Overview

URL helgakaren.com/
IP199.34.228.65
ASNWEEBLY
Location United States
Report completed2022-09-27 08:36:56 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-27 2 helgakaren.com/ Malware
2022-09-27 2 www.helgakaren.com/ Malware
2022-09-27 2 www.helgakaren.com/files/main_style.css?1660297735 Malware
2022-09-27 2 www.helgakaren.com/files/theme/custom.js?1536078196 Malware
2022-09-27 2 www.helgakaren.com/files/theme/mobile.js?1536078196 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (17)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-27 04:12:16 UTC 23.36.77.32
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 34.223.168.227
mnemonic passive DNS helgakaren.com (1) 0 2021-02-01 16:35:14 UTC 2022-09-27 04:35:48 UTC 199.34.228.65 Unknown ranking
mnemonic passive DNS fonts.gstatic.com (4) 0 2014-08-29 13:43:22 UTC 2022-09-27 04:53:14 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS ec.editmysite.com (2) 12806 2017-01-29 21:50:35 UTC 2022-09-26 06:15:06 UTC 35.82.13.103
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-09-27 04:53:17 UTC 34.120.237.76
mnemonic passive DNS www.helgakaren.com (8) 0 2019-06-06 07:03:04 UTC 2022-09-21 23:37:16 UTC 199.34.228.65 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-27 04:15:00 UTC 93.184.220.29
mnemonic passive DNS fonts.googleapis.com (4) 8877 2013-06-10 20:14:26 UTC 2022-09-27 07:18:49 UTC 142.250.74.10
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.164
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-26 20:43:42 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-27 05:44:40 UTC 143.204.55.35
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 04:13:22 UTC 143.204.55.49
mnemonic passive DNS cdn2.editmysite.com (11) 11564 2012-10-02 18:27:39 UTC 2022-09-26 06:15:05 UTC 151.101.85.46
mnemonic passive DNS ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.3
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-27 05:04:23 UTC 142.250.74.174


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.34.228.65

Date UQ / IDS / BL URL IP
2022-12-04 03:11:52 +0000
0 - 0 - 8 zepedalawfirm.com/contact-us.html 199.34.228.65
2022-12-01 21:49:46 +0000
0 - 0 - 7 www.geneticgenealogystandards.com/ 199.34.228.65
2022-11-22 01:58:58 +0000
0 - 0 - 11 zepedalawfirm.com/visa-bulletin.html 199.34.228.65
2022-11-15 02:46:31 +0000
0 - 0 - 13 zepedalawfirm.com/2014-executive-action.html 199.34.228.65
2022-11-08 03:19:04 +0000
0 - 0 - 8 zepedalawfirm.com/dallas-immigration-court.html 199.34.228.65

Last 5 reports on ASN: WEEBLY

Date UQ / IDS / BL URL IP
2022-12-09 12:37:33 +0000
0 - 0 - 20 newsigninprodigy.square.site/ 199.34.228.39
2022-12-09 01:43:13 +0000
0 - 0 - 5 att-yahoo-mail-109901.weeblysite.com/ 199.34.228.96
2022-12-09 01:42:53 +0000
0 - 0 - 5 att-login-106092.weeblysite.com/ 199.34.228.96
2022-12-09 01:38:13 +0000
0 - 0 - 18 yahoo-106343.weeblysite.com/ 199.34.228.97
2022-12-08 12:44:36 +0000
0 - 0 - 16 at308597yct54.weeblysite.com/ 199.34.228.96

Last 5 reports on domain: helgakaren.com

Date UQ / IDS / BL URL IP
2022-10-10 19:08:52 +0000
0 - 0 - 5 helgakaren.com/ 199.34.228.65
2022-10-06 10:59:43 +0000
0 - 0 - 5 helgakaren.com/ 199.34.228.65
2022-10-06 02:55:37 +0000
0 - 0 - 5 helgakaren.com/ 199.34.228.65
2022-09-27 08:36:56 +0000
0 - 0 - 5 helgakaren.com/ 199.34.228.65
2022-09-21 23:37:28 +0000
0 - 0 - 5 helgakaren.com/ 199.34.228.65

