clck.ru/33N9tq?776Uyf
213.180.204.221302 Moved temporarily 0 B IP 213.180.204.221:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /33N9tq?776Uyf HTTP/1.1
Host: clck.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved temporarily
Content-Length: 0
Location: https://clck.ru/33N9tq?776Uyf
Set-Cookie: _yasc=hWRgkpSPZoEos4HrP1Q03pil07Ft8rRwzucuZbeQo/4vFW15FnmXVCbX3eW5; domain=.clck.ru; path=/; expires=Sun, 30-Jan-2033 02:23:05 GMT; secure
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9279
Expires: Thu, 02 Feb 2023 04:57:44 GMT
Date: Thu, 02 Feb 2023 02:23:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2620
Expires: Thu, 02 Feb 2023 03:06:45 GMT
Date: Thu, 02 Feb 2023 02:23:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 01:36:02 GMT
content-type: application/json
age: 2823
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5834
Expires: Thu, 02 Feb 2023 04:00:19 GMT
Date: Thu, 02 Feb 2023 02:23:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ErlmOBSa4KvmMVaayns1GW359NQM/er3sN8uDuzX5YPuLzrg7j0Vhi6haG9BM/+BH4L6s6L+keU=
x-amz-request-id: A05MSDXKY3K2ZNTW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 01:51:47 GMT
age: 1878
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:23:05 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 8872c5bb1c49f637ad1eb5dafacf4ed6
13a81635fe6814ffa7810bbf97c560be893bd95a
f97905e2ccf7f7c1d872619914c864192c146a35824f601b5d79ef9d4e964e15
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:23:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:38:25 GMT
ETag: "13a81635fe6814ffa7810bbf97c560be893bd95a"
Last-Modified: Thu, 02 Feb 2023 00:38:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f767d69f31c12-OSL
clck.ru/33N9tq?776Uyf
213.180.204.221302 FOUND 530 B IP 213.180.204.221:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (420)
Hash 6d7c26df674eb7aea8a38b6492f4d0b2
57b31ebd1853a8cd9b5e3c72794e607c8850efb6
5fabf8fd3e4b74225d15e8bd914ea7f0ff48c82226d2660b024add65a54c1c24
GET /33N9tq?776Uyf HTTP/1.1
Host: clck.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 FOUND
Access-Control-Allow-Origin: *
Content-Length: 530
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Feb 2023 02:23:06 GMT
Location: https://sba.yandex.net/redirect?url=https%3A%2F%2Ftrack.zexy.me%2Fclick%3Fcampaign_id%3D11%26aff_id%3D42&client=clck&sign=fac0d8c32cccc1eb69990018a4d0f7fe
Set-Cookie: _yasc=krHlq2kBzJfVsIcgm4vyqS5fy5iejLQ+ft8hYSMetFndRLtlS7yZrDQZTkk=; domain=.clck.ru; path=/; expires=Sun, 30-Jan-2033 02:23:06 GMT; secure
Strict-Transport-Security: max-age=31536000
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 01:41:43 GMT
age: 2483
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 2e53e193c192ef1db923cf6bac259079
d393e53cc74435a172a5fa2f632b9bc5803a42a2
dd7fb28bc75545b2200945b3c1566ab573f07155a3b1f665f6efcb589d26e2ba
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:23:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:51:19 GMT
ETag: "d393e53cc74435a172a5fa2f632b9bc5803a42a2"
Last-Modified: Thu, 02 Feb 2023 00:51:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2797
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f76800ad81c12-OSL
sba.yandex.net/redirect?url=https%3A%2F%2Ftrack.zexy.me%2Fclick%3Fcampaign_id%3D11%26aff_id%3D42&client=clck&sign=fac0d8c32cccc1eb69990018a4d0f7fe
213.180.193.232302 FOUND 318 B URL HTTP/1.1 sba.yandex.net/redirect?url=https%3A%2F%2Ftrack.zexy.me%2Fclick%3Fcampaign_id%3D11%26aff_id%3D42&client=clck&sign=fac0d8c32cccc1eb69990018a4d0f7fe
IP 213.180.193.232:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d19745ac24fa51c1bce659e8dbc1f0f4
6bb2c63732bd758cbea55a9e34f503d67ce10a09
c4570da8702a2c64b5a58dd03fbf34568cce18d8abe0e410181d6e7a9d22cc56
GET /redirect?url=https%3A%2F%2Ftrack.zexy.me%2Fclick%3Fcampaign_id%3D11%26aff_id%3D42&client=clck&sign=fac0d8c32cccc1eb69990018a4d0f7fe HTTP/1.1
Host: sba.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 FOUND
Content-Length: 318
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Feb 2023 02:23:06 GMT
Location: https://track.zexy.me/click?campaign_id=11&aff_id=42
Strict-Transport-Security: max-age=3600; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9940
Expires: Thu, 02 Feb 2023 05:08:46 GMT
Date: Thu, 02 Feb 2023 02:23:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4ef3d7bff2c217e05ec63b1f70b2d0a5
147f4e550926eada50d39ea485191853cfb56825
c60ce7b63bf4e05b02f7d2bfc42113e8f473c2ad0fa06ee153c4f078e9b4176c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C60CE7B63BF4E05B02F7D2BFC42113E8F473C2AD0FA06EE153C4F078E9B4176C"
Last-Modified: Tue, 31 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21580
Expires: Thu, 02 Feb 2023 08:22:46 GMT
Date: Thu, 02 Feb 2023 02:23:06 GMT
Connection: keep-alive
track.zexy.me/click?campaign_id=11&aff_id=42
34.243.121.54302 Found 0 B URL HTTP/2 track.zexy.me/click?campaign_id=11&aff_id=42
IP 34.243.121.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?campaign_id=11&aff_id=42 HTTP/1.1
Host: track.zexy.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 02 Feb 2023 02:23:06 GMT
content-type: text/plain; charset=utf-8
content-length: 0
location: https://begegig.hornydats.com/s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.164.243.166101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.243.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4MRK02pRfeFuw2ccijCFlQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Zwd9jsUp7fPvWs76qsqSmiuxpsQ=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2a038af52e7a94c9aecb324d1779dad9
fa484e2321a5c0b9941804e839bdccae0a8883de
dc8f7ef88d78f532854bd5a2d81f9e7ab983e8d86c7bf9db79ef26cfce61eae0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC8F7EF88D78F532854BD5A2D81F9E7AB983E8D86C7BF9DB79EF26CFCE61EAE0"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 02 Feb 2023 08:23:07 GMT
Date: Thu, 02 Feb 2023 02:23:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3625
Expires: Thu, 02 Feb 2023 03:23:32 GMT
Date: Thu, 02 Feb 2023 02:23:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3625
Expires: Thu, 02 Feb 2023 03:23:32 GMT
Date: Thu, 02 Feb 2023 02:23:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3625
