hornifuk.com/a1c_dt/ps8/sv5/index.php
302 Found 207 B URL HTTP/1.1 hornifuk.com/a1c_dt/ps8/sv5/index.php
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ed4c59c5e26b559f02ee09852b622f03
951165adacf961452623fe453e00232d6907958d
d14ed8d99089b4c11a7b304888025f1d81cb69325f61b7cd123bdb9e71c99445
Analyzer Verdict Alert fortinet Phishing
GET /a1c_dt/ps8/sv5/index.php HTTP/1.1
Host: hornifuk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
server: Apache
location: https://hornifuk.com/a1c_dt/ps8/sv5/index.php?_
cache-control: max-age=0
expires: Mon, 28 Nov 2022 04:40:23 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=iso-8859-1
content-length: 207
accept-ranges: bytes
date: Mon, 28 Nov 2022 04:40:23 GMT
x-varnish: 1649107343
age: 0
via: 1.1 varnish
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4345
Expires: Mon, 28 Nov 2022 05:52:48 GMT
Date: Mon, 28 Nov 2022 04:40:23 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5254
Cache-Control: max-age=112704
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:40:23 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:58:47 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 04:19:31 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1252
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7010
Expires: Mon, 28 Nov 2022 06:37:13 GMT
Date: Mon, 28 Nov 2022 04:40:23 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RrbG4zuI/0TOuLG1vzNy2bzEWnCGludbbKpGAnqQwsiyhzhQnIAPlu/s4PWImC2LqvlrUAjtDnk=
x-amz-request-id: 7C73XB1FR51QSSFV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 03:44:53 GMT
age: 3330
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:40:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e155440af140f4c27c5bb09d8619139c
0ebb666fc0b4cabd33aa5c4c857da2bcd0bbb971
9db5386d8d57f277c14a4fd6820e5e49d75b067f8eceba80c1d350b3c026c3d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9DB5386D8D57F277C14A4FD6820E5E49D75B067F8ECEBA80C1D350B3C026C3D2"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20117
Expires: Mon, 28 Nov 2022 10:15:41 GMT
Date: Mon, 28 Nov 2022 04:40:24 GMT
Connection: keep-alive
hornifuk.com/a1c_dt/ps8/sv5/index.php?_
200 OK 2.3 kB URL HTTP/2 hornifuk.com/a1c_dt/ps8/sv5/index.php?_
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 9e39b824a9aa89c3b1409c83377e0ba0
64a57c1f76834bd76e6afc7c5aeb0f4a53cbd10a
5bb1a9634a96356503738ed1fb94f252a2c221e17d1a395bff56b9dcec681025
Analyzer Verdict Alert fortinet Phishing
GET /a1c_dt/ps8/sv5/index.php?_ HTTP/1.1
Host: hornifuk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: Apache
set-cookie: _familysafe_=0
cache-control: max-age=0
expires: Mon, 28 Nov 2022 04:40:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=utf8
content-length: 2329
accept-ranges: bytes
date: Mon, 28 Nov 2022 04:40:24 GMT
x-varnish: 1649107362
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash c621d4c62f1b73d7db42f083617dc8db
1a78ba537afba7aea6308288c5c41c90de74b3ba
d7b3c5b2e9ea4ad8e5c33649a912d471545651f643b62238beb7d33188146322
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1509
Cache-Control: max-age=144590
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:40:24 GMT
Etag: "6383c7a1-118"
Expires: Tue, 29 Nov 2022 20:50:14 GMT
Last-Modified: Sun, 27 Nov 2022 20:25:05 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
hornifuk.com/a1c_dt/ps8/sv5/css/custom.css?v=4
200 OK 5.5 kB URL HTTP/2 hornifuk.com/a1c_dt/ps8/sv5/css/custom.css?v=4
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash e975be5bc22bdb96248498353b53ae4e
4688b0483a6fb6e7624105a60bed7510763b341a
a5d80b3540c74decb77b3a47bec7e1a97e3e85c0b8de5b47a60732dd9e05704d
Analyzer Verdict Alert fortinet Phishing
GET /a1c_dt/ps8/sv5/css/custom.css?v=4 HTTP/1.1
Host: hornifuk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hornifuk.com/a1c_dt/ps8/sv5/index.php?_
Connection: keep-alive
Cookie: _familysafe_=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Fri, 21 Jan 2022 06:31:19 GMT
etag: "130af22-63a7-5d611c441fbc0"
cache-control: max-age=604800, proxy-revalidate
expires: Mon, 05 Dec 2022 04:40:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
content-length: 5480
accept-ranges: bytes, bytes
date: Mon, 28 Nov 2022 04:40:24 GMT
x-varnish: 1649107365
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
hornifuk.com/a1c_dt/ps8/sv5/js/slider.js
200 OK 4.9 kB URL HTTP/2 hornifuk.com/a1c_dt/ps8/sv5/js/slider.js
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type HTML document, ASCII text, with CRLF line terminators
Hash 3296b370a9a86a5590400e94a3eae2e7
ed73eb670652a8ca64c1b230fb148ff8a18fb4fa
710600d8c7a3ade652decf4ca30107d432a50560a5496fc85aa29d4f1abd124a
Analyzer Verdict Alert fortinet Phishing
GET /a1c_dt/ps8/sv5/js/slider.js HTTP/1.1
Host: hornifuk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hornifuk.com/a1c_dt/ps8/sv5/index.php?_
Connection: keep-alive
Cookie: _familysafe_=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Mon, 29 Nov 2021 10:14:42 GMT
