r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15840
Expires: Sun, 05 Feb 2023 08:42:50 GMT
Date: Sun, 05 Feb 2023 04:18:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7177
Expires: Sun, 05 Feb 2023 06:18:27 GMT
Date: Sun, 05 Feb 2023 04:18:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19037
Expires: Sun, 05 Feb 2023 09:36:08 GMT
Date: Sun, 05 Feb 2023 04:18:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KDtLdHTpgaSSzEPOTRMgKS2S6LXJvj06DC18s9azr5NT13owjjuujt0dsgYwfB89A9RZ/Q4YD14=
x-amz-request-id: HKADVRZDYA48SWZN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 03:24:18 GMT
age: 3273
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 03:33:54 GMT
content-type: application/json
age: 2697
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 04:18:51 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
yourmy.monster/image.php?id=DXHOR7.zip
52.173.151.229302 Found 0 B URL HTTP/1.1 yourmy.monster/image.php?id=DXHOR7.zip
IP 52.173.151.229:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /image.php?id=DXHOR7.zip HTTP/1.1
Host: yourmy.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Feb 2023 04:18:51 GMT
Server: Apache
Location: https://grabify.world/image.php?id=DXHOR7.zip
Status: 301 Moved Permanently
cf-cache-status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 56137e603e72eeba
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 03:49:07 GMT
age: 1784
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16035
Expires: Sun, 05 Feb 2023 08:46:06 GMT
Date: Sun, 05 Feb 2023 04:18:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3d6671e6e423ecc7ab4bb0a190e1115b
9c107dee6ada424660d56d7c3987edfd1fd6b092
d6e94028a77cb140b26badb2bc1fd482efa6c346bb0d920d4b950b055d3a7c39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 04:18:51 GMT
Server: ECS (amb/6BA5)
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3d6671e6e423ecc7ab4bb0a190e1115b
9c107dee6ada424660d56d7c3987edfd1fd6b092
d6e94028a77cb140b26badb2bc1fd482efa6c346bb0d920d4b950b055d3a7c39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 04:18:51 GMT
Last-Modified: Sun, 05 Feb 2023 04:18:51 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
push.services.mozilla.com/
44.239.226.203101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.239.226.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4wzefkB5JybVBos/PWWEAA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9gx6fYA1RxpSpaMF+6IJQ68087M=
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 0324165b6d740a0704f03feef8b212c6
9fe72d57377d959f71b38b36983c5234caa24fc2
4d3831b082fdc822efcbe74db0127f6c475e803210e64dba146ae32e8a37dc92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=131757
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 04:18:51 GMT
Etag: "63de8dd8-116"
Expires: Mon, 06 Feb 2023 16:54:48 GMT
Last-Modified: Sat, 04 Feb 2023 16:54:48 GMT
Server: nginx
Content-Length: 278
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10361
Expires: Sun, 05 Feb 2023 07:11:34 GMT
Date: Sun, 05 Feb 2023 04:18:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10361
Expires: Sun, 05 Feb 2023 07:11:34 GMT
Date: Sun, 05 Feb 2023 04:18:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10361
Expires: Sun, 05 Feb 2023 07:11:34 GMT
Date: Sun, 05 Feb 2023 04:18:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F626efb39-4b90-4979-bc7d-1a1ba9e7fc73.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F626efb39-4b90-4979-bc7d-1a1ba9e7fc73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eaca60722d35484e7cad5e6521465c75
470c81f1cab13436da9f94e97bb152fc9d01ad04
8c75170cdf9f6b97aef972568348aa4e6d67486ad1fdb7aa9d346e1cc8ae9df7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F626efb39-4b90-4979-bc7d-1a1ba9e7fc73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9290
x-amzn-requestid: 5ed93026-d87a-4c82-81ce-8faa9e8dba60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsnFtFVUoAMF6Bw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db5224-0e5fea32709d6f665f6b09db;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 06:03:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AD5rpaPGI6jezDtJBS7-XTUoJQetiG6yyo6VbDfBYzk9RwPNYN5h2Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 20:04:29 GMT
age: 29664