Expires: Thu, 02 Feb 2023 03:23:32 GMT
Date: Thu, 02 Feb 2023 02:23:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ybz4mmNUwsKOkpz6GFm4nLz7iGX5gJ--EiUjqrs8G92GBLn6qaF7IQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:51 GMT
age: 15916
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41c44051cc3b4c69924df66048e7566b
5c6a12595c3f6005fec4baa84b16575951e72178
72dff70bcb417c088aba013a486e1dbabe099b40fb718a283f1ba220b142b848
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: 1b3ef150-9b12-4b8b-94e6-0d6debbd24ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTDFmPoAMF-UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-0fea883b0ce1a1b933dc2be8;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qON7fRZ1XPCkl7ldiGagd0UcPynLKMzysXr8LZSRvS1ily9cN5w_wA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:22:55 GMT
age: 14412
etag: "5c6a12595c3f6005fec4baa84b16575951e72178"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6790e3bf4d10b1ffba32a22dc588c640
cdae35517dfea800134393a1095f44462bc428a5
4f4132588ee7337fff24da64b89e43b277c4ef0a2646acfba37aea08fc0f4256
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9416
x-amzn-requestid: acc48967-4cc1-4bfd-bc33-7bcefd8e6547
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGjqIAMFa2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-1d1cd4de0a30760e792d32e5;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: byLFLKpRZa_blxNi2wh_ft4Ule-zNiZtSih_Quv-9BgKS87Y-wJlTA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:40 GMT
age: 15747
etag: "cdae35517dfea800134393a1095f44462bc428a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 14489
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23ac16a6-b0c6-4c81-9bd1-78ee332bf49a.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23ac16a6-b0c6-4c81-9bd1-78ee332bf49a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ceb09fa3caa0fcda4a6314141e2d019
d08f43956f6859e4c2385231bb5506262257445f
a2100701c69f86920b14714b19ec14db9ebfd91000f0ec2397b8f27d981bc1ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23ac16a6-b0c6-4c81-9bd1-78ee332bf49a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14593
x-amzn-requestid: 796fc590-5a08-4765-b861-e5f707e4d7f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdLoFHQoAMFaAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbe3-3f93635c337e77e453bba394;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gYo5IyA5mM2B5nw6O2QkkZ6-go2CzG8Nwb_pWSixGplAl7LsbmWUiQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:55:43 GMT
age: 16044
etag: "d08f43956f6859e4c2385231bb5506262257445f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 91987222-d376-4099-a4e9-5f877b5212be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzO2FSDIAMFktg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce325e-281a7e062ee3039d42ae8f83;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SEH32iK4aCkxhxQyu3fSlW8uVM1Oj5hwnl2U09k_THEOdAqdEeVMJw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:03:43 GMT
age: 15564
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
begegig.hornydats.com/s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null
178.162.199.80200 OK 2.0 kB URL HTTP/1.1 begegig.hornydats.com/s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 1ffbe6f2e55ec0aaffae7325436181a5
915b72c3afa86e113af5f024e056d9b37001e718
1892ef33894d3427f9dd8db907f017533383309698b2d89d7733e7ce4c3e47ba
GET /s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null HTTP/1.1
Host: begegig.hornydats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Thu, 02 Feb 2023 02:23:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: s=ieHndKXYTP1nZkTUCM8AMnI0idJYV921X%2B%2BL9aOpIZIM4hQ0Xd%2BHYV%2BWnuJF6l8pCaNLGOTevqH406DtTASnWyB%2BNvkRH6NV%2FTdQQiJD4YdVlfi7ctvodDpsDRfwLeAYNcAjeRyySjxp5Ae6HcuELNa4y0kJqsK%2BgaZVrehcow7yq%2BBE587DonNibUgXn9NFTvhHqKq9cYBdv4Bcx7m1XLYjvIhccOYutsp0C2I%2BGeDV4my%2FzDOtDcF7AZ5CQ%2BA2fhG7FcoKRBu3uxZRATaSPzzaGtsUY641All%2FXU6PdPSQO34ohR%2F82qYv5aMdmNeVB%2F0tDW1Mm2E8SpS%2FWinguJQ2UPSM%2FMyhmAHAx6LD2LkuLelk6YyLia0qFUCBoR3uRgrEWySCPlqY6JSLoDL08hhrYtRJ7Xs9BX79FUJTTUdWvj%2F7VhGYyx%2FVxfOCG22Ovui7P%2FY9IDcVwg3n1gjPRtkINosEub%2FJkRWvrw%2BwtzaBHMT%2F8Pvd81XTjcnBXxNCtGnpQCsvgt4A26NA5JwDoAnJWmK9PXslL8Wz9UplQ%2BpFxNPo7ZWedTAbUWkyZN5hWeTDDFYWS8%2FLHY2%2Fi8b%2BLB5cEdI3hZqZ%2Fdp251bgXGWNPIWOLxQvcOWTJI%2FBtOWMNVnWsHS9vn%2BiJ7XR%2Bw6lPhvVDRPceMo6O0EOEiSjAI2uKl%2FbJ3fpvAmNdRqf%2B6mib170A74MFFrdB%2Bp3O0G0x%2Bq6x6VReYgi6CLmvbSaDlxXHlhwrvo3NUFLx2Vk3lFrNRJq6oacdSL5hB8SJW5EG8Lpx5LVCY4rKm3IqQbc4EomBtJ9BUq4TZE6KQDpTXLtkOrveDHjzLb%2FcA3veIov48TDmXt3t85T5Lzsegs%2BT0Bxx8cxcmbk71Rvqn63Oc0I3y2oM4lO9jXhVY2uohBwW7oyQo9fgouMGohKJTF%2ByelSaa05TM5bPbXMtu2yzPuOeuyQIZVvLTy8ewJho0xW%2FJiC0IXeUh69EPmqlS0aAMm9GjwMRk679%2BeY2M7%2FvLAYSj%2B1eb1GD8G6NMZaeYVyRnH2oDiZYIJOcnYdqtFdI2uu0TJMCzGeErh3zT4WYqiblC3OoyhojQX%2BQzShONasophwahXaq6aAsbzmbAmYbu4i0BxdBiFH1h3g8yV2nBb6Z0a7obwWnzVkbqyX5wOkYLYldLmYRQHr5PaTNwV%2FB%2F0PF9n8255wNqSrTmZmQjQIQVd%2Fh9Do8YvZS1MbjIRLcRxg3SkZjQjPOY6WqxXPmjbc%2B%2BKSe6GA%2FkYtxiy%2Fhyr354GkKsIYatwX%2FYKS5AYhdPukH5M4gHTt7rCVbKJ%2F%2B9vNpDbv2p7Wp7nP822i2kM14E3Ikf%2B%2Fy%2BzDiZo9EZFUDxtb8YXx5lljpx54ws3cBMx1eikERrUYzfK3V9E%2Fps2XgfUth5l%2FLUaeR6er2H75QPiRGOHyNR5vurhAGKY66MgwxOzatpTOuPkDocrB7BSXORjC3iWYw%2BEFw41eazAn2r66pBZ7NNcKPe1nndFXSwgbS%2FkDZewBGcBrRMCyJW%2FTCY6Jnva9RxrmYikWKODeqkKrsuzOTWFtYjRfm%2Bv7xSurWfVPjewk1N5e%2FM4ajAfnHhCQJMx%2Bc%2BaGOdT%2BJAF8a5DuL4yjJsk%3D; expires=Fri, 03-Feb-2023 02:23:07 GMT; Max-Age=86400; path=/; domain=hornydats.com
SID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=hornydats.com
ESID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=hornydats.com
Content-Encoding: gzip
begegig.hornydats.com/bundle/343/assets/css/style.css
178.162.199.80200 OK 7.0 kB URL HTTP/1.1 begegig.hornydats.com/bundle/343/assets/css/style.css
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with CRLF line terminators
Hash d5002b22f74b3ffbb36142417535ae09
6f86da6c79b5432649a47f4e520eea677da8e457
e3f3db8ec545f578599a7d301982393b47a937d23931e8cb9fb9b08a2bf5212e
GET /bundle/343/assets/css/style.css HTTP/1.1
Host: begegig.hornydats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://begegig.hornydats.com/s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null
