144.91.92.120/
144.91.92.120200 OK 4.0 kB IP 144.91.92.120:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (4186)
Hash 6bc3b2054d9c3e4e4c633076e4a10af0
37ada05cf8f66d3053f6818982f7aa67843b59f3
3aa864e7f301200f191993a099efdfde218e67066e53429811167153b11cd4a0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: 144.91.92.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.28
Date: Sat, 01 Oct 2022 07:38:51 GMT
X-Page-Speed: 1.13.35.2-0
Cache-Control: max-age=0, no-cache
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/
13.224.103.49200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 13.224.103.49:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 01 Oct 2022 07:05:48 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4ee178becf6bd81a5ce90c64ae0621b4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: zpf1acDl2gW_4Z-CkuVUuvcWVXkxBtI95a1jhbiIvsOAXHWrm4nvfQ==
Age: 1982
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2541
Expires: Sat, 01 Oct 2022 08:21:13 GMT
Date: Sat, 01 Oct 2022 07:38:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
18.164.68.59200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 18.164.68.59:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 01 Oct 2022 03:33:18 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 c091804e03ab5aaaa5fa50ae3fb748d2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P4
x-amz-cf-id: z3-izfRwFf_o2eqmCk_BnrV9j675_d-RAjeZhlRWHI2g4INxSdj4cw==
age: 14736
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 07:38:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
144.91.92.120/css/jquery-ui.min.css+main.css.pagespeed.cc.HynnMKABtk.css
144.91.92.120200 OK 10 kB URL HTTP/1.1 144.91.92.120/css/jquery-ui.min.css+main.css.pagespeed.cc.HynnMKABtk.css
IP 144.91.92.120:0
File type ASCII text, with very long lines (28221)
Hash 1c13e8dcdb20239fa4160b3fc42aea04
530486bdf272348ef7ea195f463107ce81040ffe
42c3d7ddb1e8c2f4cc6a8775dcdc36b72194ddbb255c9f5cb947bbd0bcd761b2
GET /css/jquery-ui.min.css+main.css.pagespeed.cc.HynnMKABtk.css HTTP/1.1
Host: 144.91.92.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 200 OK
Content-Type: text/css
Connection: keep-alive
Keep-Alive: timeout=60
Server: nginx
Accept-Ranges: bytes
Date: Fri, 30 Sep 2022 19:46:08 GMT
Expires: Sat, 30 Sep 2023 19:46:08 GMT
Cache-Control: max-age=31536000
ETag: W/"0"
Last-Modified: Fri, 30 Sep 2022 19:46:08 GMT
X-Original-Content-Length: 49370
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10466
X-Page-Speed: 1.13.35.2-0
144.91.92.120/js/jquery.min.js
144.91.92.120200 OK 33 kB URL HTTP/1.1 144.91.92.120/js/jquery.min.js
IP 144.91.92.120:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 561f36cd28fefa1ed9dfb16bdbb89d51
78244ac0d6ae401d58949455d20f7e669614259d
580645acb2b6b6850c3dff680fd5ddee1dc6c2914c8fbcc1ffb578a260338f15
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.min.js HTTP/1.1
Host: 144.91.92.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 200 OK
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=60
Server: nginx
Accept-Ranges: bytes
X-Original-Content-Length: 95956
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 33196
ETag: W/"PSA-aj-iDyG3vc4gw"
Date: Sat, 01 Oct 2022 07:38:52 GMT
Expires: Sun, 26 Sep 2032 06:44:01 GMT
Cache-Control: max-age=315183908
144.91.92.120/js/main.js?v2
144.91.92.120200 OK 4.4 kB URL HTTP/1.1 144.91.92.120/js/main.js?v2
IP 144.91.92.120:0
File type Unicode text, UTF-8 text, with very long lines (14481), with no line terminators
Hash 5e6b69fc707c28f7c00c478304ff1eb0
9100bf4a6c31d42fae0805b0f80fbecb5a6a411b
4de12eaf09071e2ed4cfe1501d5d0b3e7855fe58bc29c4012ccfeaa2e00ecfd5
Analyzer Verdict Alert fortinet Malware
GET /js/main.js?v2 HTTP/1.1
Host: 144.91.92.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 200 OK
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=60
Server: nginx
Accept-Ranges: bytes
X-Original-Content-Length: 19322
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4398
ETag: W/"PSA-aj-lsV4x_9hI0"
Date: Sat, 01 Oct 2022 07:38:52 GMT
Expires: Sun, 26 Sep 2032 06:44:02 GMT
Cache-Control: max-age=315183909
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2601db85aa6894ea41f37fc0c1f2594a
afc9de950cf648d720a78467582b26346b8d53bc
3211c5c61098100152ea682c86ec84f3a80229b8d709e5cbe0022caba7dc9e24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
144.91.92.120/js/jquery-ui.min.js
144.91.92.120200 OK 63 kB URL HTTP/1.1 144.91.92.120/js/jquery-ui.min.js
IP 144.91.92.120:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 261ceb45852c5978b892334c35813d94
d578ce89ad55a27979f5147519f7a1ba9af2abc7
58987f9a1672163377370b2433696cb13e1b92ee45e99fe8b8fb426b36efd09b
Analyzer Verdict Alert fortinet Malware
GET /js/jquery-ui.min.js HTTP/1.1
Host: 144.91.92.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 200 OK
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=60
Server: nginx
Accept-Ranges: bytes
X-Original-Content-Length: 238314
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 62637
ETag: W/"PSA-aj-WUZWh69VAg"
Date: Sat, 01 Oct 2022 07:38:52 GMT
Expires: Mon, 27 Sep 2032 01:09:07 GMT
Cache-Control: max-age=315250214
www.googletagmanager.com/gtag/js?id=UA-65718528-12
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-65718528-12
IP 142.250.74.72:0
File type ASCII text, with very long lines (2039)
Hash e612bf1f67c4b02ac59f2eed6787fb66
58682c18f91c35e30a40c15a887b5dbcb4158537
d721717b30becc0a9eebae1eb585ed8d585491fff096044e6185b4f42757e60c
GET /gtag/js?id=UA-65718528-12 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://144.91.92.120/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 01 Oct 2022 07:38:52 GMT
expires: Sat, 01 Oct 2022 07:38:52 GMT
cache-control: private, max-age=900
last-modified: Sat, 01 Oct 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42368
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
144.91.92.120/images/xgoogle_logo.jpg.pagespeed.ic.1zWiD90wYr.webp
