r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2275
Expires: Sat, 25 Mar 2023 16:20:06 GMT
Date: Sat, 25 Mar 2023 15:42:11 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2525
Expires: Sat, 25 Mar 2023 16:24:16 GMT
Date: Sat, 25 Mar 2023 15:42:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 15:27:45 GMT
content-type: application/json
age: 866
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9393
Expires: Sat, 25 Mar 2023 18:18:44 GMT
Date: Sat, 25 Mar 2023 15:42:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: T/olDQIWm7U0leb9L99yqLEER3+IWBXSgI4Zk0NMKDaEdsZnLqTCHeG341baACieLvoLuK1FEug=
x-amz-request-id: PE64QG07HVZ62ZHP
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 14:54:57 GMT
age: 2834
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:42:11 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 15:17:24 GMT
age: 1487
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 70300b32357c46f3448d567189b64cb3
6ba66a5cf63cdbfeaec59b936151cc812bac56df
5a2b4f9fc5ebaa8062058bf68eae75fc28e06c6ef6a0e79c3c761c1d92f81cb9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A2B4F9FC5EBAA8062058BF68EAE75FC28E06C6EF6A0E79C3C761C1D92F81CB9"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5573
Expires: Sat, 25 Mar 2023 17:15:04 GMT
Date: Sat, 25 Mar 2023 15:42:11 GMT
Connection: keep-alive
duck-duckgo.com/mtm/direct/.eJxlikEOwjAMBP_iYwk1RyjiLSgybhORNMF1pUiIv9flCJfV7Oy-YZUIAyA48DIthkbCIwuLlaBaB8THSs_jHlPpqWS7hLLoffaZ7fS_eiKuapNyUwyak_O1pkheY5mx7ebQfm1O19ft1F9ch92XzvDZAMEfNbs:1pEoqf:kMpkoygIM6D48k1_C0ybPnbEfRk/2
200 OK 23 kB URL HTTP/1.1 duck-duckgo.com/mtm/direct/.eJxlikEOwjAMBP_iYwk1RyjiLSgybhORNMF1pUiIv9flCJfV7Oy-YZUIAyA48DIthkbCIwuLlaBaB8THSs_jHlPpqWS7hLLoffaZ7fS_eiKuapNyUwyak_O1pkheY5mx7ebQfm1O19ft1F9ch92XzvDZAMEfNbs:1pEoqf:kMpkoygIM6D48k1_C0ybPnbEfRk/2
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (57175)
Hash 879f453c0bd157a998cdd5fade1820da
999c78882a9e75848c716f6303dfee3dd4715898
1f308b97fe7bf62df4597e41bb30c99bb280ffdc1a9a6e152b14d415cff25132
Analyzer Verdict Alert fortinet Malware
GET /mtm/direct/.eJxlikEOwjAMBP_iYwk1RyjiLSgybhORNMF1pUiIv9flCJfV7Oy-YZUIAyA48DIthkbCIwuLlaBaB8THSs_jHlPpqWS7hLLoffaZ7fS_eiKuapNyUwyak_O1pkheY5mx7ebQfm1O19ft1F9ch92XzvDZAMEfNbs:1pEoqf:kMpkoygIM6D48k1_C0ybPnbEfRk/2 HTTP/1.1
Host: duck-duckgo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sat, 25 Mar 2023 15:42:11 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZTqWpI6KOXVzQ5KlFEqZkQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DNsblCA1pKqs5Sz20U3SXwcTzq4=
duck-duckgo.com/mtm/direct/.eJxlikEOwjAMBP_iYwk1RyjiLSgybhORNMF1pUiIv9flCJfV7Oy-YZUIAyA48DIthkbCIwuLlaBaB8THSs_jHlPpqWS7hLLoffaZ7fS_eiKuapNyUwyak_O1pkheY5mx7ebQfm1O19ft1F9ch92XzvDZAMEfNbs%3A1pEoqf%3AkMpkoygIM6D48k1_C0ybPnbEfRk/2?gp=1&js=1&uuid=1679758931.0070430417&other_args=eyJ1cmkiOiAiL210bS9kaXJlY3QvLmVKeGxpa0VPd2pBTUJQX2lZd2sxUnlqaUxTZ3liaE9STk1GMXBVaUl2OWZsQ0pmVjdPeS1ZWlVJQXlBNDhESXRoa2JDSXd1TGxhQmFCOFRIU3NfakhsUHBxV1M3aExMb2ZmYVo3ZlNfZWlLdWFwTnlVd3lha19PMXBraGVZNW14N2ViUWZtMU8xOWZ0MUY5Y2g5Mlh6dkRaQU1FZk5iczoxcEVvcWY6a01wa295Z0lNNkQ0OGsxX0MweWJQbmJFZlJrLzIiLCAiYXJncyI6ICIiLCAicmVmZXJlciI6ICIiLCAiYWNjZXB0IjogInRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LGltYWdlL2F2aWYsaW1hZ2Uvd2VicCwqLyo7cT0wLjgifQ==