Cookie: s=ieHndKXYTP1nZkTUCM8AMnI0idJYV921X%2B%2BL9aOpIZIM4hQ0Xd%2BHYV%2BWnuJF6l8pCaNLGOTevqH406DtTASnWyB%2BNvkRH6NV%2FTdQQiJD4YdVlfi7ctvodDpsDRfwLeAYNcAjeRyySjxp5Ae6HcuELNa4y0kJqsK%2BgaZVrehcow7yq%2BBE587DonNibUgXn9NFTvhHqKq9cYBdv4Bcx7m1XLYjvIhccOYutsp0C2I%2BGeDV4my%2FzDOtDcF7AZ5CQ%2BA2fhG7FcoKRBu3uxZRATaSPzzaGtsUY641All%2FXU6PdPSQO34ohR%2F82qYv5aMdmNeVB%2F0tDW1Mm2E8SpS%2FWinguJQ2UPSM%2FMyhmAHAx6LD2LkuLelk6YyLia0qFUCBoR3uRgrEWySCPlqY6JSLoDL08hhrYtRJ7Xs9BX79FUJTTUdWvj%2F7VhGYyx%2FVxfOCG22Ovui7P%2FY9IDcVwg3n1gjPRtkINosEub%2FJkRWvrw%2BwtzaBHMT%2F8Pvd81XTjcnBXxNCtGnpQCsvgt4A26NA5JwDoAnJWmK9PXslL8Wz9UplQ%2BpFxNPo7ZWedTAbUWkyZN5hWeTDDFYWS8%2FLHY2%2Fi8b%2BLB5cEdI3hZqZ%2Fdp251bgXGWNPIWOLxQvcOWTJI%2FBtOWMNVnWsHS9vn%2BiJ7XR%2Bw6lPhvVDRPceMo6O0EOEiSjAI2uKl%2FbJ3fpvAmNdRqf%2B6mib170A74MFFrdB%2Bp3O0G0x%2Bq6x6VReYgi6CLmvbSaDlxXHlhwrvo3NUFLx2Vk3lFrNRJq6oacdSL5hB8SJW5EG8Lpx5LVCY4rKm3IqQbc4EomBtJ9BUq4TZE6KQDpTXLtkOrveDHjzLb%2FcA3veIov48TDmXt3t85T5Lzsegs%2BT0Bxx8cxcmbk71Rvqn63Oc0I3y2oM4lO9jXhVY2uohBwW7oyQo9fgouMGohKJTF%2ByelSaa05TM5bPbXMtu2yzPuOeuyQIZVvLTy8ewJho0xW%2FJiC0IXeUh69EPmqlS0aAMm9GjwMRk679%2BeY2M7%2FvLAYSj%2B1eb1GD8G6NMZaeYVyRnH2oDiZYIJOcnYdqtFdI2uu0TJMCzGeErh3zT4WYqiblC3OoyhojQX%2BQzShONasophwahXaq6aAsbzmbAmYbu4i0BxdBiFH1h3g8yV2nBb6Z0a7obwWnzVkbqyX5wOkYLYldLmYRQHr5PaTNwV%2FB%2F0PF9n8255wNqSrTmZmQjQIQVd%2Fh9Do8YvZS1MbjIRLcRxg3SkZjQjPOY6WqxXPmjbc%2B%2BKSe6GA%2FkYtxiy%2Fhyr354GkKsIYatwX%2FYKS5AYhdPukH5M4gHTt7rCVbKJ%2F%2B9vNpDbv2p7Wp7nP822i2kM14E3Ikf%2B%2Fy%2BzDiZo9EZFUDxtb8YXx5lljpx54ws3cBMx1eikERrUYzfK3V9E%2Fps2XgfUth5l%2FLUaeR6er2H75QPiRGOHyNR5vurhAGKY66MgwxOzatpTOuPkDocrB7BSXORjC3iWYw%2BEFw41eazAn2r66pBZ7NNcKPe1nndFXSwgbS%2FkDZewBGcBrRMCyJW%2FTCY6Jnva9RxrmYikWKODeqkKrsuzOTWFtYjRfm%2Bv7xSurWfVPjewk1N5e%2FM4ajAfnHhCQJMx%2Bc%2BaGOdT%2BJAF8a5DuL4yjJsk%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Thu, 02 Feb 2023 02:23:08 GMT
Content-Type: text/css
Content-Length: 7047
Connection: keep-alive
Last-Modified: Sun, 19 Jul 2020 05:52:26 GMT
Vary: Accept-Encoding
ETag: "5f13df9a-1b87"
Accept-Ranges: bytes
begegig.hornydats.com/bundle/343/assets/js/functions.js
178.162.199.80200 OK 1.3 kB URL HTTP/1.1 begegig.hornydats.com/bundle/343/assets/js/functions.js
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with CRLF line terminators
Hash 0f08070c8301c605e00292fc31c3ee6e
9148cf2b7799c3142e4f4f2ada6006a70b4fb579
74c8bc5828d0eb6816571dc9b6d7e9c821bfb57eb3a97976d7635bbd79500c5d
Analyzer Verdict Alert fortinet Phishing
GET /bundle/343/assets/js/functions.js HTTP/1.1
Host: begegig.hornydats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://begegig.hornydats.com/s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null
Cookie: s=ieHndKXYTP1nZkTUCM8AMnI0idJYV921X%2B%2BL9aOpIZIM4hQ0Xd%2BHYV%2BWnuJF6l8pCaNLGOTevqH406DtTASnWyB%2BNvkRH6NV%2FTdQQiJD4YdVlfi7ctvodDpsDRfwLeAYNcAjeRyySjxp5Ae6HcuELNa4y0kJqsK%2BgaZVrehcow7yq%2BBE587DonNibUgXn9NFTvhHqKq9cYBdv4Bcx7m1XLYjvIhccOYutsp0C2I%2BGeDV4my%2FzDOtDcF7AZ5CQ%2BA2fhG7FcoKRBu3uxZRATaSPzzaGtsUY641All%2FXU6PdPSQO34ohR%2F82qYv5aMdmNeVB%2F0tDW1Mm2E8SpS%2FWinguJQ2UPSM%2FMyhmAHAx6LD2LkuLelk6YyLia0qFUCBoR3uRgrEWySCPlqY6JSLoDL08hhrYtRJ7Xs9BX79FUJTTUdWvj%2F7VhGYyx%2FVxfOCG22Ovui7P%2FY9IDcVwg3n1gjPRtkINosEub%2FJkRWvrw%2BwtzaBHMT%2F8Pvd81XTjcnBXxNCtGnpQCsvgt4A26NA5JwDoAnJWmK9PXslL8Wz9UplQ%2BpFxNPo7ZWedTAbUWkyZN5hWeTDDFYWS8%2FLHY2%2Fi8b%2BLB5cEdI3hZqZ%2Fdp251bgXGWNPIWOLxQvcOWTJI%2FBtOWMNVnWsHS9vn%2BiJ7XR%2Bw6lPhvVDRPceMo6O0EOEiSjAI2uKl%2FbJ3fpvAmNdRqf%2B6mib170A74MFFrdB%2Bp3O0G0x%2Bq6x6VReYgi6CLmvbSaDlxXHlhwrvo3NUFLx2Vk3lFrNRJq6oacdSL5hB8SJW5EG8Lpx5LVCY4rKm3IqQbc4EomBtJ9BUq4TZE6KQDpTXLtkOrveDHjzLb%2FcA3veIov48TDmXt3t85T5Lzsegs%2BT0Bxx8cxcmbk71Rvqn63Oc0I3y2oM4lO9jXhVY2uohBwW7oyQo9fgouMGohKJTF%2ByelSaa05TM5bPbXMtu2yzPuOeuyQIZVvLTy8ewJho0xW%2FJiC0IXeUh69EPmqlS0aAMm9GjwMRk679%2BeY2M7%2FvLAYSj%2B1eb1GD8G6NMZaeYVyRnH2oDiZYIJOcnYdqtFdI2uu0TJMCzGeErh3zT4WYqiblC3OoyhojQX%2BQzShONasophwahXaq6aAsbzmbAmYbu4i0BxdBiFH1h3g8yV2nBb6Z0a7obwWnzVkbqyX5wOkYLYldLmYRQHr5PaTNwV%2FB%2F0PF9n8255wNqSrTmZmQjQIQVd%2Fh9Do8YvZS1MbjIRLcRxg3SkZjQjPOY6WqxXPmjbc%2B%2BKSe6GA%2FkYtxiy%2Fhyr354GkKsIYatwX%2FYKS5AYhdPukH5M4gHTt7rCVbKJ%2F%2B9vNpDbv2p7Wp7nP822i2kM14E3Ikf%2B%2Fy%2BzDiZo9EZFUDxtb8YXx5lljpx54ws3cBMx1eikERrUYzfK3V9E%2Fps2XgfUth5l%2FLUaeR6er2H75QPiRGOHyNR5vurhAGKY66MgwxOzatpTOuPkDocrB7BSXORjC3iWYw%2BEFw41eazAn2r66pBZ7NNcKPe1nndFXSwgbS%2FkDZewBGcBrRMCyJW%2FTCY6Jnva9RxrmYikWKODeqkKrsuzOTWFtYjRfm%2Bv7xSurWfVPjewk1N5e%2FM4ajAfnHhCQJMx%2Bc%2BaGOdT%2BJAF8a5DuL4yjJsk%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Thu, 02 Feb 2023 02:23:08 GMT
Content-Type: application/javascript
Content-Length: 1302
Connection: keep-alive
Last-Modified: Sun, 19 Jul 2020 05:52:26 GMT
Vary: Accept-Encoding
ETag: "5f13df9a-516"
Accept-Ranges: bytes
begegig.hornydats.com/js/click.js?8
178.162.199.80200 OK 5.3 kB URL HTTP/1.1 begegig.hornydats.com/js/click.js?8
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
Hash 8207d083c909c6386927c5197eff584c
a5f1148a0e9923191d3f8ed4c1750240374af2a9
f71ae9723255b00dcc8e3631fe419cbbb56a80b3034f184ca5292127d7b3eea9
Analyzer Verdict Alert fortinet Phishing
GET /js/click.js?8 HTTP/1.1
Host: begegig.hornydats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://begegig.hornydats.com/s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null
Cookie: s=ieHndKXYTP1nZkTUCM8AMnI0idJYV921X%2B%2BL9aOpIZIM4hQ0Xd%2BHYV%2BWnuJF6l8pCaNLGOTevqH406DtTASnWyB%2BNvkRH6NV%2FTdQQiJD4YdVlfi7ctvodDpsDRfwLeAYNcAjeRyySjxp5Ae6HcuELNa4y0kJqsK%2BgaZVrehcow7yq%2BBE587DonNibUgXn9NFTvhHqKq9cYBdv4Bcx7m1XLYjvIhccOYutsp0C2I%2BGeDV4my%2FzDOtDcF7AZ5CQ%2BA2fhG7FcoKRBu3uxZRATaSPzzaGtsUY641All%2FXU6PdPSQO34ohR%2F82qYv5aMdmNeVB%2F0tDW1Mm2E8SpS%2FWinguJQ2UPSM%2FMyhmAHAx6LD2LkuLelk6YyLia0qFUCBoR3uRgrEWySCPlqY6JSLoDL08hhrYtRJ7Xs9BX79FUJTTUdWvj%2F7VhGYyx%2FVxfOCG22Ovui7P%2FY9IDcVwg3n1gjPRtkINosEub%2FJkRWvrw%2BwtzaBHMT%2F8Pvd81XTjcnBXxNCtGnpQCsvgt4A26NA5JwDoAnJWmK9PXslL8Wz9UplQ%2BpFxNPo7ZWedTAbUWkyZN5hWeTDDFYWS8%2FLHY2%2Fi8b%2BLB5cEdI3hZqZ%2Fdp251bgXGWNPIWOLxQvcOWTJI%2FBtOWMNVnWsHS9vn%2BiJ7XR%2Bw6lPhvVDRPceMo6O0EOEiSjAI2uKl%2FbJ3fpvAmNdRqf%2B6mib170A74MFFrdB%2Bp3O0G0x%2Bq6x6VReYgi6CLmvbSaDlxXHlhwrvo3NUFLx2Vk3lFrNRJq6oacdSL5hB8SJW5EG8Lpx5LVCY4rKm3IqQbc4EomBtJ9BUq4TZE6KQDpTXLtkOrveDHjzLb%2FcA3veIov48TDmXt3t85T5Lzsegs%2BT0Bxx8cxcmbk71Rvqn63Oc0I3y2oM4lO9jXhVY2uohBwW7oyQo9fgouMGohKJTF%2ByelSaa05TM5bPbXMtu2yzPuOeuyQIZVvLTy8ewJho0xW%2FJiC0IXeUh69EPmqlS0aAMm9GjwMRk679%2BeY2M7%2FvLAYSj%2B1eb1GD8G6NMZaeYVyRnH2oDiZYIJOcnYdqtFdI2uu0TJMCzGeErh3zT4WYqiblC3OoyhojQX%2BQzShONasophwahXaq6aAsbzmbAmYbu4i0BxdBiFH1h3g8yV2nBb6Z0a7obwWnzVkbqyX5wOkYLYldLmYRQHr5PaTNwV%2FB%2F0PF9n8255wNqSrTmZmQjQIQVd%2Fh9Do8YvZS1MbjIRLcRxg3SkZjQjPOY6WqxXPmjbc%2B%2BKSe6GA%2FkYtxiy%2Fhyr354GkKsIYatwX%2FYKS5AYhdPukH5M4gHTt7rCVbKJ%2F%2B9vNpDbv2p7Wp7nP822i2kM14E3Ikf%2B%2Fy%2BzDiZo9EZFUDxtb8YXx5lljpx54ws3cBMx1eikERrUYzfK3V9E%2Fps2XgfUth5l%2FLUaeR6er2H75QPiRGOHyNR5vurhAGKY66MgwxOzatpTOuPkDocrB7BSXORjC3iWYw%2BEFw41eazAn2r66pBZ7NNcKPe1nndFXSwgbS%2FkDZewBGcBrRMCyJW%2FTCY6Jnva9RxrmYikWKODeqkKrsuzOTWFtYjRfm%2Bv7xSurWfVPjewk1N5e%2FM4ajAfnHhCQJMx%2Bc%2BaGOdT%2BJAF8a5DuL4yjJsk%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Thu, 02 Feb 2023 02:23:08 GMT