144.91.92.120200 OK 4.0 kB URL HTTP/1.1 144.91.92.120/images/xgoogle_logo.jpg.pagespeed.ic.1zWiD90wYr.webp
IP 144.91.92.120:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x118, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d735a20fdd3062b3dd9042c40dc7620f
f9daff557f2e44afdb026b96317d0f0c6d96bfba
985cd8351afea76fc2c958933e8d1e5c2c063fef6466712ba566b204f27ebd1c
Analyzer Verdict Alert fortinet Malware
GET /images/xgoogle_logo.jpg.pagespeed.ic.1zWiD90wYr.webp HTTP/1.1
Host: 144.91.92.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 4016
Connection: keep-alive
Keep-Alive: timeout=60
Link: <http://144.91.92.120/images/google_logo.jpg>; rel="canonical"
Server: nginx
Accept-Ranges: bytes
Date: Sat, 01 Oct 2022 02:15:49 GMT
Expires: Sun, 01 Oct 2023 02:15:49 GMT
Cache-Control: max-age=31536000
ETag: W/"0"
Last-Modified: Sat, 01 Oct 2022 02:15:49 GMT
X-Original-Content-Length: 25548
X-Page-Speed: 1.13.35.2-0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2601db85aa6894ea41f37fc0c1f2594a
afc9de950cf648d720a78467582b26346b8d53bc
3211c5c61098100152ea682c86ec84f3a80229b8d709e5cbe0022caba7dc9e24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
144.91.92.120/js/int.js?0.11030501844018215
144.91.92.120200 OK 1.8 kB URL HTTP/1.1 144.91.92.120/js/int.js?0.11030501844018215
IP 144.91.92.120:0
Hash 186c27a67141e5168dde77bca1a89327
8f15953018b2142f49c2a684cf8194e83325f329
477e07290263c50b4350a008abe39ab7ba462fa6ff84cdb4c79308911c2dfd13
GET /js/int.js?0.11030501844018215 HTTP/1.1
Host: 144.91.92.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Oct 2022 07:38:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 May 2022 20:19:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6284036c-1b76"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Content-Encoding: gzip
Cache-Control: max-age=315360000, s-maxage=10
144.91.92.120/images/kbd_flags.png?v2
144.91.92.120200 OK 590 B URL HTTP/1.1 144.91.92.120/images/kbd_flags.png?v2
IP 144.91.92.120:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x11, components 3\012- data
Hash 190ba5caaae97b08a0aa364124bb343e
30043ccab1df22191477cf10a5b0eccdae44c44a
7daf50414d445264612984614f3c804d9060d228a527253e03edd1b98dd790b3
Analyzer Verdict Alert fortinet Malware
GET /images/kbd_flags.png?v2 HTTP/1.1
Host: 144.91.92.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/css/jquery-ui.min.css+main.css.pagespeed.cc.HynnMKABtk.css
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/jpeg
Content-Length: 590
Connection: keep-alive
Keep-Alive: timeout=60
Accept-Ranges: bytes
X-Original-Content-Length: 992
ETag: W/"PSA-aj-GQulyqrpew"
Date: Sat, 01 Oct 2022 07:38:52 GMT
Expires: Tue, 28 Sep 2032 02:15:49 GMT
Cache-Control: max-age=315340616
144.91.92.120/images/search-16.png
144.91.92.120200 OK 257 B URL HTTP/1.1 144.91.92.120/images/search-16.png
IP 144.91.92.120:0
File type PNG image data, 15 x 16, 8-bit gray+alpha, non-interlaced\012- data
Hash 66deb19276c36c4d04ec951b1955da52
a9d694856c61e3228c54d6e7f136a7d278ee96c6
a021f25d734e957756a2fcc8718c21613d297c95e2e3cb30e3149122d901924e
GET /images/search-16.png HTTP/1.1
Host: 144.91.92.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/css/jquery-ui.min.css+main.css.pagespeed.cc.HynnMKABtk.css
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 257
Connection: keep-alive
Keep-Alive: timeout=60
Accept-Ranges: bytes
X-Original-Content-Length: 350
ETag: W/"PSA-aj-Zt6xknbDbE"
Date: Sat, 01 Oct 2022 07:38:52 GMT
Expires: Tue, 28 Sep 2032 02:15:49 GMT
Cache-Control: max-age=315340616
counter.top.ge/counter.js
188.93.95.16200 OK 1.0 kB URL HTTP/1.1 counter.top.ge/counter.js
IP 188.93.95.16:0
File type ASCII text, with very long lines (1014), with no line terminators
Hash 7f1b500fb93473c2b24c4af0566ada8b
5b227844f5eb94a91046e1c2eb334cc7f9c829f3
2c4abc2a37a4c88bd4eb226ba800512d5713d1190dba796e0c65c4c630390174
GET /counter.js HTTP/1.1
Host: counter.top.ge
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 200 OK
Server: nginx/1.10.2
Date: Sat, 01 Oct 2022 07:38:52 GMT
Content-Type: application/x-javascript
Content-Length: 1014
Last-Modified: Tue, 08 Feb 2022 16:34:35 GMT
Connection: keep-alive
ETag: "62029b9b-3f6"
Accept-Ranges: bytes
144.91.92.120/images/folder.png
144.91.92.120200 OK 134 B URL HTTP/1.1 144.91.92.120/images/folder.png
IP 144.91.92.120:0
File type PNG image data, 12 x 14, 4-bit colormap, non-interlaced\012- data
Hash 0475b68816a3dacd5d25915c28dfcad5
aa4a9445330b6d85a68af0f8d6b8f27ccbdcc24d
ae0fb959f0a4ce1a3ef30419f4d741d5ea53e72a385ae9b2526e3b0f4139624f
GET /images/folder.png HTTP/1.1
Host: 144.91.92.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 134
Connection: keep-alive
Keep-Alive: timeout=60
Accept-Ranges: bytes
X-Original-Content-Length: 995
ETag: W/"PSA-aj-BHW2iBaj2s"
Date: Sat, 01 Oct 2022 07:38:52 GMT
Expires: Tue, 28 Sep 2032 02:15:49 GMT
Cache-Control: max-age=315340616
144.91.92.120/images/youtube.png
144.91.92.120200 OK 4.5 kB URL HTTP/1.1 144.91.92.120/images/youtube.png
IP 144.91.92.120:0
File type PNG image data, 190 x 135, 8-bit/color RGBA, non-interlaced\012- data
Hash c3918832eefd46c560d1e87d5f2a560e
405ff2420ccb050e26cda5ea0d72646859384e24
5b5e10c6b76460c64631b9636d82dfd98b6a0108390872c5d137f234ad72b995
GET /images/youtube.png HTTP/1.1
Host: 144.91.92.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 4459
Connection: keep-alive
Keep-Alive: timeout=60
Accept-Ranges: bytes
X-Original-Content-Length: 4848
ETag: W/"PSA-aj-w5GIMu79Rs"
Date: Sat, 01 Oct 2022 07:38:52 GMT
Expires: Tue, 28 Sep 2032 02:15:49 GMT
Cache-Control: max-age=315340616
144.91.92.120/fonts/bpg_mrgvlovani_caps_2010.woff
144.91.92.120200 OK 46 kB URL HTTP/1.1 144.91.92.120/fonts/bpg_mrgvlovani_caps_2010.woff
IP 144.91.92.120:0
File type Web Open Font Format, TrueType, length 45632, version 1.2\012- data
Hash 47bc51bee2c4247875167624fa0acd03
31d26bb5a07127abd786b459ae1c6fe974a003ad
84e25604dc415496f1a9bc24f5b61edfa1b05be638280112b90bb7a0a8a0a557
Analyzer Verdict Alert fortinet Malware
