r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 584dc97b4a725bab46f43b0c52ea2f21
4c7d5484aca5c64746185fa7a1e6103672fd6beb
726714a5ebdaa8dda3c669eedad6503ffd2a822cfd0bbdf5eb8a1d8ad43ad5bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "726714A5EBDAA8DDA3C669EEDAD6503FFD2A822CFD0BBDF5EB8A1D8AD43AD5BD"
Last-Modified: Wed, 15 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6189
Expires: Thu, 16 Feb 2023 17:32:29 GMT
Date: Thu, 16 Feb 2023 15:49:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e2774fdb28d9f6ef0658eb7286166e3f
9240e40dcd6422d6b92b9f9b54c79e7629f28828
e59f037bbb477951b8d775acb4d62c243d19d6b0022787348bae224092690d53
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E59F037BBB477951B8D775ACB4D62C243D19D6B0022787348BAE224092690D53"
Last-Modified: Thu, 16 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9428
Expires: Thu, 16 Feb 2023 18:26:28 GMT
Date: Thu, 16 Feb 2023 15:49:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ab826368e69a2ca160ec61aa596a7a27
52d3afd0d0a2bc2e65c09df55bfc58bf84034afd
48b80951de12295fa262aca8aa9b26e24725ea47d205f60737f37643ce43aa1a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B80951DE12295FA262ACA8AA9B26E24725EA47D205F60737F37643CE43AA1A"
Last-Modified: Thu, 16 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6887
Expires: Thu, 16 Feb 2023 17:44:07 GMT
Date: Thu, 16 Feb 2023 15:49:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 16 Feb 2023 14:53:08 GMT
content-type: application/json
age: 3372
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yIzB7dN70ULDtkJ7cwOKgnOfNpPBEJM8VfdLNFCr5GkRMVTaovb/Ac7RJOVHfei4zOGrWotWf1o=
x-amz-request-id: W7WK0YF9VPTDGS4F
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 16 Feb 2023 15:16:54 GMT
age: 1946
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 16 Feb 2023 15:49:20 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
en.firstgooal.com/
188.114.96.1200 OK 4.5 kB IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash da76791276bfd8824aa0579560fe1612
a8a8110263fb547bba1e27fa56a69a9f5af8a3b8
a152f956b7dc8b78ed804db9d8eed8aa406e36ce8a97f748c26ae3902c7bafd4
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 16 Feb 2023 15:49:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=b88c8450acaf146fb86e7cbccd9bdafe; path=/
qa_key=8cxwewu1ev5y7m39r3hs83k2xe4gtjhv; expires=Sat, 18-Feb-2023 15:49:20 GMT; Max-Age=172800; path=/; HttpOnly
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kU0aNM3%2Fdj%2BrR9m5TmEOJfNDNYK8x7alwS0w5RwidEQ00A3nRaZV3SocH58lFb0xTXSZchEyqG4AkANw8pc5da91U1q0YXo%2F7mf91w5Blh3TY9UX%2Fj8w%2F6CB2Yu7utCQ8MCSw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79a76ec148aeb505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e811c05d7b791b98aea6b2fcb476f10e
22446c9850bfaad80e9a21ae5e12b6f08eab0322
f07288128edd8100435652b4323bea8c678afcfb5769f8a7ca00be962b8e989a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 15:49:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
en.firstgooal.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
188.114.96.1200 OK 1.0 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
IP 188.114.96.1:0
File type ASCII text, with CRLF line terminators
Hash 08fe3c23ce2f1e9e2d66d4fa90b036f8
0c9b700eed1061a99facb883ec10bc02bfd2994d
ac23166279860ec7ad5ce9e7960b2d7ca057cc03a192693587d045d75d5bf669
Analyzer Verdict Alert fortinet Malware
GET /qa-theme/SnowFlat/js/snow-core.js?1.8.6 HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/
Cookie: PHPSESSID=b88c8450acaf146fb86e7cbccd9bdafe; qa_key=8cxwewu1ev5y7m39r3hs83k2xe4gtjhv
