hottime4you.com/ol/all/de/ms/25-687828/
172.67.212.155200 OK 2.4 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/
IP 172.67.212.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash dbdf678eacd3d9afa962739d0b6cbf59
cf8ce94499f12541db9cb0aa33f18bf8c9b6973f
a837ce2126ffced216dea24b200606f18824b887141c05cea1ef13477e49ace6
Analyzer Verdict Alert fortinet Malware
GET /ol/all/de/ms/25-687828/ HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQv%2FNqzvHi6fC0K5H%2FbiE9SfoFv5yXeaTPwvEMcHj4gXprCI7vkoltRxS4GX7MbBymQTbfr8jalg%2F9BPCsUkzx40NVVOySjM6nKh8dX2jo7hNm50tLwuY5p42Lp5SF%2FQo%2B4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79bc1ee92a7f0b3d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fc5f224fada7077c68971b7760c8df69
2eb6371b1666860a1c7656d8a3de7ac84f4cb359
0c60b1781c2bfd8a23c813767aa0cb3469ed185b795554aa4e63bf3839afdcf5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C60B1781C2BFD8A23C813767AA0CB3469ED185B795554AA4E63BF3839AFDCF5"
Last-Modified: Fri, 17 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6372
Expires: Sun, 19 Feb 2023 05:51:02 GMT
Date: Sun, 19 Feb 2023 04:04:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 50ffd49bee3840941f9fc33baca23aad
2ff715abc76ea138eff267a64f26eb2dc6365b4a
ff8709095d9b5a7d90ff10b31a6a9d2e071b42e215641d30dce6de6a782bffd6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF8709095D9B5A7D90FF10B31A6A9D2E071B42E215641D30DCE6DE6A782BFFD6"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3049
Expires: Sun, 19 Feb 2023 04:55:39 GMT
Date: Sun, 19 Feb 2023 04:04:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 19 Feb 2023 03:53:28 GMT
content-type: application/json
age: 682
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5539e12eac82ed8486057f67e18231d3
866778ccdac94dbeff9bc217d4a057079ee71b2a
d82a876ba46480f2caa20e2112941bfb461bdb03e882949b347abb9e8006705f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D82A876BA46480F2CAA20E2112941BFB461BDB03E882949B347ABB9E8006705F"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2813
Expires: Sun, 19 Feb 2023 04:51:43 GMT
Date: Sun, 19 Feb 2023 04:04:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: a/bjWR/Fx/8E0Ul2yLDT6G6RKTTlX4liY6NIYwf5LXxa1m71necUj0m4afS+W5isfXlww3TyBT0=
x-amz-request-id: 8K0YG73E4HQFAE0V
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
via: 1.1 google
date: Sun, 19 Feb 2023 03:51:04 GMT
age: 827
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
content-length: 5348
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 19 Feb 2023 04:04:51 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
hottime4you.com/ol/all/de/ms/25-687828/css/animation.css?506693
172.67.212.155200 OK 523 B URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/css/animation.css?506693
IP 172.67.212.155:0
Hash 7d856f49fb85c308f7e3aade806615a1
a8afe132ac05e71b26e86069554a4f8fa0ba1956
f48295eced6a46803e1b1b944fb1debb2f72c2d252dfeb0a8af0d5152b06b1d5
GET /ol/all/de/ms/25-687828/css/animation.css?506693 HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:25 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKlwiEzJtETLUJ242748YcAddLCum2Uj0ryXb%2FbsgAox9VafgSLYiP7ec%2FA4w5IVnbrT7XQ0pNhq6jwRqjQL%2BkWnXUvzPpQ7uNrwT8zWP6no3SMg5qJa8xbBOWT3rvKqScA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eeb8b4b0b3d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/css/style.css?506693
172.67.212.155200 OK 1.3 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/css/style.css?506693
IP 172.67.212.155:0
File type assembler source, ASCII text
Hash 72aad72b7a7577895dce7e46bfb0bfde
043e7652c5f102f7aba9d6257e29e5ff583cb078
6089d2910cd66df85fbaf684d2275de5c73e8c7f795529e967b7e0a0deea88c9
Analyzer Verdict Alert fortinet Malware
GET /ol/all/de/ms/25-687828/css/style.css?506693 HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:25 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1sFES%2BQvsEyHwvvO%2FQRMLrtKqvRov30t4cD13VxPoNIqx51%2BP4aC8COfCVGESQC1tpmOT1g9HXqyQY1A2INVJ%2BessYnpRrgV5VxtNhtAB3NcLB%2BjahoGpa9eJMbpgvw5Eg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eeb9f8db4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/js/backoffer.js
172.67.212.155200 OK 230 B URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/js/backoffer.js
IP 172.67.212.155:0
File type ASCII text, with very long lines (430), with no line terminators
Hash d1d761e3721375472889577260906f9c
c5e6e54e8b6b84af216d867dca79eb00c2819e42
de8798dd7447b4651ec2d44931c15ceb0d3e5099997b2ddc2452d3f95092a1a2
Analyzer Verdict Alert fortinet Malware
GET /ol/all/de/ms/25-687828/js/backoffer.js HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:33 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXj3Yj3ai9XSuv8hNN0a3KOqyEAxlm5MDRLPcmcQy7MKFOsizDzjjD3VQVPDYYI%2BKjlfApkyjNqbhBoknEeT4JFYt9GGOJoQ0VavcXDwEENIma62x7WUXtCOvZoQ%2FKCebY8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eebbb650b3d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/js/step.js?506693