etag: "130af46-5795-5d1eab58ca880"
cache-control: max-age=604800, proxy-revalidate
expires: Mon, 05 Dec 2022 04:40:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
content-length: 4855
accept-ranges: bytes, bytes
date: Mon, 28 Nov 2022 04:40:24 GMT
x-varnish: 1649107366
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
200 OK 591 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
IP
File type ASCII text, with very long lines (1266)
Hash 414869f16aa77a65b4928a018f7f1abb
cea521f7a2958a50239526ed6b068f0937527653
afee364ce513c6517247b81cce5eb5eadb1dbbb35e439eb3fa97bbc15fac2cd3
GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hornifuk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:40:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2204317
expires: Sat, 18 Nov 2023 04:40:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwx%2FJ38rpoEoHSPCl3%2BzzJISEFGNgTFSmfjsiaXlLGJ1iQIaaj%2FOmY6jlJyuksjK0HGOSDzE7oaQFw3R0m6IC3jUhnCZ7AhBftePC8pD%2FQ2jetNyxztYEZFXq0rm25N6G64eXZ9x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77106ce098aab512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:40:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 280 B IP
Hash c621d4c62f1b73d7db42f083617dc8db
1a78ba537afba7aea6308288c5c41c90de74b3ba
d7b3c5b2e9ea4ad8e5c33649a912d471545651f643b62238beb7d33188146322
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1509
Cache-Control: max-age=144590
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:40:24 GMT
Etag: "6383c7a1-118"
Expires: Tue, 29 Nov 2022 20:50:14 GMT
Last-Modified: Sun, 27 Nov 2022 20:25:05 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hornifuk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 08:46:23 GMT
expires: Sat, 25 Nov 2023 08:46:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 244441
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hornifuk.com/a1c_dt/ps8/sv5/images/logo.png
200 OK 55 kB URL HTTP/2 hornifuk.com/a1c_dt/ps8/sv5/images/logo.png
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type PNG image data, 130 x 154, 8-bit/color RGBA, non-interlaced\012- data
Hash 55cfdaa12275e753de165a8094bceda2
02939da8b771e3a978e577e66a0bac41469f1155
381d0b659ea8440c78d7e332057f9544ded716293917b788f7dadaabc4fbc428
GET /a1c_dt/ps8/sv5/images/logo.png HTTP/1.1
Host: hornifuk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hornifuk.com/a1c_dt/ps8/sv5/index.php?_
Connection: keep-alive
Cookie: _familysafe_=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Fri, 24 Dec 2021 11:00:30 GMT
etag: "130af2f-d64c-5d3e243602f80"
cache-control: max-age=29030400, public
expires: Mon, 30 Oct 2023 04:40:24 GMT
content-type: image/png
content-length: 54860
accept-ranges: bytes, bytes
date: Mon, 28 Nov 2022 04:40:24 GMT
x-varnish: 1649107368
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f81a51deedc2608556454fe8ac17e5b9
840e2f6e7017046ebfa57380b78ada29a68d4922
88e7327e0b0cbd2bfa50e5807e36e66a2347ee787e06232c89eae753a5003953
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88E7327E0B0CBD2BFA50E5807E36E66A2347EE787E06232C89EAE753A5003953"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2852
Expires: Mon, 28 Nov 2022 05:27:56 GMT
Date: Mon, 28 Nov 2022 04:40:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f81a51deedc2608556454fe8ac17e5b9
840e2f6e7017046ebfa57380b78ada29a68d4922
88e7327e0b0cbd2bfa50e5807e36e66a2347ee787e06232c89eae753a5003953
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88E7327E0B0CBD2BFA50E5807E36E66A2347EE787E06232C89EAE753A5003953"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2852
Expires: Mon, 28 Nov 2022 05:27:56 GMT
Date: Mon, 28 Nov 2022 04:40:24 GMT
Connection: keep-alive
hornifuk.com/a1c_dt/ps8/sv5/config.js
200 OK 1.1 kB URL HTTP/2 hornifuk.com/a1c_dt/ps8/sv5/config.js
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type ASCII text, with CRLF line terminators
Hash a8e2c3f78709cd209ce8b4b6409001e8
a6bc4e35376c03c1dfd743bdf1df3af0c45a8de4
baf9f5c647bed669ef4f2b9bf202c5ee078f258e5373d10cc1e6ba66357bc0ad
Analyzer Verdict Alert fortinet Phishing
GET /a1c_dt/ps8/sv5/config.js HTTP/1.1
Host: hornifuk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hornifuk.com/a1c_dt/ps8/sv5/index.php?_
Connection: keep-alive
Cookie: _familysafe_=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Fri, 25 Feb 2022 13:10:47 GMT
etag: "130acc8-9f4-5d8d76d4ec3c0"
cache-control: max-age=604800, proxy-revalidate
expires: Mon, 05 Dec 2022 04:40:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
content-length: 1057
accept-ranges: bytes, bytes
date: Mon, 28 Nov 2022 04:40:24 GMT
x-varnish: 1649107370
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f81a51deedc2608556454fe8ac17e5b9
840e2f6e7017046ebfa57380b78ada29a68d4922
88e7327e0b0cbd2bfa50e5807e36e66a2347ee787e06232c89eae753a5003953
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88E7327E0B0CBD2BFA50E5807E36E66A2347EE787E06232C89EAE753A5003953"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2852