Content-Type: application/javascript
Content-Length: 5260
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 12:26:11 GMT
Vary: Accept-Encoding
ETag: "63c936e3-148c"
Accept-Ranges: bytes
begegig.hornydats.com/bundle/343/assets/js/jquery.js
178.162.199.80200 OK 86 kB URL HTTP/1.1 begegig.hornydats.com/bundle/343/assets/js/jquery.js
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Analyzer Verdict Alert fortinet Phishing
GET /bundle/343/assets/js/jquery.js HTTP/1.1
Host: begegig.hornydats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://begegig.hornydats.com/s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null
Cookie: s=ieHndKXYTP1nZkTUCM8AMnI0idJYV921X%2B%2BL9aOpIZIM4hQ0Xd%2BHYV%2BWnuJF6l8pCaNLGOTevqH406DtTASnWyB%2BNvkRH6NV%2FTdQQiJD4YdVlfi7ctvodDpsDRfwLeAYNcAjeRyySjxp5Ae6HcuELNa4y0kJqsK%2BgaZVrehcow7yq%2BBE587DonNibUgXn9NFTvhHqKq9cYBdv4Bcx7m1XLYjvIhccOYutsp0C2I%2BGeDV4my%2FzDOtDcF7AZ5CQ%2BA2fhG7FcoKRBu3uxZRATaSPzzaGtsUY641All%2FXU6PdPSQO34ohR%2F82qYv5aMdmNeVB%2F0tDW1Mm2E8SpS%2FWinguJQ2UPSM%2FMyhmAHAx6LD2LkuLelk6YyLia0qFUCBoR3uRgrEWySCPlqY6JSLoDL08hhrYtRJ7Xs9BX79FUJTTUdWvj%2F7VhGYyx%2FVxfOCG22Ovui7P%2FY9IDcVwg3n1gjPRtkINosEub%2FJkRWvrw%2BwtzaBHMT%2F8Pvd81XTjcnBXxNCtGnpQCsvgt4A26NA5JwDoAnJWmK9PXslL8Wz9UplQ%2BpFxNPo7ZWedTAbUWkyZN5hWeTDDFYWS8%2FLHY2%2Fi8b%2BLB5cEdI3hZqZ%2Fdp251bgXGWNPIWOLxQvcOWTJI%2FBtOWMNVnWsHS9vn%2BiJ7XR%2Bw6lPhvVDRPceMo6O0EOEiSjAI2uKl%2FbJ3fpvAmNdRqf%2B6mib170A74MFFrdB%2Bp3O0G0x%2Bq6x6VReYgi6CLmvbSaDlxXHlhwrvo3NUFLx2Vk3lFrNRJq6oacdSL5hB8SJW5EG8Lpx5LVCY4rKm3IqQbc4EomBtJ9BUq4TZE6KQDpTXLtkOrveDHjzLb%2FcA3veIov48TDmXt3t85T5Lzsegs%2BT0Bxx8cxcmbk71Rvqn63Oc0I3y2oM4lO9jXhVY2uohBwW7oyQo9fgouMGohKJTF%2ByelSaa05TM5bPbXMtu2yzPuOeuyQIZVvLTy8ewJho0xW%2FJiC0IXeUh69EPmqlS0aAMm9GjwMRk679%2BeY2M7%2FvLAYSj%2B1eb1GD8G6NMZaeYVyRnH2oDiZYIJOcnYdqtFdI2uu0TJMCzGeErh3zT4WYqiblC3OoyhojQX%2BQzShONasophwahXaq6aAsbzmbAmYbu4i0BxdBiFH1h3g8yV2nBb6Z0a7obwWnzVkbqyX5wOkYLYldLmYRQHr5PaTNwV%2FB%2F0PF9n8255wNqSrTmZmQjQIQVd%2Fh9Do8YvZS1MbjIRLcRxg3SkZjQjPOY6WqxXPmjbc%2B%2BKSe6GA%2FkYtxiy%2Fhyr354GkKsIYatwX%2FYKS5AYhdPukH5M4gHTt7rCVbKJ%2F%2B9vNpDbv2p7Wp7nP822i2kM14E3Ikf%2B%2Fy%2BzDiZo9EZFUDxtb8YXx5lljpx54ws3cBMx1eikERrUYzfK3V9E%2Fps2XgfUth5l%2FLUaeR6er2H75QPiRGOHyNR5vurhAGKY66MgwxOzatpTOuPkDocrB7BSXORjC3iWYw%2BEFw41eazAn2r66pBZ7NNcKPe1nndFXSwgbS%2FkDZewBGcBrRMCyJW%2FTCY6Jnva9RxrmYikWKODeqkKrsuzOTWFtYjRfm%2Bv7xSurWfVPjewk1N5e%2FM4ajAfnHhCQJMx%2Bc%2BaGOdT%2BJAF8a5DuL4yjJsk%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Thu, 02 Feb 2023 02:23:08 GMT
Content-Type: application/javascript
Content-Length: 85578
Connection: keep-alive
Last-Modified: Sun, 19 Jul 2020 05:52:26 GMT
Vary: Accept-Encoding
ETag: "5f13df9a-14e4a"
Accept-Ranges: bytes
begegig.hornydats.com/bundle/343/assets/img/1k.jpg
178.162.199.80200 OK 54 kB URL HTTP/1.1 begegig.hornydats.com/bundle/343/assets/img/1k.jpg
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x620, components 3\012- data
Hash 891bd8edafa58a57a905cb1cc9c49bff
36560046ed59a2b2e4b678b7a69ff8ce3342e6c8
1124945d1b3467717d897e5728c4691fec6cc06bbebe48b586fa613fd299a423
GET /bundle/343/assets/img/1k.jpg HTTP/1.1
Host: begegig.hornydats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://begegig.hornydats.com/s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null
Cookie: s=ieHndKXYTP1nZkTUCM8AMnI0idJYV921X%2B%2BL9aOpIZIM4hQ0Xd%2BHYV%2BWnuJF6l8pCaNLGOTevqH406DtTASnWyB%2BNvkRH6NV%2FTdQQiJD4YdVlfi7ctvodDpsDRfwLeAYNcAjeRyySjxp5Ae6HcuELNa4y0kJqsK%2BgaZVrehcow7yq%2BBE587DonNibUgXn9NFTvhHqKq9cYBdv4Bcx7m1XLYjvIhccOYutsp0C2I%2BGeDV4my%2FzDOtDcF7AZ5CQ%2BA2fhG7FcoKRBu3uxZRATaSPzzaGtsUY641All%2FXU6PdPSQO34ohR%2F82qYv5aMdmNeVB%2F0tDW1Mm2E8SpS%2FWinguJQ2UPSM%2FMyhmAHAx6LD2LkuLelk6YyLia0qFUCBoR3uRgrEWySCPlqY6JSLoDL08hhrYtRJ7Xs9BX79FUJTTUdWvj%2F7VhGYyx%2FVxfOCG22Ovui7P%2FY9IDcVwg3n1gjPRtkINosEub%2FJkRWvrw%2BwtzaBHMT%2F8Pvd81XTjcnBXxNCtGnpQCsvgt4A26NA5JwDoAnJWmK9PXslL8Wz9UplQ%2BpFxNPo7ZWedTAbUWkyZN5hWeTDDFYWS8%2FLHY2%2Fi8b%2BLB5cEdI3hZqZ%2Fdp251bgXGWNPIWOLxQvcOWTJI%2FBtOWMNVnWsHS9vn%2BiJ7XR%2Bw6lPhvVDRPceMo6O0EOEiSjAI2uKl%2FbJ3fpvAmNdRqf%2B6mib170A74MFFrdB%2Bp3O0G0x%2Bq6x6VReYgi6CLmvbSaDlxXHlhwrvo3NUFLx2Vk3lFrNRJq6oacdSL5hB8SJW5EG8Lpx5LVCY4rKm3IqQbc4EomBtJ9BUq4TZE6KQDpTXLtkOrveDHjzLb%2FcA3veIov48TDmXt3t85T5Lzsegs%2BT0Bxx8cxcmbk71Rvqn63Oc0I3y2oM4lO9jXhVY2uohBwW7oyQo9fgouMGohKJTF%2ByelSaa05TM5bPbXMtu2yzPuOeuyQIZVvLTy8ewJho0xW%2FJiC0IXeUh69EPmqlS0aAMm9GjwMRk679%2BeY2M7%2FvLAYSj%2B1eb1GD8G6NMZaeYVyRnH2oDiZYIJOcnYdqtFdI2uu0TJMCzGeErh3zT4WYqiblC3OoyhojQX%2BQzShONasophwahXaq6aAsbzmbAmYbu4i0BxdBiFH1h3g8yV2nBb6Z0a7obwWnzVkbqyX5wOkYLYldLmYRQHr5PaTNwV%2FB%2F0PF9n8255wNqSrTmZmQjQIQVd%2Fh9Do8YvZS1MbjIRLcRxg3SkZjQjPOY6WqxXPmjbc%2B%2BKSe6GA%2FkYtxiy%2Fhyr354GkKsIYatwX%2FYKS5AYhdPukH5M4gHTt7rCVbKJ%2F%2B9vNpDbv2p7Wp7nP822i2kM14E3Ikf%2B%2Fy%2BzDiZo9EZFUDxtb8YXx5lljpx54ws3cBMx1eikERrUYzfK3V9E%2Fps2XgfUth5l%2FLUaeR6er2H75QPiRGOHyNR5vurhAGKY66MgwxOzatpTOuPkDocrB7BSXORjC3iWYw%2BEFw41eazAn2r66pBZ7NNcKPe1nndFXSwgbS%2FkDZewBGcBrRMCyJW%2FTCY6Jnva9RxrmYikWKODeqkKrsuzOTWFtYjRfm%2Bv7xSurWfVPjewk1N5e%2FM4ajAfnHhCQJMx%2Bc%2BaGOdT%2BJAF8a5DuL4yjJsk%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Thu, 02 Feb 2023 02:23:08 GMT
Content-Type: image/jpeg
Content-Length: 54367
Connection: keep-alive
Last-Modified: Sun, 19 Jul 2020 05:52:26 GMT
ETag: "5f13df9a-d45f"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:23:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