HTTP/1.1 200 OK
Date: Thu, 16 Feb 2023 15:49:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdIjhHlbpPGAfKp2vf8cECBfqyT274sa7M9T%2F7AyfO%2FrXpX3OPtux4E3YAgCn%2B6E61wIGjZKPltrhL7mvY4p7gBROUWEd0qQ4catTjv9fVAJ1%2FLDCH3bm6%2FsCeGm0u6i1joAhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79a76ec46ce7b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-content/qa-global.js?1.8.6
188.114.96.1200 OK 5.1 kB URL HTTP/1.1 en.firstgooal.com/qa-content/qa-global.js?1.8.6
IP 188.114.96.1:0
File type ASCII text, with CRLF line terminators
Hash e1e4743f1b69b56fe6a4b9d82b617933
ae383643ea7f8c89084665d0ea7e4aad038495c3
f597be97130244f45174373ee364d6b33aba7c0d9dc41e32d4fe06c099ca69f9
GET /qa-content/qa-global.js?1.8.6 HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/
Cookie: PHPSESSID=b88c8450acaf146fb86e7cbccd9bdafe; qa_key=8cxwewu1ev5y7m39r3hs83k2xe4gtjhv
HTTP/1.1 200 OK
Date: Thu, 16 Feb 2023 15:49:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPzyEpIO9bhO%2BuyRHhIYjEy%2BhCAbbNFMS7vJUKmiJok%2BlH%2BIxFkwaDD5QpgJlvle51SHLHMk6hc7Xu%2BIUHmE6vnrizuDrRCm7hXfAY6Q%2B4j4iOuz6n3AS%2FGa%2B74xxSMGVHYATQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79a76ec46bf2b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
188.114.96.1200 OK 12 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
IP 188.114.96.1:0
File type ASCII text, with CRLF line terminators
Hash 40e651fa088684d4bf19ab0ee8a0f90f
f962b6f01b58ad088704e682879d989b1963a65c
d2a050dc76aee935d35e1ca91415448e5881622e1c14a04b3b3ad4d322d7f910
Analyzer Verdict Alert fortinet Malware
GET /qa-theme/SnowFlat/qa-styles.css?1.8.6 HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/
Cookie: PHPSESSID=b88c8450acaf146fb86e7cbccd9bdafe; qa_key=8cxwewu1ev5y7m39r3hs83k2xe4gtjhv
HTTP/1.1 200 OK
Date: Thu, 16 Feb 2023 15:49:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FoKY6m9vFFmacy7mr%2FP%2Fsj%2FMOsy2yPhEBfUSkms6RTJbowDqjmr55%2FZRBIMuI2VlOoB3t7aDXCZeFSrx9sVNkQXIb5YS6BhlW0X3%2BCJJc2xBMdHQvLsZXmsT01lknvg6JFy4mA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79a76ec4688a0b02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.googletagmanager.com/gtag/js?id=UA-62733008-15
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-62733008-15
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash 733665f3e5ac235118210cefe5661847
bd5b084858f6dd0857b43afcc526e0f5d9f240ab
05a6eb9ced10fc314d64ebc33919b305e75d71aa96a462f3acbc22a5315b973d
GET /gtag/js?id=UA-62733008-15 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.firstgooal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 16 Feb 2023 15:49:20 GMT
expires: Thu, 16 Feb 2023 15:49:20 GMT
cache-control: private, max-age=900
last-modified: Thu, 16 Feb 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44152
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Content-Length, Content-Type, Cache-Control, Pragma, Retry-After, ETag, Expires, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 16 Feb 2023 14:51:22 GMT
age: 3478
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e811c05d7b791b98aea6b2fcb476f10e
22446c9850bfaad80e9a21ae5e12b6f08eab0322
f07288128edd8100435652b4323bea8c678afcfb5769f8a7ca00be962b8e989a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 15:49:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
en.firstgooal.com/qa-content/jquery-3.5.1.min.js
188.114.96.1200 OK 31 kB URL HTTP/1.1 en.firstgooal.com/qa-content/jquery-3.5.1.min.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 8b01c5ba6173865527caa5a96b8025c7
7931265ea4d257f5fd5f1bcebc73a03fcdd772be