etag: "470c81f1cab13436da9f94e97bb152fc9d01ad04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75caf9549ac23c827c10d6baabb84884
e8391e4046acb91cd4a6113974fda1c44dcd3865
a01e3a9aaa0b0fa156303bcbf38c1c45ea6abe8d0a052734b05ea4da82f176c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7060
x-amzn-requestid: 9379b64e-3a3f-4b8d-aba2-bc3cd7dab98f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3cgFCkIAMFrhA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c4f-6ac6da215407497043249929;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:51 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 75uKxGlJDSXzIUgR5Rm4f13SClTT1UIDLgbkTrFDEDvKmGmViQ3Djg==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:25:50 GMT
age: 21183
etag: "e8391e4046acb91cd4a6113974fda1c44dcd3865"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7fff69db25a1c7a3fbe154a3c80ac5aa
638e08807f73b70ab87b804816f9eb3e8dd2aa74
be96b347ba90dda9c39975077d963ff875831a14a4269e28edc0d2f80928bba6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: af4c4533-48b8-4b02-951a-3e61933fb126
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3fyFrMoAMFr_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c64-0346b30d0ded67912070f671;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IJBXK8DSlmaj48MVSTo-8A69jOe3x2cvnZYRLfyXZ7jZWqsMbTZsEg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:26 GMT
age: 23727
etag: "638e08807f73b70ab87b804816f9eb3e8dd2aa74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef803fc0-c789-4c2b-8cb2-33bef88abc9c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef803fc0-c789-4c2b-8cb2-33bef88abc9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbb38d805862a1b3081eebf256e0dae0
4a5cb01390d897be8721cd4551c74d0452aff640
02443891d0533f37fe38b16febafc86fa64c457dc1827b97ec535d623486d549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef803fc0-c789-4c2b-8cb2-33bef88abc9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8691
x-amzn-requestid: 51bb839e-c32c-4be9-9f38-7f8044160e70
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsLgFPqIAMFfww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d22716-3794126b47a79aed27e1aac4;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:09:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9du1ien5j1WSLplBzT5AAV-xIPKNgg4-8tdjux_iEGXNGaCcj29Xog==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 10:04:17 GMT
age: 65676
etag: "4a5cb01390d897be8721cd4551c74d0452aff640"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6e4dfe8-8de0-4ffd-85a4-544a7e82f052.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6e4dfe8-8de0-4ffd-85a4-544a7e82f052.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d907b978dc107f6e95182eee954462a
29a73442173f75b4f3413e2c6459e8448b1cc33f
8268fb8aa86182e7c2113709cce8f559ac8cc831e12cfd7a75c67f30c69808a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6e4dfe8-8de0-4ffd-85a4-544a7e82f052.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: a9d8e72b-b943-4c6d-a01c-7b7b65da6ee4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzXDqG-eIAMFbTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de054a-778199ce1db9fa1b73a9d4ec;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:12:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CyZUnEQ1l6j1CZCVM63GYbV6mAnhjW3kh4E5M07jH6d3t4mwhSK4hw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:07:48 GMT
age: 22265
etag: "29a73442173f75b4f3413e2c6459e8448b1cc33f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3e7140400336984afc6093c1246f863
59e0b21cdf4cfdac3f1ea05badd007727939ac42
4d927e74922159db5d07b9947fa1021cff74bb7b55759960cb3941d05c1e8f11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9579
x-amzn-requestid: 377c182d-43e8-4251-8731-6364d29fb955
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRFs0oAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-1ad3e68f50fc15707ec0406a;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sUtUjqOLpq42m22bLgmLggmPbtatZC01og_xzkVI1o8rJtAnvhvqHA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 14:15:26 GMT
age: 50607
etag: "59e0b21cdf4cfdac3f1ea05badd007727939ac42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 0324165b6d740a0704f03feef8b212c6
9fe72d57377d959f71b38b36983c5234caa24fc2
4d3831b082fdc822efcbe74db0127f6c475e803210e64dba146ae32e8a37dc92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4