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-10 19:08:52 +0000
0 - 0 - 5 helgakaren.com/ 199.34.228.65
2022-10-06 10:59:43 +0000
0 - 0 - 5 helgakaren.com/ 199.34.228.65
2022-10-06 02:55:37 +0000
0 - 0 - 5 helgakaren.com/ 199.34.228.65
2022-09-14 19:38:26 +0000
0 - 0 - 5 helgakaren.com/ 199.34.228.65
2022-09-11 08:45:38 +0000
0 - 0 - 5 helgakaren.com/ 199.34.228.65


JavaScript

Executed Scripts (24)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (56)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3372
Expires: Tue, 27 Sep 2022 09:32:56 GMT
Date: Tue, 27 Sep 2022 08:36:44 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 07:45:26 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SY6a6Zu6YymraYenJsmpFRBeX8B4B-wNw8l-fxvf-J-oKJJXggCq0g==
Age: 3078


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
date: Mon, 26 Sep 2022 09:17:07 GMT
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5EkO9aZlkFIXMOz2tWc2zGl8rgFEJuvn7IiO2EsgEEdc1n8gUfGfuA==
age: 83978
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET / HTTP/1.1 
Host: helgakaren.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         199.34.228.65
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 27 Sep 2022 08:36:44 GMT
Server: Apache
Location: http://www.helgakaren.com/
Content-Length: 234
Keep-Alive: timeout=10, max=70
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   234
Md5:    4994788cd1bd6b49d3b37ea04797510f
Sha1:   cdcce21f76aa0aa58f733a69563d390ecdd9b517
Sha256: af7454597066ccd849c1816da24e43dcabf30e880062803232b0f2cfbcd23a24

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 08:36:44 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: www.helgakaren.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         199.34.228.65
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 08:36:45 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.helgakaren.com language=en; expires=Tue, 11-Oct-2022 08:36:45 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"d4e27a1468816ecc975cfc6e6f61bb76-gzip"
Content-Encoding: gzip
X-Host: blu110.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 6760
Keep-Alive: timeout=10, max=71
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1350)
Size:   6760
Md5:    6facd7aa9f9c4ef83a235369133b294c
Sha1:   012b8099b8a4cbe505270d8fdb5fa8df5d0d016d
Sha256: 80b9fbc9c307785013ce553d1942411158883f928cab11bb85c3076acca331b2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4703
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 08:36:45 GMT
Last-Modified: Tue, 27 Sep 2022 07:18:22 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 08:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 08:38:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OgFR2BtW5PKd1gr0iKQZrIoctbZSgDIrFNWwutiZLUKqs3B2BQcj0Q==
Age: 1559


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /css?family=Cabin:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 27 Sep 2022 08:36:45 GMT
Date: Tue, 27 Sep 2022 08:36:45 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   520
Md5:    3de06f0a80790203f3e0f42ca3001bd1
Sha1:   ae153a02970be42eb53aa6108d559e14db0d8e2b
Sha256: e9eeca8661881c903fc2a0bfd50770ad3aa68b089324d382489e9b23a2b09721
                                        
                                            GET /fonts/Bebas/font.css?2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/

                                         
                                         151.101.85.46
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: keep-alive
Content-Length: 128
Server: nginx
Last-Modified: Thu, 08 Sep 2022 17:37:42 GMT
ETag: "631a2866-a2"
Expires: Tue, 27 Sep 2022 11:13:15 GMT
Cache-Control: max-age=1209600
X-Host: blu72.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 27 Sep 2022 08:36:45 GMT
Age: 1200209
X-Served-By: cache-sjc10047-SJC, cache-bma1639-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 7, 2
X-Timer: S1664267806.618324,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text
Size:   128
Md5:    ade9f0f357315a81d19eea855af91d93
Sha1:   aec8e5b4d6d4854c634e84bbb505efc01682ede7
Sha256: 6d05b3835b5b2fd7b8e1a23fefd66d7abd0d654c3cfb1a79c4b1eedbfa2180df
                                        
                                            GET /css/social-icons.css?buildtime=1660262238 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/