Expires: Mon, 28 Nov 2022 05:27:56 GMT
Date: Mon, 28 Nov 2022 04:40:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f81a51deedc2608556454fe8ac17e5b9
840e2f6e7017046ebfa57380b78ada29a68d4922
88e7327e0b0cbd2bfa50e5807e36e66a2347ee787e06232c89eae753a5003953
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88E7327E0B0CBD2BFA50E5807E36E66A2347EE787E06232C89EAE753A5003953"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2852
Expires: Mon, 28 Nov 2022 05:27:56 GMT
Date: Mon, 28 Nov 2022 04:40:24 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:40:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e5edab00407ea7667dec15a27ceed1be
06834b4680cbf5ca3b46a7bd3927bfd9b9539388
35ac3fa74bcd065d55a00d7d8f40cd21d415d32da3989be5082a0ccdf74da645
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35AC3FA74BCD065D55A00D7D8F40CD21D415D32DA3989BE5082A0CCDF74DA645"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10883
Expires: Mon, 28 Nov 2022 07:41:47 GMT
Date: Mon, 28 Nov 2022 04:40:24 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2681
Cache-Control: max-age=105069
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:40:24 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 09:51:33 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
hornifuk.com/a1c_dt/ps8/sv5/images/m1.jpg
200 OK 158 kB URL HTTP/2 hornifuk.com/a1c_dt/ps8/sv5/images/m1.jpg
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 617x919, components 3\012- data
Size 158 kB (158197 bytes)
Hash c6614afa8b42ddd2c47be796ec5ff5ef
b27f91770db495ce47d9c0a54d547db18aa5461d
b18d856e68eedd61d885a0b8c26da040924b881094e2bee7ae875294fb01a1d6
GET /a1c_dt/ps8/sv5/images/m1.jpg HTTP/1.1
Host: hornifuk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hornifuk.com/a1c_dt/ps8/sv5/index.php?_
Connection: keep-alive
Cookie: _familysafe_=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 31 Aug 2021 06:30:44 GMT
etag: "130af31-269f5-5cad516dd4d00"
cache-control: max-age=29030400, public
expires: Mon, 30 Oct 2023 04:40:24 GMT
content-type: image/jpeg
content-length: 158197
accept-ranges: bytes, bytes
date: Mon, 28 Nov 2022 04:40:24 GMT
x-varnish: 1649107369
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
hornifuk.com/a1c_dt/ps8/sv5/js/jquery-2.2.4.min.js
200 OK 40 kB URL HTTP/2 hornifuk.com/a1c_dt/ps8/sv5/js/jquery-2.2.4.min.js
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
Hash a27d40699353cff17ab9afecbd348ff2
7cf29da11b064b51ce79dbcccd869e045ade5285
068e48f078f0b76f2b57ab8b89ecbfabaa48af8911910f36c8fec24181b4f5cc
Analyzer Verdict Alert fortinet Phishing
GET /a1c_dt/ps8/sv5/js/jquery-2.2.4.min.js HTTP/1.1
Host: hornifuk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hornifuk.com/a1c_dt/ps8/sv5/index.php?_
Connection: keep-alive
Cookie: _familysafe_=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Mon, 29 Nov 2021 13:20:50 GMT
etag: "130af45-26d01-5d1ed4f36d080"
cache-control: max-age=604800, proxy-revalidate
expires: Mon, 05 Dec 2022 04:40:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
content-length: 39761
accept-ranges: bytes, bytes
date: Mon, 28 Nov 2022 04:40:24 GMT
x-varnish: 1649107367
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
hornifuk.com/a1c_dt/ps8/sv5/js/custom.js
200 OK 763 B URL HTTP/2 hornifuk.com/a1c_dt/ps8/sv5/js/custom.js
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type ASCII text, with CRLF line terminators
Hash 220ee6085b8f38efa11a46625877ac47
e26e26f7178e1e010a222252aae2fc56be8d2d88
614925742ec9c27cced47d787ba77f13ff678c8e5157539e54ab6cdb384ed783
Analyzer Verdict Alert fortinet Phishing
GET /a1c_dt/ps8/sv5/js/custom.js HTTP/1.1
Host: hornifuk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hornifuk.com/a1c_dt/ps8/sv5/index.php?_
Connection: keep-alive
Cookie: _familysafe_=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 30 Nov 2021 11:43:59 GMT
etag: "130af44-812-5d20012b15dc0"
cache-control: max-age=604800, proxy-revalidate
expires: Mon, 05 Dec 2022 04:40:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
content-length: 763
accept-ranges: bytes, bytes
date: Mon, 28 Nov 2022 04:40:24 GMT
x-varnish: 1649107371
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
hornifuk.com/r/tr4ckv4.php
200 OK 3.8 kB URL HTTP/2 hornifuk.com/r/tr4ckv4.php
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type C source, ASCII text, with very long lines (4723)
Hash ecc58a9db5f99aa6c344b1bbaa7be954
9009a50c3caddbaaf64dd3d0a918cc6223200381
161ce080e6542877709f0789cd9707e04a7987f03df0bd836fac707782e7d885
Analyzer Verdict Alert fortinet Phishing
GET /r/tr4ckv4.php HTTP/1.1
Host: hornifuk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hornifuk.com/a1c_dt/ps8/sv5/index.php?_
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:40:24 GMT
server: Apache
expires: Mon, 28 Nov 2022 05:40:24 GMT
pragma: cache
cache-control: max-age=3600
content-encoding: gzip
vary: Accept-Encoding
content-length: 3796
content-type: application/javascript; charset=utf-8
X-Firefox-Spdy: h2