172.67.212.155200 OK 865 B URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/js/step.js?506693
IP 172.67.212.155:0
Hash 46a3a0281d7bd5455f99d71715bfbf53
9a88730bc5731b2f686aa3076ae9ec06ea78b439
c4ad2f86a75743cff0db4e957c174c02149421b1c134fee9c84218c263320a81
Analyzer Verdict Alert fortinet Malware
GET /ol/all/de/ms/25-687828/js/step.js?506693 HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:33 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNet24G9Ya0OBoMbEAgw7%2BhxL53%2BlqrtzmDcMqDs8raZ2xBjsruMiNLbFc061%2FlXTfqvgyXr7kuZqRGkZWTDomRzL%2FZaSk%2FKrfRh%2B%2FtsHz6qN5jjLyrpd6YX1ygTeLKz6EQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eebbf99b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e63744e37915212fad693944702dce5b
990fb1fa6ac8998fd4e2511bebc61fc07cafd36d
b428d79c98993419be4242061e1b3ef58d31309f87875535fcf7d5fa242da140
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 04:04:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e63744e37915212fad693944702dce5b
990fb1fa6ac8998fd4e2511bebc61fc07cafd36d
b428d79c98993419be4242061e1b3ef58d31309f87875535fcf7d5fa242da140
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 04:04:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
142.250.74.170200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65447)
Hash 7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Feb 2023 15:50:19 GMT
expires: Fri, 16 Feb 2024 15:50:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 216872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e63744e37915212fad693944702dce5b
990fb1fa6ac8998fd4e2511bebc61fc07cafd36d
b428d79c98993419be4242061e1b3ef58d31309f87875535fcf7d5fa242da140
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 04:04:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e63744e37915212fad693944702dce5b
990fb1fa6ac8998fd4e2511bebc61fc07cafd36d
b428d79c98993419be4242061e1b3ef58d31309f87875535fcf7d5fa242da140
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 04:04:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 74b6d3174dbb9abce64ee783f62d5561
11722c6829d1b0fa702f1d1ad822c2ba1c9c9fdf
09d593d0d9f7f947ed0739c59b4b16f7eb9bfaa9400916c9beea404599425490
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09D593D0D9F7F947ED0739C59B4B16F7EB9BFAA9400916C9BEEA404599425490"
Last-Modified: Fri, 17 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20434
Expires: Sun, 19 Feb 2023 09:45:25 GMT
Date: Sun, 19 Feb 2023 04:04:51 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash b9721c8b6220cea0501d5202558f11ae
e0fce6b79f6b0a36b2cdab13380fcebb4f1729b4
4feedfd42749ce0f5cbc93124ed7765619d87b701e4a1886535f321da7095ca5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123954
Date: Sun, 19 Feb 2023 04:04:51 GMT
Etag: "63f0e115-1d7"
Expires: Mon, 20 Feb 2023 14:30:45 GMT
Last-Modified: Sat, 18 Feb 2023 14:30:45 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cNUmH2UTrQUQSYp8xRbG88WaRb9mtS8DgHyq9O-sksUKMdChkk3FAw==
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash b9721c8b6220cea0501d5202558f11ae
e0fce6b79f6b0a36b2cdab13380fcebb4f1729b4
4feedfd42749ce0f5cbc93124ed7765619d87b701e4a1886535f321da7095ca5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 19 Feb 2023 04:04:51 GMT
Etag: "63f0e115-1d7"
Server: ECS (dcb/7F15)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NkSjbtCo-BzDb5aZsIzI2weqGO8GFIRqJl579ogJTVJpIIlldzwmoA==
static.production.almightypush.com/mng/subs_window.css?ver=1638888212
54.230.111.86200 OK 6.9 kB URL HTTP/2 static.production.almightypush.com/mng/subs_window.css?ver=1638888212
IP 54.230.111.86:0
Hash bd7dbae15f904a4e1213439ebfefddbe
9f7a33b3d6e7965d8b99f0ff56cbf2e2ebb8f78e
30c08f3bb42d9a16155c65fbc952430048e4a84be70b98cb989b2dc977b49f8a
GET /mng/subs_window.css?ver=1638888212 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 6945
last-modified: Wed, 18 Jan 2023 12:37:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 18 Feb 2023 05:40:09 GMT
etag: "bd7dbae15f904a4e1213439ebfefddbe"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d6gKyb1uhpdzo3YQrLWb5McfsRkDW7Xo-8mwsJedW3IffSu2IJASBQ==
age: 80804
X-Firefox-Spdy: h2
static.production.almightypush.com/mng/subs_window.js?ver=1638888212
54.230.111.86200 OK 20 kB URL HTTP/2 static.production.almightypush.com/mng/subs_window.js?ver=1638888212
IP 54.230.111.86:0
Hash ae593f4be1dd1f0710123918b49c4933
66fbe30bb873e0a47d3d72e737d68aa4b6916c26
fdf9ff3f74dcf11d0fa456dcd53cb21550f67f0cfdc11dc29bef595f07b56206
GET /mng/subs_window.js?ver=1638888212 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 19491
last-modified: Wed, 18 Jan 2023 12:37:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 18 Feb 2023 07:45:30 GMT
etag: "ae593f4be1dd1f0710123918b49c4933"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MiJosVc80UD0DbmTxe1-OU59LMSNQ0g0frtXX_e3LbcnKNcLoMDJNw==