                                         
                                         151.101.85.46
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: keep-alive
Content-Length: 1640
Server: nginx
Last-Modified: Mon, 19 Sep 2022 20:20:47 GMT
ETag: W/"6328cf1f-3319"
Expires: Tue, 04 Oct 2022 08:12:10 GMT
Cache-Control: max-age=1209600
X-Host: blu69.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 27 Sep 2022 08:36:45 GMT
Age: 606275
X-Served-By: cache-sjc10047-SJC, cache-bma1643-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1
X-Timer: S1664267806.618850,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (13080)
Size:   1640
Md5:    8fb96f5dd1bce0dae0321e8b248c88f7
Sha1:   9fc7ad9ece0085d86ba7f77afe0e458e9c2dabee
Sha256: 4b76d6037e11a99de1ce8dc95521da89427a3568fabf1e5f4f12c917c7460464
                                        
                                            GET /css/old/fancybox.css?1660262238 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/

                                         
                                         151.101.85.46
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: keep-alive
Content-Length: 1218
Server: nginx
Last-Modified: Mon, 26 Sep 2022 23:22:27 GMT
ETag: "63323433-f47"
Expires: Tue, 11 Oct 2022 07:44:26 GMT
Cache-Control: max-age=1209600
X-Host: blu146.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 27 Sep 2022 08:36:45 GMT
Age: 3140
X-Served-By: cache-sjc10045-SJC, cache-bma1635-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1664267806.618408,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (3910)
Size:   1218
Md5:    b644e92258f4c7c0b4270047652d1e60
Sha1:   93734d52ee9e86a768159e514076051813c39cd9
Sha256: 29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
                                        
                                            GET /css?family=Source+Sans+Pro:400,300,300italic,200,200italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 27 Sep 2022 08:36:45 GMT
Date: Tue, 27 Sep 2022 08:36:45 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   964
Md5:    6882bf46876efc826221ba9492299cae
Sha1:   cf98c827458ae30bab9267db64b3bd1196e024c2
Sha256: cddc12c2c5d58c9821c843c19592ba22323e16f0ee047544a1930750d1257635
                                        
                                            GET /js/lang/en/stl.js?buildTime=1660262238& HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/

                                         
                                         151.101.85.46
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Last-Modified: Mon, 19 Sep 2022 20:19:49 GMT
ETag: "6328cee5-2c4a6"
Expires: Tue, 04 Oct 2022 09:56:11 GMT
Cache-Control: max-age=1209600
X-Host: grn142.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Content-Length: 32828
Accept-Ranges: bytes
Date: Tue, 27 Sep 2022 08:36:45 GMT
Age: 600034
Connection: keep-alive
X-Served-By: cache-sjc10024-SJC, cache-bma1675-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1664267806.618627,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (64997)
Size:   32828
Md5:    9a49c00a13898c31cb9ae140287b524d
Sha1:   79aa80ae3e30b6f4ea929e6e118b16c68db216c2
Sha256: 7d4c52ebfd0e158669a414ec9c2ee33a1296b20d59370d8b3193c1ec81a9ec35
                                        
                                            GET /css?family=Actor&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 27 Sep 2022 08:36:45 GMT
Date: Tue, 27 Sep 2022 08:36:45 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   260
Md5:    51867f8bad83f4b67a7bef4cec2ec0c5
Sha1:   2bae7cb31e9d2e875a67d4f7e64d6fbf27be6a42
Sha256: 7da17794363b1d8157bd2b633af0d2339e85e56f2dbafa604ac465eebf65c55c
                                        
                                            GET /css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 27 Sep 2022 08:36:45 GMT
Date: Tue, 27 Sep 2022 08:36:45 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   471
Md5:    0c25875b36f3fb245e7c2fd59057d479
Sha1:   8135703d160ed58535e2bc51db78aefb9a8b3907
Sha256: a4b87ce4891dff7fbf8e40b1ed386c531b7488b23a9cd07d8b2ccd63c7d1d945
                                        
                                            GET /css/sites.css?buildTime=1660262238 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/