hornifuk.com/a1c_dt/ps8/sv5/css/base/loader-index.css
200 OK 1.5 kB URL HTTP/2 hornifuk.com/a1c_dt/ps8/sv5/css/base/loader-index.css
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type ASCII text, with CRLF line terminators
Hash 15c86407181956cd6cdab6da4a7eb2b0
6274e8fff2a8a50213f0add30f5d7e9bd31015ab
77e7eb011b1ecb013897a21bdda990bdccb68d36f2c2fbfd5268ef7e264b8a44
GET /a1c_dt/ps8/sv5/css/base/loader-index.css HTTP/1.1
Host: hornifuk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hornifuk.com/a1c_dt/ps8/sv5/css/custom.css?v=4
Cookie: _familysafe_=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Thu, 21 Oct 2021 07:25:44 GMT
etag: "130af1c-214a-5ced7cd776e00"
cache-control: max-age=604800, proxy-revalidate
expires: Mon, 05 Dec 2022 04:40:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
content-length: 1491
accept-ranges: bytes, bytes
date: Mon, 28 Nov 2022 04:40:24 GMT
x-varnish: 1649107372
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
hornifuk.com/a1c_dt/ps8/sv5/css/base/terms.css
200 OK 1.6 kB URL HTTP/2 hornifuk.com/a1c_dt/ps8/sv5/css/base/terms.css
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type ASCII text, with CRLF line terminators
Hash af1f17adb5dc410360a49c75372d956b
1373440e6d0690c2b8da1d3eaf811362975e18d1
f43fa38aa51408ae2c73fbefffbdc7b4e6dae56adb58c6c8604ebccec51b5870
GET /a1c_dt/ps8/sv5/css/base/terms.css HTTP/1.1
Host: hornifuk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hornifuk.com/a1c_dt/ps8/sv5/css/custom.css?v=4
Cookie: _familysafe_=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Fri, 22 Oct 2021 05:14:00 GMT
etag: "130af21-18b8-5ceea14315600"
cache-control: max-age=604800, proxy-revalidate
expires: Mon, 05 Dec 2022 04:40:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
content-length: 1622
accept-ranges: bytes, bytes
date: Mon, 28 Nov 2022 04:40:24 GMT
x-varnish: 1649107373
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
g3tcdn.com/host/files/js/data-min.js
200 OK 18 kB URL HTTP/2 g3tcdn.com/host/files/js/data-min.js
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type Unicode text, UTF-8 text, with very long lines (58712), with no line terminators
Hash c26293e6365a9af832ecd3be8067bfb0
1a79cb0ac6b17972bb49696398842c1020009a58
6f58915f9df3c97f6534565108ba023b91e181c5c5aa7f5b94d125d0a6e49de2
GET /host/files/js/data-min.js HTTP/1.1
Host: g3tcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hornifuk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
vary: Accept-Encoding
content-encoding: gzip
pragma: no-cache
cache-control: max-age=0, no-cache, no-store, must-revalidate, public
expires: Thu, 1 Jan 1970 00:00:00 GMT
content-type: application/javascript
content-length: 17719
accept-ranges: bytes, bytes
date: Mon, 28 Nov 2022 04:40:24 GMT
x-varnish: 1649107374
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
g3tcdn.com/host/files/css/style-min.css
200 OK 4.5 kB URL HTTP/2 g3tcdn.com/host/files/css/style-min.css
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type Unicode text, UTF-8 text, with very long lines (21532), with no line terminators
Hash 26844bdd416bba73cd99ea5c97109694
21a844ec7002a44f064a90640ea269327a637b58
d589d4c6033793bd9eab9ecbb90b7eb226d7d193658e32431f612bcff388e1a0
GET /host/files/css/style-min.css HTTP/1.1
Host: g3tcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hornifuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Tue, 12 Oct 2021 06:55:55 GMT
etag: "10d1137-5424-5ce22564314c0"
cache-control: max-age=604800, proxy-revalidate
expires: Thu, 01 Dec 2022 09:24:27 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
content-length: 4469
accept-ranges: bytes
date: Mon, 28 Nov 2022 04:40:24 GMT
x-varnish: 1649107376 1636261015
age: 328557
via: 1.1 varnish
X-Firefox-Spdy: h2
g3tcdn.com/host/files/js/head.js
200 OK 1.5 kB URL HTTP/2 g3tcdn.com/host/files/js/head.js
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type ASCII text, with CRLF, LF line terminators
Hash e645c8d6e6812aedb30ddc60850acbac
5b73b2f391b7cc1eaf5979aa50ed4b6144779c0b
190dbaa738c06e51d2ad30bd77d779138a60da8cf7e4de818e9619faa044b075
GET /host/files/js/head.js HTTP/1.1
Host: g3tcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hornifuk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
vary: Accept-Encoding
content-encoding: gzip
pragma: no-cache
cache-control: max-age=0, no-cache, no-store, must-revalidate, public
expires: Thu, 1 Jan 1970 00:00:00 GMT
content-type: application/javascript
content-length: 1521
accept-ranges: bytes, bytes
date: Mon, 28 Nov 2022 04:40:24 GMT
x-varnish: 1649107378
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
g3tcdn.com/host/files/js/plugins-min.js
200 OK 6.4 kB URL HTTP/2 g3tcdn.com/host/files/js/plugins-min.js
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type ASCII text, with very long lines (20303), with no line terminators
Hash 8674da0ed8018058a17db950f0fe19bc
c09bb6bf8c63c64b3458588007887691b23d1034
b9affeadb0c22b0dcaa902c2f9928def871b42550016ebf92eee79644de628a7