age: 73290
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash b9721c8b6220cea0501d5202558f11ae
e0fce6b79f6b0a36b2cdab13380fcebb4f1729b4
4feedfd42749ce0f5cbc93124ed7765619d87b701e4a1886535f321da7095ca5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123954
Date: Sun, 19 Feb 2023 04:04:51 GMT
Etag: "63f0e115-1d7"
Expires: Mon, 20 Feb 2023 14:30:45 GMT
Last-Modified: Sat, 18 Feb 2023 14:30:45 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Hx2OKiXptXSI1w7njnczLwJKd3TcGR6xt7pgdXgBT6BpqffGGlWa1Q==
static.production.almightypush.com/mng/channels/init.min.js?ver=1638888212
54.230.111.86200 OK 23 kB URL HTTP/2 static.production.almightypush.com/mng/channels/init.min.js?ver=1638888212
IP 54.230.111.86:0
Hash 3b6653c5e8ba364d3a55401890bfcd78
ee999f16f02d41b93d1db2bf3a489fab1034e67a
a598ef0100e73e2d81969e0a59374e915ccfe7c312603b4b1375bbd0e75498d5
GET /mng/channels/init.min.js?ver=1638888212 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 22787
last-modified: Wed, 18 Jan 2023 12:37:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 18 Feb 2023 06:40:04 GMT
etag: "3b6653c5e8ba364d3a55401890bfcd78"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tz7Qy1pWpg-MFEuj1BHnb-oHY4ZlB9uSrWQsPo7kB76slSZbFkv7pw==
age: 77490
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Content-Length, Content-Type, Cache-Control, Pragma, Retry-After, ETag, Expires, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 19 Feb 2023 03:20:33 GMT
age: 2658
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
hottime4you.com/ol/all/de/ms/25-687828/images/21.png
172.67.212.155200 OK 54 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/21.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash a081e159c9b11cdc4930e2b70ec5a1aa
58bda100572729bc2ad1288a623bb63b02172b84
03e842319f517c509736b088d866254d7bdc6a61f8dd691c2fe9f79545e749fc
GET /ol/all/de/ms/25-687828/images/21.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 54171
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:29 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EbvD5%2F90YKALWM225wIl6eLzCkaRyfL1ONzxT2ApRvuNFRlC8HLQHrSGJPKo%2BRyBchiE4Yg87ZJqkcGqdzbZfqcBnsOkFxJTg9Re5bpraOKkC3F%2BiEXh9P2tXc71YTzdD4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eef8c7e0b3d-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/22.png
172.67.212.155200 OK 61 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/22.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 9502e70fcfd8acca4d0510286eba3bd8
1a4243f43e7212489c8ac5ecd57e74fefed98d96
3dc39eeeb917cdc0e57b6241c4df77b4d9103b0f2dc69771d7a659f0b35912ba
GET /ol/all/de/ms/25-687828/images/22.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 61392
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eddkX3RX0J5gdTYOv0MNvYgQMSTMtWHUfJIUbBHcdpHPG6nvApymYB4N8pGCzPrwrBdWgl%2FcOsBuN7%2B4ywyydYBmb%2BBrv%2B97NIwzluh45IwmAT4EdXL%2F6CfTBOrqJtL3UZo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eef8944b4f9-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/32.png
172.67.212.155200 OK 55 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/32.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 8c58ae244f7bd521506573d2589cf8b9
a7ce9a4e1cb43e2f4efe2094f576285b4f25b9c6
c178cb0498a1a548575f8f9e3911e45fdef95cfbb7b229fabb1955aca060fdf8
GET /ol/all/de/ms/25-687828/images/32.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 55175
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sW1ELPqa9XtaGUfOvpnoBeiQIgluDqd9cXJng1d31v7gabEMGrntorMWoD7HzTJtm%2BV%2Fmco3kZMO7T1R9zzdZ9g9WQ1r%2FHJ1rRgH1ZrxbTQYawhkmUlyQPUGoRc3ID7Slug%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eef8ab3b4fa-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/33.png
172.67.212.155200 OK 66 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/33.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 8919c27bfbf6a695f22b42979e169490
b944fb71fca53041501799c932956af920dfccc9
c9bfcf08c816d5b8e685ebd2697dc414a1b09db848f58b9353ecc3182ae52a4c
GET /ol/all/de/ms/25-687828/images/33.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 66468
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lCns9tdgFkc9SQoH9rKDgty5tNN1Zkhi9Cuo329Oc7kMD27F83f0pOb7YaYbfdg2ji%2Fb%2Bz6%2BC1Vo9o9LCIAkK6n3b9POLtl1mnrtFCiCUTNW6VHwUKOjioBIVxRCS0NuPM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eef8fdeb4f4-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/14.png
172.67.212.155200 OK 64 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/14.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 5229c527050cfc1d3e744bb3e243a511
8a161090b7b68654b53ec4d62b1917813e1135f9
b6609d6a77a5d7ef9a1b0bc8cb339e500966f5fe8dff8b8ca9a84acd3d1a4515
GET /ol/all/de/ms/25-687828/images/14.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 64303