8296102d6f6ea7f891b884e47c6b49cc29ab9755049527bd45bfd70435819782
Analyzer Verdict Alert fortinet Malware
GET /qa-content/jquery-3.5.1.min.js HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/
Cookie: PHPSESSID=b88c8450acaf146fb86e7cbccd9bdafe; qa_key=8cxwewu1ev5y7m39r3hs83k2xe4gtjhv
HTTP/1.1 200 OK
Date: Thu, 16 Feb 2023 15:49:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVfH%2BsNazlhxTtVuEwYkDUOcQgpP%2BKGnm4jSPBrdt36h2igs%2BJy14MAxsY32%2BGSKTyEw%2FdirC25b3ycIoOZSrtmO%2BnVhg4eRw58JKvaIG%2FPu%2FKRORqFGCLLSb4IBPWogdvmFyg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79a76ec46a20b52d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9510916a15d80ca2eb9fc98904cb93ee
420495d8896aeaf34e73a1c6ad8d95c882553c11
4391a82749b95a599bd1605b98b665772676ea8707765b8d9f8451774f6a709f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4391A82749B95A599BD1605B98B665772676EA8707765B8D9F8451774F6A709F"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4317
Expires: Thu, 16 Feb 2023 17:01:18 GMT
Date: Thu, 16 Feb 2023 15:49:21 GMT
Connection: keep-alive
en.firstgooal.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
188.114.96.1200 OK 7.8 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
IP 188.114.96.1:0
File type GIF image data, version 89a, 14 x 14\012- data
Hash baa90f5e1a366d64a56c6bdc20463880
a5fc4c07afc4c856ff09a4ed6cee0a26487946a9
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
GET /qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644 HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Cookie: PHPSESSID=b88c8450acaf146fb86e7cbccd9bdafe; qa_key=8cxwewu1ev5y7m39r3hs83k2xe4gtjhv
HTTP/1.1 200 OK
Date: Thu, 16 Feb 2023 15:49:21 GMT
Content-Type: image/gif
Content-Length: 7781
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pxzk%2FOxUq86dSfw0hJ5xeQ6bXxQGekRo6x%2FqvUCRs6YiMXyzhKCkf6KEcfH3neZDxKIhJv0qg1xzDJJTOQWbfXCm3mDrt%2F4iv0X7xKnBj50V%2BHI9hkezhbEMwf4lxOAmFrEvg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79a76ec808a6b51e-OSL
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-theme/SnowFlat/images/search-icon-white.png
188.114.96.1200 OK 1.4 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/images/search-icon-white.png
IP 188.114.96.1:0
File type PNG image data, 36 x 36, 8-bit/color RGBA, interlaced\012- data
Hash d7bb9c767a3d489bb312bf0edec2bd62
74d64044c075c6f1055b87bfbadb6311e5d702b7
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
GET /qa-theme/SnowFlat/images/search-icon-white.png HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Cookie: PHPSESSID=b88c8450acaf146fb86e7cbccd9bdafe; qa_key=8cxwewu1ev5y7m39r3hs83k2xe4gtjhv
HTTP/1.1 200 OK
Date: Thu, 16 Feb 2023 15:49:21 GMT
Content-Type: image/png
Content-Length: 1412
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sv%2F321XjQpO7sVyoGlJ7KcYDHsSu%2FvbG96y%2FE1l81HMwKoHYhXQi9JZVtet%2Fb%2BG4kFk7cZ6Jmbb7oS72WR9ffEECnPWRTQC5VO5m6GC%2Bz5SrWQJ4sUT69rncly7yxJIIFhfMyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79a76ec80c280b02-OSL
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-theme/SnowFlat/images/vote-buttons-3.png
188.114.96.1200 OK 1.5 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/images/vote-buttons-3.png
IP 188.114.96.1:0
File type PNG image data, 56 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b0b5b30b475bfc16e428a2b5afb343d
b98a582faac44ca1edc3aeed5579fb9c812bc668
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
GET /qa-theme/SnowFlat/images/vote-buttons-3.png HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Cookie: PHPSESSID=b88c8450acaf146fb86e7cbccd9bdafe; qa_key=8cxwewu1ev5y7m39r3hs83k2xe4gtjhv
