff2
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 23484, version 1.0\012- data
Hash b4d2c4c39853ee244272c04999b230ba
c82e22dde9716c40ba20e6c7ed03a1b66556de15
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/fonts/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/css/lato.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: font/woff2
Content-Length: 23484
Last-Modified: Mon, 01 Aug 2022 13:02:25 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee1-5bbc"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/fonts/KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2
164.90.197.12200 OK 9.9 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/fonts/KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 9896, version 1.0\012- data
Hash 40d83d8ad509c7ec5c40c4c20c184707
dce72b9a1d90939d5e2f67b845a1f1714e1f52d9
1a22910624568e1029f5f252db1da3a0bfe6be9646f6516c49a3d7ff206753ba
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/fonts/KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2 HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/css/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: font/woff2
Content-Length: 9896
Last-Modified: Mon, 01 Aug 2022 13:02:24 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee0-26a8"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1d4/8zRofmzdPas
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/8zRofmzdPas
IP 142.250.74.131:0
Hash ca2574bcbfad647385a98d3c6e83da05
047111bf34e3362f17f4de5ecddc4c999bb52dd2
c041977f47a8931480e5f3beedaec634adcf3400eafb08d4992196c2e472d681
POST /s/gts1d4/8zRofmzdPas HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
profit-4580-per-day.com/akrurox2jo/fonts/S6u9w4BMUTPHh6UVSwiPGQ.woff2
164.90.197.12200 OK 23 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/fonts/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 22992, version 1.0\012- data
Hash 1efbd38aa76ddae2580fedf378276333
8a49976f2470ba2a1db6144245355d3b889312e4
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/fonts/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/css/lato.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: font/woff2
Content-Length: 22992
Last-Modified: Mon, 01 Aug 2022 13:02:25 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee1-59d0"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-3580-per-day.com/eng/form/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=&land=https%3A%2F%2Fprofit-4580-per-day.com%2Fbtc_profit_pay_en%2F
164.90.197.12200 OK 5.7 kB URL HTTP/1.1 profit-3580-per-day.com/eng/form/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=&land=https%3A%2F%2Fprofit-4580-per-day.com%2Fbtc_profit_pay_en%2F
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (480), with CRLF line terminators
Hash 1db03eb7d253d07ab6fa4e02e5ee21d6
5736208fe17bc17bc149563f12437eb6f25a7e51
fecaeb7a0fd0674d5131af3519d959caac09b71ddf0a17fbaf60afbae1fea225
GET /eng/form/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=&land=https%3A%2F%2Fprofit-4580-per-day.com%2Fbtc_profit_pay_en%2F HTTP/1.1
Host: profit-3580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.29
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-4580-per-day.com/akrurox2jo/fonts/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
164.90.197.12200 OK 17 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/fonts/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 17020, version 1.0\012- data
Hash da0e717829e033a69dec97f1e155ae42
a998348571bb10988dfcc32d9c214b27f87c007e
5cc2e47701ee7dc9e0ba16303e170db0fcb2df2989b7763ac705893d37b4e237
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/fonts/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2 HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/css/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: font/woff2
Content-Length: 17020
Last-Modified: Mon, 01 Aug 2022 13:02:23 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cedf-427c"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/images/question.svg
164.90.197.12200 OK 167 B URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/question.svg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 0f3178690d4a9b715cef2ef17b7fb8ff
897dd74f7a4bc4ada26e954e909e37b20f69bdd2
18f396987227bd09ddc298b958e918e932f36e1e3804d21748ac4e7236ad21aa
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/images/question.svg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/css/index.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: image/svg+xml
Content-Length: 167
Last-Modified: Mon, 01 Aug 2022 13:02:29 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee5-a7"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/images/infoIcon.svg
164.90.197.12200 OK 966 B URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/infoIcon.svg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (793)
Hash be1fdf9e0ccad8e527500a05ec4ea1ec
39e5c98a2a6a297e930a2b3b4318ac0312cf0d32
87e75ab039eeb6ec6e1be02033702f0d4b55f631b4c22fd1fbd7dd0ae19deaee
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/images/infoIcon.svg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: image/svg+xml
Content-Length: 966
Last-Modified: Mon, 01 Aug 2022 13:02:27 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee3-3c6"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
profit-4580-per-day.com/akrurox2jo/images/firstBg.jpg
164.90.197.12200 OK 101 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/firstBg.jpg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1439x1532, components 3\012- data
Size 101 kB (101311 bytes)
Hash 1c1498a1b8fccbc260b76efcf96eb11c
370e37c4126cbaaba8f79db287f04b4a08a35e71
b129ad614f693dec712452f6c53a11e786de95a2b56271165de9597d04ba39fb