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:28 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmXbMpFthyKvxyT4z5nG1x2AXU8qa6QeD7gBGmV6O4F82bEDIigCW%2BdaKTA4rElH7iJTRxTiZAEywv8TEoBntwvDcuYZbNkuYHh7v%2FpCDsZ0gaDJ%2BhgD2DVGgJgKORgSe3A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eef8954b524-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/15.png
172.67.212.155200 OK 53 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/15.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e6044de45fe8d0d22f624413aa4c785
4bd34494cb010aec1cb685bc31e98a93d2e94306
d906fe11bcc0d22dc8feb8a10fa3d3f9415c127f7dc1ad833d788972b684f600
GET /ol/all/de/ms/25-687828/images/15.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 52615
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:29 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24AjQOGK6jqbREHn3MAklrU54jKKOTn40In3DCqZtnj%2FWHjjJC8RvZXMkgH5IzEnl5jbSRjdZxOZzOQH4af0b1agtUyo%2BwOqZrAsJBLCCe2ejdFmQK7j4SISPjgDYl0JFOQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eef8c4c0b65-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/31.png
172.67.212.155200 OK 60 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/31.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 8219bfcdb7286bd03b2295e4065d3c38
459b57ce62406ba97b9682cf8da47fc53f18fe2f
78ecebccf0b424f613fac6ca2c34e5d9bc7cccab0b2b0cc88efb23bb2a8a6bea
GET /ol/all/de/ms/25-687828/images/31.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 59718
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQLi8pqJ9L1FI5un34JgTULXMHiIbvYFvLrob2ngzqAvU7srcrIOtJC4o1AM%2Bp0%2FHWnxalyD9ClaqBPkO4qVFKXTUqmhZZoJHdxAmQKKR%2FJBIMgPSkK0aWMlc64JFzzJR%2F4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eef9c800b3d-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/25.png
172.67.212.155200 OK 67 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/25.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash d1b1b830be86c68486835a237652ed19
a72ee10174523bbcea9e7fbb09dd79de10e6f38d
9809a272cdb59025422645d54b003a4b425ea461e3fe7218d83f6551a55b5e1b
GET /ol/all/de/ms/25-687828/images/25.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 67145
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3eXnnifI3HY4ZTXMKZAZhH4RF2XKbWYgIGO3WpWZgIobS9tZfEI%2BZX708ybPGiHo3dHRngK6CBUqTkMmFPVHoNePE2%2FmrW9hdO7lEWPeaGa2%2BUmBQtp%2FD6OC0CjcMjfyy8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eef994db4f9-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/24.png
172.67.212.155200 OK 58 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/24.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 5275c3e17ee2ba370c01ae31249d42af
98c09ca29deff276fd966d313599ffdf397c55e4
f05b3a33818bc9d5dd44fe4074f1818f19efb54d70def227b72ab36ea5bd2c78
GET /ol/all/de/ms/25-687828/images/24.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 58158
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHxLiLnUYxtixD1FHTPz%2BVxTxzkuRCslqTnKhae4bCKlv5c5qWRGpt%2FeoX3ljV1NcdXtniYFl22lucPsHohDKamgLA4y5ii1%2FJ4OgVS7Ii5QtTYcK6eKQvBEZp%2FD8%2BELfqA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eefbad8b4fa-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/41.png
172.67.212.155200 OK 59 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/41.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 9a61621beab625268e0eb02e83d2ae34
2070afedeafc30bd0648bc6c07accfdcd0ab542c
314c03abfaa1c4ed21a33d5c91374f310a2a5f0f9e7f50520e71ecaa1b3757d9
GET /ol/all/de/ms/25-687828/images/41.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 59394
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:31 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYtJCffjh1jp6KEc8s8p%2FPDrxDikcE2Ko8ufp8ZY7fv0qPqDXtLJRry%2F8C0Jem%2FNW5H4TBYohFdXxai2e2RXJxLuWdOA5sOkZ55wHxnAbrFsRpyYxuQyq%2BFumsBsn40pGIo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eefb95db524-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/13.png
172.67.212.155200 OK 54 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/13.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 4556a96c44b107c284756f1356ea20a4
863cb36669642a5b8c64aea43f5af2359e3470ff
3e0b6093aa4ffb696f6ad8e89569185bfcfcde1c5e0789d40b15e379039c6dec
GET /ol/all/de/ms/25-687828/images/13.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 53585
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:28 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QG6OxZPlUD3o19dGljAsYxv9eU5v8k346Ma%2BX%2BTUMg10aPX1EUoxfNGLkMjg6DnOGvlE0%2FT805eG%2Badt%2F%2FReNcUYN0A6TQOvltQ8PqAcJeOsOuLLkitOjCZcVGS%2FTIOwb5o%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eefb957b4f9-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/45.png
172.67.212.155200 OK 61 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/45.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 07092234c81d019e50a0fcd65dfd9409
7554ce01f18dfed2fdf5f3245c0f691f694d61cc
e99340f5c88e442ec5f28de9a3f13dd3271aeae21ed9e9986e90317e43c54346