                                         
                                         151.101.85.46
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Last-Modified: Thu, 08 Sep 2022 20:48:41 GMT
ETag: W/"631a5529-347ac"
Expires: Tue, 27 Sep 2022 10:27:44 GMT
Cache-Control: max-age=1209600
X-Host: blu137.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Content-Length: 29746
Accept-Ranges: bytes
Date: Tue, 27 Sep 2022 08:36:45 GMT
Age: 1202941
Connection: keep-alive
X-Served-By: cache-sjc10046-SJC, cache-bma1656-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1664267806.618497,VS0,VE2
Vary: Accept-Encoding
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   29746
Md5:    d10158b22b553f723d99dc78eaee6390
Sha1:   80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
Sha256: 939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
                                        
                                            GET /js/site/footerSignup.js?buildTime=1664237694 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/

                                         
                                         151.101.85.46
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: keep-alive
Content-Length: 1372
Server: nginx
Last-Modified: Mon, 26 Sep 2022 23:22:45 GMT
ETag: "63323445-e10"
Expires: Tue, 11 Oct 2022 00:20:26 GMT
Cache-Control: max-age=1209600
X-Host: blu112.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 27 Sep 2022 08:36:45 GMT
Age: 29780
X-Served-By: cache-sjc10025-SJC, cache-bma1643-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 89
X-Timer: S1664267806.628624,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (3600), with no line terminators
Size:   1372
Md5:    121a5b9688d8e70ee7bb06cc79491f76
Sha1:   3a28220baa7d8879270c8311bed7dddefa7e43e9
Sha256: 181716c84474c9eb6685a809d69dda5d49ce44dfbf64c5dee89a3091e23def40
                                        
                                            GET /js/site/main.js?buildTime=1660262238 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/

                                         
                                         151.101.85.46
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Last-Modified: Fri, 23 Sep 2022 21:40:32 GMT
ETag: "632e27d0-74804"
Expires: Mon, 10 Oct 2022 12:38:19 GMT
Cache-Control: max-age=1209600
X-Host: blu110.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Content-Length: 146400
Accept-Ranges: bytes
Date: Tue, 27 Sep 2022 08:36:45 GMT
Age: 71906
Connection: keep-alive
X-Served-By: cache-sjc10053-SJC, cache-bma1672-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1664267806.618678,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (32147)
Size:   146400
Md5:    81b8673c5d3aa3ab8c0574f2a8f0e3b4
Sha1:   2e0661bc7907d9e2703b3347c3fec579f0aef5d6
Sha256: 0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 08:36:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /files/main_style.css?1660297735 HTTP/1.1 
Host: www.helgakaren.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
Cookie: is_mobile=0; language=en

                                         
                                         199.34.228.65
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 27 Sep 2022 08:36:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn129.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (785)
Size:   5729
Md5:    97ad5ddfcce6bf2e296ff2c89fdd2c18
Sha1:   7ff0d7a015937202b877d3e054deda738fe34e85
Sha256: 355f5bfa46700d7316c70a0c42f22cf53d4eb9f3c3a6523f243855116a955d2a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 08:36:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LUmExBp0QpY1/gC9EP7nPw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.223.168.227
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NUFBLcYF4Dp7YZwxU7Djyc6swbA=

                                        
                                            GET /files/theme/custom.js?1536078196 HTTP/1.1 
Host: www.helgakaren.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
Cookie: is_mobile=0; language=en

                                         
                                         199.34.228.65
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 08:36:45 GMT
Content-Length: 3281
Connection: keep-alive
Last-Modified: Wed, 17 Feb 2021 18:05:21 GMT
x-rgw-object-type: Normal
ETag: "2b0353c06ab40e57f33edb8b523665a4"
x-amz-request-id: tx000000000000000046da8-006258b655-4d6022f-las
X-Storage-Bucket: z09eb
X-Storage-Object: 09ebc712b649d3d4598207980101cd648cc6020ee0bfbb7ee38774318cdef3a6
X-Host: grn129.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   3281
Md5:    2b0353c06ab40e57f33edb8b523665a4
Sha1:   2753dcfff0b2bf9406b53e98c2292786e448caf8
Sha256: 09ebc712b649d3d4598207980101cd648cc6020ee0bfbb7ee38774318cdef3a6

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /files/theme/mobile.js?1536078196 HTTP/1.1 
Host: www.helgakaren.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
Cookie: is_mobile=0; language=en