GET /akrurox2jo/images/firstBg.jpg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/css/index.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: image/jpeg
Content-Length: 101311
Last-Modified: Mon, 01 Aug 2022 13:02:27 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee3-18bbf"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
profit-4580-per-day.com/akrurox2jo/images/questionActive.svg
164.90.197.12200 OK 2.3 kB URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/images/questionActive.svg
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
Hash 402e528d1b651be3f41b553932911cc8
73cf87efdbd73614bf27deafb88891079b2cd8a9
f9d06182852dadb3a30bbadf4e73550657e7cd9647ef563b63ada2516ddef318
Analyzer Verdict Alert fortinet Phishing
GET /akrurox2jo/images/questionActive.svg HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/css/index.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: image/svg+xml
Content-Length: 169
Last-Modified: Mon, 01 Aug 2022 13:02:29 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "62e7cee5-a9"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
s.ytimg.com/yts/jsbin/www-widgetapi-vflN2g023/www-widgetapi.js
142.250.74.142200 OK 7.7 kB URL HTTP/2 s.ytimg.com/yts/jsbin/www-widgetapi-vflN2g023/www-widgetapi.js
IP 142.250.74.142:0
File type ASCII text, with very long lines (783)
Hash 8a16a770683ddcefb4bf88b49fdf94f8
96eb759723f032cfade39ca4de4082166aca8be4
173795ca8b1880e750ef95ad05a896e225a530f2aa27536ba3d15c6603a22d8e
GET /yts/jsbin/www-widgetapi-vflN2g023/www-widgetapi.js HTTP/1.1
Host: s.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: https://www.youtube.com
content-length: 7738
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:13:09 GMT
expires: Wed, 07 Dec 2022 18:13:09 GMT
cache-control: public, max-age=691200
last-modified: Sat, 23 Feb 2019 21:30:08 GMT
content-type: text/javascript
age: 456234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
profit-4580-per-day.com/aso_worker.js
164.90.197.12200 OK 78 B URL HTTP/1.1 profit-4580-per-day.com/aso_worker.js
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash 28c26a7d64ab8c7c53e50f85e3b5581a
fce22d471cc55e0f62334528b26f7219add2420c
400867c0e5295a49fb129ad8926a975634e6575d94d010835654142fd85fc880
Analyzer Verdict Alert fortinet Phishing
GET /aso_worker.js HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 15 Oct 2021 15:42:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6169a168-3a"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
ocsp.pki.goog/s/gts1d4/8zRofmzdPas
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/8zRofmzdPas
IP 142.250.74.131:0
Hash ca2574bcbfad647385a98d3c6e83da05
047111bf34e3362f17f4de5ecddc4c999bb52dd2
c041977f47a8931480e5f3beedaec634adcf3400eafb08d4992196c2e472d681
POST /s/gts1d4/8zRofmzdPas HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
profit-4580-per-day.com/akrurox2jo/favicon.ico
164.90.197.12200 OK 704 B URL HTTP/1.1 profit-4580-per-day.com/akrurox2jo/favicon.ico
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 975f53732620a441c653e81d84ca32d4
37b75145b408548de3d2bc73c5ad756139cc675c
1035c7967f2c73b8ee22228c73ebb2e34f985980e6d20114fab9a9c5b75ec49b
GET /akrurox2jo/favicon.ico HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: image/x-icon
Last-Modified: Mon, 01 Aug 2022 13:02:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62e7cedb-47e"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-3580-per-day.com/eng/form/style.css
164.90.197.12200 OK 20 B URL HTTP/1.1 profit-3580-per-day.com/eng/form/style.css
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /eng/form/style.css HTTP/1.1
Host: profit-3580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-3580-per-day.com/eng/form/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=&land=https%3A%2F%2Fprofit-4580-per-day.com%2Fbtc_profit_pay_en%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: text/css
Last-Modified: Thu, 02 Sep 2021 12:14:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6130c03e-0"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-3580-per-day.com/eng/form/css/intlTelInput.min.css
164.90.197.12200 OK 2.9 kB URL HTTP/1.1 profit-3580-per-day.com/eng/form/css/intlTelInput.min.css
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (19150), with CRLF line terminators
Hash 3cb962ac9f9afec45df873caa55c56df
1cdff60c0006aa721ebf0357a37f649c4275e4fc
8d81427c870ba127eafbafd28b9731ad24997918e3b144a97a6a5c8dd9493bba
GET /eng/form/css/intlTelInput.min.css HTTP/1.1
Host: profit-3580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-3580-per-day.com/eng/form/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=&land=https%3A%2F%2Fprofit-4580-per-day.com%2Fbtc_profit_pay_en%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: text/css
Last-Modified: Thu, 14 Oct 2021 16:24:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"616859b2-4ad0"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
profit-3580-per-day.com/eng/form/js/intlTelInput.js
164.90.197.12200 OK 21 kB URL HTTP/1.1 profit-3580-per-day.com/eng/form/js/intlTelInput.js
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (9887)
Hash 7be3a149ab2a54f6c91e6b9ee5fae86a
416a612a616136217347ad67ab7853702fd25ac1
602f8e7d18cce8518563d741cc51b0b7e65e554c506e8a29fb601594a4d76953
GET /eng/form/js/intlTelInput.js HTTP/1.1
Host: profit-3580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-3580-per-day.com/eng/form/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=&land=https%3A%2F%2Fprofit-4580-per-day.com%2Fbtc_profit_pay_en%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: application/javascript
Last-Modified: Thu, 14 Oct 2021 13:39:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6168331c-15cfa"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
script.hotjar.com/modules.90de377b639fd5b933d2.js