GET /fonts/bpg_mrgvlovani_caps_2010.woff HTTP/1.1
Host: 144.91.92.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://144.91.92.120/css/jquery-ui.min.css+main.css.pagespeed.cc.HynnMKABtk.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Oct 2022 07:38:52 GMT
Content-Type: font/woff
Content-Length: 45632
Last-Modified: Sun, 13 Jun 2021 19:45:40 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "60c66064-b240"
Cache-Control: s-maxage=10
Accept-Ranges: bytes
144.91.92.120/images/facebook.png
144.91.92.120200 OK 8.8 kB URL HTTP/1.1 144.91.92.120/images/facebook.png
IP 144.91.92.120:0
File type PNG image data, 190 x 135, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a96b0ccda620e164c50b88c5038946a
b4f4cafe87aa68fbc3757cae26d6a0f6d675f346
58b513a952046d8968b9ddf3049cbbf0de7d730c6e57953cdc1d7077c20fed8f
GET /images/facebook.png HTTP/1.1
Host: 144.91.92.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 8840
Connection: keep-alive
Keep-Alive: timeout=60
Accept-Ranges: bytes
X-Original-Content-Length: 9216
ETag: W/"PSA-aj-apawzNpiDh"
Date: Sat, 01 Oct 2022 07:38:52 GMT
Expires: Tue, 28 Sep 2032 02:15:49 GMT
Cache-Control: max-age=315340616
144.91.92.120/images/add_icon.png?342344
144.91.92.120200 OK 132 B URL HTTP/1.1 144.91.92.120/images/add_icon.png?342344
IP 144.91.92.120:0
File type PNG image data, 62 x 62, 2-bit colormap, non-interlaced\012- data
Hash 326c4d17d2a18d22584e8d5eb0f8bc8e
031c9c4d1d5c3e9a0c7399217837deda02e05d0b
02a3ce7003742e0aa420d2cdd09a01b5246c27c18a9393a1cd9f6a0264d33d6e
Analyzer Verdict Alert fortinet Malware
GET /images/add_icon.png?342344 HTTP/1.1
Host: 144.91.92.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/css/jquery-ui.min.css+main.css.pagespeed.cc.HynnMKABtk.css
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 132
Connection: keep-alive
Keep-Alive: timeout=60
Accept-Ranges: bytes
X-Original-Content-Length: 233
ETag: W/"PSA-aj-MmxNF9KhjS"
Date: Sat, 01 Oct 2022 07:38:52 GMT
Expires: Tue, 28 Sep 2032 02:15:49 GMT
Cache-Control: max-age=315340616
144.91.92.120/images/instagram.png
144.91.92.120200 OK 13 kB URL HTTP/1.1 144.91.92.120/images/instagram.png
IP 144.91.92.120:0
File type PNG image data, 190 x 135, 8-bit/color RGBA, non-interlaced\012- data
Hash 3cb8b0cf21c88ea8e1c4271334966378
4ec6204ca726aff20f63f5e48df430c50d5f3e51
a247e9260b0db4a4daf02c0ad71f93d093ab0b8a07a43c6157d0979f7b311839
GET /images/instagram.png HTTP/1.1
Host: 144.91.92.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 12600
Connection: keep-alive
Keep-Alive: timeout=60
Accept-Ranges: bytes
X-Original-Content-Length: 14185
ETag: W/"PSA-aj-PLiwzyHIjq"
Date: Sat, 01 Oct 2022 07:38:52 GMT
Expires: Tue, 28 Sep 2032 02:15:49 GMT
Cache-Control: max-age=315340616
www.google.com/s2/favicons?domain=https://www.facebook.com
142.250.74.164301 Moved Permanently 337 B URL HTTP/1.1 www.google.com/s2/favicons?domain=https://www.facebook.com
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 8831d06b84e6f44784be3dd7f94c274f
f7ec3d5d6ef621c9cd066a3be3340d5594a90751
87c75a6f71b4b7b155033362c33737be8d4a93b5f5a2f9e915c132b76533d174
GET /s2/favicons?domain=https://www.facebook.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.facebook.com&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 337
X-XSS-Protection: 0
Date: Sat, 01 Oct 2022 07:19:21 GMT
Expires: Sat, 01 Oct 2022 07:49:21 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1171
www.google.com/s2/favicons?domain=https://imovs.net
142.250.74.164301 Moved Permanently 330 B URL HTTP/1.1 www.google.com/s2/favicons?domain=https://imovs.net
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 7985c4dbb62e1a56fbe9e35293b905b3
56603808816243faf2fdc6c2ce6c1b3bd98b2a52
f431c680543970d2584582fdc7011c3723a38e554c8948172a6cf990b0935a5a
GET /s2/favicons?domain=https://imovs.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 301 Moved Permanently
Location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://imovs.net&size=16
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 01 Oct 2022 07:38:52 GMT
Expires: Sat, 01 Oct 2022 08:08:52 GMT
Cache-Control: public, max-age=1800
Server: sffe
Content-Length: 330
X-XSS-Protection: 0
www.google.com/s2/favicons?domain=https://adjaranet.com
142.250.74.164301 Moved Permanently 334 B URL HTTP/1.1 www.google.com/s2/favicons?domain=https://adjaranet.com
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 5aec2d8ec4f42ff587da8537fb7147f9
47036bad9abdfaae189e0feae7a1916a7a2744c6
81b1379e6c10e5e61c7c19bdce08d8cd99fcff98059aba00034b780972b2c5b3
GET /s2/favicons?domain=https://adjaranet.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 301 Moved Permanently
Location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://adjaranet.com&size=16
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 01 Oct 2022 07:38:52 GMT
Expires: Sat, 01 Oct 2022 08:08:52 GMT
Cache-Control: public, max-age=1800
Server: sffe
Content-Length: 334
X-XSS-Protection: 0
www.google.com/s2/favicons?domain=https://www.youtube.com
142.250.74.164301 Moved Permanently 336 B URL HTTP/1.1 www.google.com/s2/favicons?domain=https://www.youtube.com
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d98e353f73240db9b4d4398c64f5def0
fb780d2729e392af84c176ad0e1654d83f028b4a
fa5b63e8e032988ff19ec3eb5e2596daabe83c1e2c967bcf6fac96963abc3ed7
GET /s2/favicons?domain=https://www.youtube.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.youtube.com&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 336
X-XSS-Protection: 0
Date: Sat, 01 Oct 2022 07:17:59 GMT
Expires: Sat, 01 Oct 2022 07:47:59 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1253
www.google.com/s2/favicons?domain=https://movie.ge
142.250.74.164301 Moved Permanently 329 B URL HTTP/1.1 www.google.com/s2/favicons?domain=https://movie.ge
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 2b769fee6546f42140ee414275a83eee
eb6e1fe3b2eefc58559268b52b009a5bffc345aa
a3565e70c03af98dbad49f38d925c9e5fc99c300ab43c92cc1e9d38da49fa74e