Cache-Control: max-age=131757
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 04:18:55 GMT
Etag: "63de8dd8-116"
Expires: Mon, 06 Feb 2023 16:54:52 GMT
Last-Modified: Sat, 04 Feb 2023 16:54:48 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 04:18:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 04:18:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 04:18:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.gstatic.com/docs/documents/images/kix-favicon7.ico
142.250.74.131200 OK 549 B URL HTTP/2 ssl.gstatic.com/docs/documents/images/kix-favicon7.ico
IP 142.250.74.131:0
File type MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash b388b49001afbd4644918813dc585706
2faa49b88777917144bb523a5ac838f7e3f7265d
ce90b85cd9a0c85f0c1875f5ddbc5a5230cdd8a3795a9de0c751e876b61f4a3f
GET /docs/documents/images/kix-favicon7.ico HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-length: 549
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 15:58:23 GMT
expires: Sat, 03 Feb 2024 15:58:23 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/x-icon
age: 130834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 04:18:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.gstatic.com/docs/common/material_common_sprite475.svg
142.250.74.131200 OK 111 kB URL HTTP/2 ssl.gstatic.com/docs/common/material_common_sprite475.svg
IP 142.250.74.131:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (828)
Size 111 kB (111355 bytes)
Hash f5eda80bcc10b67cb9cad82ea25cd0fd
20ba7c87a0cbbcaa014a621eac75b23fee2781c1
9bdc9f559a16882a10cf862b2991683ac0850c7ea112aebc16497f9d9e194a2b
GET /docs/common/material_common_sprite475.svg HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-length: 111355
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 14:43:12 GMT
expires: Wed, 31 Jan 2024 14:43:12 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 16:08:00 GMT
content-type: image/svg+xml
age: 394545
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/og/_/js/k=og.qtm.en_US.5_mdVUF1WKE.es5.O/rt=j/m=qabr,q_dnp,qapid/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTvqzArM6rjqBj9PfAKqzyX8TDz3FA
216.58.211.3200 OK 33 kB URL HTTP/2 www.gstatic.com/og/_/js/k=og.qtm.en_US.5_mdVUF1WKE.es5.O/rt=j/m=qabr,q_dnp,qapid/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTvqzArM6rjqBj9PfAKqzyX8TDz3FA
IP 216.58.211.3:0
File type ASCII text, with very long lines (1283)
Hash 3437296b16d90eb8602f23ad404a8d6d
3ae324dd73b9084db4fc5afbc46e6a9d75949edc
1246c46e4600c5ab91ef5b215b2f122a02343a7e4fd7a457b77f0fa2ff6ad416
GET /og/_/js/k=og.qtm.en_US.5_mdVUF1WKE.es5.O/rt=j/m=qabr,q_dnp,qapid/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTvqzArM6rjqBj9PfAKqzyX8TDz3FA HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-length: 32781
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:30:35 GMT
expires: Thu, 01 Feb 2024 07:30:35 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 28 Jan 2023 02:37:17 GMT
content-type: text/javascript; charset=UTF-8
age: 334102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 4b89c5c00cc87658461f2b7f7b4286d7
4ebc7969c342e80d97cbc96c397f9f90789d6124
93ced48af967cdfd78f47bb15ee0ac4c4600754a9cfc984dd268b9a7d1ac2451
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 04:18:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 809a7850a3128b4f377ac5af280b3e6c
811eb0840ea685aa7abdc954bd7b1ca9c3bc262d
a634b51e8c436173f4d06fe162b0e2164d12600ac8e6c0c32c0fa01c64db10a4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 04:18:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.3R2S2iMRC9o.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-ukmJKpOYaCGRb909wNTowBRXFA/cb=gapi.loaded_0
216.58.207.206200 OK 38 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.3R2S2iMRC9o.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-ukmJKpOYaCGRb909wNTowBRXFA/cb=gapi.loaded_0
IP 216.58.207.206:0
File type ASCII text, with very long lines (1448)
Hash 8b7b7fbb3b03a6363147f827f1c7548c
1989538f1b6d6f4adebcc4752e2851d87dda996d
42f93e826e154983acb5940d49ea3d36dfb20b2c169867754bfb7ffb2d74e79e