GET /host/files/js/plugins-min.js HTTP/1.1
Host: g3tcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hornifuk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
vary: Accept-Encoding
content-encoding: gzip
pragma: no-cache
cache-control: max-age=0, no-cache, no-store, must-revalidate, public
expires: Thu, 1 Jan 1970 00:00:00 GMT
content-type: application/javascript
content-length: 6427
accept-ranges: bytes, bytes
date: Mon, 28 Nov 2022 04:40:24 GMT
x-varnish: 1649107377
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
js.ymadserv.com/YamadsPushNotificationSDK.js
200 OK 18 kB URL HTTP/2 js.ymadserv.com/YamadsPushNotificationSDK.js
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4c849dd222feed1c5ead4173d04ecc54
a276dea78f8debb063652e00297821a276aef1ca
69e5c37a037babd15a2cfdb4cc8813643f0c9e99949163c682725c792fa4530b
GET /YamadsPushNotificationSDK.js HTTP/1.1
Host: js.ymadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hornifuk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:40:24 GMT
server: Apache
last-modified: Fri, 21 Oct 2022 07:11:14 GMT
etag: "2c229-5eb8625bb97cf-gzip"
accept-language: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 17576
content-type: application/javascript
X-Firefox-Spdy: h2
hornifuk.com/js/sw.js
200 OK 83 B IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type ASCII text, with no line terminators
Hash 94fab29de4a5521fab2b6fb1ded383f1
77dbcc5937935155508f2c952ca3c3e321eda124
6a233d522bb04c3bb96c722df5ea4da1fe54ad751cde56c4fd9c3f55f30fa955
Analyzer Verdict Alert fortinet Phishing
GET /js/sw.js HTTP/1.1
Host: hornifuk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Thu, 28 Oct 2021 05:59:23 GMT
etag: "10835c2-43-5cf63698b44c0"
cache-control: max-age=604800, proxy-revalidate
expires: Thu, 01 Dec 2022 09:26:34 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
content-length: 83
accept-ranges: bytes
date: Mon, 28 Nov 2022 04:40:24 GMT
x-varnish: 1649107379 1636265641
age: 328430
via: 1.1 varnish
X-Firefox-Spdy: h2
g3tcdn.com/host/files/js/content-min.js
200 OK 203 kB URL HTTP/2 g3tcdn.com/host/files/js/content-min.js
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type Unicode text, UTF-8 text, with very long lines (54022), with no line terminators
Size 203 kB (202896 bytes)
Hash 467ba301fc1c6467c22fc77c1d2b264c
73237a06e5fe415967b06cecb95c57a5cf3655e2
2d32f57ebd3dc2d2a040733dfeeb3f67caaf4cf5cff396cd683217cdbc14bd28
GET /host/files/js/content-min.js HTTP/1.1
Host: g3tcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hornifuk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
vary: Accept-Encoding
content-encoding: gzip
pragma: no-cache
cache-control: max-age=0, no-cache, no-store, must-revalidate, public
expires: Thu, 1 Jan 1970 00:00:00 GMT
content-type: application/javascript
content-length: 202896
accept-ranges: bytes, bytes
date: Mon, 28 Nov 2022 04:40:24 GMT
x-varnish: 1649107375
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8R+3W4I+pTzNXhm0CL5Klg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PzrnyJR+NV2iKiHoqYD3h4lXnaA=
js.ymadserv.com/YamadsServiceWorkerSDK.js
200 OK 648 B URL HTTP/2 js.ymadserv.com/YamadsServiceWorkerSDK.js
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type ASCII text, with very long lines (1801), with no line terminators
Hash 29e2613c3922b83e91cbf7117a81c804
b7ee04590ad28def8a4c3f97b49430699ea9df25
8b488acd5f732b2c362baf726ee13090b8ef2bfced5594cf6cbce14daef060a9
GET /YamadsServiceWorkerSDK.js HTTP/1.1
Host: js.ymadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hornifuk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:40:24 GMT
server: Apache
last-modified: Thu, 13 Jun 2019 12:33:22 GMT
etag: "709-58b33bc484880-gzip"
accept-language: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 648
content-type: application/javascript
X-Firefox-Spdy: h2
hornifuk.com/a1c_dt/ps8/sv5/inc/customText.json
200 OK 11 kB URL HTTP/2 hornifuk.com/a1c_dt/ps8/sv5/inc/customText.json
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type JSON data\012- , ASCII text, with CRLF line terminators
Hash ad324f5886bc3491db6fbc421cc1dfb1
cb04d47825dc717afd9051c5472c67034f5dbba1
6ec3fb742ca5acd02a35a683532ec2b9783b3e0a90e14d56d671fc0373772f42
Analyzer Verdict Alert fortinet Phishing
GET /a1c_dt/ps8/sv5/inc/customText.json HTTP/1.1
Host: hornifuk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hornifuk.com/a1c_dt/ps8/sv5/index.php?_
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: _familysafe_=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 12 Oct 2021 05:59:08 GMT
etag: "130af3c-2b81-5ce218b306300"
cache-control: max-age=0
expires: Mon, 28 Nov 2022 04:40:24 GMT
content-type: application/json
content-length: 11137
accept-ranges: bytes, bytes
date: Mon, 28 Nov 2022 04:40:24 GMT
x-varnish: 1649107381
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 312 B IP
Hash 08a3fbc1b708564e314d3afbd73e94af
1d9fe281dbbf0f6e7e716dec263d9bcf29028527