begegig.hornydats.com/bundle/343/assets/img/6k.jpg
178.162.199.80200 OK 64 kB URL HTTP/1.1 begegig.hornydats.com/bundle/343/assets/img/6k.jpg
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x620, components 3\012- data
Hash 4397bf4aa46e98f9ac7de6987efd0e8d
40fe5d8dc212a034a2d66442a4242ee09bc641ab
26f4a2eba9a991d422f99988d4ae22e17826c87874305239fdb85e19751ce8ee
GET /bundle/343/assets/img/6k.jpg HTTP/1.1
Host: begegig.hornydats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://begegig.hornydats.com/s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null
Cookie: s=ieHndKXYTP1nZkTUCM8AMnI0idJYV921X%2B%2BL9aOpIZIM4hQ0Xd%2BHYV%2BWnuJF6l8pCaNLGOTevqH406DtTASnWyB%2BNvkRH6NV%2FTdQQiJD4YdVlfi7ctvodDpsDRfwLeAYNcAjeRyySjxp5Ae6HcuELNa4y0kJqsK%2BgaZVrehcow7yq%2BBE587DonNibUgXn9NFTvhHqKq9cYBdv4Bcx7m1XLYjvIhccOYutsp0C2I%2BGeDV4my%2FzDOtDcF7AZ5CQ%2BA2fhG7FcoKRBu3uxZRATaSPzzaGtsUY641All%2FXU6PdPSQO34ohR%2F82qYv5aMdmNeVB%2F0tDW1Mm2E8SpS%2FWinguJQ2UPSM%2FMyhmAHAx6LD2LkuLelk6YyLia0qFUCBoR3uRgrEWySCPlqY6JSLoDL08hhrYtRJ7Xs9BX79FUJTTUdWvj%2F7VhGYyx%2FVxfOCG22Ovui7P%2FY9IDcVwg3n1gjPRtkINosEub%2FJkRWvrw%2BwtzaBHMT%2F8Pvd81XTjcnBXxNCtGnpQCsvgt4A26NA5JwDoAnJWmK9PXslL8Wz9UplQ%2BpFxNPo7ZWedTAbUWkyZN5hWeTDDFYWS8%2FLHY2%2Fi8b%2BLB5cEdI3hZqZ%2Fdp251bgXGWNPIWOLxQvcOWTJI%2FBtOWMNVnWsHS9vn%2BiJ7XR%2Bw6lPhvVDRPceMo6O0EOEiSjAI2uKl%2FbJ3fpvAmNdRqf%2B6mib170A74MFFrdB%2Bp3O0G0x%2Bq6x6VReYgi6CLmvbSaDlxXHlhwrvo3NUFLx2Vk3lFrNRJq6oacdSL5hB8SJW5EG8Lpx5LVCY4rKm3IqQbc4EomBtJ9BUq4TZE6KQDpTXLtkOrveDHjzLb%2FcA3veIov48TDmXt3t85T5Lzsegs%2BT0Bxx8cxcmbk71Rvqn63Oc0I3y2oM4lO9jXhVY2uohBwW7oyQo9fgouMGohKJTF%2ByelSaa05TM5bPbXMtu2yzPuOeuyQIZVvLTy8ewJho0xW%2FJiC0IXeUh69EPmqlS0aAMm9GjwMRk679%2BeY2M7%2FvLAYSj%2B1eb1GD8G6NMZaeYVyRnH2oDiZYIJOcnYdqtFdI2uu0TJMCzGeErh3zT4WYqiblC3OoyhojQX%2BQzShONasophwahXaq6aAsbzmbAmYbu4i0BxdBiFH1h3g8yV2nBb6Z0a7obwWnzVkbqyX5wOkYLYldLmYRQHr5PaTNwV%2FB%2F0PF9n8255wNqSrTmZmQjQIQVd%2Fh9Do8YvZS1MbjIRLcRxg3SkZjQjPOY6WqxXPmjbc%2B%2BKSe6GA%2FkYtxiy%2Fhyr354GkKsIYatwX%2FYKS5AYhdPukH5M4gHTt7rCVbKJ%2F%2B9vNpDbv2p7Wp7nP822i2kM14E3Ikf%2B%2Fy%2BzDiZo9EZFUDxtb8YXx5lljpx54ws3cBMx1eikERrUYzfK3V9E%2Fps2XgfUth5l%2FLUaeR6er2H75QPiRGOHyNR5vurhAGKY66MgwxOzatpTOuPkDocrB7BSXORjC3iWYw%2BEFw41eazAn2r66pBZ7NNcKPe1nndFXSwgbS%2FkDZewBGcBrRMCyJW%2FTCY6Jnva9RxrmYikWKODeqkKrsuzOTWFtYjRfm%2Bv7xSurWfVPjewk1N5e%2FM4ajAfnHhCQJMx%2Bc%2BaGOdT%2BJAF8a5DuL4yjJsk%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Thu, 02 Feb 2023 02:23:08 GMT
Content-Type: image/jpeg
Content-Length: 64243
Connection: keep-alive
Last-Modified: Sun, 19 Jul 2020 05:52:26 GMT
ETag: "5f13df9a-faf3"
Accept-Ranges: bytes
begegig.hornydats.com/bundle/343/assets/img/4k.jpg
178.162.199.80200 OK 46 kB URL HTTP/1.1 begegig.hornydats.com/bundle/343/assets/img/4k.jpg
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x620, components 3\012- data
Hash ed2fe56349612fecd208fe2e6ebbc02f
94352ad9c83687e5d8ebde66550b7c9ce787423e
aec56bbd25def61a86fdf61e505c66ec9feedd70268347664835179f5b561d19
GET /bundle/343/assets/img/4k.jpg HTTP/1.1
Host: begegig.hornydats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://begegig.hornydats.com/s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null
Cookie: s=ieHndKXYTP1nZkTUCM8AMnI0idJYV921X%2B%2BL9aOpIZIM4hQ0Xd%2BHYV%2BWnuJF6l8pCaNLGOTevqH406DtTASnWyB%2BNvkRH6NV%2FTdQQiJD4YdVlfi7ctvodDpsDRfwLeAYNcAjeRyySjxp5Ae6HcuELNa4y0kJqsK%2BgaZVrehcow7yq%2BBE587DonNibUgXn9NFTvhHqKq9cYBdv4Bcx7m1XLYjvIhccOYutsp0C2I%2BGeDV4my%2FzDOtDcF7AZ5CQ%2BA2fhG7FcoKRBu3uxZRATaSPzzaGtsUY641All%2FXU6PdPSQO34ohR%2F82qYv5aMdmNeVB%2F0tDW1Mm2E8SpS%2FWinguJQ2UPSM%2FMyhmAHAx6LD2LkuLelk6YyLia0qFUCBoR3uRgrEWySCPlqY6JSLoDL08hhrYtRJ7Xs9BX79FUJTTUdWvj%2F7VhGYyx%2FVxfOCG22Ovui7P%2FY9IDcVwg3n1gjPRtkINosEub%2FJkRWvrw%2BwtzaBHMT%2F8Pvd81XTjcnBXxNCtGnpQCsvgt4A26NA5JwDoAnJWmK9PXslL8Wz9UplQ%2BpFxNPo7ZWedTAbUWkyZN5hWeTDDFYWS8%2FLHY2%2Fi8b%2BLB5cEdI3hZqZ%2Fdp251bgXGWNPIWOLxQvcOWTJI%2FBtOWMNVnWsHS9vn%2BiJ7XR%2Bw6lPhvVDRPceMo6O0EOEiSjAI2uKl%2FbJ3fpvAmNdRqf%2B6mib170A74MFFrdB%2Bp3O0G0x%2Bq6x6VReYgi6CLmvbSaDlxXHlhwrvo3NUFLx2Vk3lFrNRJq6oacdSL5hB8SJW5EG8Lpx5LVCY4rKm3IqQbc4EomBtJ9BUq4TZE6KQDpTXLtkOrveDHjzLb%2FcA3veIov48TDmXt3t85T5Lzsegs%2BT0Bxx8cxcmbk71Rvqn63Oc0I3y2oM4lO9jXhVY2uohBwW7oyQo9fgouMGohKJTF%2ByelSaa05TM5bPbXMtu2yzPuOeuyQIZVvLTy8ewJho0xW%2FJiC0IXeUh69EPmqlS0aAMm9GjwMRk679%2BeY2M7%2FvLAYSj%2B1eb1GD8G6NMZaeYVyRnH2oDiZYIJOcnYdqtFdI2uu0TJMCzGeErh3zT4WYqiblC3OoyhojQX%2BQzShONasophwahXaq6aAsbzmbAmYbu4i0BxdBiFH1h3g8yV2nBb6Z0a7obwWnzVkbqyX5wOkYLYldLmYRQHr5PaTNwV%2FB%2F0PF9n8255wNqSrTmZmQjQIQVd%2Fh9Do8YvZS1MbjIRLcRxg3SkZjQjPOY6WqxXPmjbc%2B%2BKSe6GA%2FkYtxiy%2Fhyr354GkKsIYatwX%2FYKS5AYhdPukH5M4gHTt7rCVbKJ%2F%2B9vNpDbv2p7Wp7nP822i2kM14E3Ikf%2B%2Fy%2BzDiZo9EZFUDxtb8YXx5lljpx54ws3cBMx1eikERrUYzfK3V9E%2Fps2XgfUth5l%2FLUaeR6er2H75QPiRGOHyNR5vurhAGKY66MgwxOzatpTOuPkDocrB7BSXORjC3iWYw%2BEFw41eazAn2r66pBZ7NNcKPe1nndFXSwgbS%2FkDZewBGcBrRMCyJW%2FTCY6Jnva9RxrmYikWKODeqkKrsuzOTWFtYjRfm%2Bv7xSurWfVPjewk1N5e%2FM4ajAfnHhCQJMx%2Bc%2BaGOdT%2BJAF8a5DuL4yjJsk%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Thu, 02 Feb 2023 02:23:08 GMT
Content-Type: image/jpeg
Content-Length: 45692
Connection: keep-alive
Last-Modified: Sun, 19 Jul 2020 05:52:26 GMT
ETag: "5f13df9a-b27c"
Accept-Ranges: bytes
begegig.hornydats.com/bundle/343/assets/img/3k.jpg
178.162.199.80200 OK 33 kB URL HTTP/1.1 begegig.hornydats.com/bundle/343/assets/img/3k.jpg
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x620, components 3\012- data
Hash a66815ce1439259be87d0288fc00baa6
c95f125b3e867a716545ab6a94cea6cc270031cb
6b5c1ed44a068de8c213c700b0900f36f4294bf24e46bfacb98e94fa9b120ca7
GET /bundle/343/assets/img/3k.jpg HTTP/1.1
Host: begegig.hornydats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://begegig.hornydats.com/s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null