302 Found 0 B URL HTTP/1.1 duck-duckgo.com/mtm/direct/.eJxlikEOwjAMBP_iYwk1RyjiLSgybhORNMF1pUiIv9flCJfV7Oy-YZUIAyA48DIthkbCIwuLlaBaB8THSs_jHlPpqWS7hLLoffaZ7fS_eiKuapNyUwyak_O1pkheY5mx7ebQfm1O19ft1F9ch92XzvDZAMEfNbs%3A1pEoqf%3AkMpkoygIM6D48k1_C0ybPnbEfRk/2?gp=1&js=1&uuid=1679758931.0070430417&other_args=eyJ1cmkiOiAiL210bS9kaXJlY3QvLmVKeGxpa0VPd2pBTUJQX2lZd2sxUnlqaUxTZ3liaE9STk1GMXBVaUl2OWZsQ0pmVjdPeS1ZWlVJQXlBNDhESXRoa2JDSXd1TGxhQmFCOFRIU3NfakhsUHBxV1M3aExMb2ZmYVo3ZlNfZWlLdWFwTnlVd3lha19PMXBraGVZNW14N2ViUWZtMU8xOWZ0MUY5Y2g5Mlh6dkRaQU1FZk5iczoxcEVvcWY6a01wa295Z0lNNkQ0OGsxX0MweWJQbmJFZlJrLzIiLCAiYXJncyI6ICIiLCAicmVmZXJlciI6ICIiLCAiYWNjZXB0IjogInRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LGltYWdlL2F2aWYsaW1hZ2Uvd2VicCwqLyo7cT0wLjgifQ==
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mtm/direct/.eJxlikEOwjAMBP_iYwk1RyjiLSgybhORNMF1pUiIv9flCJfV7Oy-YZUIAyA48DIthkbCIwuLlaBaB8THSs_jHlPpqWS7hLLoffaZ7fS_eiKuapNyUwyak_O1pkheY5mx7ebQfm1O19ft1F9ch92XzvDZAMEfNbs%3A1pEoqf%3AkMpkoygIM6D48k1_C0ybPnbEfRk/2?gp=1&js=1&uuid=1679758931.0070430417&other_args=eyJ1cmkiOiAiL210bS9kaXJlY3QvLmVKeGxpa0VPd2pBTUJQX2lZd2sxUnlqaUxTZ3liaE9STk1GMXBVaUl2OWZsQ0pmVjdPeS1ZWlVJQXlBNDhESXRoa2JDSXd1TGxhQmFCOFRIU3NfakhsUHBxV1M3aExMb2ZmYVo3ZlNfZWlLdWFwTnlVd3lha19PMXBraGVZNW14N2ViUWZtMU8xOWZ0MUY5Y2g5Mlh6dkRaQU1FZk5iczoxcEVvcWY6a01wa295Z0lNNkQ0OGsxX0MweWJQbmJFZlJrLzIiLCAiYXJncyI6ICIiLCAicmVmZXJlciI6ICIiLCAiYWNjZXB0IjogInRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LGltYWdlL2F2aWYsaW1hZ2Uvd2VicCwqLyo7cT0wLjgifQ== HTTP/1.1
Host: duck-duckgo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://duck-duckgo.com/mtm/direct/.eJxlikEOwjAMBP_iYwk1RyjiLSgybhORNMF1pUiIv9flCJfV7Oy-YZUIAyA48DIthkbCIwuLlaBaB8THSs_jHlPpqWS7hLLoffaZ7fS_eiKuapNyUwyak_O1pkheY5mx7ebQfm1O19ft1F9ch92XzvDZAMEfNbs:1pEoqf:kMpkoygIM6D48k1_C0ybPnbEfRk/2
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Sat, 25 Mar 2023 15:42:12 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://www1.duck-duckgo.com/?tm=1&subid4=1679758932.0101680000&kw=Browser&KW1=Secure%20Web%20Browser&KW2=VPN%20Proxy%20Service&KW3=Network%20Monitoring%20Software%20Tool&searchbox=0&domainname=0&backfill=0
x-mtm-path: 0
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJkdWNrLWR1Y2tnby5jb20iLCJodHRwOi8vd3d3MS5kdWNrLWR1Y2tnby5jb20vP3RtPTEmc3ViaWQ0PTE2Nzk3NTg5MzIuMDEwMTY4MDAwMCZrdz1Ccm93c2VyJktXMT1TZWN1cmUlMjBXZWIlMjBCcm93c2VyJktXMj1WUE4lMjBQcm94eSUyMFNlcnZpY2UmS1czPU5ldHdvcmslMjBNb25pdG9yaW5nJTIwU29mdHdhcmUlMjBUb29sJnNlYXJjaGJveD0wJmRvbWFpbm5hbWU9MCZiYWNrZmlsbD0wIiwxLCIyMDIzLTAzLTI1IDE1OjQyOjEyIiwxLCIxNjc5NzU4OTMyLjAxMDE2ODAwMDAiLDMzOCxudWxsLG51bGxd:1pg620:2g3f_XhljOcSBa0PgyHE_pcOnm8; expires=Sat, 25-Mar-2023 16:42:12 GMT; Max-Age=3600; Path=/
connection: close
www1.duck-duckgo.com/?tm=1&subid4=1679758932.0101680000&kw=Browser&KW1=Secure%20Web%20Browser&KW2=VPN%20Proxy%20Service&KW3=Network%20Monitoring%20Software%20Tool&searchbox=0&domainname=0&backfill=0