GET /s2/favicons?domain=https://movie.ge HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://movie.ge&size=16
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 01 Oct 2022 07:38:52 GMT
Expires: Sat, 01 Oct 2022 08:08:52 GMT
Cache-Control: public, max-age=1800
Server: sffe
Content-Length: 329
X-XSS-Protection: 0
www.google.com/s2/favicons?domain=https://www.instagram.com
142.250.74.164301 Moved Permanently 338 B URL HTTP/1.1 www.google.com/s2/favicons?domain=https://www.instagram.com
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ff31187888c2b3d5ec64eec69ba576a6
136d53a8a8b1e7b14eea64999062c2df4431db12
e409e260c2c128cebd3a5e88c46f7052fa2f8465d6eb669cd9ba2ce9f91d01f4
GET /s2/favicons?domain=https://www.instagram.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 301 Moved Permanently
Location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.instagram.com&size=16
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 01 Oct 2022 07:38:52 GMT
Expires: Sat, 01 Oct 2022 08:08:52 GMT
Cache-Control: public, max-age=1800
Server: sffe
Content-Length: 338
X-XSS-Protection: 0
www.google.com/s2/favicons?domain=https://www.imovies.cc/ka
142.250.74.164301 Moved Permanently 338 B URL HTTP/1.1 www.google.com/s2/favicons?domain=https://www.imovies.cc/ka
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash f996a70a8bf9c4a708ab1e1eea4f8efb
babd9dcc596ab5b9727fbb5441a91c7788faa132
cb2fbab55c94ae721ba28b004f8f03fc8b53139ea54f2138d95fd020f02ee8c0
GET /s2/favicons?domain=https://www.imovies.cc/ka HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 301 Moved Permanently
Location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.imovies.cc/ka&size=16
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 01 Oct 2022 07:38:52 GMT
Expires: Sat, 01 Oct 2022 08:08:52 GMT
Cache-Control: public, max-age=1800
Server: sffe
Content-Length: 338
X-XSS-Protection: 0
144.91.92.120/xfavicon.ico.pagespeed.ic.nRTaPF8-ib.png
144.91.92.120200 OK 207 B URL HTTP/1.1 144.91.92.120/xfavicon.ico.pagespeed.ic.nRTaPF8-ib.png
IP 144.91.92.120:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 9d14da3c5f3e89b7f09c371dd89ac381
296994daa11b10cad1118a9d086c0b2541c6c990
afca6ea935189c7b91a5b0ffa297f844226c16875c5b8af7e02f72a6ee790d3e
GET /xfavicon.ico.pagespeed.ic.nRTaPF8-ib.png HTTP/1.1
Host: 144.91.92.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://144.91.92.120/
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 207
Connection: keep-alive
Keep-Alive: timeout=60
Link: <http://144.91.92.120/favicon.ico>; rel="canonical"
Server: nginx
Accept-Ranges: bytes
Date: Fri, 30 Sep 2022 20:14:00 GMT
Expires: Sat, 30 Sep 2023 20:14:00 GMT
Cache-Control: max-age=31536000
ETag: W/"0"
Last-Modified: Fri, 30 Sep 2022 20:14:00 GMT
X-Original-Content-Length: 263
X-Page-Speed: 1.13.35.2-0
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://144.91.92.120/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sat, 01 Oct 2022 06:41:09 GMT
expires: Sat, 01 Oct 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 3463
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7e9ce4f67540be7dc1efdf5cec1ea9d7
a34d70d3a259c0042b32053db9b84340fda551f3
30986769ce7f866e0f8e9c4733512ad9b83acb983663b0d9ef49bd0871e9cfb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a342dc87da447524185a412785fd28e6
bbc7bfb8d9921d075db34aff0177a0f64150e67d
ad4b2580384bcfa9b6bb666a927225cf5af5a844e0e0a092578105eb12b87ff6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5357
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:52 GMT
Last-Modified: Sat, 01 Oct 2022 06:09:35 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c184c0da0cb30aefdffdebd2c3e1d6b
8ea3ae2ed88415042045f34ba9b7a305778ce2c9
bda331ac700099a2f25e501b56cf26dfef1624117080495cd2a4a4af54b129f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDA331AC700099A2F25E501B56CF26DFEF1624117080495CD2A4A4AF54B129F9"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5037
Expires: Sat, 01 Oct 2022 09:02:49 GMT
Date: Sat, 01 Oct 2022 07:38:52 GMT
Connection: keep-alive
www.google-analytics.com/j/collect?v=1&_v=j97&a=994456668&t=pageview&_s=1&dl=http%3A%2F%2F144.91.92.120%2F&ul=en-us&de=UTF-8&dt=New%20Tab!&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=603868398&gjid=1388210079&cid=1683968043.1664609929&tid=UA-65718528-12&_gid=492510090.1664609929&_r=1>m=2ou9s0&z=1008813801
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=994456668&t=pageview&_s=1&dl=http%3A%2F%2F144.91.92.120%2F&ul=en-us&de=UTF-8&dt=New%20Tab!&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=603868398&gjid=1388210079&cid=1683968043.1664609929&tid=UA-65718528-12&_gid=492510090.1664609929&_r=1>m=2ou9s0&z=1008813801
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j97&a=994456668&t=pageview&_s=1&dl=http%3A%2F%2F144.91.92.120%2F&ul=en-us&de=UTF-8&dt=New%20Tab!&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=603868398&gjid=1388210079&cid=1683968043.1664609929&tid=UA-65718528-12&_gid=492510090.1664609929&_r=1>m=2ou9s0&z=1008813801 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://144.91.92.120
Connection: keep-alive
Referer: http://144.91.92.120/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://144.91.92.120
date: Sat, 01 Oct 2022 07:38:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1005926373298745
216.58.207.194200 OK 54 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1005926373298745
IP 216.58.207.194:0
File type ASCII text, with very long lines (2910)
Hash 65575060d636ae060a80c345621a08b1
ada55b70a240985bbf99fbc14378fb6848ea2793
93fd1890ee0ec220c5b079246085bfddd100dfeb519839b448f8b0fb3ed19f9a
GET /pagead/js/adsbygoogle.js?client=ca-pub-1005926373298745 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://144.91.92.120
Connection: keep-alive
Referer: http://144.91.92.120/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Sat, 01 Oct 2022 07:38:52 GMT
expires: Sat, 01 Oct 2022 07:38:52 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 5620305297065926357