HTTP/1.1 200 OK
Date: Thu, 16 Feb 2023 15:49:21 GMT
Content-Type: image/png
Content-Length: 1457
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KyyGrJD5fF71SBchTIUr532lgnu6KjLnYekwRljC1HWR5zS5xuhO%2FjCXcv6NTKYjRta%2BFLWuc4qY7GZZ%2B%2F%2Fk15a1UUxPxEUgryMkd8YjsMEEe94JblOCE1X%2Bw1kDB1m5PFQfXw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79a76ec7ee36b52d-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
52.88.99.17101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.99.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zYuhZOYfL93DD3zKlB6AwA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +odg8zfL5i0RWxx01KVMA6SVluY=
en.firstgooal.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
188.114.96.1200 OK 7.2 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
IP 188.114.96.1:0
File type Web Open Font Format, TrueType, length 7200, version 1.0\012- data
Hash 032102e77ed40c63761279956b30f59f
b40bfc143f60a96b35a760a73f18dd3934eebc08
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
Analyzer Verdict Alert fortinet Malware
GET /qa-theme/SnowFlat/fonts/fontello.woff?70015067 HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Cookie: PHPSESSID=b88c8450acaf146fb86e7cbccd9bdafe; qa_key=8cxwewu1ev5y7m39r3hs83k2xe4gtjhv
HTTP/1.1 200 OK
Date: Thu, 16 Feb 2023 15:49:21 GMT
Content-Type: font/woff
Content-Length: 7200
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6lxSbjrpNWerHwpFkBaunSNKhJXrYkWQwpzIZ1kwCJc6Mgib5Tp7oksYCWSHP7iRLEPsj1rt7%2Bndtim%2BTgwxLgNbBXwVSvj5j2pwU45HEfTCM%2BnvMWjdq0txCBvRkSVdl1s6w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79a76ec8099ab505-OSL
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-theme/SnowFlat/fonts/ubuntu-italic.woff2
188.114.96.1200 OK 25 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/fonts/ubuntu-italic.woff2
IP 188.114.96.1:0
File type Web Open Font Format (Version 2), TrueType, length 24808, version 1.0\012- data
Hash 5d7f3d1466e3a11a8b8efc09ff61cf2e
f5a1612b04cc49ebad65192db33a7cc498ef2409
1f1c7364ef5f163cddba63301931db5e1eff87ecc1cd2e9704c10c6f92417b54
Analyzer Verdict Alert fortinet Malware
GET /qa-theme/SnowFlat/fonts/ubuntu-italic.woff2 HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://en.firstgooal.com/
Cookie: PHPSESSID=b88c8450acaf146fb86e7cbccd9bdafe; qa_key=8cxwewu1ev5y7m39r3hs83k2xe4gtjhv
HTTP/1.1 200 OK
Date: Thu, 16 Feb 2023 15:49:21 GMT
Content-Type: font/woff2
Content-Length: 24808
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIh07i%2Fe1I0s2CmpifwUpWT7cO4%2BuJPgU%2FsBNEJuxtsiujPoobGQQ2KkmSfukDFdDaRHCOjIrn%2F9sw1MDwLF94rNVEMUwSE8xSEWxGarbXO%2BH3w4wpAQ1xvxy9LOBPPgdPmQEw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79a76ec82d6fb503-OSL
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-theme/SnowFlat/fonts/ubuntu-regular.woff2
188.114.96.1200 OK 22 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/fonts/ubuntu-regular.woff2
IP 188.114.96.1:0
File type Web Open Font Format (Version 2), TrueType, length 22388, version 1.0\012- data
Hash 15b31ac9865cf59ee66305ceae84eeca
a7dc7a8504e47449000ea52f24ec10b34526b60c
02e4551debbf743ff34d013ba7b0a5440fa88958b9c406105a55612721cba16c
Analyzer Verdict Alert fortinet Malware
GET /qa-theme/SnowFlat/fonts/ubuntu-regular.woff2 HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://en.firstgooal.com/
Cookie: PHPSESSID=b88c8450acaf146fb86e7cbccd9bdafe; qa_key=8cxwewu1ev5y7m39r3hs83k2xe4gtjhv
HTTP/1.1 200 OK
Date: Thu, 16 Feb 2023 15:49:21 GMT