200 OK 6.0 kB URL HTTP/1.1 www1.duck-duckgo.com/?tm=1&subid4=1679758932.0101680000&kw=Browser&KW1=Secure%20Web%20Browser&KW2=VPN%20Proxy%20Service&KW3=Network%20Monitoring%20Software%20Tool&searchbox=0&domainname=0&backfill=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1363)
Hash 8e11fcd93e412f3d206b4170424f740b
55a73354829b31ddc63b33a2e6bf9907d3fac462
5045f0d09b2920e7761cbb16d04a2c3e6fa893574f36827c0bc7c01fca426a06
GET /?tm=1&subid4=1679758932.0101680000&kw=Browser&KW1=Secure%20Web%20Browser&KW2=VPN%20Proxy%20Service&KW3=Network%20Monitoring%20Software%20Tool&searchbox=0&domainname=0&backfill=0 HTTP/1.1
Host: www1.duck-duckgo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://duck-duckgo.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 15:42:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket102
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_PtrFTJeWZHLgQUgnWq0+D903OOdTHAFsKfB1IB0MecCQ+i3wPvKkxUa3LQ2CZmyx36qGBStezPoyyDDHZ5OcSg==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Domain: duck-duckgo.com
X-Subdomain: www1
Content-Encoding: gzip
www.google.com/adsense/domains/caf.js?abp=1
200 OK 54 kB URL HTTP/1.1 www.google.com/adsense/domains/caf.js?abp=1
IP
File type ASCII text, with very long lines (2193)
Hash f450096a29d79ac6c5cab6ee7cd48a03
21aee55321473f1bc93c9b12cfd683aae2837b72
1a2036b2d05269fb09597a46c680631852f72e4772beb6e7b616157cde469090
GET /adsense/domains/caf.js?abp=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.duck-duckgo.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Sat, 25 Mar 2023 15:42:12 GMT
Expires: Sat, 25 Mar 2023 15:42:12 GMT
Cache-Control: private, max-age=3600
ETag: "7373613198510658470"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
www1.duck-duckgo.com/track.php?domain=duck-duckgo.com&toggle=browserjs&uid=MTY3OTc1ODkzMi42NDU5Ojk5YzkwZGFhYTg2ZjMxZDZkZTlmMjA4Y2VkMTMyNzI1MWUwZGRlNjQ2OWIyOTM2NzQwZjMxYmEzMTc4Nzk0ZjU6NjQxZjE2NTQ5ZGIwMQ%3D%3D
200 OK 20 B URL HTTP/1.1 www1.duck-duckgo.com/track.php?domain=duck-duckgo.com&toggle=browserjs&uid=MTY3OTc1ODkzMi42NDU5Ojk5YzkwZGFhYTg2ZjMxZDZkZTlmMjA4Y2VkMTMyNzI1MWUwZGRlNjQ2OWIyOTM2NzQwZjMxYmEzMTc4Nzk0ZjU6NjQxZjE2NTQ5ZGIwMQ%3D%3D
IP
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=duck-duckgo.com&toggle=browserjs&uid=MTY3OTc1ODkzMi42NDU5Ojk5YzkwZGFhYTg2ZjMxZDZkZTlmMjA4Y2VkMTMyNzI1MWUwZGRlNjQ2OWIyOTM2NzQwZjMxYmEzMTc4Nzk0ZjU6NjQxZjE2NTQ5ZGIwMQ%3D%3D HTTP/1.1
Host: www1.duck-duckgo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.duck-duckgo.com/?tm=1&subid4=1679758932.0101680000&kw=Browser&KW1=Secure%20Web%20Browser&KW2=VPN%20Proxy%20Service&KW3=Network%20Monitoring%20Software%20Tool&searchbox=0&domainname=0&backfill=0
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 15:42:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9b762efe5751eb25cd26ca67ad6dcf22
661f1247ecc842236957d05747967ec4f20835a2
c51c54e54ffc33cc7643bb0a64da2265f93efaf38838351ec0f2a2fe102efa2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:42:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
200 OK 11 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