GET /_/scs/abc-static/_/js/k=gapi.gapi.en.3R2S2iMRC9o.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-ukmJKpOYaCGRb909wNTowBRXFA/cb=gapi.loaded_0 HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Cookie: __Secure-ENID=10.SE=GxufxVQzNzzjiUYknOmFIUbHvHvCc6dzvjVm_bRZGr43uayKyWEmLajyJxKo81B7Vwf0_hGZhxBJws-UUOpvF-yz08yLJzgNbc4FFMKPtwkWcZ63t-7dtc6IqxWsVsDag1PBbZLobaO4zZH9Hc8Qozl3q2wyrUotPOnkYfSJMfk; CONSENT=PENDING+883; NID=511=ruIbLZND5TaGrVS_DoflPZnfw9ZVyqIaBXptsPYxpfqlkRrshxOpyIVdu6CuPRpt5EbCfuWx9G9WbD4rcxbGKsBYX5raY84vUb9Nq_2N1T3o1MP1oogRyExM6wCnhKxmRyuvySCZhTLqn5c6VkPYkKDMUhMFIZJQ9cEDI4_x8pY; AEC=ARSKqsJwS288dnet5ECxqsBtMcOZ1Zmg2K6YKTHrLl37wjsDUkLqPTZwJIg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 37983
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 04:19:11 GMT
expires: Fri, 02 Feb 2024 04:19:11 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 07 Jan 2023 15:18:57 GMT
content-type: text/javascript; charset=UTF-8
age: 259186
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh4.googleusercontent.com/Lt-3WFWTuzxYvUhgm4HF3jk9eYgDBrsAzy37_c98DDv0VOL101CvYZvMgPzIxB3fgidIWwsXQqT4P5F7pwVVVRR5xM-bPh3DgPLb6SNDib1YcFPinmkeynYHd8cJ19ICIFlAfFIBB-yv8Gk
216.58.211.1200 OK 62 kB URL HTTP/2 lh4.googleusercontent.com/Lt-3WFWTuzxYvUhgm4HF3jk9eYgDBrsAzy37_c98DDv0VOL101CvYZvMgPzIxB3fgidIWwsXQqT4P5F7pwVVVRR5xM-bPh3DgPLb6SNDib1YcFPinmkeynYHd8cJ19ICIFlAfFIBB-yv8Gk
IP 216.58.211.1:0
File type PNG image data, 275 x 183, 8-bit/color RGB, non-interlaced\012- data
Hash 0702796a4260809b4e0913f1cf419e7d
a754627aa7d9368a19a002cc14aa6f301442f4d4
54bc6f90e6729ee19cf229b808a172fcfb4e5041f4c7f175a8a042e2d0017bd0
GET /Lt-3WFWTuzxYvUhgm4HF3jk9eYgDBrsAzy37_c98DDv0VOL101CvYZvMgPzIxB3fgidIWwsXQqT4P5F7pwVVVRR5xM-bPh3DgPLb6SNDib1YcFPinmkeynYHd8cJ19ICIFlAfFIBB-yv8Gk HTTP/1.1
Host: lh4.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Mon, 06 Feb 2023 04:18:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 04:18:57 GMT
server: fife
content-length: 62492
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 4b89c5c00cc87658461f2b7f7b4286d7
4ebc7969c342e80d97cbc96c397f9f90789d6124
93ced48af967cdfd78f47bb15ee0ac4c4600754a9cfc984dd268b9a7d1ac2451
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 04:18:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh4.googleusercontent.com/B8HoC27OaPypz4B20vK5hcIjPkTbWGQ7dFm705AW-WONlqkwVzeT9xMS12-bCxxobuV_Rnux3iybVM64TMWlDVuyluSz2skhztz0jNZi-Ou6tC1k38D_jM-ivoi_60hsq9jVTLIjjPuXXAI
216.58.211.1200 OK 71 kB URL HTTP/2 lh4.googleusercontent.com/B8HoC27OaPypz4B20vK5hcIjPkTbWGQ7dFm705AW-WONlqkwVzeT9xMS12-bCxxobuV_Rnux3iybVM64TMWlDVuyluSz2skhztz0jNZi-Ou6tC1k38D_jM-ivoi_60hsq9jVTLIjjPuXXAI
IP 216.58.211.1:0
File type PNG image data, 225 x 225, 8-bit/color RGB, non-interlaced\012- data
Hash 04f6b7b7deb0956dcead3c82b76b5a29
5b516fe8965265eba5a38a7468260114b440294d
51f1214e9d66f7c10b847ad4ea62eadbd271c374380c822dc2f1288444cfc7aa
GET /B8HoC27OaPypz4B20vK5hcIjPkTbWGQ7dFm705AW-WONlqkwVzeT9xMS12-bCxxobuV_Rnux3iybVM64TMWlDVuyluSz2skhztz0jNZi-Ou6tC1k38D_jM-ivoi_60hsq9jVTLIjjPuXXAI HTTP/1.1
Host: lh4.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Mon, 06 Feb 2023 04:18:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 04:18:58 GMT
server: fife
content-length: 71023
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh5.googleusercontent.com/bV7H9oPZjoCzIxYnibNP_uexMzrV9d81rJROLjn860c4Ia0PiBFYMFHd8L0-9uVaWvAtCN5Q8Q9SpD2MhcDH4FKrogv2yc8wrxVplVp5AeOTjheZ7J_F85CYXmk5qogEf616jNrU1ukTFko
216.58.211.1200 OK 46 kB URL HTTP/2 lh5.googleusercontent.com/bV7H9oPZjoCzIxYnibNP_uexMzrV9d81rJROLjn860c4Ia0PiBFYMFHd8L0-9uVaWvAtCN5Q8Q9SpD2MhcDH4FKrogv2yc8wrxVplVp5AeOTjheZ7J_F85CYXmk5qogEf616jNrU1ukTFko
IP 216.58.211.1:0
File type PNG image data, 259 x 194, 8-bit/color RGB, non-interlaced\012- data
Hash 5c519d7993b030b9867622d7a6121c3f
501b3b18a50f6b123f3a313f12800d7a203ede50
11eecc3f44c8550ea6e1056efa4548acf9f04649c8ee6b4e5d77396798592ff9
GET /bV7H9oPZjoCzIxYnibNP_uexMzrV9d81rJROLjn860c4Ia0PiBFYMFHd8L0-9uVaWvAtCN5Q8Q9SpD2MhcDH4FKrogv2yc8wrxVplVp5AeOTjheZ7J_F85CYXmk5qogEf616jNrU1ukTFko HTTP/1.1
Host: lh5.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Mon, 06 Feb 2023 04:18:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 04:18:58 GMT
server: fife
content-length: 46448
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh6.googleusercontent.com/Cg490v6LA0UczJfpzVJilH-IlUZ_kuwuAngim9iSFZTsM1nX2B-47Z0eJL45zjBK9bhvTL6O7q18_lNiwDklXTCUY0JqWT89abMicBurPPA8OeicLvOXf3z9G6Lxr9yABnfS6tqATxBw1cU