GET /ol/all/de/ms/25-687828/images/45.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 61156
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhjXfjfYFwVEgncH%2F%2F5epKHi%2FuNJzjq3SsghPZMBNsm2NQ7Nql18EcsjIW3M%2FZnMAKC6RC9noIrKe8Kne8uICjM01D3C2zR0WnXfdz9Y3xNGXCWS2%2FvTL1DaK2ATH8xChb8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eefbfe6b4f4-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/12.png
172.67.212.155200 OK 58 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/12.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 46fb821d3c8ca1b808dcc54300710f89
8c2af696ea30e845c7c8cc249909e26755de3f8d
48f9f84693e443822172bc338b16f6bed62c4cbeb686f8018dcd2bf691007b62
GET /ol/all/de/ms/25-687828/images/12.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 58018
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:27 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RfMVvsRLNooqdcbaUIFuibqKmgD77oYpnCKKVrC63oREynxwT3SpwVJaOScGtGN9OyH7Q3bFHW8KvHKZlb7g8Mi2iRUZLrNZuciP8OSv4jLaHNrei0PtvlA0w7tBzWjn7w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eefbc5d0b65-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/girl.png
172.67.212.155200 OK 115 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/girl.png
IP 172.67.212.155:0
File type PNG image data, 179 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 115 kB (114891 bytes)
Hash e6f5ef72ab1dcc3eafc82a18f80ff1a2
60f8cd2eb79d1748b2cc3a74cf6ca8bb37fa4ced
5dd9582581c7b8c05ddae2d388af0eaf951186fefc73a6c0894b08e8edbf24c5
GET /ol/all/de/ms/25-687828/images/girl.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 114891
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jaA%2BVi6gbRF6OgHN0xBc%2Bm98m3I3wf2SlmhctYF3STaKUbXV3kIu9zW704i8kU3ER3hmUDN876ZmkKUdGMBP0WUjv4BjOljW0%2BO2v6sWejJt5GsWJ3UEhY7Be04cbtM4IFc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eefcae2b4fa-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/43.png
172.67.212.155200 OK 60 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/43.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 01e539dac5d06d4ea5b596208d0ea607
6dbc43d0df4010b6cee02e6dfbb1a26ad60f2b9c
85c15d2d42b33ad87c7f7d3e422348d46412938a97370ee26a24daa66e09adad
GET /ol/all/de/ms/25-687828/images/43.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 60395
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zufl%2FpPJ%2FREbnpIqZ7GrSASJpDKfVPrGoRoRbadKKA2AvdfzK16a1xomc88l8tvJUc%2BYRkYeRJ%2B4rpwH4mwlgxfvCV%2F3yaMGJZMXkS9tG%2BiwtlAg4CgTKtunUpLp6LjgBDg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eefc964b524-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/42.png
172.67.212.155200 OK 64 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/42.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 9a78453a120ef776608b04ff29cdeae1
b1f7c5bfc3a5999845d1d101a9efccadbc6066b3
bac36e0cd616d2c9716ee7ea996e086ad48f10589f0ed45e1562fe99d1db00df
GET /ol/all/de/ms/25-687828/images/42.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 63889
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:31 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHn7qWWaGSPE9AG%2FYQZWRPGMr4bTaw3yAesVb%2Bsq9pFv54%2BHMcIUDMPmmQ1FVK4tYwn9v09HtTxf1XlX2qtU2ptYTm%2FVQwbNMNtkyK4NqbHvNXzp%2FDU4bUU8i%2B07DE6IY1U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eefd95db4f9-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/23.png
172.67.212.155200 OK 62 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/23.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash da384da949049318f5e2666fdd5944e8
666ac1ed92f2134d2ed7f15a6361306f1b21b146
417d52172fecfb675aafb6dd55a7a6c0fb166d2045ecb7a6c0447673b837a7f7
GET /ol/all/de/ms/25-687828/images/23.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 61988
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:29 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZcOZuPb%2BMxaYVVV3LCpi4zslWVuFt53yAwarxzJPjuMfrXC7QKU3xuuL3ZtuFQAng4R4A2s7fTmiwplbG0nnVUak95tvtOOQwAQT5Go%2Frp1yVLeheRWNUaHtS2Sa19Zlr0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eefdff9b4f4-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/44.png
172.67.212.155200 OK 54 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/44.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f7edd152703c2e421e411c0b361b498
13e65f5eba06be9507af7be27a6b6c9e3189b391
94d93e34dd3f5903b2efae4d7e7ddb3c895ce92de9aa379b859aa4037d914b9f
GET /ol/all/de/ms/25-687828/images/44.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 53709
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYElCWU%2FlD3dlYIp776mCVqIvrDmwFcfcCqQTs0hr1hvLujdST%2FRcFoI%2B7eJZmPv6Fe3VzRsTNuUtrd8ldF2GviGoqZdsCiwOreesjQwDeqi11Zf6zpvg5GS2tE1jBGYKNQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eefdc640b65-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/34.png
172.67.212.155200 OK 65 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/34.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash c397f9f4382193fd4d45c600b6008e49