6342b5af3dadbc2ce6f14373b2886eb4a0752cea40c63b8a3a28dca2bacbe223
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2193
Cache-Control: max-age=93086
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:40:25 GMT
Etag: "6382fbc6-138"
Expires: Tue, 29 Nov 2022 06:31:51 GMT
Last-Modified: Sun, 27 Nov 2022 05:55:18 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
200 OK 279 B IP
Hash fc6269f12bcdcb1ded5f08a4906aef54
93b4cdcb5e241a8d91c382c9aa1cda828b7dceb6
e04dd7d85f881b681823500a6d20a9ce8afbfd53628dca0f2b29904dd3e32629
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5952
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:40:25 GMT
Last-Modified: Mon, 28 Nov 2022 03:01:13 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
g3tcdn.com/api/getIp/
200 OK 41 B IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type JSON data\012- , ASCII text, with no line terminators
Hash ae583eb3140e0b5a80379b5f9624fc50
5df90aa610efcef6262ab9f8dae0b9e6e7cc8cfd
4deae95057f6c866fc8d329ad470fd0858ab3b64928142a3e502994175cf3d9b
GET /api/getIp/ HTTP/1.1
Host: g3tcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hornifuk.com
Connection: keep-alive
Referer: https://hornifuk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
access-control-allow-origin: *
cache-control: max-age=0
expires: Mon, 28 Nov 2022 04:40:25 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 41
accept-ranges: bytes
date: Mon, 28 Nov 2022 04:40:25 GMT
x-varnish: 1649107382
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
my-cdn.netlify.app/img/thanks.png
200 OK 4.1 kB URL HTTP/2 my-cdn.netlify.app/img/thanks.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 3f18df0f26a22b9f78d51d9349e10d0b
023c2d7b04cd24c0d80762bee879974ea28680c3
3dac70864988cfb776b291724f78de7d9ac6803191f17cf777dc7875cafd97e5
GET /img/thanks.png HTTP/1.1
Host: my-cdn.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hornifuk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
age: 169506
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Sat, 26 Nov 2022 05:35:19 GMT
etag: "6d4931735c97013b876f8f9f69afc99c-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GJY8JJRB8DP2N4HVSPQQ291A
content-length: 4138
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash fc6269f12bcdcb1ded5f08a4906aef54
93b4cdcb5e241a8d91c382c9aa1cda828b7dceb6
e04dd7d85f881b681823500a6d20a9ce8afbfd53628dca0f2b29904dd3e32629
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5952
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:40:25 GMT
Last-Modified: Mon, 28 Nov 2022 03:01:13 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
hornifuk.com/r/tr4ck3rv4.php?r0r=aHR0cHM6Ly9ob3JuaWZ1ay5jb20vYTFjX2R0L3BzOC9zdjUvaW5kZXgucGhwP18=&w=1280&h=939&&0.24919742533476452
200 OK 1.2 kB URL HTTP/2 hornifuk.com/r/tr4ck3rv4.php?r0r=aHR0cHM6Ly9ob3JuaWZ1ay5jb20vYTFjX2R0L3BzOC9zdjUvaW5kZXgucGhwP18=&w=1280&h=939&&0.24919742533476452
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type ASCII text, with very long lines (2771)
Hash da81d7cd4bbeb74c599e1c334ad8a043
09b61e80247b10a34c3ecdf53f3f0b0f06fd7c8f
92e1f46fe7f1c232b5f155f8d9a305d48d4e4cd966b33f24ba22fc9dfb2ad4c0
GET /r/tr4ck3rv4.php?r0r=aHR0cHM6Ly9ob3JuaWZ1ay5jb20vYTFjX2R0L3BzOC9zdjUvaW5kZXgucGhwP18=&w=1280&h=939&&0.24919742533476452 HTTP/1.1
Host: hornifuk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hornifuk.com/a1c_dt/ps8/sv5/index.php?_
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:40:25 GMT
server: Apache
set-cookie: __utma__=MzYxNzY1MTEyNTpOTzow; expires=Wed, 28-Dec-2022 04:40:25 GMT; Max-Age=2592000; path=/
_pp=%5B%22170241%22%5D; path=/
content-encoding: gzip
vary: Accept-Encoding
content-length: 1162
content-type: application/javascript; charset=utf-8
X-Firefox-Spdy: h2
ymadserv.com/v1/sites?url=https://hornifuk.com&lang=sv5
200 OK 333 B URL HTTP/2 ymadserv.com/v1/sites?url=https://hornifuk.com&lang=sv5
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type JSON data\012- , ASCII text, with very long lines (333), with no line terminators
Hash 2eafb5bf8f13893180e602b689b0379f
45408dda77bab47a3fa64ac06fb23d17dc7eff30
9b03787bb6dcb8c028ac0112b6e0caf5236f5be4036958856d3fe7f7116be5d0
GET /v1/sites?url=https://hornifuk.com&lang=sv5 HTTP/1.1
Host: ymadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hornifuk.com
Connection: keep-alive
Referer: https://hornifuk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:40:25 GMT
server: Apache
access-control-allow-origin: https://hornifuk.com
content-length: 333
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
hornifuk.com/a1c_dt/ps8/sv5/favicon.ico
200 OK 1.2 kB URL HTTP/2 hornifuk.com/a1c_dt/ps8/sv5/favicon.ico
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type MS Windows icon resource - 1 icon, 16x16\012- data
Hash 7966a9555fc18319e375acff7f89938f
417d89037ef1b753420a083241029ac7cc02c561
c0dc77243a8e418d4eede0e6eef08eb89c0fd85688d8440e84f049c2a2c0b504
GET /a1c_dt/ps8/sv5/favicon.ico HTTP/1.1
Host: hornifuk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hornifuk.com/a1c_dt/ps8/sv5/index.php?_