216.58.211.1200 OK 84 kB URL HTTP/2 lh6.googleusercontent.com/Cg490v6LA0UczJfpzVJilH-IlUZ_kuwuAngim9iSFZTsM1nX2B-47Z0eJL45zjBK9bhvTL6O7q18_lNiwDklXTCUY0JqWT89abMicBurPPA8OeicLvOXf3z9G6Lxr9yABnfS6tqATxBw1cU
IP 216.58.211.1:0
File type PNG image data, 273 x 184, 8-bit/color RGB, non-interlaced\012- data
Hash f25637ee22ea21ea6111a84525b92b2e
8791736fc164ab24fd160d26d6ad6bf2ac7546ff
c6eb0980b239bdb2e93e31728ba160a4be1348f94c7a146a096d143e6a8d1ef9
GET /Cg490v6LA0UczJfpzVJilH-IlUZ_kuwuAngim9iSFZTsM1nX2B-47Z0eJL45zjBK9bhvTL6O7q18_lNiwDklXTCUY0JqWT89abMicBurPPA8OeicLvOXf3z9G6Lxr9yABnfS6tqATxBw1cU HTTP/1.1
Host: lh6.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Mon, 06 Feb 2023 04:18:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 04:18:58 GMT
server: fife
content-length: 84527
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh6.googleusercontent.com/WdPe0SClxUuAaiPgbAOTnraQMEG5vAny9Xgg9C8qYM5-kiyadsKe0wbmkDsd-N0wGhoQicW9bqvZQlYjlU3pndOT20_hDojeoOFFgwMrh2q-kKUFI_aMEk-xYRUDE44cbLETDfAv888iXvA
216.58.211.1200 OK 49 kB URL HTTP/2 lh6.googleusercontent.com/WdPe0SClxUuAaiPgbAOTnraQMEG5vAny9Xgg9C8qYM5-kiyadsKe0wbmkDsd-N0wGhoQicW9bqvZQlYjlU3pndOT20_hDojeoOFFgwMrh2q-kKUFI_aMEk-xYRUDE44cbLETDfAv888iXvA
IP 216.58.211.1:0
File type PNG image data, 195 x 258, 8-bit/color RGB, non-interlaced\012- data
Hash 5c3a0a9169917a6ddcf06747878a7b35
1ff8e8793ba0bd4aa609786ad976bae9990d9374
c18ed65202ac39602a1902b90339dd2181bf9563c228745a59848c4ed22aa107
GET /WdPe0SClxUuAaiPgbAOTnraQMEG5vAny9Xgg9C8qYM5-kiyadsKe0wbmkDsd-N0wGhoQicW9bqvZQlYjlU3pndOT20_hDojeoOFFgwMrh2q-kKUFI_aMEk-xYRUDE44cbLETDfAv888iXvA HTTP/1.1
Host: lh6.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Mon, 06 Feb 2023 04:18:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 04:18:58 GMT
server: fife
content-length: 49289
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh5.googleusercontent.com/xRUTL1Ukf7zS0hqbLLft3b7SgqktP3K5xCN9mn-Gyi59EQHEc2_LKTlxv00ttJ2FGi9etj3YvR2pdKQ3Wdsf8MZrNAaWtLhf_9JjE8-4oTMZc-9P1jLS38z3ceEfS7Frz2H01v3_AoBzvy4
216.58.211.1200 OK 77 kB URL HTTP/2 lh5.googleusercontent.com/xRUTL1Ukf7zS0hqbLLft3b7SgqktP3K5xCN9mn-Gyi59EQHEc2_LKTlxv00ttJ2FGi9etj3YvR2pdKQ3Wdsf8MZrNAaWtLhf_9JjE8-4oTMZc-9P1jLS38z3ceEfS7Frz2H01v3_AoBzvy4
IP 216.58.211.1:0
File type PNG image data, 202 x 250, 8-bit/color RGB, non-interlaced\012- data
Hash b72b5f16afab1aad3ec42a5832046050
c38f291495bec40011e696d4d2e700df47db49fd
68a91deafd31694a91ad5c2b338e24995a42a17fa0ee7e1fdf05a081d96842ea
GET /xRUTL1Ukf7zS0hqbLLft3b7SgqktP3K5xCN9mn-Gyi59EQHEc2_LKTlxv00ttJ2FGi9etj3YvR2pdKQ3Wdsf8MZrNAaWtLhf_9JjE8-4oTMZc-9P1jLS38z3ceEfS7Frz2H01v3_AoBzvy4 HTTP/1.1
Host: lh5.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Mon, 06 Feb 2023 04:18:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 04:18:58 GMT
server: fife
content-length: 77188
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 18e91fdb704902eff76068ca8fc0e9f7
5737dc79a38469c950be517e04e589972a10a93d
5d764e6bbe991be9307998f0a633c556b681ebbca5b90a45e0802ed92784a9a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 04:18:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 18e91fdb704902eff76068ca8fc0e9f7
5737dc79a38469c950be517e04e589972a10a93d
5d764e6bbe991be9307998f0a633c556b681ebbca5b90a45e0802ed92784a9a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 04:18:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
peoplestack-pa.clients6.google.com/$rpc/peoplestack.PeopleStackAutocompleteService/Autocomplete
142.250.74.74200 OK 0 B URL HTTP/2 peoplestack-pa.clients6.google.com/$rpc/peoplestack.PeopleStackAutocompleteService/Autocomplete
IP 142.250.74.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/peoplestack.PeopleStackAutocompleteService/Autocomplete HTTP/1.1
Host: peoplestack-pa.clients6.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://docs.google.com/
Origin: https://docs.google.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://docs.google.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 05 Feb 2023 04:18:59 GMT
content-type: text/html
server: scaffolding on HTTPServer2
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
peoplestack-pa.clients6.google.com/$rpc/peoplestack.PeopleStackAutocompleteService/Autocomplete