143.204.55.46200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.90de377b639fd5b933d2.js
IP 143.204.55.46:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 8766036825574dfbddbfc197bd098f6b
3c6087743e1b23d7f071f66d65bec1fdb143a2c2
89c7cf4e7103f90d1cc059e02ac95e97a976de4867e6215945fa6046b04db0b8
GET /modules.90de377b639fd5b933d2.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68504
date: Thu, 01 Dec 2022 13:37:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "8766036825574dfbddbfc197bd098f6b"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zIp1sf6V-_1I2PgNa2Xmy5xeKbn9V88ZfHXPYReeqQTl7RyqXx-LAw==
age: 299997
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
69.16.175.42200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://profit-3580-per-day.com
Connection: keep-alive
Referer: https://profit-3580-per-day.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:57:03 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670201823.dop208.sk1.t,1670201823.cds219.sk1.hn,1670201823.cds210.sk1.c
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.1.0/dist/css/bootstrap.min.css
151.101.65.229200 OK 24 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.1.0/dist/css/bootstrap.min.css
IP 151.101.65.229:0
File type Unicode text, UTF-8 text, with very long lines (65306)
Hash a361f70389539269b5a61651ba454adb
9acaf0e11c255a59680a270e73360c05a1abbbaf
ac4896c9a7e1d683617235232898d59c2008d50614cf23ffcc92db4315a4cece
GET /npm/bootstrap@5.1.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://profit-3580-per-day.com
Connection: keep-alive
Referer: https://profit-3580-per-day.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.1.0
x-jsd-version-type: version
etag: W/"27ba0-OW9RszP/bwkm9uZ61ubJxpvqezE"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 05 Dec 2022 00:57:03 GMT
age: 2932316
x-served-by: cache-fra-eddf8230052-FRA, cache-bma1663-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23886
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.1.0/dist/js/bootstrap.min.js
151.101.65.229200 OK 16 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.1.0/dist/js/bootstrap.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (59232)
Hash 261e52b2f780726138cb7bb9ec0a886f
0d7c482733559f916e4a34c7bc717347b93890da
a8253b223b539a4313257f60bfedc977bf362db3f0e1e1823c351421d0321572
GET /npm/bootstrap@5.1.0/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://profit-3580-per-day.com
Connection: keep-alive
Referer: https://profit-3580-per-day.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.1.0
x-jsd-version-type: version
etag: W/"e877-9yckUENWCCfKhSMedSSnRg02T0c"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 05 Dec 2022 00:57:03 GMT
age: 7090808
x-served-by: cache-fra19173-FRA, cache-bma1663-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15864
X-Firefox-Spdy: h2
profit-4580-per-day.com/btcrates
164.90.197.12404 Not Found 106 B URL HTTP/1.1 profit-4580-per-day.com/btcrates
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 41e26d195447e282a13a3219d61c130c
4eb09944c10ac39f6adeebb6be44c8a1d732bc79
f9ed0f2922c4344a8b293d792c2d81fa68e568256170dbed363adb679d1e7783
Analyzer Verdict Alert fortinet Phishing
GET /btcrates HTTP/1.1
Host: profit-4580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://profit-4580-per-day.com/akrurox2jo/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=
Cookie: _ga_LW980FMRD6=GS1.1.1670201820.1.0.1670201820.0.0.0; _ga=GA1.1.1774097919.1670201821
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Content-Encoding: gzip
www.youtube.com/embed/G56jQN6m-ZQ?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=G56jQN6m-ZQ&mute=1&enablejsapi=1&origin=https%3A%2F%2Fprofit-4580-per-day.com&widgetid=1
142.250.74.142200 OK 29 kB URL HTTP/2 www.youtube.com/embed/G56jQN6m-ZQ?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=G56jQN6m-ZQ&mute=1&enablejsapi=1&origin=https%3A%2F%2Fprofit-4580-per-day.com&widgetid=1
IP 142.250.74.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58608)
Hash 7bb9056384a46a52e496bbd09f96d991
d36e9ae62b048316ff16e5b779d0f628ba81ffbe
008fe49fd8cb69b1684fd7afc433a33b9ecb065bf2028b49e5b3546f571a0c25
GET /embed/G56jQN6m-ZQ?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=G56jQN6m-ZQ&mute=1&enablejsapi=1&origin=https%3A%2F%2Fprofit-4580-per-day.com&widgetid=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 00:57:03 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'nonce-uzSvAcvOe7Q82HoazytBZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=lUSoqeCDnmo; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=CupKRtuoGVA; Domain=.youtube.com; Expires=Sat, 03-Jun-2023 00:57:03 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+596; expires=Wed, 04-Dec-2024 00:57:03 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 270540
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash b040d67a8ed4e23e5ca5a9b1a8abf4b0
05b62be478fd251f20c70f8b6c53eb5b2873c59a
00cd008c7ddf75ea7834f62f8fdf2fae9ef8728b1d753c4a8a5432568034bbc2
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:57:03 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "4CC1FB4284A05FEBCCEC8811C9BB97C3A69AA902"
Expires: Mon, 05 Dec 2022 12:00:00 GMT
Last-Modified: Mon, 05 Dec 2022 00:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 34
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7748d3558abcb4eb-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 288980
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8665
Expires: Mon, 05 Dec 2022 03:21:29 GMT
Date: Mon, 05 Dec 2022 00:57:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8665
Expires: Mon, 05 Dec 2022 03:21:29 GMT
Date: Mon, 05 Dec 2022 00:57:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8665
Expires: Mon, 05 Dec 2022 03:21:29 GMT
Date: Mon, 05 Dec 2022 00:57:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fddffc8edfa3ca668c8ac740d34f46c5