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 54353
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.221.16200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://144.91.92.120/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: kspYh4rl1I1xoXdCRAxPLFij437NwZRJZW6d9qauZOcneCoBnF4FelBS1Ayz6pbZdY0U0lxjRxyp1fVGq95ehA==
content-length: 26840
x-fb-trip-id: 1679558926
date: Sat, 01 Oct 2022 07:38:52 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51e8be01fe1e4cf7fbec97f2268fe684
25edd63df37f972dbdd8d149b26c4be60179d32b
d364b01cf59a8eafc6ed2e79eab3c22b7daa341240a5dcbd272b8b48d530aeee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.instagram.com&size=16
142.250.74.36200 OK 689 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.instagram.com&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash d7706791b1d47e1f2b56fe2f7c252194
00fa95e056529db7c0c1d01e7d3321e2bb30c82d
28e2e39136bf900d03112c7151854c0f359386dc89d1a347347ac85592acaad0
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.instagram.com&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://144.91.92.120/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://www.instagram.com/static/images/ico/apple-touch-icon-76x76-precomposed.png/666282be8229.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 689
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 06:51:34 GMT
expires: Mon, 03 Oct 2022 06:51:34 GMT
cache-control: public, max-age=604800
last-modified: Sun, 03 Nov 2019 06:00:55 GMT
content-type: image/png
age: 434838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51e8be01fe1e4cf7fbec97f2268fe684
25edd63df37f972dbdd8d149b26c4be60179d32b
d364b01cf59a8eafc6ed2e79eab3c22b7daa341240a5dcbd272b8b48d530aeee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51e8be01fe1e4cf7fbec97f2268fe684
25edd63df37f972dbdd8d149b26c4be60179d32b
d364b01cf59a8eafc6ed2e79eab3c22b7daa341240a5dcbd272b8b48d530aeee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://adjaranet.com&size=16
142.250.74.36200 OK 582 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://adjaranet.com&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 94f523d78ff8b84dc0fe48ff9883d243
cd63fc8124dc9ae1ec360908b9de563b74378df9
f1d18901663003e22eb529c122b9a7938c974d1c676459fd7179d25bd66126e0
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://adjaranet.com&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://144.91.92.120/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://www.adjaranet.com/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 582
date: Sat, 01 Oct 2022 07:38:52 GMT
expires: Sat, 08 Oct 2022 07:38:52 GMT
cache-control: public, max-age=604800
last-modified: Mon, 07 Oct 2019 09:18:28 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51e8be01fe1e4cf7fbec97f2268fe684
25edd63df37f972dbdd8d149b26c4be60179d32b
d364b01cf59a8eafc6ed2e79eab3c22b7daa341240a5dcbd272b8b48d530aeee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.imovies.cc/ka&size=16
216.58.211.4200 OK 280 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.imovies.cc/ka&size=16
IP 216.58.211.4:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 2a1baa6fd152c0ffa3361c65de2d9cee
3bd9ff0ad5ed9157b2813107c1cd5d55e0fbde55
2f8c5b7d33d7f0fb53d57df469c730652614c16f60f580dfee4534e622dd4807
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.imovies.cc/ka&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://144.91.92.120/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://www.imovies.cc/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 280
date: Sat, 01 Oct 2022 07:38:52 GMT
expires: Sat, 08 Oct 2022 07:38:52 GMT
cache-control: public, max-age=604800
last-modified: Fri, 27 Sep 2019 23:44:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
13.224.103.49200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 13.224.103.49:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sat, 01 Oct 2022 07:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sat, 01 Oct 2022 08:24:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: m53zXi8aWpPYZxV0lCJODFAnDoRaug8_O7zoH8ve6FI-olkiI4zfMg==
Age: 559
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51e8be01fe1e4cf7fbec97f2268fe684
25edd63df37f972dbdd8d149b26c4be60179d32b
d364b01cf59a8eafc6ed2e79eab3c22b7daa341240a5dcbd272b8b48d530aeee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://movie.ge&size=16
142.250.74.36200 OK 330 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://movie.ge&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash fd52820bdc1f3a96b2f9742c561296ad
c4ca0b8cbb1608dec23fbc046b3715622fcc36fa
6e2ac15f9bd0b70157eb5fd3ad966daa98697875d979dec822934384d114b80e
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://movie.ge&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://144.91.92.120/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://ge.movie/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 330
date: Sat, 01 Oct 2022 07:38:52 GMT
expires: Sat, 08 Oct 2022 07:38:52 GMT
cache-control: public, max-age=604800
last-modified: Sat, 03 Sep 2022 20:30:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7e9ce4f67540be7dc1efdf5cec1ea9d7
a34d70d3a259c0042b32053db9b84340fda551f3
30986769ce7f866e0f8e9c4733512ad9b83acb983663b0d9ef49bd0871e9cfb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.facebook.com&size=16
142.250.74.36200 OK 404 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.facebook.com&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash fab462d133a52f83d568e5d45409225a
9383db570dd96e2120e2fa30bca54faf99f9493e
e4262072fd2e9ad103d4d43be4334ffcad014d799a9eb97aeaa14d266b656adf
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.facebook.com&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://144.91.92.120/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://static.xx.fbcdn.net/rsrc.php/yb/r/hLRJ1GG_y0J.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:01:22 GMT
expires: Wed, 05 Oct 2022 19:01:22 GMT