142.250.74.74401 Unauthorized 260 B URL HTTP/2 peoplestack-pa.clients6.google.com/$rpc/peoplestack.PeopleStackAutocompleteService/Autocomplete
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with very long lines (388), with no line terminators
Hash 5eb69660d159f3d279b09f53cc79ac7b
52f47a86af45cfe70396447f11536471d59ae21f
4b54f338ed0c22849acbefd439dd3e2b6eebea43c0d0d626505b990e3c89f7e3
POST /$rpc/peoplestack.PeopleStackAutocompleteService/Autocomplete HTTP/1.1
Host: peoplestack-pa.clients6.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-Api-Key: AIzaSyBpa8DlAVbnBsgTphEHO_YL7uokzq4vqns
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 12
Origin: https://docs.google.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 401 Unauthorized
www-authenticate: Bearer realm="https://accounts.google.com/"
strict-transport-security: max-age=10886400; includeSubdomains
vary: Origin, X-Origin, Referer
content-type: application/json+protobuf; charset=UTF-8
content-encoding: gzip
date: Sun, 05 Feb 2023 04:18:59 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 260
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://docs.google.com
access-control-allow-credentials: true
access-control-expose-headers: www-authenticate,vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 18e91fdb704902eff76068ca8fc0e9f7
5737dc79a38469c950be517e04e589972a10a93d
5d764e6bbe991be9307998f0a633c556b681ebbca5b90a45e0802ed92784a9a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 04:18:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.78200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sun, 05 Feb 2023 04:18:59 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+034; expires=Tue, 04-Feb-2025 04:18:59 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Feb 2023 04:18:59 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.78200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.78:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 4241
Origin: https://docs.google.com
Connection: keep-alive
Cookie: __Secure-ENID=10.SE=GxufxVQzNzzjiUYknOmFIUbHvHvCc6dzvjVm_bRZGr43uayKyWEmLajyJxKo81B7Vwf0_hGZhxBJws-UUOpvF-yz08yLJzgNbc4FFMKPtwkWcZ63t-7dtc6IqxWsVsDag1PBbZLobaO4zZH9Hc8Qozl3q2wyrUotPOnkYfSJMfk; CONSENT=PENDING+883; _ga=GA1.3.374087793.1654401397; NID=511=ruIbLZND5TaGrVS_DoflPZnfw9ZVyqIaBXptsPYxpfqlkRrshxOpyIVdu6CuPRpt5EbCfuWx9G9WbD4rcxbGKsBYX5raY84vUb9Nq_2N1T3o1MP1oogRyExM6wCnhKxmRyuvySCZhTLqn5c6VkPYkKDMUhMFIZJQ9cEDI4_x8pY; AEC=ARSKqsJwS288dnet5ECxqsBtMcOZ1Zmg2K6YKTHrLl37wjsDUkLqPTZwJIg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sun, 05 Feb 2023 04:18:59 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash d09cd05d951779967af874274fbb4875
119e58de80b389f59c445f045371d49e4414767e
1a3f1b8c4f3a485afca5745a30c8402d66b56434f360e11d7ec2063fc9851908
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 04:18:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=1209600&continue=https://docs.google.com/sharing/init?id%3D1_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs%26resourcekey%3D%255B%25221_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs%2522,null%255D%26themeColor%3D1%26foreignService%3Dkix%26gaiaService%3Dwritely%26shareService%3Dkix%26subapp%3D10%26popupWindowsEnabled%3Dtrue%26shareUiType%3Ddefault%26hl%3Dno%26authuser%3D0%26rand%3D1675570778078%26origin%3Dhttps://docs.google.com&followup=https://docs.google.com/sharing/init?id%3D1_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs%26resourcekey%3D%255B%25221_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs%2522,null%255D%26themeColor%3D1%26foreignService%3Dkix%26gaiaService%3Dwritely%26shareService%3Dkix%26subapp%3D10%26popupWindowsEnabled%3Dtrue%26shareUiType%3Ddefault%26hl%3Dno%26authuser%3D0%26rand%3D1675570778078%26origin%3Dhttps://docs.google.com&hl=no