63483fc211cfb2808c7f37940a4065b4f4177c59
3c736f085f8f25d68c3dd946d5a546dc6d1f5f6e94a0da17b7fd4662d61a0b50
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8660
x-amzn-requestid: d5cf901f-bd2b-4269-918a-29a0bec09a40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uBG9IIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1326-63b4ea925878dab212409f2b;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EZVmzJ--Jl3Z90-Dc_LY7w35ns5HiHBhwNWfPFZqjd_GILMKpaTI7w==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "63483fc211cfb2808c7f37940a4065b4f4177c59"
content-type: image/jpeg
age: 11315
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8e6f84dff61fedd8ff9baa9bb648883
f8d5cc7b315879b66a11b403463da1330617d2fa
025c66a4a0e7927353e1733d7f8cfb6ec3c9c0228d34267cbff11f09cf112127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12348
x-amzn-requestid: 72f681ef-9ae7-4fc5-8539-230e1d4277a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKa_HpTIAMFrcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abddf-43ef45165fd982997e5018c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:09:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGsNaADKr1KoJT7rxDSFf8dxM1_IXsaF67Eqe8DIO9PAJy8HtqQKng==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:21:42 GMT
age: 77722
etag: "f8d5cc7b315879b66a11b403463da1330617d2fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0402b0c3474a5bd3b1ba804528b64a8
2d47af0fb664d9fec52549bb3bdba1dfd8911bb2
7f87af77663b8bf22211e135554ada8865cdcf6499e9fcf0f3442b10ca3984e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5276
x-amzn-requestid: d337310e-59be-4268-bfd0-8cc4f2c91a11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_soE98IAMF0aA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-230591591f8fd0984c222549;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4Id8aWDt9bVlBXcsMK9LEAoqggewzLb9h4eZfuvYMGON2NnwyiP3Pg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "2d47af0fb664d9fec52549bb3bdba1dfd8911bb2"
content-type: image/jpeg
age: 11315
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb029b41d342a82250aef6d6f713be6e
cd754bb6094d2e456b95dce8daace45a0de8a121
c16e364547c9e7a3c487b614073d59c7c495c5e5387b75136afab0dc68bebca4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10031
x-amzn-requestid: ca6c11c5-8842-4ffb-bb9e-5351c4e60c5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjY0CGUVIAMFxog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ad4e6-4282be9f505aa5764e9b1fa2;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 04:47:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vg9n0d9YqjfrKwJHGGcztV4gsGENhNYUuC1HUmWFsxRlDdMSpV4IQw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 15:58:47 GMT
age: 32297
etag: "cd754bb6094d2e456b95dce8daace45a0de8a121"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b8e1482-c241-410e-81b0-55ea5ac84c98.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b8e1482-c241-410e-81b0-55ea5ac84c98.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 50eeb012f0903f0848c8afcd6b26a7ec
ff7740d3c12ce7ab23291272221c0d9503f9c139
f4aeac45941c34d8e0794d20a4bb2658b020fed85c5059f247844f2755bc9d72
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b8e1482-c241-410e-81b0-55ea5ac84c98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7631
x-amzn-requestid: 9fc3a621-dcd9-4332-b085-6cda0cb25ac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYF2toAMFVkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-36f6c7d67940ed18394328c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: azPc-KWHbEA3DMhyphQq3zERUrF14hxrEHwxDZZfcFlu5-IpyKwtgw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:17:41 GMT
age: 77963
etag: "ff7740d3c12ce7ab23291272221c0d9503f9c139"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c36448c65274ebbe1eb21e3bf02385e
e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28
6f17788a394f1305755805a1b92117b1c1a03a1e3a075cb97a0da5184d574553
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6430
x-amzn-requestid: ae2ec151-d383-4554-9ac2-3d204701251c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ttFDKoAMFp0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1324-15aebb1a06253068472a6ab0;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hEiLpBd0Tubj3-Wgqh_jpK6XEekyrHfuQxpVD_JLlNSAQj41XK_1EA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:15 GMT
age: 11089
etag: "e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-LW980FMRD6>m=2oebu0&_p=923099975&cid=1774097919.1670201821&ul=en-us&sr=1280x1024&_s=1&sid=1670201820&sct=1&seg=0&dl=https%3A%2F%2Fprofit-4580-per-day.com%2Fakrurox2jo%2F%3Fclick%3D1d68ccb0a5374cee866d6803acef28%26fn%3D%26ln%3D%26ph%3D%26em%3D%26pub_id%3D35205%26ip%3D91.90.42.154%26sub1%3D%26sub2%3D%26sub3%3D%26sub4%3D%26sub5%3D%26country%3DNO%26sub11%3D%26sub12%3D%26sub13%3D&dt=Bitcoin%20Profit%20Way&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-LW980FMRD6>m=2oebu0&_p=923099975&cid=1774097919.1670201821&ul=en-us&sr=1280x1024&_s=1&sid=1670201820&sct=1&seg=0&dl=https%3A%2F%2Fprofit-4580-per-day.com%2Fakrurox2jo%2F%3Fclick%3D1d68ccb0a5374cee866d6803acef28%26fn%3D%26ln%3D%26ph%3D%26em%3D%26pub_id%3D35205%26ip%3D91.90.42.154%26sub1%3D%26sub2%3D%26sub3%3D%26sub4%3D%26sub5%3D%26country%3DNO%26sub11%3D%26sub12%3D%26sub13%3D&dt=Bitcoin%20Profit%20Way&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LW980FMRD6>m=2oebu0&_p=923099975&cid=1774097919.1670201821&ul=en-us&sr=1280x1024&_s=1&sid=1670201820&sct=1&seg=0&dl=https%3A%2F%2Fprofit-4580-per-day.com%2Fakrurox2jo%2F%3Fclick%3D1d68ccb0a5374cee866d6803acef28%26fn%3D%26ln%3D%26ph%3D%26em%3D%26pub_id%3D35205%26ip%3D91.90.42.154%26sub1%3D%26sub2%3D%26sub3%3D%26sub4%3D%26sub5%3D%26country%3DNO%26sub11%3D%26sub12%3D%26sub13%3D&dt=Bitcoin%20Profit%20Way&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://profit-4580-per-day.com