Cookie: s=ieHndKXYTP1nZkTUCM8AMnI0idJYV921X%2B%2BL9aOpIZIM4hQ0Xd%2BHYV%2BWnuJF6l8pCaNLGOTevqH406DtTASnWyB%2BNvkRH6NV%2FTdQQiJD4YdVlfi7ctvodDpsDRfwLeAYNcAjeRyySjxp5Ae6HcuELNa4y0kJqsK%2BgaZVrehcow7yq%2BBE587DonNibUgXn9NFTvhHqKq9cYBdv4Bcx7m1XLYjvIhccOYutsp0C2I%2BGeDV4my%2FzDOtDcF7AZ5CQ%2BA2fhG7FcoKRBu3uxZRATaSPzzaGtsUY641All%2FXU6PdPSQO34ohR%2F82qYv5aMdmNeVB%2F0tDW1Mm2E8SpS%2FWinguJQ2UPSM%2FMyhmAHAx6LD2LkuLelk6YyLia0qFUCBoR3uRgrEWySCPlqY6JSLoDL08hhrYtRJ7Xs9BX79FUJTTUdWvj%2F7VhGYyx%2FVxfOCG22Ovui7P%2FY9IDcVwg3n1gjPRtkINosEub%2FJkRWvrw%2BwtzaBHMT%2F8Pvd81XTjcnBXxNCtGnpQCsvgt4A26NA5JwDoAnJWmK9PXslL8Wz9UplQ%2BpFxNPo7ZWedTAbUWkyZN5hWeTDDFYWS8%2FLHY2%2Fi8b%2BLB5cEdI3hZqZ%2Fdp251bgXGWNPIWOLxQvcOWTJI%2FBtOWMNVnWsHS9vn%2BiJ7XR%2Bw6lPhvVDRPceMo6O0EOEiSjAI2uKl%2FbJ3fpvAmNdRqf%2B6mib170A74MFFrdB%2Bp3O0G0x%2Bq6x6VReYgi6CLmvbSaDlxXHlhwrvo3NUFLx2Vk3lFrNRJq6oacdSL5hB8SJW5EG8Lpx5LVCY4rKm3IqQbc4EomBtJ9BUq4TZE6KQDpTXLtkOrveDHjzLb%2FcA3veIov48TDmXt3t85T5Lzsegs%2BT0Bxx8cxcmbk71Rvqn63Oc0I3y2oM4lO9jXhVY2uohBwW7oyQo9fgouMGohKJTF%2ByelSaa05TM5bPbXMtu2yzPuOeuyQIZVvLTy8ewJho0xW%2FJiC0IXeUh69EPmqlS0aAMm9GjwMRk679%2BeY2M7%2FvLAYSj%2B1eb1GD8G6NMZaeYVyRnH2oDiZYIJOcnYdqtFdI2uu0TJMCzGeErh3zT4WYqiblC3OoyhojQX%2BQzShONasophwahXaq6aAsbzmbAmYbu4i0BxdBiFH1h3g8yV2nBb6Z0a7obwWnzVkbqyX5wOkYLYldLmYRQHr5PaTNwV%2FB%2F0PF9n8255wNqSrTmZmQjQIQVd%2Fh9Do8YvZS1MbjIRLcRxg3SkZjQjPOY6WqxXPmjbc%2B%2BKSe6GA%2FkYtxiy%2Fhyr354GkKsIYatwX%2FYKS5AYhdPukH5M4gHTt7rCVbKJ%2F%2B9vNpDbv2p7Wp7nP822i2kM14E3Ikf%2B%2Fy%2BzDiZo9EZFUDxtb8YXx5lljpx54ws3cBMx1eikERrUYzfK3V9E%2Fps2XgfUth5l%2FLUaeR6er2H75QPiRGOHyNR5vurhAGKY66MgwxOzatpTOuPkDocrB7BSXORjC3iWYw%2BEFw41eazAn2r66pBZ7NNcKPe1nndFXSwgbS%2FkDZewBGcBrRMCyJW%2FTCY6Jnva9RxrmYikWKODeqkKrsuzOTWFtYjRfm%2Bv7xSurWfVPjewk1N5e%2FM4ajAfnHhCQJMx%2Bc%2BaGOdT%2BJAF8a5DuL4yjJsk%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Thu, 02 Feb 2023 02:23:08 GMT
Content-Type: image/jpeg
Content-Length: 32842
Connection: keep-alive
Last-Modified: Sun, 19 Jul 2020 05:52:26 GMT
ETag: "5f13df9a-804a"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:23:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
begegig.hornydats.com/bundle/343/assets/img/5k.jpg
178.162.199.80200 OK 74 kB URL HTTP/1.1 begegig.hornydats.com/bundle/343/assets/img/5k.jpg
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x620, components 3\012- data
Hash 8caae1bd31eaba57dd37493bd5f3e9ad
bfc7fc50fa53aee0cabafa72a29c8b8665f2d074
c0020d3e076498a290b97d7adefc90f0398e53e0a28f55f91ed119e56b1bab85
GET /bundle/343/assets/img/5k.jpg HTTP/1.1
Host: begegig.hornydats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://begegig.hornydats.com/s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null
Cookie: s=ieHndKXYTP1nZkTUCM8AMnI0idJYV921X%2B%2BL9aOpIZIM4hQ0Xd%2BHYV%2BWnuJF6l8pCaNLGOTevqH406DtTASnWyB%2BNvkRH6NV%2FTdQQiJD4YdVlfi7ctvodDpsDRfwLeAYNcAjeRyySjxp5Ae6HcuELNa4y0kJqsK%2BgaZVrehcow7yq%2BBE587DonNibUgXn9NFTvhHqKq9cYBdv4Bcx7m1XLYjvIhccOYutsp0C2I%2BGeDV4my%2FzDOtDcF7AZ5CQ%2BA2fhG7FcoKRBu3uxZRATaSPzzaGtsUY641All%2FXU6PdPSQO34ohR%2F82qYv5aMdmNeVB%2F0tDW1Mm2E8SpS%2FWinguJQ2UPSM%2FMyhmAHAx6LD2LkuLelk6YyLia0qFUCBoR3uRgrEWySCPlqY6JSLoDL08hhrYtRJ7Xs9BX79FUJTTUdWvj%2F7VhGYyx%2FVxfOCG22Ovui7P%2FY9IDcVwg3n1gjPRtkINosEub%2FJkRWvrw%2BwtzaBHMT%2F8Pvd81XTjcnBXxNCtGnpQCsvgt4A26NA5JwDoAnJWmK9PXslL8Wz9UplQ%2BpFxNPo7ZWedTAbUWkyZN5hWeTDDFYWS8%2FLHY2%2Fi8b%2BLB5cEdI3hZqZ%2Fdp251bgXGWNPIWOLxQvcOWTJI%2FBtOWMNVnWsHS9vn%2BiJ7XR%2Bw6lPhvVDRPceMo6O0EOEiSjAI2uKl%2FbJ3fpvAmNdRqf%2B6mib170A74MFFrdB%2Bp3O0G0x%2Bq6x6VReYgi6CLmvbSaDlxXHlhwrvo3NUFLx2Vk3lFrNRJq6oacdSL5hB8SJW5EG8Lpx5LVCY4rKm3IqQbc4EomBtJ9BUq4TZE6KQDpTXLtkOrveDHjzLb%2FcA3veIov48TDmXt3t85T5Lzsegs%2BT0Bxx8cxcmbk71Rvqn63Oc0I3y2oM4lO9jXhVY2uohBwW7oyQo9fgouMGohKJTF%2ByelSaa05TM5bPbXMtu2yzPuOeuyQIZVvLTy8ewJho0xW%2FJiC0IXeUh69EPmqlS0aAMm9GjwMRk679%2BeY2M7%2FvLAYSj%2B1eb1GD8G6NMZaeYVyRnH2oDiZYIJOcnYdqtFdI2uu0TJMCzGeErh3zT4WYqiblC3OoyhojQX%2BQzShONasophwahXaq6aAsbzmbAmYbu4i0BxdBiFH1h3g8yV2nBb6Z0a7obwWnzVkbqyX5wOkYLYldLmYRQHr5PaTNwV%2FB%2F0PF9n8255wNqSrTmZmQjQIQVd%2Fh9Do8YvZS1MbjIRLcRxg3SkZjQjPOY6WqxXPmjbc%2B%2BKSe6GA%2FkYtxiy%2Fhyr354GkKsIYatwX%2FYKS5AYhdPukH5M4gHTt7rCVbKJ%2F%2B9vNpDbv2p7Wp7nP822i2kM14E3Ikf%2B%2Fy%2BzDiZo9EZFUDxtb8YXx5lljpx54ws3cBMx1eikERrUYzfK3V9E%2Fps2XgfUth5l%2FLUaeR6er2H75QPiRGOHyNR5vurhAGKY66MgwxOzatpTOuPkDocrB7BSXORjC3iWYw%2BEFw41eazAn2r66pBZ7NNcKPe1nndFXSwgbS%2FkDZewBGcBrRMCyJW%2FTCY6Jnva9RxrmYikWKODeqkKrsuzOTWFtYjRfm%2Bv7xSurWfVPjewk1N5e%2FM4ajAfnHhCQJMx%2Bc%2BaGOdT%2BJAF8a5DuL4yjJsk%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Thu, 02 Feb 2023 02:23:08 GMT
Content-Type: image/jpeg
Content-Length: 73730
Connection: keep-alive
Last-Modified: Sun, 19 Jul 2020 05:52:26 GMT
ETag: "5f13df9a-12002"
Accept-Ranges: bytes
begegig.hornydats.com/bundle/343/assets/img/2k.jpg
178.162.199.80200 OK 49 kB URL HTTP/1.1 begegig.hornydats.com/bundle/343/assets/img/2k.jpg
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x620, components 3\012- data
Hash f04372e0d038a14b25ce40eaccab06a9
a6ef1e6194e4843559cafad30d38e7650bc83df3
67963849ad79125161e36c550fea229cd1ba5b533f392194d79813d113b6d0c4
GET /bundle/343/assets/img/2k.jpg HTTP/1.1
Host: begegig.hornydats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://begegig.hornydats.com/s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null
Cookie: s=ieHndKXYTP1nZkTUCM8AMnI0idJYV921X%2B%2BL9aOpIZIM4hQ0Xd%2BHYV%2BWnuJF6l8pCaNLGOTevqH406DtTASnWyB%2BNvkRH6NV%2FTdQQiJD4YdVlfi7ctvodDpsDRfwLeAYNcAjeRyySjxp5Ae6HcuELNa4y0kJqsK%2BgaZVrehcow7yq%2BBE587DonNibUgXn9NFTvhHqKq9cYBdv4Bcx7m1XLYjvIhccOYutsp0C2I%2BGeDV4my%2FzDOtDcF7AZ5CQ%2BA2fhG7FcoKRBu3uxZRATaSPzzaGtsUY641All%2FXU6PdPSQO34ohR%2F82qYv5aMdmNeVB%2F0tDW1Mm2E8SpS%2FWinguJQ2UPSM%2FMyhmAHAx6LD2LkuLelk6YyLia0qFUCBoR3uRgrEWySCPlqY6JSLoDL08hhrYtRJ7Xs9BX79FUJTTUdWvj%2F7VhGYyx%2FVxfOCG22Ovui7P%2FY9IDcVwg3n1gjPRtkINosEub%2FJkRWvrw%2BwtzaBHMT%2F8Pvd81XTjcnBXxNCtGnpQCsvgt4A26NA5JwDoAnJWmK9PXslL8Wz9UplQ%2BpFxNPo7ZWedTAbUWkyZN5hWeTDDFYWS8%2FLHY2%2Fi8b%2BLB5cEdI3hZqZ%2Fdp251bgXGWNPIWOLxQvcOWTJI%2FBtOWMNVnWsHS9vn%2BiJ7XR%2Bw6lPhvVDRPceMo6O0EOEiSjAI2uKl%2FbJ3fpvAmNdRqf%2B6mib170A74MFFrdB%2Bp3O0G0x%2Bq6x6VReYgi6CLmvbSaDlxXHlhwrvo3NUFLx2Vk3lFrNRJq6oacdSL5hB8SJW5EG8Lpx5LVCY4rKm3IqQbc4EomBtJ9BUq4TZE6KQDpTXLtkOrveDHjzLb%2FcA3veIov48TDmXt3t85T5Lzsegs%2BT0Bxx8cxcmbk71Rvqn63Oc0I3y2oM4lO9jXhVY2uohBwW7oyQo9fgouMGohKJTF%2ByelSaa05TM5bPbXMtu2yzPuOeuyQIZVvLTy8ewJho0xW%2FJiC0IXeUh69EPmqlS0aAMm9GjwMRk679%2BeY2M7%2FvLAYSj%2B1eb1GD8G6NMZaeYVyRnH2oDiZYIJOcnYdqtFdI2uu0TJMCzGeErh3zT4WYqiblC3OoyhojQX%2BQzShONasophwahXaq6aAsbzmbAmYbu4i0BxdBiFH1h3g8yV2nBb6Z0a7obwWnzVkbqyX5wOkYLYldLmYRQHr5PaTNwV%2FB%2F0PF9n8255wNqSrTmZmQjQIQVd%2Fh9Do8YvZS1MbjIRLcRxg3SkZjQjPOY6WqxXPmjbc%2B%2BKSe6GA%2FkYtxiy%2Fhyr354GkKsIYatwX%2FYKS5AYhdPukH5M4gHTt7rCVbKJ%2F%2B9vNpDbv2p7Wp7nP822i2kM14E3Ikf%2B%2Fy%2BzDiZo9EZFUDxtb8YXx5lljpx54ws3cBMx1eikERrUYzfK3V9E%2Fps2XgfUth5l%2FLUaeR6er2H75QPiRGOHyNR5vurhAGKY66MgwxOzatpTOuPkDocrB7BSXORjC3iWYw%2BEFw41eazAn2r66pBZ7NNcKPe1nndFXSwgbS%2FkDZewBGcBrRMCyJW%2FTCY6Jnva9RxrmYikWKODeqkKrsuzOTWFtYjRfm%2Bv7xSurWfVPjewk1N5e%2FM4ajAfnHhCQJMx%2Bc%2BaGOdT%2BJAF8a5DuL4yjJsk%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Thu, 02 Feb 2023 02:23:08 GMT