3689e9db6a13d3ad4819d7f229ecda756cbee61a
82357ef1702df45958ed401f7b0c4b83f89d2fda13a7433a67fd0bd7327696d7
GET /ol/all/de/ms/25-687828/images/34.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 64758
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:31 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJa55PxD%2B7E%2BIRwJwLcGOqeO2pM6RG3Y%2BwT8qTbY1UnUlAbWok4BBb3agpyv3DawlRuzUUD%2BaNSm9UQFBsJDH8nCJRX29YBdrj3K%2FkLTEfknSY%2BOhEYle4kvXmTvaDUyE3Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eefe963b4f9-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/35.png
172.67.212.155200 OK 66 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/35.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash fd680f2add1ba478d3138793153a8a15
3a0f15277750d45fc7ec66ac0fa7fece5933b688
50bbc3f2dbf0158911cad9742eea7d0c54a8eef64febcec25881f955a244c7e7
GET /ol/all/de/ms/25-687828/images/35.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 65676
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:31 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbGZcDRe7HgSNQll7v%2B48fsi1BZUo%2FL5Df8VpYZJxYBYzhG%2BbM9sVPuFQbWtbFemCtobK7BDxFVHV8D6NAirV450DgRPXK3Yyilg1faJnjztxtNHV0e%2BImaP2d5Pfs7VX90%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eefeaecb4fa-OSL
alt-svc: h2=":443"; ma=60
hottime4you.com/ol/all/de/ms/25-687828/images/11.png
172.67.212.155200 OK 60 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/11.png
IP 172.67.212.155:0
File type PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 74c93e1362de9523d8f35b6f2d78917b
1d9df51e43be8d555d5fabe62dcb159eab784f5e
39707e9d6aaa148b2bbc1aabe00110f54bbcf7c07c62f24daaf539005e582472
GET /ol/all/de/ms/25-687828/images/11.png HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:51 GMT
Content-Type: image/png
Content-Length: 60166
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:27 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6csk%2F71VqGFnXllLxA0HWIc%2FFRkDMl5UhP1Fjs67QrrWD5K9lO%2BWBnmPG7x8kcItEVjZi4yEPPj1EwMpMiy%2Fov73cWh2PSZS%2B3PktV0JPh%2Fa2kqKLIBLRuFSkcdFAdgpz4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1eeff801b4f4-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ffe8651a83ebc937a53bf14c980c348e
8fe2f9219fbe52ee890533f94dd617da679050a4
96149e604ad1e11ab2b100b60e4605b7213f215b0a788506185def01954cb70f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96149E604AD1E11AB2B100B60E4605B7213F215B0A788506185DEF01954CB70F"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15721
Expires: Sun, 19 Feb 2023 08:26:52 GMT
Date: Sun, 19 Feb 2023 04:04:51 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 08d2a5c0c4fd99b381e5d9b61bfc20c0
50db917e90097c318c77e9934b3d618b02a3dd6d
bb303e18974f9f5756b6af298d30bce6a0a22b0a11490e77ce34567d64b4b519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 04:04:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/quattrocentosans/v18/va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2
142.250.74.35200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/quattrocentosans/v18/va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 24320, version 1.0\012- data
Hash 056a6ed9c698772e2438032629f4933e
e88b32e3d9492e241bf5451e95967c5597f29967
86380b40e3d14ed9f3e0a5ff79c04f510d7910f677a66685e2b10f8b8765797f
GET /s/quattrocentosans/v18/va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hottime4you.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Feb 2023 01:18:02 GMT
expires: Sat, 17 Feb 2024 01:18:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:02:38 GMT
content-type: font/woff2
age: 182809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 08d2a5c0c4fd99b381e5d9b61bfc20c0
50db917e90097c318c77e9934b3d618b02a3dd6d
bb303e18974f9f5756b6af298d30bce6a0a22b0a11490e77ce34567d64b4b519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Feb 2023 04:04:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alexatracker.com/jscode/JAIA.js?sub1=hottime4you.com&sub2=&sub3=&sub4=&sub5=&prid=
172.67.204.112200 OK 0 B URL HTTP/2 alexatracker.com/jscode/JAIA.js?sub1=hottime4you.com&sub2=&sub3=&sub4=&sub5=&prid=
IP 172.67.204.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jscode/JAIA.js?sub1=hottime4you.com&sub2=&sub3=&sub4=&sub5=&prid= HTTP/1.1
Host: alexatracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 19 Feb 2023 04:04:52 GMT
content-type: application/json; charset=UTF-8
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: BYPASS
set-cookie: trbarid=945791fa11f3a8d1fdd3b96090596c10ac6484c8a40ab6b792baacab0b7724dda%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A1058641854535409635%3B%7D; expires=Sun, 23-Feb-2025 04:04:51 GMT; Max-Age=63503999; path=/; secure; HttpOnly; SameSite=None