cache-control: public, max-age=604800
age: 218250
last-modified: Fri, 09 Apr 2021 14:01:44 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.youtube.com&size=16
142.250.74.36200 OK 194 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.youtube.com&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash bbbf6e110220a3c6df876b1e8f4fa6c6
10b88a5bf6b66c9f95b968e418ac4fc5f6c9fef2
77dffb0e16e7fde183797aca1ff01453ddc20979eef46caaa1f0eeb9b4a0e979
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.youtube.com&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://144.91.92.120/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://ssl.gstatic.com/images/branding/product/2x/youtube_64dp.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 194
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 15:45:22 GMT
expires: Tue, 04 Oct 2022 15:45:22 GMT
cache-control: public, max-age=604800
age: 316410
last-modified: Tue, 04 May 2021 09:35:06 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://imovs.net&size=16
142.250.74.132200 OK 203 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://imovs.net&size=16
IP 142.250.74.132:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 94d0a95ef01e3182895255858447c51f
9e552a65dd9b898dea40b3a57f37a707dbf44a20
cb9092376b91f827d776f696559e8e9ca71c4fd67045a74033ecbddfab76d167
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://imovs.net&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://144.91.92.120/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://www.imovs.net/templates/imovs-new/images/favicon.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 203
date: Sat, 01 Oct 2022 07:38:52 GMT
expires: Sat, 08 Oct 2022 07:38:52 GMT
cache-control: public, max-age=604800
last-modified: Wed, 13 Oct 2021 06:56:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a342dc87da447524185a412785fd28e6
bbc7bfb8d9921d075db34aff0177a0f64150e67d
ad4b2580384bcfa9b6bb666a927225cf5af5a844e0e0a092578105eb12b87ff6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5357
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:52 GMT
Last-Modified: Sat, 01 Oct 2022 06:09:35 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51e8be01fe1e4cf7fbec97f2268fe684
25edd63df37f972dbdd8d149b26c4be60179d32b
d364b01cf59a8eafc6ed2e79eab3c22b7daa341240a5dcbd272b8b48d530aeee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-65718528-12&cid=1683968043.1664609929&jid=603868398&gjid=1388210079&_gid=492510090.1664609929&_u=YEBAAUAAAAAAAC~&z=655975685
64.233.165.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-65718528-12&cid=1683968043.1664609929&jid=603868398&gjid=1388210079&_gid=492510090.1664609929&_u=YEBAAUAAAAAAAC~&z=655975685
IP 64.233.165.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-65718528-12&cid=1683968043.1664609929&jid=603868398&gjid=1388210079&_gid=492510090.1664609929&_u=YEBAAUAAAAAAAC~&z=655975685 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://144.91.92.120
Connection: keep-alive
Referer: http://144.91.92.120/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://144.91.92.120
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 01 Oct 2022 07:38:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51e8be01fe1e4cf7fbec97f2268fe684
25edd63df37f972dbdd8d149b26c4be60179d32b
d364b01cf59a8eafc6ed2e79eab3c22b7daa341240a5dcbd272b8b48d530aeee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d1be374a29f94481ff2c021e35f4eaa0
e05e92d94b5e434e9935e560fd8dc33bdc393aea
37a5132d2183f5c3bfaac5c89df691fea72cac4423110df88bdeb231f430deee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4675
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:52 GMT
Last-Modified: Sat, 01 Oct 2022 06:20:58 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
216.58.211.2200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
IP 216.58.211.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220928/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://144.91.92.120/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Fri, 30 Sep 2022 23:24:33 GMT
expires: Fri, 14 Oct 2022 23:24:33 GMT
cache-control: public, max-age=1209600
age: 29659
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 102339c27bf38fcad96c5e3770390f7e
5659e8cdb740d70125a002f4808b26742133df7b
50702b9a98cf450498c52ad4887ed4e3f8a994f6bd25b6ff17c27d5af63b5e65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 13447c24eb9845d6e3463ef34828eb7c
658985ed382874269a9011a9216371e3b0b31448
3c31e91637b1337b450f85d0bb296d0554498b00df38a983151ae8d63c03b66b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-65718528-12&cid=1683968043.1664609929&jid=603868398&_u=YEBAAUAAAAAAAC~&z=613418285
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-65718528-12&cid=1683968043.1664609929&jid=603868398&_u=YEBAAUAAAAAAAC~&z=613418285
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-65718528-12&cid=1683968043.1664609929&jid=603868398&_u=YEBAAUAAAAAAAC~&z=613418285 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://144.91.92.120/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 01 Oct 2022 07:38:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 13447c24eb9845d6e3463ef34828eb7c
658985ed382874269a9011a9216371e3b0b31448
3c31e91637b1337b450f85d0bb296d0554498b00df38a983151ae8d63c03b66b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9258de3968ca063250558ee06c75757b
56415f416ce29130b0a0b6fc919e2cdc0fd4d693
2474d99b3d10370e1efad3804a6f32452287e6b8e24d8254c69e8619a62624d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=488912914828613&ev=PageView&dl=http%3A%2F%2F144.91.92.120%2F&rl=&if=false&ts=1664609929722&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.3.1664609929721.1428499599&it=1664609929411&coo=false&rqm=GET
157.240.221.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=488912914828613&ev=PageView&dl=http%3A%2F%2F144.91.92.120%2F&rl=&if=false&ts=1664609929722&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.3.1664609929721.1428499599&it=1664609929411&coo=false&rqm=GET