Content-Type: font/woff2
Content-Length: 22388
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugBMY59kRizMR2%2BSNVXNFeifgUkjt9MtrFia4PbQ%2FBbU%2BwL25YcP82Vf6LPGiauJhknS%2FFcljGsjGUjnvVgfNlOqQjraYJmu2oT6LvrPKUOi7xCJ0reXAwduCnJDxvv3e%2FRXbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79a76ec809b4b529-OSL
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-theme/SnowFlat/fonts/ubuntu-bold.woff2
188.114.96.1200 OK 23 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/fonts/ubuntu-bold.woff2
IP 188.114.96.1:0
File type Web Open Font Format (Version 2), TrueType, length 22800, version 0.-11076\012- data
Hash 599ac1c7e3993595927b6610aced3f00
12b786d7422dbf88ad4fd730d6925782dee3027b
0c520384d05689f51e9846895c1f3572c39bc954504d2eed090432c4b08d6d3f
Analyzer Verdict Alert fortinet Malware
GET /qa-theme/SnowFlat/fonts/ubuntu-bold.woff2 HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://en.firstgooal.com/
Cookie: PHPSESSID=b88c8450acaf146fb86e7cbccd9bdafe; qa_key=8cxwewu1ev5y7m39r3hs83k2xe4gtjhv
HTTP/1.1 200 OK
Date: Thu, 16 Feb 2023 15:49:21 GMT
Content-Type: font/woff2
Content-Length: 22800
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lr3K7pifOkJczeI588VKaIsADuIxeAvnkCC%2F8EUdrZT9rqmPBOKYxEst%2Fz3wRTSlsrCqahvKujsY19wS0w3OkaodfecK23goDQmNfE6Q8lrnurDZ%2Blocm3eWDPWmMn7L4ZBBsw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79a76ec8c9bbb51e-OSL
alt-svc: h2=":443"; ma=60
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.firstgooal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 16 Feb 2023 15:45:20 GMT
expires: Thu, 16 Feb 2023 17:45:20 GMT
cache-control: public, max-age=7200
age: 241
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
en.firstgooal.com/favicon.ico
188.114.96.1404 Not Found 2.0 kB URL HTTP/1.1 en.firstgooal.com/favicon.ico
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 2686a3ce036821764dbf229b4f0fa6ef
cdaa882f179fe6e786ad8dbdd6fd8f893d2ccca9
f35fae4de88f7b63f191da2dcf6a170d33120003ad128cbeded78570498860ed
GET /favicon.ico HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/
Cookie: PHPSESSID=b88c8450acaf146fb86e7cbccd9bdafe; qa_key=8cxwewu1ev5y7m39r3hs83k2xe4gtjhv
HTTP/1.1 404 Not Found
Date: Thu, 16 Feb 2023 15:49:22 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
CF-Cache-Status: BYPASS
Set-Cookie: qa_key=8cxwewu1ev5y7m39r3hs83k2xe4gtjhv; expires=Sat, 18-Feb-2023 15:49:22 GMT; Max-Age=172800; path=/; HttpOnly
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImlFYkRW96dcSjsK01Q%2FdQu2XLWsLlfcdUnfNN%2BUOEfiVfrvIwl1yexAlUs4pNV8UEdaqozg%2FvN7pafDU4faIe%2BxohTDCzYPjiEJtW4QluWGxYieAKHhiOUgt146mSt4g2a4RA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79a76eca7947b52d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c9333ebd8634e6b287e0b58265edf328
6ea57e1529609f015e198c72d2455c758f5b45ab
6bc07733856e4fbefbb42e5ad6423539ccbc855c66cf4279bf515997ea8933d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC07733856E4FBEFBB42E5AD6423539CCBC855C66CF4279BF515997EA8933D2"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5965
Expires: Thu, 16 Feb 2023 17:28:47 GMT
Date: Thu, 16 Feb 2023 15:49:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c9333ebd8634e6b287e0b58265edf328
6ea57e1529609f015e198c72d2455c758f5b45ab
6bc07733856e4fbefbb42e5ad6423539ccbc855c66cf4279bf515997ea8933d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC07733856E4FBEFBB42E5AD6423539CCBC855C66CF4279BF515997EA8933D2"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5965
Expires: Thu, 16 Feb 2023 17:28:47 GMT