142.250.74.109302 Found 592 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=1209600&continue=https://docs.google.com/sharing/init?id%3D1_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs%26resourcekey%3D%255B%25221_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs%2522,null%255D%26themeColor%3D1%26foreignService%3Dkix%26gaiaService%3Dwritely%26shareService%3Dkix%26subapp%3D10%26popupWindowsEnabled%3Dtrue%26shareUiType%3Ddefault%26hl%3Dno%26authuser%3D0%26rand%3D1675570778078%26origin%3Dhttps://docs.google.com&followup=https://docs.google.com/sharing/init?id%3D1_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs%26resourcekey%3D%255B%25221_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs%2522,null%255D%26themeColor%3D1%26foreignService%3Dkix%26gaiaService%3Dwritely%26shareService%3Dkix%26subapp%3D10%26popupWindowsEnabled%3Dtrue%26shareUiType%3Ddefault%26hl%3Dno%26authuser%3D0%26rand%3D1675570778078%26origin%3Dhttps://docs.google.com&hl=no
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1181)
Hash c092cb80470c1c17a6e73b562ed8b6b6
69b5c1f135658d2cafe666542f50b5ffb4e21f6f
7540ffbd9a855fe30799f7d2f62d2f9dfdeb395f95c59c493d27b9d447e157f7
GET /ServiceLogin?passive=1209600&continue=https://docs.google.com/sharing/init?id%3D1_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs%26resourcekey%3D%255B%25221_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs%2522,null%255D%26themeColor%3D1%26foreignService%3Dkix%26gaiaService%3Dwritely%26shareService%3Dkix%26subapp%3D10%26popupWindowsEnabled%3Dtrue%26shareUiType%3Ddefault%26hl%3Dno%26authuser%3D0%26rand%3D1675570778078%26origin%3Dhttps://docs.google.com&followup=https://docs.google.com/sharing/init?id%3D1_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs%26resourcekey%3D%255B%25221_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs%2522,null%255D%26themeColor%3D1%26foreignService%3Dkix%26gaiaService%3Dwritely%26shareService%3Dkix%26subapp%3D10%26popupWindowsEnabled%3Dtrue%26shareUiType%3Ddefault%26hl%3Dno%26authuser%3D0%26rand%3D1675570778078%26origin%3Dhttps://docs.google.com&hl=no HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Cookie: __Secure-ENID=10.SE=GxufxVQzNzzjiUYknOmFIUbHvHvCc6dzvjVm_bRZGr43uayKyWEmLajyJxKo81B7Vwf0_hGZhxBJws-UUOpvF-yz08yLJzgNbc4FFMKPtwkWcZ63t-7dtc6IqxWsVsDag1PBbZLobaO4zZH9Hc8Qozl3q2wyrUotPOnkYfSJMfk; CONSENT=PENDING+883; __Host-GAPS=1:sAD4bbq0xCmFA56GkQDkwBxsTuyLUw:iM-GE0v127ORGjLI; NID=511=ruIbLZND5TaGrVS_DoflPZnfw9ZVyqIaBXptsPYxpfqlkRrshxOpyIVdu6CuPRpt5EbCfuWx9G9WbD4rcxbGKsBYX5raY84vUb9Nq_2N1T3o1MP1oogRyExM6wCnhKxmRyuvySCZhTLqn5c6VkPYkKDMUhMFIZJQ9cEDI4_x8pY; OTZ=6887581_56_56__56_; AEC=ARSKqsJwS288dnet5ECxqsBtMcOZ1Zmg2K6YKTHrLl37wjsDUkLqPTZwJIg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Feb 2023 04:18:59 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1375206986%3A1675570739752094&continue=https%3A%2F%2Fdocs.google.com%2Fsharing%2Finit%3Fid%3D1_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs%26resourcekey%3D%255B%25221_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs%2522%2Cnull%255D%26themeColor%3D1%26foreignService%3Dkix%26gaiaService%3Dwritely%26shareService%3Dkix%26subapp%3D10%26popupWindowsEnabled%3Dtrue%26shareUiType%3Ddefault%26hl%3Dno%26authuser%3D0%26rand%3D1675570778078%26origin%3Dhttps%3A%2F%2Fdocs.google.com&followup=https%3A%2F%2Fdocs.google.com%2Fsharing%2Finit%3Fid%3D1_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs%26resourcekey%3D%255B%25221_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs%2522%2Cnull%255D%26themeColor%3D1%26foreignService%3Dkix%26gaiaService%3Dwritely%26shareService%3Dkix%26subapp%3D10%26popupWindowsEnabled%3Dtrue%26shareUiType%3Ddefault%26hl%3Dno%26authuser%3D0%26rand%3D1675570778078%26origin%3Dhttps%3A%2F%2Fdocs.google.com&hl=no&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHc3WY7jba-ZyR84dv3ib8mY3FFf9kIDEVNaG8GkrMEz6DgbVDkwzFXMccqJHFwG2UL8Au4lIA
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-CaoeibYQ4i1PImLSuPPttw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 592
server: GSE
set-cookie: __Host-GAPS=1:X7sNdLQuzqDv45b7Tj8FMryeAoe5WQ:tlPpG21n6IE7Y-Jp;Path=/;Expires=Tue, 04-Feb-2025 04:18:59 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:51:26 GMT
age: 23254
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
grabify.world/image.php?id=DXHOR7.zip
172.67.161.186302 Found 0 B URL HTTP/2 grabify.world/image.php?id=DXHOR7.zip
IP 172.67.161.186:0
GET /image.php?id=DXHOR7.zip HTTP/1.1
Host: grabify.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sun, 05 Feb 2023 04:18:51 GMT
location: https://grabify.link/image.php?id=DXHOR7.zip