IP
File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Hash 0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.duck-duckgo.com/
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11375
Connection: keep-alive
Server: nginx
Date: Sat, 25 Mar 2023 01:22:07 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Accept-Ranges: bytes
ETag: "62b4441b-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5Q8iHEcnTfhrlKsRli6uSy_K1p-H-qjHUjCJRQ5ONjEW5OqhMxIVxA==
Age: 51605
www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet12_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.duck-duckgo.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDFmMTY1NDlkYWVjfHx8MTY3OTc1ODkzMi42NTEzfGNkNzE5OGQ0YTI5MWYxZmM3NzE4MDhlMDg5ZmE5M2E1MmY1ZjJmOWJ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDB8ZXlKemRXSnBaRFFpT2lJeE5qYzVOelU0T1RNeUxqQXhNREUyT0RBd01EQWlmUT09fDg0OGVjMTBhZGNjYzA3N2FlNmVkNjgzMzM4NDM1Y2I2MmE1ZTBhNjV8MHxkcC10ZWFtaW50ZXJuZXQxMl8zcGh8MHww&terms=Secure%20Web%20Browser%2CVPN%20Proxy%20Service%2CNetwork%20Monitoring%20Software%20Tool&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2998993606247471&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3%7Cs&nocache=9471679758946204&num=0&output=afd_ads&domain_name=www1.duck-duckgo.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1679758946205&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=797&frm=0&cl=518347065&uio=--&cont=tc&jsid=caf&jsv=518347065&rurl=http%3A%2F%2Fwww1.duck-duckgo.com%2F%3Ftm%3D1%26subid4%3D1679758932.0101680000%26kw%3DBrowser%26KW1%3DSecure%2520Web%2520Browser%26KW2%3DVPN%2520Proxy%2520Service%26KW3%3DNetwork%2520Monitoring%2520Software%2520Tool%26searchbox%3D0%26domainname%3D0%26backfill%3D0&referer=http%3A%2F%2Fduck-duckgo.com%2F&adbw=master-1%3A530
200 OK 2.7 kB URL HTTP/2 www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet12_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.duck-duckgo.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDFmMTY1NDlkYWVjfHx8MTY3OTc1ODkzMi42NTEzfGNkNzE5OGQ0YTI5MWYxZmM3NzE4MDhlMDg5ZmE5M2E1MmY1ZjJmOWJ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDB8ZXlKemRXSnBaRFFpT2lJeE5qYzVOelU0T1RNeUxqQXhNREUyT0RBd01EQWlmUT09fDg0OGVjMTBhZGNjYzA3N2FlNmVkNjgzMzM4NDM1Y2I2MmE1ZTBhNjV8MHxkcC10ZWFtaW50ZXJuZXQxMl8zcGh8MHww&terms=Secure%20Web%20Browser%2CVPN%20Proxy%20Service%2CNetwork%20Monitoring%20Software%20Tool&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2998993606247471&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3%7Cs&nocache=9471679758946204&num=0&output=afd_ads&domain_name=www1.duck-duckgo.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1679758946205&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=797&frm=0&cl=518347065&uio=--&cont=tc&jsid=caf&jsv=518347065&rurl=http%3A%2F%2Fwww1.duck-duckgo.com%2F%3Ftm%3D1%26subid4%3D1679758932.0101680000%26kw%3DBrowser%26KW1%3DSecure%2520Web%2520Browser%26KW2%3DVPN%2520Proxy%2520Service%26KW3%3DNetwork%2520Monitoring%2520Software%2520Tool%26searchbox%3D0%26domainname%3D0%26backfill%3D0&referer=http%3A%2F%2Fduck-duckgo.com%2F&adbw=master-1%3A530