Connection: keep-alive
Referer: https://profit-4580-per-day.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://profit-4580-per-day.com
date: Mon, 05 Dec 2022 00:57:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
profit-3580-per-day.com/eng/form/js/utils.js?21
164.90.197.12200 OK 57 kB URL HTTP/1.1 profit-3580-per-day.com/eng/form/js/utils.js?21
IP 164.90.197.12:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1830)
Hash 5a89ab5c17341ea6719f401709e9d23d
ffaea30660a71ca631a99f7546b139f354ebf7c5
3c10044c2c501e1a92a5ed1dab6c3e5b58a3b2bb86236d7271beb8b20a21365c
GET /eng/form/js/utils.js?21 HTTP/1.1
Host: profit-3580-per-day.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-3580-per-day.com/eng/form/?click=1d68ccb0a5374cee866d6803acef28&fn=&ln=&ph=&em=&pub_id=35205&ip=91.90.42.154&sub1=&sub2=&sub3=&sub4=&sub5=&country=NO&sub11=&sub12=&sub13=&land=https%3A%2F%2Fprofit-4580-per-day.com%2Fbtc_profit_pay_en%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 00:57:04 GMT
Content-Type: application/javascript
Last-Modified: Thu, 14 Oct 2021 13:53:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"61683646-3cffb"
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 68570b7de13c7dfdf686da25ce10d668
61c1304152f11e6a83c383fff8d5e498c4385e6f
537302c07522f4bf1e766fbb1a8da346f59526715a5fcecd3f6aa4817b6b32ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 00:51:04 GMT
expires: Mon, 05 Dec 2022 01:06:04 GMT
cache-control: public, max-age=900
age: 360
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.130302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 05 Dec 2022 00:57:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 68570b7de13c7dfdf686da25ce10d668
61c1304152f11e6a83c383fff8d5e498c4385e6f
537302c07522f4bf1e766fbb1a8da346f59526715a5fcecd3f6aa4817b6b32ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.234200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 05 Dec 2022 00:57:04 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
142.250.74.132200 OK 14 kB URL HTTP/2 www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (36143)
Hash a08dfd96c563f96f7d11b4858aecfa13
d9abee2c38b89d3dea85e76bb741bb8f4f993d49
fedde263fa3b4116029d93d0250f5eab845964d5fcf24e40ffbcd9bf292a0db4
GET /js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14211
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 06:09:06 GMT
expires: Thu, 30 Nov 2023 06:09:06 GMT
cache-control: public, max-age=31536000
age: 413278
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.234200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 97c38ee24485d611e44a140ae68fa94d
b3009b59702d183a94d2406f1ba34f038fd61004
cceb10531fc37f457704e75df78ec0b8952af77f14da2518a9834ac3dba29c37
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 05 Dec 2022 00:57:04 GMT
server: ESF
cache-control: private
content-length: 30953
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 67e4709c84acec8eddbeb11d56e7d0fd
32a14eeba023499cda0d49fd785ac7626f4a5582
8953090ad9df36f81c3393cc6c67c87b6ad521b8806c7ea004e0b4354b9e1c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu9WoSzmvZuod_lVQjf-b3GL4qOxYev81HpEiY-JpHkWRFsslzBJ3qpcvrSDwaJ_=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.0 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9WoSzmvZuod_lVQjf-b3GL4qOxYev81HpEiY-JpHkWRFsslzBJ3qpcvrSDwaJ_=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash de6281a4085568a307a55cd55a4c6e4d
0c49ddbf0cf87906963e0a592f74031f8f09ac7f
cdf4cdbbac2252b2593b1a315a7c0cc716e4a4418ac213a5393a8124c15846ce
GET /ytc/AMLnZu9WoSzmvZuod_lVQjf-b3GL4qOxYev81HpEiY-JpHkWRFsslzBJ3qpcvrSDwaJ_=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1044
x-xss-protection: 0
date: Sun, 04 Dec 2022 21:10:49 GMT
expires: Mon, 05 Dec 2022 21:10:49 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 13575
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.234200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 05 Dec 2022 00:57:04 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.234200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a5e86d6d73d45d6252886a5d8385e071
e1662f104e25f59f833f33a31e931ce41c71cbf2
6df8fa396236b0b8da3d2fb996f0b8a0dfea5a6796462236535fe3d5da28bb01
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1146
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 05 Dec 2022 00:57:04 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3da683e93b38aa458905ea8c3d58d1a0
0c6582eb5105b0424dd9a9c168009e988217606c
43301ff40aa19cbde7793d9413c4ab24ddb486de6f53071084241ac2e70f7031
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3da683e93b38aa458905ea8c3d58d1a0
0c6582eb5105b0424dd9a9c168009e988217606c
43301ff40aa19cbde7793d9413c4ab24ddb486de6f53071084241ac2e70f7031
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1670223424&ei=4EGNY6iUGsKRv_IPlu2IwAw&ip=91.90.42.154&id=o-AEKDiltxnW-xEHc-w8HTEoBN-8QuamrxPngliWoUJdzC&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=HF&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2597500&spc=SFxXNpG1Bm77TgIcb4M6OOyGgcdqyfg&vprv=1&mime=video%2Fwebm&ns=Je2DRXLjo4N83iDe2QWj-1cJ&gir=yes&clen=3111387&dur=129.229&lmt=1669704088182101&mt=1670201374&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=ha_HyBv-lTr23A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgWEWOlxCZcTk29cgrd34V93MmonZ3a4cNylNa86lT4QUCIQDe6F81GS7T0se9kE5Whg9Xa6a7Wx96LXxf4I_GX2EeJw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgWIOHGJNaHu5nQ0Nv9-yFU4CyrqhLEXrt_vdqfh-JYX8CIFnfP8rmxD9KaCdzb23Tzg5ZS_R7culcHb2Kyjc1gRi6&alr=yes&cpn=KpkMo_sxG-6zwMk1&cver=1.20221130.01.00&range=0-100617&rn=1&rbuf=0