Date: Thu, 16 Feb 2023 15:49:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c9333ebd8634e6b287e0b58265edf328
6ea57e1529609f015e198c72d2455c758f5b45ab
6bc07733856e4fbefbb42e5ad6423539ccbc855c66cf4279bf515997ea8933d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC07733856E4FBEFBB42E5AD6423539CCBC855C66CF4279BF515997EA8933D2"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5965
Expires: Thu, 16 Feb 2023 17:28:47 GMT
Date: Thu, 16 Feb 2023 15:49:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c9333ebd8634e6b287e0b58265edf328
6ea57e1529609f015e198c72d2455c758f5b45ab
6bc07733856e4fbefbb42e5ad6423539ccbc855c66cf4279bf515997ea8933d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC07733856E4FBEFBB42E5AD6423539CCBC855C66CF4279BF515997EA8933D2"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5965
Expires: Thu, 16 Feb 2023 17:28:47 GMT
Date: Thu, 16 Feb 2023 15:49:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c9333ebd8634e6b287e0b58265edf328
6ea57e1529609f015e198c72d2455c758f5b45ab
6bc07733856e4fbefbb42e5ad6423539ccbc855c66cf4279bf515997ea8933d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC07733856E4FBEFBB42E5AD6423539CCBC855C66CF4279BF515997EA8933D2"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5965
Expires: Thu, 16 Feb 2023 17:28:47 GMT
Date: Thu, 16 Feb 2023 15:49:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 504b69ec2b6350345c36777959b0765a
c302824325b8f0839c7de54af9c5bd02541e4269
6e3a5b1cd7d17a9f448b8189d5683567269b3b3d461838770482283898008f39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14477
x-amzn-requestid: 2544b5cc-3fb0-4536-88ec-8cb9044fb612
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANtsXFBYoAMF6tA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e88fe8-452901f67af9f5d95ccc61c3;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 07:06:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 18cnMMCsvwUvJVsvM8s2v0k3P6WL1kzo4S9dOvsskdYEBk748cj3Cw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Feb 2023 11:50:51 GMT
age: 14311
etag: "c302824325b8f0839c7de54af9c5bd02541e4269"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03d8b9db-4d74-4d37-9579-bc1defd9c23d.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03d8b9db-4d74-4d37-9579-bc1defd9c23d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f605d750b4f6c765d827527cc6846627
64e73779243684555e7835698e53a50352071ad6
707d1050736f19c06a88abac85c5a4e17dc12ba09618a5bbc67bbd416a6d2b25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03d8b9db-4d74-4d37-9579-bc1defd9c23d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4253
x-amzn-requestid: c62459f6-3b6a-4ef8-a1db-79857cd60196
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZlzeGo9IAMFtoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed5015-0be365d62e47063b1341b454;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cUKqMz9rzrodOzMj2-uTW-k_G3_6zIheZjofTH1ZguFHGC38iu6Uag==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 21:39:03 GMT
etag: "64e73779243684555e7835698e53a50352071ad6"
content-type: image/jpeg
age: 65419
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F088042eb-8368-43cc-87ea-092286978e94.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F088042eb-8368-43cc-87ea-092286978e94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ebf2b034739bd071054ebf80a1ff595d
7e4585aeab4a996e3fbfd37968bb02931da854a9
d6a6c170482ba37606716f8ef9c6edcbc8b77f3105459b1c5d65687ac1371c16
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F088042eb-8368-43cc-87ea-092286978e94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10755