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7088)
Hash e9b81936bafa490c5d0a3757bf6c6abf
8c14e454d9f6b1bd2a9201d1a5e927daac7b1bfb
2e911f00d068f79c1b809765c195970c255d3cf23105461b7cb2f071ccad8837
GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet12_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.duck-duckgo.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDFmMTY1NDlkYWVjfHx8MTY3OTc1ODkzMi42NTEzfGNkNzE5OGQ0YTI5MWYxZmM3NzE4MDhlMDg5ZmE5M2E1MmY1ZjJmOWJ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDB8ZXlKemRXSnBaRFFpT2lJeE5qYzVOelU0T1RNeUxqQXhNREUyT0RBd01EQWlmUT09fDg0OGVjMTBhZGNjYzA3N2FlNmVkNjgzMzM4NDM1Y2I2MmE1ZTBhNjV8MHxkcC10ZWFtaW50ZXJuZXQxMl8zcGh8MHww&terms=Secure%20Web%20Browser%2CVPN%20Proxy%20Service%2CNetwork%20Monitoring%20Software%20Tool&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2998993606247471&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3%7Cs&nocache=9471679758946204&num=0&output=afd_ads&domain_name=www1.duck-duckgo.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1679758946205&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=797&frm=0&cl=518347065&uio=--&cont=tc&jsid=caf&jsv=518347065&rurl=http%3A%2F%2Fwww1.duck-duckgo.com%2F%3Ftm%3D1%26subid4%3D1679758932.0101680000%26kw%3DBrowser%26KW1%3DSecure%2520Web%2520Browser%26KW2%3DVPN%2520Proxy%2520Service%26KW3%3DNetwork%2520Monitoring%2520Software%2520Tool%26searchbox%3D0%26domainname%3D0%26backfill%3D0&referer=http%3A%2F%2Fduck-duckgo.com%2F&adbw=master-1%3A530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.duck-duckgo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Sat, 25 Mar 2023 15:42:12 GMT
expires: Sat, 25 Mar 2023 15:42:12 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-q3tB5wMHxIlIJlRovRoZPg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2671
x-xss-protection: 0
set-cookie: CONSENT=PENDING+809; expires=Mon, 24-Mar-2025 15:42:12 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a3bb632b19e8593edf3bc8edd8988aea
a003467155f24c2636eb7704d23ba3ae069ba23b
d20e64937f9efc1a8a62bebb0036f4b0259b00dfc1a958b6b2a0c08dafc0f2f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:42:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www1.duck-duckgo.com/favicon.ico
200 OK 0 B URL HTTP/1.1 www1.duck-duckgo.com/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www1.duck-duckgo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.duck-duckgo.com/?tm=1&subid4=1679758932.0101680000&kw=Browser&KW1=Secure%20Web%20Browser&KW2=VPN%20Proxy%20Service&KW3=Network%20Monitoring%20Software%20Tool&searchbox=0&domainname=0&backfill=0
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 15:42:13 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
partner.googleadservices.com/gampad/cookie.js?domain=www1.duck-duckgo.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie
200 OK 242 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www1.duck-duckgo.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie
IP
File type ASCII text, with very long lines (370), with no line terminators
Hash 37706fb35b35b9365fe3cdfe05c937ad