91.90.45.173200 OK 1.1 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1670223424&ei=4EGNY6iUGsKRv_IPlu2IwAw&ip=91.90.42.154&id=o-AEKDiltxnW-xEHc-w8HTEoBN-8QuamrxPngliWoUJdzC&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=HF&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2597500&spc=SFxXNpG1Bm77TgIcb4M6OOyGgcdqyfg&vprv=1&mime=video%2Fwebm&ns=Je2DRXLjo4N83iDe2QWj-1cJ&gir=yes&clen=3111387&dur=129.229&lmt=1669704088182101&mt=1670201374&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=ha_HyBv-lTr23A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgWEWOlxCZcTk29cgrd34V93MmonZ3a4cNylNa86lT4QUCIQDe6F81GS7T0se9kE5Whg9Xa6a7Wx96LXxf4I_GX2EeJw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgWIOHGJNaHu5nQ0Nv9-yFU4CyrqhLEXrt_vdqfh-JYX8CIFnfP8rmxD9KaCdzb23Tzg5ZS_R7culcHb2Kyjc1gRi6&alr=yes&cpn=KpkMo_sxG-6zwMk1&cver=1.20221130.01.00&range=0-100617&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1099), with no line terminators
Hash 14796d55226d0b5ddc63f534468b9357
8328f0145bb30151d34ae5d58b3ab05b55477f1d
674346454d9193d20079a88242e067554e421a8fbfd43c7dfcbb83198bc934bd
POST /videoplayback?expire=1670223424&ei=4EGNY6iUGsKRv_IPlu2IwAw&ip=91.90.42.154&id=o-AEKDiltxnW-xEHc-w8HTEoBN-8QuamrxPngliWoUJdzC&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=HF&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2597500&spc=SFxXNpG1Bm77TgIcb4M6OOyGgcdqyfg&vprv=1&mime=video%2Fwebm&ns=Je2DRXLjo4N83iDe2QWj-1cJ&gir=yes&clen=3111387&dur=129.229&lmt=1669704088182101&mt=1670201374&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=ha_HyBv-lTr23A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgWEWOlxCZcTk29cgrd34V93MmonZ3a4cNylNa86lT4QUCIQDe6F81GS7T0se9kE5Whg9Xa6a7Wx96LXxf4I_GX2EeJw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgWIOHGJNaHu5nQ0Nv9-yFU4CyrqhLEXrt_vdqfh-JYX8CIFnfP8rmxD9KaCdzb23Tzg5ZS_R7culcHb2Kyjc1gRi6&alr=yes&cpn=KpkMo_sxG-6zwMk1&cver=1.20221130.01.00&range=0-100617&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Mon, 05 Dec 2022 00:57:04 GMT
Expires: Mon, 05 Dec 2022 00:57:04 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1099
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1670223424&ei=4EGNY6iUGsKRv_IPlu2IwAw&ip=91.90.42.154&id=o-AEKDiltxnW-xEHc-w8HTEoBN-8QuamrxPngliWoUJdzC&itag=251&source=youtube&requiressl=yes&mh=HF&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2597500&spc=SFxXNpG1Bm77TgIcb4M6OOyGgcdqyfg&vprv=1&mime=audio%2Fwebm&ns=Je2DRXLjo4N83iDe2QWj-1cJ&gir=yes&clen=1415229&dur=129.241&lmt=1669704102984060&mt=1670201374&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=ha_HyBv-lTr23A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDTGQZGHn5dkS-pEgfR9ef9cwDtOGkv5zXWpwVHkHItcCICt9wTxc7iiT27zzC6XJD4qcYt3PzhXjl8iHzwGQzR5z&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgWIOHGJNaHu5nQ0Nv9-yFU4CyrqhLEXrt_vdqfh-JYX8CIFnfP8rmxD9KaCdzb23Tzg5ZS_R7culcHb2Kyjc1gRi6&alr=yes&cpn=KpkMo_sxG-6zwMk1&cver=1.20221130.01.00&range=0-66019&rn=2&rbuf=0
91.90.45.173200 OK 1.0 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1670223424&ei=4EGNY6iUGsKRv_IPlu2IwAw&ip=91.90.42.154&id=o-AEKDiltxnW-xEHc-w8HTEoBN-8QuamrxPngliWoUJdzC&itag=251&source=youtube&requiressl=yes&mh=HF&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2597500&spc=SFxXNpG1Bm77TgIcb4M6OOyGgcdqyfg&vprv=1&mime=audio%2Fwebm&ns=Je2DRXLjo4N83iDe2QWj-1cJ&gir=yes&clen=1415229&dur=129.241&lmt=1669704102984060&mt=1670201374&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=ha_HyBv-lTr23A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDTGQZGHn5dkS-pEgfR9ef9cwDtOGkv5zXWpwVHkHItcCICt9wTxc7iiT27zzC6XJD4qcYt3PzhXjl8iHzwGQzR5z&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgWIOHGJNaHu5nQ0Nv9-yFU4CyrqhLEXrt_vdqfh-JYX8CIFnfP8rmxD9KaCdzb23Tzg5ZS_R7culcHb2Kyjc1gRi6&alr=yes&cpn=KpkMo_sxG-6zwMk1&cver=1.20221130.01.00&range=0-66019&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1025), with no line terminators
Hash f82963bb00e24512bb980d4be9861224
80505e7fb6f36e2a9b1ee48d6b7c998f321202c6
c31dc8777ee62e99641882ed74f1e821568da289930acf8d2a58d6954c61a544
POST /videoplayback?expire=1670223424&ei=4EGNY6iUGsKRv_IPlu2IwAw&ip=91.90.42.154&id=o-AEKDiltxnW-xEHc-w8HTEoBN-8QuamrxPngliWoUJdzC&itag=251&source=youtube&requiressl=yes&mh=HF&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2597500&spc=SFxXNpG1Bm77TgIcb4M6OOyGgcdqyfg&vprv=1&mime=audio%2Fwebm&ns=Je2DRXLjo4N83iDe2QWj-1cJ&gir=yes&clen=1415229&dur=129.241&lmt=1669704102984060&mt=1670201374&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=ha_HyBv-lTr23A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDTGQZGHn5dkS-pEgfR9ef9cwDtOGkv5zXWpwVHkHItcCICt9wTxc7iiT27zzC6XJD4qcYt3PzhXjl8iHzwGQzR5z&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgWIOHGJNaHu5nQ0Nv9-yFU4CyrqhLEXrt_vdqfh-JYX8CIFnfP8rmxD9KaCdzb23Tzg5ZS_R7culcHb2Kyjc1gRi6&alr=yes&cpn=KpkMo_sxG-6zwMk1&cver=1.20221130.01.00&range=0-66019&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Mon, 05 Dec 2022 00:57:04 GMT
Expires: Mon, 05 Dec 2022 00:57:04 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1025
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3da683e93b38aa458905ea8c3d58d1a0
0c6582eb5105b0424dd9a9c168009e988217606c
43301ff40aa19cbde7793d9413c4ab24ddb486de6f53071084241ac2e70f7031
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vc.hotjar.io/sessions/2612536?s=0.25&r=0.2361682852981397
54.230.111.70204 No Content 0 B URL HTTP/2 vc.hotjar.io/sessions/2612536?s=0.25&r=0.2361682852981397
IP 54.230.111.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sessions/2612536?s=0.25&r=0.2361682852981397 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://profit-4580-per-day.com
Connection: keep-alive
Referer: https://profit-4580-per-day.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Mon, 05 Dec 2022 00:57:04 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KKH5o_2o1kvTSf3LLa_qIuf7QJolXZ18DjAUz3G3BosFhv82Nu5rGw==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash be906c1db076ddeb5bb5418a31e45850