IP 157.240.221.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=488912914828613&ev=PageView&dl=http%3A%2F%2F144.91.92.120%2F&rl=&if=false&ts=1664609929722&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.3.1664609929721.1428499599&it=1664609929411&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://144.91.92.120/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sat, 01 Oct 2022 07:38:53 GMT
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.161.6.128101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.6.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qNc7OB0GQYT6M7hFeCmtrw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jZk+v2W70z0c81LUSTfcmP8nI/U=
counter.top.ge/cgi-bin/count?ID:21266+JS:11+RAND:6733.9181892726865+ISFRM:0+REFERER:+RESOLUTION:1280x1024+DEPT:24
188.93.95.16200 OK 473 B URL HTTP/2 counter.top.ge/cgi-bin/count?ID:21266+JS:11+RAND:6733.9181892726865+ISFRM:0+REFERER:+RESOLUTION:1280x1024+DEPT:24
IP 188.93.95.16:0
Hash 52b54119e466f24e3adc4c50548f732b
ac72b76594e34359f3ad2e541a9e271cc7a0bcd4
529e4130c51d68f0f68297b90665b5e39c11e3ee22349c657b77b0a552b09af3
GET /cgi-bin/count?ID:21266+JS:11+RAND:6733.9181892726865+ISFRM:0+REFERER:+RESOLUTION:1280x1024+DEPT:24 HTTP/1.1
Host: counter.top.ge
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://144.91.92.120/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.10.2
date: Sat, 01 Oct 2022 07:38:52 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8b2ebe5588f5981552dc3c9256e11198
dda7ae5ffdc9a9c00521dfc456f3f56012a4235c
aedcfbffd37c69ffa121500aa2ad480a637a34a9d5a52949e77d41d16f3055fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=144.91.92.120
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=144.91.92.120
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=144.91.92.120 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://144.91.92.120/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 01 Oct 2022 07:38:53 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=144.91.92.120&callback=_gfp_s_&client=ca-pub-1005926373298745
172.217.21.162200 OK 198 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=144.91.92.120&callback=_gfp_s_&client=ca-pub-1005926373298745
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash fb39025cd82186648f0ffffae83963bc
efa313107bdd5f2014f050127ee3bee81d4a52d4
54449a8b54b3395450b5c734a54d90a86f69916e05aff169539c6b8837949bcf
GET /gampad/cookie.js?domain=144.91.92.120&callback=_gfp_s_&client=ca-pub-1005926373298745 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://144.91.92.120/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 01 Oct 2022 07:38:53 GMT
server: cafe
cache-control: private
content-length: 198
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=144.91.92.120
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=144.91.92.120
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=144.91.92.120 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://144.91.92.120/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 01 Oct 2022 07:38:53 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8b2ebe5588f5981552dc3c9256e11198
dda7ae5ffdc9a9c00521dfc456f3f56012a4235c
aedcfbffd37c69ffa121500aa2ad480a637a34a9d5a52949e77d41d16f3055fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env
216.58.207.194200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env
IP 216.58.207.194:0
File type JSON data\012- , ASCII text, with very long lines (14686), with no line terminators
Hash 90b31b0be68a9e08232b268c111099c4
bb63dad95e7e847ef3179361b691f8a6c4afdc42
8beccc0f695d35aac94913deaa364543ac97fd3481144827072a3451390452e5
GET /getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://144.91.92.120
Connection: keep-alive
Referer: http://144.91.92.120/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 01 Oct 2022 07:38:53 GMT
server: cafe
cache-control: private
content-length: 11150
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
144.91.92.120/ngx_pagespeed_beacon?url=http%3A%2F%2F144.91.92.120%2F
144.91.92.120204 No Content 0 B URL HTTP/1.1 144.91.92.120/ngx_pagespeed_beacon?url=http%3A%2F%2F144.91.92.120%2F
IP 144.91.92.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
POST /ngx_pagespeed_beacon?url=http%3A%2F%2F144.91.92.120%2F HTTP/1.1
Host: 144.91.92.120
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 41
Origin: http://144.91.92.120
Connection: keep-alive
Referer: http://144.91.92.120/
Cookie: _ga=GA1.1.1683968043.1664609929; _gid=GA1.1.492510090.1664609929; _gat_gtag_UA_65718528_12=1; _fbp=fb.3.1664609929721.1428499599
HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 01 Oct 2022 07:38:53 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Cache-Control: max-age=0, no-cache
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d0b079aa9654be7e1de15f09c0232003
37d75c7001981b9c4f61a5061b10c0b395251448
b8125cf432beb5826a1179c347a05ee08b045422531991a2ab474e6b67a2dc84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 07:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://144.91.92.120/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 01 Oct 2022 07:38:53 GMT
expires: Sat, 01 Oct 2022 07:38:53 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://144.91.92.120/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 13:42:03 GMT
expires: Mon, 25 Sep 2023 13:42:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 496610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4775
Expires: Sat, 01 Oct 2022 08:58:29 GMT
Date: Sat, 01 Oct 2022 07:38:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4775
Expires: Sat, 01 Oct 2022 08:58:29 GMT
Date: Sat, 01 Oct 2022 07:38:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4775
Expires: Sat, 01 Oct 2022 08:58:29 GMT
Date: Sat, 01 Oct 2022 07:38:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4775
Expires: Sat, 01 Oct 2022 08:58:29 GMT