cfa282522af2e6571821df95ed4dd9821464678e
a3e2d1dae2f97c5b08a90c2c5714c5b1cba0a1fd2fa86a7b983999457c7a43ce
GET /gampad/cookie.js?domain=www1.duck-duckgo.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.duck-duckgo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 25 Mar 2023 15:42:13 GMT
server: cafe
cache-control: private
content-length: 242
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f0f306ea49f1bd3f358f7579513e7377
c2845c696f6685a211bc040895d28ebf23fa1bc0
cda7588d5040ef3c8e83955838618a0ed0a6ee242d24abf5af697b2289fc8bdb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:42:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9211052ef1bbc2fb3ff962abc8255c84
8710df14581fd8ddcb77bb70994eda60906200a7
7dc5595fcaaeb86b0c23cd0c43242c435213f697063c64c5b273b782a50bf918
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:42:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www1.duck-duckgo.com/ls.php?t=641f1654&token=848ec10adccc077ae6ed683338435cb62a5e0a65
201 Created 16 B URL HTTP/1.1 www1.duck-duckgo.com/ls.php?t=641f1654&token=848ec10adccc077ae6ed683338435cb62a5e0a65
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /ls.php?t=641f1654&token=848ec10adccc077ae6ed683338435cb62a5e0a65 HTTP/1.1
Host: www1.duck-duckgo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.duck-duckgo.com/?tm=1&subid4=1679758932.0101680000&kw=Browser&KW1=Secure%20Web%20Browser&KW2=VPN%20Proxy%20Service&KW3=Network%20Monitoring%20Software%20Tool&searchbox=0&domainname=0&backfill=0
Cookie: GoogleAdServingTest=Good
HTTP/1.1 201 Created
Date: Sat, 25 Mar 2023 15:42:13 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 641f1654c69c7a42e52aad11
Charset: utf-8
Access-Control-Allow-Origin:
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_o5NoOni+d205jVAPMt5YNuOwAekrG0U+nYIeAjp+KtaG889sdKPQiZfwjWGLYM0EdQciqHNpNfcPZbK6JglgWw==
www.google.com/adsense/domains/caf.js
200 OK 54 kB URL HTTP/2 www.google.com/adsense/domains/caf.js
IP
Hash dcb7192adf66f44ad86d12cc05caf46f
fa95aca0fa71406f277698c8ad090ede9c27fac4
a8e9be29cc01edbddcdba2249eb476d77e56f3579c1ac17eb2fbbf6de97c3448
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 25 Mar 2023 15:42:13 GMT
expires: Sat, 25 Mar 2023 15:42:13 GMT
cache-control: private, max-age=3600
etag: "8987234538214134340"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6bf50de33fa4848356df525bdb17a561
27b65ad48ed6b14b616579a54fb53f1ddd69e399
3f8b5445c77d3191ac7d9729fa0898620185af043f8e353d9db1349a6bea49f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:42:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
200 OK 270 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash 5100391430a00e10ce60aa159f525b5c
231a4492d73b225f441b1e9028dc33c89862e498
52b1432a6e3002e41ed1d8f4c84b258fdc4c6dac863e3c0e5c06360c81be6067
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 25 Mar 2023 15:05:14 GMT
expires: Sun, 26 Mar 2023 14:05:14 GMT
cache-control: public, max-age=82800
age: 2219
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
200 OK 174 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 25 Mar 2023 13:05:11 GMT