Content-Type: image/jpeg
Content-Length: 49411
Connection: keep-alive
Last-Modified: Sun, 19 Jul 2020 05:52:26 GMT
ETag: "5f13df9a-c103"
Accept-Ranges: bytes
fonts.googleapis.com/css?family=Lato&display=swap
142.250.74.106200 OK 82 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato&display=swap
IP 142.250.74.106:0
Hash 9953c6a3aa9a0d9ab170f9847d3f8a74
5ebf2356ee6a80cbf875e70f88887b03f0286b53
457591b0d8414ba7efc3efaf8bf05dfe0d3a2f50d73c64477455edd20fcae211
GET /css?family=Lato&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://begegig.hornydats.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 02:23:08 GMT
date: Thu, 02 Feb 2023 02:23:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:23:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
begegig.hornydats.com/js/fp2.min.js
178.162.199.80200 OK 31 kB URL HTTP/1.1 begegig.hornydats.com/js/fp2.min.js
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (30507)
Hash e7d6b85edb141824af8951e19333337c
76600b2cb1978ca24d9fe39b1412f052da855ddb
6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e
Analyzer Verdict Alert fortinet Phishing
GET /js/fp2.min.js HTTP/1.1
Host: begegig.hornydats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://begegig.hornydats.com/s/62d5603fa0da4
Cookie: s=ieHndKXYTP1nZkTUCM8AMnI0idJYV921X%2B%2BL9aOpIZIM4hQ0Xd%2BHYV%2BWnuJF6l8pCaNLGOTevqH406DtTASnWyB%2BNvkRH6NV%2FTdQQiJD4YdVlfi7ctvodDpsDRfwLeAYNcAjeRyySjxp5Ae6HcuELNa4y0kJqsK%2BgaZVrehcow7yq%2BBE587DonNibUgXn9NFTvhHqKq9cYBdv4Bcx7m1XLYjvIhccOYutsp0C2I%2BGeDV4my%2FzDOtDcF7AZ5CQ%2BA2fhG7FcoKRBu3uxZRATaSPzzaGtsUY641All%2FXU6PdPSQO34ohR%2F82qYv5aMdmNeVB%2F0tDW1Mm2E8SpS%2FWinguJQ2UPSM%2FMyhmAHAx6LD2LkuLelk6YyLia0qFUCBoR3uRgrEWySCPlqY6JSLoDL08hhrYtRJ7Xs9BX79FUJTTUdWvj%2F7VhGYyx%2FVxfOCG22Ovui7P%2FY9IDcVwg3n1gjPRtkINosEub%2FJkRWvrw%2BwtzaBHMT%2F8Pvd81XTjcnBXxNCtGnpQCsvgt4A26NA5JwDoAnJWmK9PXslL8Wz9UplQ%2BpFxNPo7ZWedTAbUWkyZN5hWeTDDFYWS8%2FLHY2%2Fi8b%2BLB5cEdI3hZqZ%2Fdp251bgXGWNPIWOLxQvcOWTJI%2FBtOWMNVnWsHS9vn%2BiJ7XR%2Bw6lPhvVDRPceMo6O0EOEiSjAI2uKl%2FbJ3fpvAmNdRqf%2B6mib170A74MFFrdB%2Bp3O0G0x%2Bq6x6VReYgi6CLmvbSaDlxXHlhwrvo3NUFLx2Vk3lFrNRJq6oacdSL5hB8SJW5EG8Lpx5LVCY4rKm3IqQbc4EomBtJ9BUq4TZE6KQDpTXLtkOrveDHjzLb%2FcA3veIov48TDmXt3t85T5Lzsegs%2BT0Bxx8cxcmbk71Rvqn63Oc0I3y2oM4lO9jXhVY2uohBwW7oyQo9fgouMGohKJTF%2ByelSaa05TM5bPbXMtu2yzPuOeuyQIZVvLTy8ewJho0xW%2FJiC0IXeUh69EPmqlS0aAMm9GjwMRk679%2BeY2M7%2FvLAYSj%2B1eb1GD8G6NMZaeYVyRnH2oDiZYIJOcnYdqtFdI2uu0TJMCzGeErh3zT4WYqiblC3OoyhojQX%2BQzShONasophwahXaq6aAsbzmbAmYbu4i0BxdBiFH1h3g8yV2nBb6Z0a7obwWnzVkbqyX5wOkYLYldLmYRQHr5PaTNwV%2FB%2F0PF9n8255wNqSrTmZmQjQIQVd%2Fh9Do8YvZS1MbjIRLcRxg3SkZjQjPOY6WqxXPmjbc%2B%2BKSe6GA%2FkYtxiy%2Fhyr354GkKsIYatwX%2FYKS5AYhdPukH5M4gHTt7rCVbKJ%2F%2B9vNpDbv2p7Wp7nP822i2kM14E3Ikf%2B%2Fy%2BzDiZo9EZFUDxtb8YXx5lljpx54ws3cBMx1eikERrUYzfK3V9E%2Fps2XgfUth5l%2FLUaeR6er2H75QPiRGOHyNR5vurhAGKY66MgwxOzatpTOuPkDocrB7BSXORjC3iWYw%2BEFw41eazAn2r66pBZ7NNcKPe1nndFXSwgbS%2FkDZewBGcBrRMCyJW%2FTCY6Jnva9RxrmYikWKODeqkKrsuzOTWFtYjRfm%2Bv7xSurWfVPjewk1N5e%2FM4ajAfnHhCQJMx%2Bc%2BaGOdT%2BJAF8a5DuL4yjJsk%3D; CF=f+KYu5MoSFHi84ANE4oQWg__
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Thu, 02 Feb 2023 02:23:08 GMT
Content-Type: application/javascript
Content-Length: 30685
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 12:26:11 GMT
Vary: Accept-Encoding
ETag: "63c936e3-77dd"
Accept-Ranges: bytes
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://begegig.hornydats.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 04:29:08 GMT
expires: Wed, 31 Jan 2024 04:29:08 GMT
cache-control: public, max-age=31536000
age: 165240
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:23:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
begegig.hornydats.com/bundle/343/assets/img/favicon.png
178.162.199.80200 OK 1.2 kB URL HTTP/1.1 begegig.hornydats.com/bundle/343/assets/img/favicon.png
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type PNG image data, 128 x 128, 8-bit colormap, non-interlaced\012- data
Hash e8073cd460e8d7469633099834659549
af524b0e7cb82d90a67602109a550380aa8850dc
77df391534b58f0024b7e60b35b1b595188436e24735a19e943d0d5a7d3fc33f
GET /bundle/343/assets/img/favicon.png HTTP/1.1
Host: begegig.hornydats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://begegig.hornydats.com/s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null
Cookie: s=ieHndKXYTP1nZkTUCM8AMnI0idJYV921X%2B%2BL9aOpIZIM4hQ0Xd%2BHYV%2BWnuJF6l8pCaNLGOTevqH406DtTASnWyB%2BNvkRH6NV%2FTdQQiJD4YdVlfi7ctvodDpsDRfwLeAYNcAjeRyySjxp5Ae6HcuELNa4y0kJqsK%2BgaZVrehcow7yq%2BBE587DonNibUgXn9NFTvhHqKq9cYBdv4Bcx7m1XLYjvIhccOYutsp0C2I%2BGeDV4my%2FzDOtDcF7AZ5CQ%2BA2fhG7FcoKRBu3uxZRATaSPzzaGtsUY641All%2FXU6PdPSQO34ohR%2F82qYv5aMdmNeVB%2F0tDW1Mm2E8SpS%2FWinguJQ2UPSM%2FMyhmAHAx6LD2LkuLelk6YyLia0qFUCBoR3uRgrEWySCPlqY6JSLoDL08hhrYtRJ7Xs9BX79FUJTTUdWvj%2F7VhGYyx%2FVxfOCG22Ovui7P%2FY9IDcVwg3n1gjPRtkINosEub%2FJkRWvrw%2BwtzaBHMT%2F8Pvd81XTjcnBXxNCtGnpQCsvgt4A26NA5JwDoAnJWmK9PXslL8Wz9UplQ%2BpFxNPo7ZWedTAbUWkyZN5hWeTDDFYWS8%2FLHY2%2Fi8b%2BLB5cEdI3hZqZ%2Fdp251bgXGWNPIWOLxQvcOWTJI%2FBtOWMNVnWsHS9vn%2BiJ7XR%2Bw6lPhvVDRPceMo6O0EOEiSjAI2uKl%2FbJ3fpvAmNdRqf%2B6mib170A74MFFrdB%2Bp3O0G0x%2Bq6x6VReYgi6CLmvbSaDlxXHlhwrvo3NUFLx2Vk3lFrNRJq6oacdSL5hB8SJW5EG8Lpx5LVCY4rKm3IqQbc4EomBtJ9BUq4TZE6KQDpTXLtkOrveDHjzLb%2FcA3veIov48TDmXt3t85T5Lzsegs%2BT0Bxx8cxcmbk71Rvqn63Oc0I3y2oM4lO9jXhVY2uohBwW7oyQo9fgouMGohKJTF%2ByelSaa05TM5bPbXMtu2yzPuOeuyQIZVvLTy8ewJho0xW%2FJiC0IXeUh69EPmqlS0aAMm9GjwMRk679%2BeY2M7%2FvLAYSj%2B1eb1GD8G6NMZaeYVyRnH2oDiZYIJOcnYdqtFdI2uu0TJMCzGeErh3zT4WYqiblC3OoyhojQX%2BQzShONasophwahXaq6aAsbzmbAmYbu4i0BxdBiFH1h3g8yV2nBb6Z0a7obwWnzVkbqyX5wOkYLYldLmYRQHr5PaTNwV%2FB%2F0PF9n8255wNqSrTmZmQjQIQVd%2Fh9Do8YvZS1MbjIRLcRxg3SkZjQjPOY6WqxXPmjbc%2B%2BKSe6GA%2FkYtxiy%2Fhyr354GkKsIYatwX%2FYKS5AYhdPukH5M4gHTt7rCVbKJ%2F%2B9vNpDbv2p7Wp7nP822i2kM14E3Ikf%2B%2Fy%2BzDiZo9EZFUDxtb8YXx5lljpx54ws3cBMx1eikERrUYzfK3V9E%2Fps2XgfUth5l%2FLUaeR6er2H75QPiRGOHyNR5vurhAGKY66MgwxOzatpTOuPkDocrB7BSXORjC3iWYw%2BEFw41eazAn2r66pBZ7NNcKPe1nndFXSwgbS%2FkDZewBGcBrRMCyJW%2FTCY6Jnva9RxrmYikWKODeqkKrsuzOTWFtYjRfm%2Bv7xSurWfVPjewk1N5e%2FM4ajAfnHhCQJMx%2Bc%2BaGOdT%2BJAF8a5DuL4yjJsk%3D; CF=f+KYu5MoSFHi84ANE4oQWg__