Connection: keep-alive
Cookie: _familysafe_=0; __utma__=MzYxNzY1MTEyNTpOTzow; _pp=%5B%22170241%22%5D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Thu, 13 Jun 2013 04:19:06 GMT
etag: "130af24-47e-4df016e570280"
cache-control: max-age=29030400, public
expires: Mon, 30 Oct 2023 04:40:25 GMT
content-type: image/x-icon
content-length: 1150
accept-ranges: bytes, bytes
date: Mon, 28 Nov 2022 04:40:25 GMT
x-varnish: 1649107392
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9f2751b862f1815bef2869dc411f6021
cf001bd30b74c30190683c05ac81c97e5ccd9c3e
464e9f5b8f9e6a87b46b2cde3f4b554ff3641732f1506c2f2a6edf40dd972d6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:40:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 178ffcc14403da7f777a91a61e3933bc
5a756f4357d8ec45e61fa5b4917853bd2380b835
0f783e0ae738f16b52f1ede3b0b6a128bd4ac752c98c71fc307211a8abf933ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:40:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hornifuk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Mon, 28 Nov 2022 04:40:25 GMT
expires: Mon, 28 Nov 2022 04:40:25 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 50967e67233e842d1d34ce0b760ba51a
2a9e5f0361a65e8d5cb399bac4603c14de46bded
0a089dd03ad9d8b3a488806f2d700f0d0682ffc8e0260046dba80693630da559
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:40:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 09:46:12 GMT
Expires: Sun, 04 Dec 2022 09:46:11 GMT
Etag: "2a9e5f0361a65e8d5cb399bac4603c14de46bded"
Cache-Control: max-age=536145,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77106ce66d89b4e8-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:40:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:40:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.ipify.org/?format=json
200 OK 21 B URL HTTP/1.1 api.ipify.org/?format=json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 7d69c71af0f191e9a72db6153f8018d1
f67c5f2887bc05654b47f76e9621e53a4091aed1
5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65
GET /?format=json HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hornifuk.com
Connection: keep-alive
Referer: https://hornifuk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: https://hornifuk.com
Content-Type: application/json
Vary: Origin
Date: Mon, 28 Nov 2022 04:40:25 GMT
Content-Length: 21
Via: 1.1 vegur
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12284
Expires: Mon, 28 Nov 2022 08:05:10 GMT
Date: Mon, 28 Nov 2022 04:40:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12284
Expires: Mon, 28 Nov 2022 08:05:10 GMT
Date: Mon, 28 Nov 2022 04:40:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12284
Expires: Mon, 28 Nov 2022 08:05:10 GMT
Date: Mon, 28 Nov 2022 04:40:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12284
Expires: Mon, 28 Nov 2022 08:05:10 GMT
Date: Mon, 28 Nov 2022 04:40:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d407d1a700a02f6422a0415be9648354
e9a69711e04e8028f11082285a405bafc61c5b20
dfc27a9aea46df1e218ee485296392c5a6c03756e91487f37212c69d4b30a418
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: 24915481-2902-4776-b489-7741957424f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMozvEfioAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb4a-7846a98a5fb3d0786cb84130;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:07:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -DsRBfO-yxwm29z7mDDNkK69aQb_fpEzVY0vuVUWZrx6-aubx7a3YA==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 07:39:44 GMT
age: 75642
etag: "e9a69711e04e8028f11082285a405bafc61c5b20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f20d5c4b208740dd4c737b9d95c0e1d0
c843c5422499736a83a80c2b07475a8dbbb8860f
f8d048a2c911aaedfa53b7d6e134638e8c36db0700a874fe99e0d8f847970a1b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12555
x-amzn-requestid: 2d9827ba-fc88-4deb-9844-f5b42764b2e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MHPWIAMFQMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-42986aeb284115943c849306;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KcI_BV4rZkM-2CmcFI5qkJLT-OOwYQnRNEPXrQJvlNA9A3Da0EzgEA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:04 GMT
age: 24562
etag: "c843c5422499736a83a80c2b07475a8dbbb8860f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:25:51 GMT
age: 22475
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f41832-bc78-4527-a3e7-8099266ecb52.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f41832-bc78-4527-a3e7-8099266ecb52.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 577b69fd08ad8368ea5a94fe41476c1c
9442f111d329f721ddc55100cd246586d8204048
bdafc5068032dcf5e207cf2685a1b9350dbe8d990ba181520ff47889524532f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f41832-bc78-4527-a3e7-8099266ecb52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8517