expires: Sun, 26 Mar 2023 12:05:11 GMT
cache-control: public, max-age=82800
age: 9422
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www1.duck-duckgo.com/track.php?domain=duck-duckgo.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3OTc1ODkzMi42NDU5Ojk5YzkwZGFhYTg2ZjMxZDZkZTlmMjA4Y2VkMTMyNzI1MWUwZGRlNjQ2OWIyOTM2NzQwZjMxYmEzMTc4Nzk0ZjU6NjQxZjE2NTQ5ZGIwMQ%3D%3D
200 OK 20 B URL HTTP/1.1 www1.duck-duckgo.com/track.php?domain=duck-duckgo.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3OTc1ODkzMi42NDU5Ojk5YzkwZGFhYTg2ZjMxZDZkZTlmMjA4Y2VkMTMyNzI1MWUwZGRlNjQ2OWIyOTM2NzQwZjMxYmEzMTc4Nzk0ZjU6NjQxZjE2NTQ5ZGIwMQ%3D%3D
IP
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=duck-duckgo.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3OTc1ODkzMi42NDU5Ojk5YzkwZGFhYTg2ZjMxZDZkZTlmMjA4Y2VkMTMyNzI1MWUwZGRlNjQ2OWIyOTM2NzQwZjMxYmEzMTc4Nzk0ZjU6NjQxZjE2NTQ5ZGIwMQ%3D%3D HTTP/1.1
Host: www1.duck-duckgo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.duck-duckgo.com/?tm=1&subid4=1679758932.0101680000&kw=Browser&KW1=Secure%20Web%20Browser&KW2=VPN%20Proxy%20Service&KW3=Network%20Monitoring%20Software%20Tool&searchbox=0&domainname=0&backfill=0
Cookie: __gsas=ID=0aa117cd9aecb333:T=1679758933:S=ALNI_Mbo7fJ4Agrirj1ijpZsFYg6Lym-Zw
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 15:42:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a229e13ab0262306e8233705569c7866
d389ff1fc114c031f85a57a9ebf1845ead515e38
9865a8767eed63858b778ab5774d5ae48fc46d0adcb1693c76eabb9ad9e81bc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:42:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13392
Expires: Sat, 25 Mar 2023 19:25:25 GMT
Date: Sat, 25 Mar 2023 15:42:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13392
Expires: Sat, 25 Mar 2023 19:25:25 GMT
Date: Sat, 25 Mar 2023 15:42:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13392
Expires: Sat, 25 Mar 2023 19:25:25 GMT
Date: Sat, 25 Mar 2023 15:42:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13392
Expires: Sat, 25 Mar 2023 19:25:25 GMT
Date: Sat, 25 Mar 2023 15:42:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aecd210f66f83c73c3450d047ae7448a
d68861e96e12e8a3f293dbae8b687f05b6e15afb
22b69c41c56e5538d91f824d5dc2e63ab5563f99ae8e429c9166f4b397cacd0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5296
x-amzn-requestid: 11fdf0c8-244c-4cd5-bfa7-4c77d777174f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiuzEqkIAMFXOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17f8-5c241d63598dbf595b54ead5;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:36:56 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: b1KWFmKdRQ4DU0v5JmC7AJatpv2B5FAHKVWL7pFiyh13fqYDA5qydA==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:57:13 GMT
age: 63900
etag: "d68861e96e12e8a3f293dbae8b687f05b6e15afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd191e3a122d6e31f81e6e9d434c58d6
aec88022970c93289434f8097e4a663da33e5271
1f00c901ef479637ec703d7924526a970cb13dd2635b2bbb68b285df9d98e011
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6185