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Thu, 02 Feb 2023 02:23:08 GMT
Content-Type: image/png
Content-Length: 1194
Connection: keep-alive
Last-Modified: Sun, 19 Jul 2020 05:52:26 GMT
ETag: "5f13df9a-4aa"
Accept-Ranges: bytes
begegig.hornydats.com/s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null&callback=jQuery22408991084195006404_1675304612407&_=1675304612408
178.162.199.80200 OK 2.2 kB URL HTTP/1.1 begegig.hornydats.com/s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null&callback=jQuery22408991084195006404_1675304612407&_=1675304612408
IP 178.162.199.80:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (315)
Hash 3881b0561207a21c35241e2e29db8372
fbacb94d314e894f5069fe87de0080c78514c666
dcbcb7f7a1cdcb44d2c26603402b751854c6b2bab4d34442e6655eb00c869a72
GET /s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null&callback=jQuery22408991084195006404_1675304612407&_=1675304612408 HTTP/1.1
Host: begegig.hornydats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://begegig.hornydats.com/s/62d5603fa0da4?subsource=42&ext_click_id=65ed30f7-8dbd-4de5-8892-7516e0f25fe7&sub1=null
Cookie: s=ieHndKXYTP1nZkTUCM8AMnI0idJYV921X%2B%2BL9aOpIZIM4hQ0Xd%2BHYV%2BWnuJF6l8pCaNLGOTevqH406DtTASnWyB%2BNvkRH6NV%2FTdQQiJD4YdVlfi7ctvodDpsDRfwLeAYNcAjeRyySjxp5Ae6HcuELNa4y0kJqsK%2BgaZVrehcow7yq%2BBE587DonNibUgXn9NFTvhHqKq9cYBdv4Bcx7m1XLYjvIhccOYutsp0C2I%2BGeDV4my%2FzDOtDcF7AZ5CQ%2BA2fhG7FcoKRBu3uxZRATaSPzzaGtsUY641All%2FXU6PdPSQO34ohR%2F82qYv5aMdmNeVB%2F0tDW1Mm2E8SpS%2FWinguJQ2UPSM%2FMyhmAHAx6LD2LkuLelk6YyLia0qFUCBoR3uRgrEWySCPlqY6JSLoDL08hhrYtRJ7Xs9BX79FUJTTUdWvj%2F7VhGYyx%2FVxfOCG22Ovui7P%2FY9IDcVwg3n1gjPRtkINosEub%2FJkRWvrw%2BwtzaBHMT%2F8Pvd81XTjcnBXxNCtGnpQCsvgt4A26NA5JwDoAnJWmK9PXslL8Wz9UplQ%2BpFxNPo7ZWedTAbUWkyZN5hWeTDDFYWS8%2FLHY2%2Fi8b%2BLB5cEdI3hZqZ%2Fdp251bgXGWNPIWOLxQvcOWTJI%2FBtOWMNVnWsHS9vn%2BiJ7XR%2Bw6lPhvVDRPceMo6O0EOEiSjAI2uKl%2FbJ3fpvAmNdRqf%2B6mib170A74MFFrdB%2Bp3O0G0x%2Bq6x6VReYgi6CLmvbSaDlxXHlhwrvo3NUFLx2Vk3lFrNRJq6oacdSL5hB8SJW5EG8Lpx5LVCY4rKm3IqQbc4EomBtJ9BUq4TZE6KQDpTXLtkOrveDHjzLb%2FcA3veIov48TDmXt3t85T5Lzsegs%2BT0Bxx8cxcmbk71Rvqn63Oc0I3y2oM4lO9jXhVY2uohBwW7oyQo9fgouMGohKJTF%2ByelSaa05TM5bPbXMtu2yzPuOeuyQIZVvLTy8ewJho0xW%2FJiC0IXeUh69EPmqlS0aAMm9GjwMRk679%2BeY2M7%2FvLAYSj%2B1eb1GD8G6NMZaeYVyRnH2oDiZYIJOcnYdqtFdI2uu0TJMCzGeErh3zT4WYqiblC3OoyhojQX%2BQzShONasophwahXaq6aAsbzmbAmYbu4i0BxdBiFH1h3g8yV2nBb6Z0a7obwWnzVkbqyX5wOkYLYldLmYRQHr5PaTNwV%2FB%2F0PF9n8255wNqSrTmZmQjQIQVd%2Fh9Do8YvZS1MbjIRLcRxg3SkZjQjPOY6WqxXPmjbc%2B%2BKSe6GA%2FkYtxiy%2Fhyr354GkKsIYatwX%2FYKS5AYhdPukH5M4gHTt7rCVbKJ%2F%2B9vNpDbv2p7Wp7nP822i2kM14E3Ikf%2B%2Fy%2BzDiZo9EZFUDxtb8YXx5lljpx54ws3cBMx1eikERrUYzfK3V9E%2Fps2XgfUth5l%2FLUaeR6er2H75QPiRGOHyNR5vurhAGKY66MgwxOzatpTOuPkDocrB7BSXORjC3iWYw%2BEFw41eazAn2r66pBZ7NNcKPe1nndFXSwgbS%2FkDZewBGcBrRMCyJW%2FTCY6Jnva9RxrmYikWKODeqkKrsuzOTWFtYjRfm%2Bv7xSurWfVPjewk1N5e%2FM4ajAfnHhCQJMx%2Bc%2BaGOdT%2BJAF8a5DuL4yjJsk%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Thu, 02 Feb 2023 02:23:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: s=Id3DRI6XRlRxb%2BuGrLUtn1yiSicJKD%2FARYNHfdLixAvw8dV69stlEn%2F3CJrTPHGSWCCDymxn%2F739g9%2B7dU1uqyB%2BNvmnPqtV%2BRxQ5iRLoUbqHofA4biEclHdwN%2BNsPciwyT%2BKCFdtONbTQ3f4Yrd714TRx71GPL%2F0j%2B%2FIkEj%2FJa8xEEKXJLVR0vx%2FANBpkLMxkD1xm%2FQhKaWrZUXyhzNo3WGGfHTQjuCS7YcAgwfnFK42gr9Cn0kS%2BihrFbtxqCrk0IoLBQLSs%2FH2oopgd5ErEVmnZmnrG6G4Fkbm4zqnXufzxlWR%2BwcA8%2FzLzxhIG0m6wC0RwxYGhHedxOieuSoLabPgOwXTvH4YAG6K%2FCnHYwM4VjsHDlzm7nEE%2FLOwsVJnSLa2nHOgYUlHrBXvvImwwK7pgCdhYQB7A4i5y3HgREndyVac1zzYXaGCQVCqaxlSGX%2BMGojBAWhlsCvo0qGS9CLAu69UmWrOzQbm8%2BJIoRDY%2FiN9oAKGExrDkJE7CXP4yZ22CCw1lxvl24xA0miWZg%2Bt4abEwBcx3v4Pmw%2BrL5ftdJPzYOvbL%2BQKsMlCFpF0ah%2FS0bysy%2FrF%2BQMT39zjWqOPfcMnWh5hV9%2FdzYc2lp2gGOehsqMpuaJyMCWLN0ZVfSKI9gCKiDKk5KGm89E84vmDM1uLE70UfAs%2BEqTzeOwUo1RuZn1sTl39D4S5xlQyj3lLpDId%2B1S0aexT4rzO6keZAYjD1tKr8CaBrKcA3gYuAIgRohvhTO2Z6Ae%2Bza4L4mz3DgkQX2mMI3LNa0qd2a2SzTuQSiIvQoR8%2By6cP5JKcA981DEH%2FT8v7jqr8eM4ro9DxtKmtUKzlVG1bD4TJ1OgXRuuaGKaBPMHmx%2FntporAdL8LXLzmLe9pKAAdR7iJW7T2SEoKRXOHQuZagQ6frzTWGJL9DK%2BFynVhM70kCIZ5jhdcXWcIipQZ4dHOkwO0McbHtcjhw%2BKUXpgtyl3RwGENSXEbOPIcOC9xFoAGG0UT91nw9n7iyN%2F9tjO9xY2pE7eLX%2BU5hFkNW4UGiVt1DRHHbTUr%2BnhojDLunMH49aNA8QFIbu7Dhexc2xK3CCQFxtMm7X1%2BQPDVnyAFl1tvfAhltXT2P63XGavN6Avp8lcbGVMILlh6nfNpTZ0vg2NQE7HHJwJVGOtIXJGt6MrZUjlE61VmvvOwndO1ItK1%2B3R2c8BwgGhnqA6lor8vT27I7rnNX4Digqfyaq5e9IdasyXc0kTvz5ePGN11VC6KdMHy3CebHHLlwxfiRjHyI0YsRwNZ4RZ7Bz9RTFuphmP2lUz4AIs1H57BW4TyIfarcWS9k2wHyYjxm%2FKD%2FYvu7kCuiG1CwSfyhzPhNdQnZDA1%2B4%2FsPGaP061QXDKVAKRuTFya0IuXWf6In8pkIdVrUkmiLdIY4%2BBJj4MSl0%2Fkx8unZ3QIvYXCT70xWSIKUTVLdWZAlr0WJLhDf6d0d4Cap05BsniBNVNf8eHD7V8%2F28OEtDl75nGxiDPx72NgMOSYGdVu3GLt0VHrSu%2Be2RhLGcuc4DLbsOr%2FM5ChVC87lwnzL89rsE4Ice2khI%2BYZR7HiBeFtygvjTYFCZ2JOA3IED3ApmEN%2FLFBsMS2HlY8%2BO1U503DUjXr8%2B6mKh4a%2F8INREyb5El7F4Jc2vuZgh2D6OFkS64FQcPX5nYFS%2ByoS6acqUYws2fyRX; expires=Fri, 03-Feb-2023 02:23:08 GMT; Max-Age=86400; path=/; domain=hornydats.com
SID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=hornydats.com
ESID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=hornydats.com
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 604c573da6f79effa2a81e711c14ad9e
322a3a510ca73e124d78e31b49d676ec891a6762
8d2b897fe4251106be9183fa2a6a3b0918cd1f4dcc5f814aa88a630a77b4045c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: 774cebdf-b2bf-4a98-9d2b-e2abd4bd1a2b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BG-hoAMFTSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-234163873ca67e934d684a1d;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uBOoIV3qLgPgjOas4bG9LnzvJyW5AmcxMm7xqxI2keBg3er2G3MldA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:01:31 GMT
etag: "322a3a510ca73e124d78e31b49d676ec891a6762"
content-type: image/jpeg
age: 15703
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2