9e93574c669544ec2c5cc56132bcb32aadca010c
03898d695acc4233d12e2b741184a171b8231ebdbaf6be30b9961533519d483e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142312
Date: Mon, 05 Dec 2022 00:57:04 GMT
Etag: "638cbbd4-1d7"
Expires: Tue, 06 Dec 2022 16:28:56 GMT
Last-Modified: Sun, 04 Dec 2022 15:25:08 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FfaxZ-NbvcCt0wfviZEATcX-w0ESvl-vLJU2rddjG_LzPY3koFXXUQ==
Age: 3828
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 456b4162bee357d50b033b1949728da1
aaf159ebfee0a821c0579d1f574f304eb76ca300
70318b6ac867c9550b9d720ac3983e8587cbe186df99eeb0de93dcf21b6f01de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 456b4162bee357d50b033b1949728da1
aaf159ebfee0a821c0579d1f574f304eb76ca300
70318b6ac867c9550b9d720ac3983e8587cbe186df99eeb0de93dcf21b6f01de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1670223424&ei=4EGNY6iUGsKRv_IPlu2IwAw&ip=91.90.42.154&id=o-AEKDiltxnW-xEHc-w8HTEoBN-8QuamrxPngliWoUJdzC&itag=251&source=youtube&requiressl=yes&spc=SFxXNpG1Bm77TgIcb4M6OOyGgcdqyfg&vprv=1&mime=audio%2Fwebm&ns=Je2DRXLjo4N83iDe2QWj-1cJ&gir=yes&clen=1415229&dur=129.241&lmt=1669704102984060&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=ha_HyBv-lTr23A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDTGQZGHn5dkS-pEgfR9ef9cwDtOGkv5zXWpwVHkHItcCICt9wTxc7iiT27zzC6XJD4qcYt3PzhXjl8iHzwGQzR5z&alr=yes&cpn=KpkMo_sxG-6zwMk1&cver=1.20221130.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=HF&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1670201622&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgRi9Fx4umWTM7y3gJDrTdnT9aH_c8ZM9vcLJBtw6gTEgCIQDl27wdnIu8se3d9DdtunPI9MGTwQjue5OUiCSXsAJfBQ%3D%3D&range=0-66019&rn=4&rbuf=0&pot=DyuUwuoI6voZK6_s0IcQ8mqB2ED9OABJnMFx99uzxSV6rd6mxLHsnvkm54ljWlr_P3D2OrWJY81oOe1xM9doMUkovtRvGy3-3YCfL6NvNquBkhNU5zHfSebMe6ae9oZv7tKFoqtRY6I=
74.125.111.39200 OK 66 kB URL HTTP/1.1 rr2---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1670223424&ei=4EGNY6iUGsKRv_IPlu2IwAw&ip=91.90.42.154&id=o-AEKDiltxnW-xEHc-w8HTEoBN-8QuamrxPngliWoUJdzC&itag=251&source=youtube&requiressl=yes&spc=SFxXNpG1Bm77TgIcb4M6OOyGgcdqyfg&vprv=1&mime=audio%2Fwebm&ns=Je2DRXLjo4N83iDe2QWj-1cJ&gir=yes&clen=1415229&dur=129.241&lmt=1669704102984060&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=ha_HyBv-lTr23A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDTGQZGHn5dkS-pEgfR9ef9cwDtOGkv5zXWpwVHkHItcCICt9wTxc7iiT27zzC6XJD4qcYt3PzhXjl8iHzwGQzR5z&alr=yes&cpn=KpkMo_sxG-6zwMk1&cver=1.20221130.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=HF&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1670201622&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgRi9Fx4umWTM7y3gJDrTdnT9aH_c8ZM9vcLJBtw6gTEgCIQDl27wdnIu8se3d9DdtunPI9MGTwQjue5OUiCSXsAJfBQ%3D%3D&range=0-66019&rn=4&rbuf=0&pot=DyuUwuoI6voZK6_s0IcQ8mqB2ED9OABJnMFx99uzxSV6rd6mxLHsnvkm54ljWlr_P3D2OrWJY81oOe1xM9doMUkovtRvGy3-3YCfL6NvNquBkhNU5zHfSebMe6ae9oZv7tKFoqtRY6I=
IP 74.125.111.39:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 7fe3bcd39d8d6e0d4bb44abe918460a7
8666dbc37fc5b8d7198b5e1550924a835d0afb67
09cdee40c6d6372cc27da73156ec4e6a3aa2f231a337d5ab505b0e6cbb2d9fd1
POST /videoplayback?expire=1670223424&ei=4EGNY6iUGsKRv_IPlu2IwAw&ip=91.90.42.154&id=o-AEKDiltxnW-xEHc-w8HTEoBN-8QuamrxPngliWoUJdzC&itag=251&source=youtube&requiressl=yes&spc=SFxXNpG1Bm77TgIcb4M6OOyGgcdqyfg&vprv=1&mime=audio%2Fwebm&ns=Je2DRXLjo4N83iDe2QWj-1cJ&gir=yes&clen=1415229&dur=129.241&lmt=1669704102984060&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=ha_HyBv-lTr23A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDTGQZGHn5dkS-pEgfR9ef9cwDtOGkv5zXWpwVHkHItcCICt9wTxc7iiT27zzC6XJD4qcYt3PzhXjl8iHzwGQzR5z&alr=yes&cpn=KpkMo_sxG-6zwMk1&cver=1.20221130.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=HF&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1670201622&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgRi9Fx4umWTM7y3gJDrTdnT9aH_c8ZM9vcLJBtw6gTEgCIQDl27wdnIu8se3d9DdtunPI9MGTwQjue5OUiCSXsAJfBQ%3D%3D&range=0-66019&rn=4&rbuf=0&pot=DyuUwuoI6voZK6_s0IcQ8mqB2ED9OABJnMFx99uzxSV6rd6mxLHsnvkm54ljWlr_P3D2OrWJY81oOe1xM9doMUkovtRvGy3-3YCfL6NvNquBkhNU5zHfSebMe6ae9oZv7tKFoqtRY6I= HTTP/1.1
Host: rr2---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 29 Nov 2022 06:41:42 GMT
Content-Type: audio/webm
Date: Mon, 05 Dec 2022 00:57:05 GMT
Expires: Mon, 05 Dec 2022 00:57:05 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 66020
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 73b45b4cacd61b0efded19946016688e
e5c635adbd59ceb08c5eb3d7c8e19a81157fe8cd
ca2ba1617e487e55074328d638b303416f91fb1fb2ae48a02b67d14283ed3757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1670223424&ei=4EGNY6iUGsKRv_IPlu2IwAw&ip=91.90.42.154&id=o-AEKDiltxnW-xEHc-w8HTEoBN-8QuamrxPngliWoUJdzC&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&spc=SFxXNpG1Bm77TgIcb4M6OOyGgcdqyfg&vprv=1&mime=video%2Fwebm&ns=Je2DRXLjo4N83iDe2QWj-1cJ&gir=yes&clen=3111387&dur=129.229&lmt=1669704088182101&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=ha_HyBv-lTr23A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgWEWOlxCZcTk29cgrd34V93MmonZ3a4cNylNa86lT4QUCIQDe6F81GS7T0se9kE5Whg9Xa6a7Wx96LXxf4I_GX2EeJw%3D%3D&alr=yes&cpn=KpkMo_sxG-6zwMk1&cver=1.20221130.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=HF&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1670201622&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJ6LuvPgfaqqBvm2oVbky46eSh4IaMzESKsUkBPNZUmPAiEAq5yuUUnV9moTmaA3J7u8yQPocaG7aGArlEmuharxYnA%3D&range=0-100617&rn=3&rbuf=0&pot=DyuUwuoI6voZK6_s0IcQ8mqB2ED9OABJnMFx99uzxSV6rd6mxLHsnvkm54ljWlr_P3D2OrWJY81oOe1xM9doMUkovtRvGy3-3YCfL6NvNquBkhNU5zHfSebMe6ae9oZv7tKFoqtRY6I=