Date: Sat, 01 Oct 2022 07:38:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb90508fe-e6b6-4ad0-9afc-67b46e4d0aa4.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb90508fe-e6b6-4ad0-9afc-67b46e4d0aa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c475b8cc11fdaabbda170c6605d1391
7eea9aa04c5a72c417a580ca45341a0b5adc72cf
888de88ddad429a0bdb565b1f069dab4bea55a3b8a662c4efd9b75fd261dee3b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb90508fe-e6b6-4ad0-9afc-67b46e4d0aa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8734
x-amzn-requestid: 7a2713f7-e16b-4952-8e2f-76022bbbd7a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSzHfH3toAMFijw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376562-27b598460ce2f319598fdd72;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:53:38 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -aqIjL70ocOyhaZ8nQJUmCfDLBN0kkmTm2vY_xtwEsWZKi3DxHR8HQ==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:19:07 GMT
age: 33587
etag: "7eea9aa04c5a72c417a580ca45341a0b5adc72cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: f0791b53-3c5f-4d94-954d-992a529ebb60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPnunF35oAMFYbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63361ff6-2adb303349153ced73ccecf6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 22:45:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: F3fk5JnJ9ZFNPan-8DuLb4kuTiYKfniBar3qNlsuqd8a0saW3sEGvQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 04:41:31 GMT
age: 10643
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4016c3a3-ed7e-49cf-acd4-11c1b189820c.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4016c3a3-ed7e-49cf-acd4-11c1b189820c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c5506beef1fefd03247b133abe705df0
1e6d597d8bb40709da013b8438e2f4b0f9af2672
11ca041965f95a6f83eff3cec5c7d070a3f6be6c9b3210abe7c94c9270c9dc1b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4016c3a3-ed7e-49cf-acd4-11c1b189820c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7059
x-amzn-requestid: e49c2591-9865-4492-9606-91a31b209b96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZQxTuESAIAMF4rw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633695b1-74af94b622f421880fcf9938;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 07:07:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: yQb5GSZT1NABosGTV3uz_K8wDyOy5ELejEIY2VzR3slfz_jFvTHICg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 06:25:34 GMT
age: 4400
etag: "1e6d597d8bb40709da013b8438e2f4b0f9af2672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc003298b-5703-480c-8a4c-fffa9abe5028.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc003298b-5703-480c-8a4c-fffa9abe5028.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9466667cfaaedbb374259e8fb8dd63e3
0cd9a66508c343b43b095ac7f550919ec35097d3
bb70996bea518ba4ddc2c269e9a7c9bea3a9c91fed124a29570828b89250764c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc003298b-5703-480c-8a4c-fffa9abe5028.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8091
x-amzn-requestid: 78ccaa77-230e-4aa1-a409-7b2a444df9ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLDF_OIAMFpdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-0384396f2ed848bc1c17e1b7;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G75a-PITD4Wmlxxk_rrpRWNytSGNZlrL_JeoR4A_w6vshDkmRlouPw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:52:58 GMT
age: 35156
etag: "0cd9a66508c343b43b095ac7f550919ec35097d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae73d97-d8e4-4f93-bf30-c175fc72b008.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae73d97-d8e4-4f93-bf30-c175fc72b008.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4be456dbe857580c7b4c7fca3936e04e
49798c4a15545a49f3870b2a16af78dbf8e168cc
23e42987d5e9939424d5f4e4fe0c38faf20a221732097927dd4a656199d9d315
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae73d97-d8e4-4f93-bf30-c175fc72b008.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10201
x-amzn-requestid: 62562627-78a8-4c17-bf6c-b2c986b9ee8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLCFH3IAMFoFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-69637d745165485171ca73b9;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9wh9cCXRRlyQy8kXzSCNzMQSmac9iwgkRBrgyTtaMr6m2vXPRxVogg==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:55:26 GMT
etag: "49798c4a15545a49f3870b2a16af78dbf8e168cc"
content-type: image/jpeg
age: 35008
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b0d9d19-67ea-434c-8233-4ac3ec9e78e7.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b0d9d19-67ea-434c-8233-4ac3ec9e78e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 21e55a6ca7350ed834993a486e138de1
c09ee0f2be578f0067b2ed0237d565a04438147e
124ca8ae6e3f7c7bb28f0d47fa693753884261ed61896eccf7bc13f249fc8960
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b0d9d19-67ea-434c-8233-4ac3ec9e78e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6959
x-amzn-requestid: eaf91f33-2fe3-4ed5-b89c-6199c2f17651
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLCF6toAMFSDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-3b8c7f290ffda97b2d179433;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qAOX_0r1sA_Bzn-UjQXmLObAYDyjiTU45aNSOPFt8ucUOyKfrw5ieg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:52:59 GMT
age: 35155
etag: "c09ee0f2be578f0067b2ed0237d565a04438147e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
analytics.oho.ge/js/script.js
104.21.42.53404 Not Found 0 B URL HTTP/2 analytics.oho.ge/js/script.js
IP 104.21.42.53:0
GET /js/script.js HTTP/1.1
Host: analytics.oho.ge
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://144.91.92.120/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 01 Oct 2022 07:38:52 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gl4Et54NpkwiORRY3H2z7Gk3PM3S25qZc1xgwakWSywtDwjfOrgh7oVPYqCCrMnfKcbeyz3qY5eSg8WiwXTCl522AoknsQRy4H9eAaofvFtiRiSwIRsQ52yApPeP5KaxR2hN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75338a8ca950b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2