x-amzn-requestid: 223de50b-9a7e-4ac7-9305-336658eec4ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiwYHoLoAMFXtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e1802-226bd8524ade75234053ff50;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:37:06 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Ye0ADORg1hFVLxcNVj-qS60tlfguOEtyTx_XFU4ooJOcDHqNsqV3kw==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:57:14 GMT
age: 63899
etag: "aec88022970c93289434f8097e4a663da33e5271"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: I3GuoZ4ZxAtz0sKe3wrW67aitLlCAbaZkiPw23fl0F3FoumJDEnXiQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 05:56:24 GMT
age: 35149
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73f9697594d173d623b331b5c35eab8d
6323f751f6b7517f062a0442480f672086ea02a1
116cb71658b31e87f19c390b242c684f6505cc8edf90b7fc934ac726fc7ddd18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8635
x-amzn-requestid: fc715b03-f48f-4300-b752-ab157a684f08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTihcETyIAMFhYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17a2-68f685ec0f50dae026ea3f64;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: i6dsVaC_gPijsRqh_EL5tZYZpjNEbQJvKIpPq501TIJZzcLUWeRz9w==
via: 1.1 ba490acb2ea716cd57876286ed686786.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:45:56 GMT
age: 64577
etag: "6323f751f6b7517f062a0442480f672086ea02a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5773974a7341690f006b052ad02c94db
1b11316c952e2195da1646dd94671669e7e3bc2b
a06b72138745500cacc919fea29536ebd4188a1c483f6123e3402458e299f16a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7800
x-amzn-requestid: bad99b1e-3923-4de9-8bea-4dd04e96f7cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTigfFGcIAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e179c-0826b92d4c4af16553503600;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 9AGLmjvUSTKIsYIWECOR8QwdF4PP1tP1TweUm0VYvxQ0qskqj3YuLA==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:43:53 GMT
age: 64700
etag: "1b11316c952e2195da1646dd94671669e7e3bc2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b6f4d1-af89-4aaf-acec-609bb76366de.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b6f4d1-af89-4aaf-acec-609bb76366de.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70169fbc493bf12f91f072aa3a30ddde
4cd24b81bd6ade3ab5ff90fc88b0f7497e93391d
8b5fc3c8421d5696522231c3490a0853709897f5c9b645bd5e84398cf84089aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b6f4d1-af89-4aaf-acec-609bb76366de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12071
x-amzn-requestid: 02bb2a93-c0aa-4d43-aa99-759a0418bc20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTigfGHYoAMF8BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e179c-2258162e1901b5cd6e7144d3;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: n7Xm67vDO9_X3Xoe2HXJs4Y9dLE6cZgx16lmW7c3KHv-sOg7rZo9wg==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:47:23 GMT
age: 64490
etag: "4cd24b81bd6ade3ab5ff90fc88b0f7497e93391d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
45.33.2.79
23.36.77.32