74.125.111.39200 OK 101 kB URL HTTP/1.1 rr2---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1670223424&ei=4EGNY6iUGsKRv_IPlu2IwAw&ip=91.90.42.154&id=o-AEKDiltxnW-xEHc-w8HTEoBN-8QuamrxPngliWoUJdzC&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&spc=SFxXNpG1Bm77TgIcb4M6OOyGgcdqyfg&vprv=1&mime=video%2Fwebm&ns=Je2DRXLjo4N83iDe2QWj-1cJ&gir=yes&clen=3111387&dur=129.229&lmt=1669704088182101&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=ha_HyBv-lTr23A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgWEWOlxCZcTk29cgrd34V93MmonZ3a4cNylNa86lT4QUCIQDe6F81GS7T0se9kE5Whg9Xa6a7Wx96LXxf4I_GX2EeJw%3D%3D&alr=yes&cpn=KpkMo_sxG-6zwMk1&cver=1.20221130.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=HF&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1670201622&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJ6LuvPgfaqqBvm2oVbky46eSh4IaMzESKsUkBPNZUmPAiEAq5yuUUnV9moTmaA3J7u8yQPocaG7aGArlEmuharxYnA%3D&range=0-100617&rn=3&rbuf=0&pot=DyuUwuoI6voZK6_s0IcQ8mqB2ED9OABJnMFx99uzxSV6rd6mxLHsnvkm54ljWlr_P3D2OrWJY81oOe1xM9doMUkovtRvGy3-3YCfL6NvNquBkhNU5zHfSebMe6ae9oZv7tKFoqtRY6I=
IP 74.125.111.39:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 101 kB (100618 bytes)
Hash 636c921ea16b1b6e689ada923d4cab41
e843264a2f221c3ad1f780c523093240f75ae7e8
203028d88783a90ebbe4dad47239e8fbe10a40cd286caa87d8b74b5a7908257e
POST /videoplayback?expire=1670223424&ei=4EGNY6iUGsKRv_IPlu2IwAw&ip=91.90.42.154&id=o-AEKDiltxnW-xEHc-w8HTEoBN-8QuamrxPngliWoUJdzC&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&spc=SFxXNpG1Bm77TgIcb4M6OOyGgcdqyfg&vprv=1&mime=video%2Fwebm&ns=Je2DRXLjo4N83iDe2QWj-1cJ&gir=yes&clen=3111387&dur=129.229&lmt=1669704088182101&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=ha_HyBv-lTr23A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgWEWOlxCZcTk29cgrd34V93MmonZ3a4cNylNa86lT4QUCIQDe6F81GS7T0se9kE5Whg9Xa6a7Wx96LXxf4I_GX2EeJw%3D%3D&alr=yes&cpn=KpkMo_sxG-6zwMk1&cver=1.20221130.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=HF&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1670201622&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJ6LuvPgfaqqBvm2oVbky46eSh4IaMzESKsUkBPNZUmPAiEAq5yuUUnV9moTmaA3J7u8yQPocaG7aGArlEmuharxYnA%3D&range=0-100617&rn=3&rbuf=0&pot=DyuUwuoI6voZK6_s0IcQ8mqB2ED9OABJnMFx99uzxSV6rd6mxLHsnvkm54ljWlr_P3D2OrWJY81oOe1xM9doMUkovtRvGy3-3YCfL6NvNquBkhNU5zHfSebMe6ae9oZv7tKFoqtRY6I= HTTP/1.1
Host: rr2---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 29 Nov 2022 06:41:28 GMT
Content-Type: video/webm
Date: Mon, 05 Dec 2022 00:57:05 GMT
Expires: Mon, 05 Dec 2022 00:57:05 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 100618
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
www.googletagmanager.com/gtag/js?id=G-LW980FMRD6
172.217.21.168200 OK 0 B URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LW980FMRD6
IP 172.217.21.168:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gtag/js?id=G-LW980FMRD6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 00:57:02 GMT
expires: Mon, 05 Dec 2022 00:57:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77823
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ipinfo.io/
34.117.59.81200 OK 244 B IP 34.117.59.81:0
Hash b0d179b7b4ec02f568b142427541238a
b54fe4d496c64c88e47d0d29b29f7a75a6103cf7
b969209ae83a09493e6cab7f56882701f79c5ae8c713bb63e508c3a883735279
GET / HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://profit-4580-per-day.com
Connection: keep-alive
Referer: https://profit-4580-per-day.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-type: application/json; charset=utf-8
date: Mon, 05 Dec 2022 00:57:03 GMT
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
media.aso1.net/js/code.min.js
104.21.234.223200 OK 0 B URL HTTP/2 media.aso1.net/js/code.min.js
IP 104.21.234.223:0
GET /js/code.min.js HTTP/1.1
Host: media.aso1.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:57:02 GMT
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 08:52:49 GMT
etag: W/"637c8de1-8daa"
expires: Fri, 25 Nov 2022 11:24:42 GMT
cache-control: max-age=259200
x-robots-tag: noindex, nofollow, noarchive, noimageindex
cf-cache-status: HIT
age: 1085530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FG3qC2eXuZKIPHWg6REuJfMoCmKkQ1VpGNCyH4gaCcbQKJYud0T%2Fs9sWqExz5w1jAN%2Fyf00q3JTy7CNXY4ksopVhqKkqv5SPdj4FDFutpbYkI2UNJ0F7Fe6g3ozCOOj2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7748d35028f04083-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2612536.js?sv=6
143.204.55.98200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2612536.js?sv=6
IP 143.204.55.98:0
GET /c/hotjar-2612536.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://profit-4580-per-day.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 00:57:03 GMT
cache-control: max-age=60
etag: W/f5eae1ce133d250e27140f066c70d7c1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0E8FjvX4LcFS7Dl6g6o4nH6rYm1jbVx__zK-ZG12gQIP522bUPWBMw==
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/2612536/visit-data?sv=6
54.76.221.57200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/2612536/visit-data?sv=6
IP 54.76.221.57:0
POST /api/v2/client/sites/2612536/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 112
Origin: https://profit-4580-per-day.com
Connection: keep-alive
Referer: https://profit-4580-per-day.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:57:05 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
ws12.hotjar.com/api/v2/sites/2612536/recordings/content
54.246.176.35200 OK 0 B URL HTTP/2 ws12.hotjar.com/api/v2/sites/2612536/recordings/content
IP 54.246.176.35:0
POST /api/v2/sites/2612536/recordings/content HTTP/1.1
Host: ws12.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 110321
Origin: https://profit-4580-per-day.com
Connection: keep-alive
Referer: https://profit-4580-per-day.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:57:05 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2