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiKZ0HA7k5CGRYiBaILyEwIWhus1GBUOyB1eir%2FGYC8hOMN36NK7M7Ikhb2FvXV%2B0NPdeiw1JiHWzZeTNaV%2Bjtmy2uUn9k6hHf%2Bn4lnucKXFRegn%2Fl8DdCUUvr1pmy3Nbo0t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79bc1ef00a3a0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hottime4you.com/ol/all/de/ms/25-687828/images/fremdgehen69_com.png?506693
172.67.212.155200 OK 1.2 kB URL HTTP/1.1 hottime4you.com/ol/all/de/ms/25-687828/images/fremdgehen69_com.png?506693
IP 172.67.212.155:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 42b5a1de339f60bc62983337edc85f0a
10c3cb6655538193f1988123e9fd5f9fda7915fe
0387e0d953b13b879873233510f927697c7a598c82f22b3edf19a5c8d21469cf
Analyzer Verdict Alert fortinet Malware
GET /ol/all/de/ms/25-687828/images/fremdgehen69_com.png?506693 HTTP/1.1
Host: hottime4you.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hottime4you.com/ol/all/de/ms/25-687828/
HTTP/1.1 200 OK
Date: Sun, 19 Feb 2023 04:04:52 GMT
Content-Type: image/png
Content-Length: 1240
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 13:28:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCVCZPUgFkwBoVTHa2FJnCJ8wBdXFXw80x%2FSOtYo4VQ%2BHhCRwEormtSpAkIJET5hsb5WQ8vTQZ32lXjoEmyoiptTf%2F%2FMAT86HhXxzFf4QM0g6Rx6vtbdhS1wJDgdEk%2FC3Xk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79bc1ef13b62b4fa-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
35.82.212.76101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.212.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 07gPwRQ9YchCUnf9FIWMfg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: y3X7yxh0BZUNHvm9VjCkOvmOz8U=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5b1775b8f4f9ebbac7a1572afa4e4f92
7c7c748730a9422b0f5f9bcdde36a91c9639c595
a1685273829a7672a3fa089525b959f1f95f11c0a5c0d09fbbf1f4667b3f7946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1685273829A7672A3FA089525B959F1F95F11C0A5C0D09FBBF1F4667B3F7946"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3244
Expires: Sun, 19 Feb 2023 04:58:57 GMT
Date: Sun, 19 Feb 2023 04:04:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5b1775b8f4f9ebbac7a1572afa4e4f92
7c7c748730a9422b0f5f9bcdde36a91c9639c595
a1685273829a7672a3fa089525b959f1f95f11c0a5c0d09fbbf1f4667b3f7946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1685273829A7672A3FA089525B959F1F95F11C0A5C0D09FBBF1F4667B3F7946"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3244
Expires: Sun, 19 Feb 2023 04:58:57 GMT
Date: Sun, 19 Feb 2023 04:04:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5b1775b8f4f9ebbac7a1572afa4e4f92
7c7c748730a9422b0f5f9bcdde36a91c9639c595
a1685273829a7672a3fa089525b959f1f95f11c0a5c0d09fbbf1f4667b3f7946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1685273829A7672A3FA089525B959F1F95F11C0A5C0D09FBBF1F4667B3F7946"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3244
Expires: Sun, 19 Feb 2023 04:58:57 GMT
Date: Sun, 19 Feb 2023 04:04:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5b1775b8f4f9ebbac7a1572afa4e4f92
7c7c748730a9422b0f5f9bcdde36a91c9639c595
a1685273829a7672a3fa089525b959f1f95f11c0a5c0d09fbbf1f4667b3f7946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1685273829A7672A3FA089525B959F1F95F11C0A5C0D09FBBF1F4667B3F7946"
Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3244
Expires: Sun, 19 Feb 2023 04:58:57 GMT
Date: Sun, 19 Feb 2023 04:04:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb212a577-c815-4f61-8e65-f983a0a42400.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb212a577-c815-4f61-8e65-f983a0a42400.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bd82620cb0796d8a2196803f4951c53b
2c861f08df9dd4d23c44e92eae3de0d060f9c8b0
e959f167dc8c00feea5768a846ca1f9512461cf252e224b8427770853f0472d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb212a577-c815-4f61-8e65-f983a0a42400.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 893ee1d7-7fa3-4d0b-8dce-d6392d442d1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Aeb1-FhUoAMFs5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ef4025-0b9f7bba735373b416a7b470;Sampled=0
x-amzn-remapped-date: Fri, 17 Feb 2023 08:51:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sscrzmfYHkHMcsjCa0BXolote8vfzK7aMnsvoYzGikuZsMy7kufd4w==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 22:08:22 GMT
age: 21391
etag: "2c861f08df9dd4d23c44e92eae3de0d060f9c8b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c5a0bab7d34e51ee6476be179b356ba
87917d3cf520d73b7b1029f44505e7700413d51d
136e727a99409218318247b645558fad485ed84bcd90bd43a5895492cb317d89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6879
x-amzn-requestid: 18c46562-f8d9-4f7f-8ea0-1bb46e206f80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANnahEWgIAMFwYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e885dc-50a7cfe4693b4efb038ce1a7;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 06:23:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K3teFfj79RPIRVaLUr5b2XMz3Jb5g8AeZCce6ZAAZmjOSJWr1QIsNw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 11:24:34 GMT