x-amzn-requestid: 12456791-0e7f-45d7-97ae-d663c8fa841d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMozvHHLoAMFVqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb4a-54ed1ec101789247052c9ec8;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:07:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nultDXAkaHp6QxGLyEw4fwxN7pWlANJhy8lalSyZuJesPboNe9pFWg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 07:12:40 GMT
age: 77266
etag: "9442f111d329f721ddc55100cd246586d8204048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff33742-bcf4-48a8-b6fb-80eca56e49e2.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff33742-bcf4-48a8-b6fb-80eca56e49e2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 71251bd4e19aa0d2be6336e7366f15ff
5c8be4aa5190dc7ae89674a26945bfc9ff240175
fb15afbdd12ab04b3bb2785fb3ebf1f2d82f243b47f1b8c2c8788f7653f8059b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff33742-bcf4-48a8-b6fb-80eca56e49e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6003
x-amzn-requestid: 55485f7d-70d3-4f00-90fa-6384e53c990a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR79tEt8oAMF8vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9f1-7b8a266209a1648724c5ca9d;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3edUH9nvxAHeFtJk-vye1QpLXAgSYPo62odg3mPQwE-u-npXeDDdVg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:02:13 GMT
age: 23893
etag: "5c8be4aa5190dc7ae89674a26945bfc9ff240175"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.db-ip.com/v2/free/self
200 OK 9.6 kB URL HTTP/2 api.db-ip.com/v2/free/self
IP
File type JSON data\012- , ASCII text
Hash 85fc44df609d41bb8b6a6a516ff4321d
bd8a6b22d8dd51a83bcc3a7ddfc7fd654173879d
fb7e38f10823ef7349042a097ba78b76112402b424c5ab512bd2dafaabf935e7
GET /v2/free/self HTTP/1.1
Host: api.db-ip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hornifuk.com
Connection: keep-alive
Referer: https://hornifuk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:40:25 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
x-iplb-request-id: A29EDEDD:FC64_93878F2E:0050_63843BB9_3DA84F9:10755
x-iplb-instance: 33797
cf-cache-status: EXPIRED
last-modified: Sun, 27 Nov 2022 16:18:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=esYY1bx0DYEORhkfh3UrWwU6eBaAQcNnBaJ9K35TK4dahiqcWUqZ5R6kpQPCPWbWr48gLjgRT5x2jPs6B1BBYynSi8hyY%2FOsid5YG6Sfo8mVcAXGSRib2jboColQoQQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77106ce4d94ab500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hornifuk.com/a1c_dt/ps8/sv5/images/d2.jpg
200 OK 151 kB URL HTTP/2 hornifuk.com/a1c_dt/ps8/sv5/images/d2.jpg
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x1024, components 3\012- data
Size 151 kB (151193 bytes)
Hash 97dec5a3172df15526db0e85f225ae24
a821064233cd187aa1d4f67aa73ebfb99ce9e1e1
741c2bc7174ee5ac209d2452933a10d571d1848e26b90ae3f3d1c6a9ad3fabf9
GET /a1c_dt/ps8/sv5/images/d2.jpg HTTP/1.1
Host: hornifuk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hornifuk.com/a1c_dt/ps8/sv5/index.php?_
Connection: keep-alive
Cookie: _familysafe_=0; __utma__=MzYxNzY1MTEyNTpOTzow; _pp=%5B%22170241%22%5D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 31 Aug 2021 06:30:26 GMT
etag: "130af27-24e99-5cad515caa480"
cache-control: max-age=29030400, public
expires: Mon, 30 Oct 2023 04:40:26 GMT
content-type: image/jpeg
content-length: 151193
accept-ranges: bytes, bytes
date: Mon, 28 Nov 2022 04:40:26 GMT
x-varnish: 1649107401
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
hornifuk.com/a1c_dt/ps8/sv5/images/d1.jpg
200 OK 292 kB URL HTTP/2 hornifuk.com/a1c_dt/ps8/sv5/images/d1.jpg
IP
ASN #51790 Siel, Informacijske Resitve, D.o.o.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x1024, components 3\012- data
Size 292 kB (291837 bytes)
Hash 74adaac8cd12bfebd82d9b4bc5a48f67
49f322bfcb310c5ae647f7412bc31bf81d5abda4
2067179e18b13ac516fdd9040a7aefc0e97d82ea2312b81a28c58460e856bf52
GET /a1c_dt/ps8/sv5/images/d1.jpg HTTP/1.1
Host: hornifuk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hornifuk.com/a1c_dt/ps8/sv5/index.php?_
Connection: keep-alive
Cookie: _familysafe_=0; __utma__=MzYxNzY1MTEyNTpOTzow; _pp=%5B%22170241%22%5D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 31 Aug 2021 06:30:12 GMT
etag: "130af26-473fd-5cad514f50500"
cache-control: max-age=29030400, public
expires: Mon, 30 Oct 2023 04:40:26 GMT
content-type: image/jpeg
content-length: 291837
accept-ranges: bytes, bytes
date: Mon, 28 Nov 2022 04:40:26 GMT
x-varnish: 1649107400
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
accounts.google.com/gsi/client
200 OK 0 B URL HTTP/2 accounts.google.com/gsi/client
IP
GET /gsi/client HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hornifuk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
expires: Mon, 28 Nov 2022 04:40:25 GMT
date: Mon, 28 Nov 2022 04:40:25 GMT
cache-control: private, max-age=1800
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-lllANaqzKdPyJMyLRJkcCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
46.19.10.215
142.250.74.170
93.184.220.29
104.18.32.68
23.36.76.226
34.159.132.250