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPxPOIpJISsc8hXd4GT2Fm%2B9bzMmzeCC9ml7UIAT1mZzPgiTr8%2BgVbiKJ4cBRC3LnSFCAfAv7E8E1150UgRpfV6orKEhCuMjxu1s5v2CxoPBj7SLhD%2BWRRRkOAsREgLw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7948d8302ec0b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
grabify.link/image.php?id=DXHOR7.zip
104.26.9.202301 Moved Permanently 0 B URL HTTP/2 grabify.link/image.php?id=DXHOR7.zip
IP 104.26.9.202:0
GET /image.php?id=DXHOR7.zip HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.2.2016134668.1654530729; _hjSessionUser_1523499=eyJpZCI6IjgyNTJjNjZkLTkzYTgtNWRlMC05OGVhLWFmODA3YmYyODE5NSIsImNyZWF0ZWQiOjE2NTQ1MzA3MjkzNTMsImV4aXN0aW5nIjpmYWxzZX0=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sun, 05 Feb 2023 04:18:55 GMT
content-type: text/html; charset=UTF-8
location: https://docs.google.com/document/d/1_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs/edit?usp=sharing
cache-control: no-cache, private
x-robots-tag: noindex, nofollow
x-content-type-options: nosniff
x-abuse: abuse@grabify.link
x-ratelimit-limit: 15
x-ratelimit-remaining: 14
set-cookie: XSRF-TOKEN=eyJpdiI6IlRmZnRNR29yOHhoWDJLMG10bEFqVmc9PSIsInZhbHVlIjoieDZmWkJMVWhQWTg0cUtiM1NHUzFCc0RkSEhwcS9JVXhjY2lhSWVwWmdBUU9YOHA0VVoxejZiMUlxSGpDVFF1UkZVOURVYWtKanRNQVhMclhuQlUyWW5ReGFxbU81elVqWWk1Nk5Ma05MdWVoeURRSlQ1eTAzc3FTam9vYjVBR1QiLCJtYWMiOiI3NGZjZTAzMjgyMjBhZDIxNjllNDY3ZmFlNTA3MTQ5OGUwMGIwZjA4N2QwMDc4MTJhYWY3NzdlOWM5MzI0ZWRiIiwidGFnIjoiIn0%3D; expires=Sun, 05 Feb 2023 09:18:55 GMT; Max-Age=18000; path=/; secure
g_session=eyJpdiI6Ikp0THk0SExtR1pEUlRhei91dE5ONVE9PSIsInZhbHVlIjoia0Jiam12ZmVoU21BeSsrZVFLb0RmUitNUXBzclhoaHkzeWdhNTRrQzRmWWFvdUVUcEkwUFp1aVhlN2taN1ZydjNsVWNXRG9oOFg3TTF4MjdKaXI4REhncjkxdGd3RkFUOFg1RWdSNnZTRXc5eTB0Y2JxVER1eHlvUGE5eWRreDIiLCJtYWMiOiIwMTg1YWU4MDlhZTI5ODI2OTZmOTY4NjE1ZDE0M2FjOWY3NTNmMzExNDAwMTI5ZWE5ZmRlZDA3NmI4ZDcwYzFlIiwidGFnIjoiIn0%3D; expires=Sun, 05 Feb 2023 09:18:55 GMT; Max-Age=18000; path=/; secure; httponly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yd8Rmsr3dDVoIIFrjVeK0fg4LdX%2F6dE7aKM49%2B4JlL%2BL0%2F2PYIsYs%2FO8K58rj%2Bca8RJQsQ%2Bz9suawNWslObn%2F7fPHS%2B47bApGnNBTBg%2BwXB2zd7P1sYiwyUfnPXyQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7948d831ff2f1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
docs.google.com/document/d/1_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs/edit?usp=sharing
142.250.74.142200 OK 0 B URL HTTP/2 docs.google.com/document/d/1_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs/edit?usp=sharing
IP 142.250.74.142:0
GET /document/d/1_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs/edit?usp=sharing HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __Secure-ENID=10.SE=GxufxVQzNzzjiUYknOmFIUbHvHvCc6dzvjVm_bRZGr43uayKyWEmLajyJxKo81B7Vwf0_hGZhxBJws-UUOpvF-yz08yLJzgNbc4FFMKPtwkWcZ63t-7dtc6IqxWsVsDag1PBbZLobaO4zZH9Hc8Qozl3q2wyrUotPOnkYfSJMfk; CONSENT=PENDING+883; NID=511=ruIbLZND5TaGrVS_DoflPZnfw9ZVyqIaBXptsPYxpfqlkRrshxOpyIVdu6CuPRpt5EbCfuWx9G9WbD4rcxbGKsBYX5raY84vUb9Nq_2N1T3o1MP1oogRyExM6wCnhKxmRyuvySCZhTLqn5c6VkPYkKDMUhMFIZJQ9cEDI4_x8pY; AEC=ARSKqsJwS288dnet5ECxqsBtMcOZ1Zmg2K6YKTHrLl37wjsDUkLqPTZwJIg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-robots-tag: noindex, nofollow, nosnippet
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Feb 2023 04:18:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
content-security-policy: base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'nonce-k2Uo0VPWpeQq1UjwZ6R2yA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: S=documents=_EAQSCM74TIF7uXGemf2B2Ca-Q3vZ6HUn8GRwGuokq8; Domain=.docs.google.com; Expires=Sun, 05-Feb-2023 05:18:56 GMT; Path=/document/d/1_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs; Secure; HttpOnly; SameSite=none
COMPASS=documents=CmIACWuJVxFQb60ag6fkGluyJoT82yoIHq4S0gO03JwgeH6Vs7j-3n02QnKfdFfog5CuzCVm-JdKN0Xud-EWexiR99GRkw47m17uHZYuZElkQky4FVko2ZuxTlG1EC3cdoUS6BDA-PyeBhpkAAlriVepQCkQg3dOnUjtehRTZXUmJgy9Y93EzJpO8e_3fvKpnSl1fLr4GiNEa0r2h-KxwUafCvDYUxe7fuLaBDGR9zpx76HGMia-EGkCDUsGag5PG4rIjolDoT_xeixhc5RwvQ==; Domain=.docs.google.com; Expires=Sun, 05-Feb-2023 05:18:56 GMT; Path=/document/d/1_ydwI4Uakt3Eo3i-Xj-t8S-RSIDj63ra70eIchLadzs; Secure; HttpOnly; SameSite=none
GFE_RTT=203; Domain=.docs.google.com; Expires=Sun, 05-Feb-2023 04:23:56 GMT; Path=/; Secure; Priority=LOW; SameSite=strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2