age: 60019
etag: "87917d3cf520d73b7b1029f44505e7700413d51d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F965f639f-1f83-464a-9f79-37bf1848278f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F965f639f-1f83-464a-9f79-37bf1848278f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 31aff91896589b2653f04cdebccd2f16
a24d518b60a5d83a1eb722785b88765ffa94aa71
ea865e4bca80419c0b552a8d4918687732234651cd0e50231f1d1a683c18bbed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F965f639f-1f83-464a-9f79-37bf1848278f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8731
x-amzn-requestid: 258befe4-c428-4c78-ab88-77a733f27207
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AjfV6HqaoAMFSww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f145bf-1700a32555ec20210dcfe72b;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 21:40:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sKjLoC3-z-4iE2t4YzfbC8voNYWprIrCwfMt5FiAKrOLOpBivj402g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 21:54:37 GMT
age: 22216
etag: "a24d518b60a5d83a1eb722785b88765ffa94aa71"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bc26257-b3d2-491e-b1e1-178886f30fef.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bc26257-b3d2-491e-b1e1-178886f30fef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29708d8e10e6bc039586f2a8a10f637c
85cd9f0cae9cfdb20e3bbe25fe681c949c7faa8a
2b7188f98c0f97b9727cc787e4a97252eb17688b752d70a53c221a0b75827ff5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bc26257-b3d2-491e-b1e1-178886f30fef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3760
x-amzn-requestid: 4223c443-c23b-4a5c-9cdd-2a3a70d149f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AjfVxHpvoAMF5sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f145be-26c57127510e9aa344aa73f5;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BYQ23iqvClGRiBs7bNRxb0KWPjsVPB7JWMrJompsbTIZ7RxIZ6T-Bg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 21:54:28 GMT
age: 22225
etag: "85cd9f0cae9cfdb20e3bbe25fe681c949c7faa8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e9904aa-ee78-4b64-b440-cde2815efbac.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e9904aa-ee78-4b64-b440-cde2815efbac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e3504d1bb5666742be1c517a3f37cf5
836e210c950580457069683ffbc97251f41305aa
25257c169059eb32b7731ef5ef12e9230b16c37b32d098873a40dfae2b8d03e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e9904aa-ee78-4b64-b440-cde2815efbac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4806
x-amzn-requestid: ac46f90a-f995-4b37-a731-dbbb13eb3f53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AjfUkFQfoAMFsIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f145b6-3e52cb8a4cd4f1b44adad049;Sampled=0
x-amzn-remapped-date: Sat, 18 Feb 2023 21:40:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ECq2eRRZfHh30j5XqlshcMpWAp23VowbeI5BPIbTnniab706vlqPNA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 21:54:29 GMT
age: 22224
etag: "836e210c950580457069683ffbc97251f41305aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7976ba63-80a8-48bb-a39c-375b7a155d9d.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7976ba63-80a8-48bb-a39c-375b7a155d9d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bfc65ba8c311963f1d30d98e17be105
5bc2e058e3b7e2f3d5844b492bc3c40675af2f10
735c3847ddd1050395493257495e21a93610c4e19ee540bfae5af2930d8f7f57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7976ba63-80a8-48bb-a39c-375b7a155d9d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6504
x-amzn-requestid: 67941c59-c710-4bed-800c-4bd9c7a3e01f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AUU3SE25oAMF96w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eb34fb-67fb8a9c4b2b737e298225bb;Sampled=0
x-amzn-remapped-date: Tue, 14 Feb 2023 07:15:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VhValFp4PEumoKjbb_fReG5Zr0M72H0Q3tx92K4J7B4EtkfEcDH1fQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Feb 2023 19:06:32 GMT
age: 32301
etag: "5bc2e058e3b7e2f3d5844b492bc3c40675af2f10"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zeniocloud.com/JAIA.js?sub1=hottime4you.com
167.114.67.56200 OK 0 B URL HTTP/2 zeniocloud.com/JAIA.js?sub1=hottime4you.com
IP 167.114.67.56:0
Analyzer Verdict Alert fortinet Phishing
GET /JAIA.js?sub1=hottime4you.com HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 19 Feb 2023 04:04:51 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Quattrocento+Sans
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Quattrocento+Sans
IP 142.250.74.74:0
GET /css?family=Quattrocento+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hottime4you.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 19 Feb 2023 04:04:51 GMT
date: Sun, 19 Feb 2023 04:04:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2