x-amzn-requestid: 2f618b25-3ded-41b9-bccc-342418ee044f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZmNwFUjIAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed50be-44bde92d5eb1132233a6b160;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:38:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bmiv1bevUuK-iqhxFkFwOWWFkG281vjBZG2tY8_9_NINkaLZW7Pl4g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 21:55:01 GMT
age: 64461
etag: "7e4585aeab4a996e3fbfd37968bb02931da854a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33b1c914-808f-4087-bb21-b717b26f3496.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33b1c914-808f-4087-bb21-b717b26f3496.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4e84c4a1c0ed65e3bf372657fd7e496
e38c5908a977b024db07283a627c865988a1ed19
0fcfe03ec49c359f171162e3fca564bb105e50f191ed73fc79d54a71ca560410
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33b1c914-808f-4087-bb21-b717b26f3496.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5697
x-amzn-requestid: 72be2345-9c59-4845-95eb-25df25ec9717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZlzzHc8IAMFRMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed5018-3ce084a057dfb9a8400c743b;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XE6c9P_jyohdKOZ_iwMTKI1V1Si2UQ8qznV7u4PfAbzjyq7qMxj-gA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 21:59:59 GMT
age: 64163
etag: "e38c5908a977b024db07283a627c865988a1ed19"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ddf2390-9365-4e6b-8c2d-8914c8048fda.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ddf2390-9365-4e6b-8c2d-8914c8048fda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6a41a3409f2c1cbd1c33b79b28499fc1
93c97ef46a569ea13ba8de5a51aaac968582b125
e7c051fe735cecb13b27fa915d02cee185a78bd7bd6be20a5b60a839dae675a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ddf2390-9365-4e6b-8c2d-8914c8048fda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3071
x-amzn-requestid: d3c02d0c-ff5a-4ca6-b0e4-50a1129cc9a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZmigE9GoAMFbWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed5142-63cff1f52b2a4b8c20304d8e;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:40:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: __KOt0rf7gh0A5ywLKhYXBmH6ckypZ0CLz5bwDmikCvxNjTh6jMO0A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Feb 2023 11:51:48 GMT
age: 14254
etag: "93c97ef46a569ea13ba8de5a51aaac968582b125"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049c0359-f97c-4035-8318-4d664e9e94e9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049c0359-f97c-4035-8318-4d664e9e94e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffba011968f980db58b57027d4be1ea1
7598dbc5cc76dcdf34a922b01a14c179702fb841
1b8b88ce8216f1917b052481fab0db062890eeb39febeb8bb63fba4643b9eaf9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049c0359-f97c-4035-8318-4d664e9e94e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: c060dfec-c37f-4e1d-81db-6cf683ef06f4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZmNwFj8IAMFdKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed50be-364c85595c13ccdb5b900506;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:38:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHo2ytWmoyvoe0w0p2aaH7xsko7rzQfMqnKmAdBRb5nwGHPhf2XOnw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 21:38:53 GMT
etag: "7598dbc5cc76dcdf34a922b01a14c179702fb841"
content-type: image/jpeg
age: 65429
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2