                                         
                                         199.34.228.65
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 08:36:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 04 Jan 2021 20:41:48 GMT
ETag: W/"3ea9513d9ec2d29696fe868fc83ba655"
x-amz-request-id: tx0000000000001aa63dd20-0060b5a470-131dd7c-las
X-Storage-Bucket: zc64f
X-Storage-Object: c64f925bf80e6f3fe7c613726e8c011334a61fbe3a6071c77966c812cfacf269
X-Host: grn41.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   3045
Md5:    b591482ea0b0fdad23bef9816cfc63c0
Sha1:   80ba3cc9c5dd2338252246ac5ea7dc1ae812c6a9
Sha256: b8bf5d0afa35ff9dadc13577e08f1286d41508ba4e2b7bd84b356c1d2242e71b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.helgakaren.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 13036
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 21 Sep 2022 21:56:50 GMT
Expires: Thu, 21 Sep 2023 21:56:50 GMT
Cache-Control: public, max-age=31536000
Age: 470395
Last-Modified: Wed, 27 Apr 2022 16:04:42 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Size:   13036
Md5:    0ad032b3d07aaf33b160ac4799dda40f
Sha1:   06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
Sha256: c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
                                        
                                            GET /s/actor/v17/wEOzEBbCkc5cO0ejVSk.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.helgakaren.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 21976
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 26 Sep 2022 03:59:32 GMT
Expires: Tue, 26 Sep 2023 03:59:32 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 19 Apr 2022 19:22:29 GMT
Age: 103033


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 21976, version 1.0\012- data
Size:   21976
Md5:    7ee7f470152787952958d6adfa07b2ac
Sha1:   14a09075b2cbec9ff65302de9d634f9011f70e53
Sha256: b31aaefa522d67846638fa4181bbb22375bd0cb1beb37d514609c3821953161a
                                        
                                            GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.helgakaren.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23236
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 24 Sep 2022 16:53:38 GMT
Expires: Sun, 24 Sep 2023 16:53:38 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 26 Apr 2022 16:04:12 GMT
Age: 229387


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data
Size:   23236
Md5:    716309aab2bca045f9627f63ad79d0bf
Sha1:   38804233a29aaf975d557fe14e762c627bef76e0
Sha256: 115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
                                        
                                            GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.helgakaren.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 26100
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 26 Sep 2022 18:39:51 GMT
Expires: Tue, 26 Sep 2023 18:39:51 GMT
Cache-Control: public, max-age=31536000
Age: 50214
Last-Modified: Fri, 24 Jun 2022 18:41:34 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 26100, version 1.0\012- data
Size:   26100
Md5:    312bcfa92b0b0a09c3f404b2c662a0b6
Sha1:   5398ff9ee3c10bffc54e3a9f7e5e7506a822b38a
Sha256: 979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
                                        
                                            GET /files/theme/plugins.js?1536078196 HTTP/1.1 
Host: www.helgakaren.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
Cookie: is_mobile=0; language=en

                                         
                                         199.34.228.65
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 08:36:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 02 Apr 2022 08:42:51 GMT
x-rgw-object-type: Normal
ETag: W/"4cf5477130f7311a5f0af1ecaf425ee4"
x-amz-request-id: tx00000000000000004433e-006258b624-4d62951-las
X-Storage-Bucket: zb83c
X-Storage-Object: b83c1bdb86ae601a4a54799c364306dd922e98d5fddc177d404611bf1a2706f3
X-Host: grn46.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   18996
Md5:    80b977ddf918a1ff63f2350225772ca6
Sha1:   6fbc6b952295c565f67ea251eeb7a4c0cccd1c6a
Sha256: ca0e7374161e8f72ba8d049e4392e8785c6038763b1cba40726d15a87557d38d
                                        
                                            GET /js/wsnbn/snowday262.js HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/

                                         
                                         151.101.85.46
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: keep-alive
Content-Length: 25752
Server: nginx
Last-Modified: Wed, 14 Sep 2022 16:18:50 GMT
ETag: "6321feea-124fe"
Expires: Thu, 29 Sep 2022 08:38:41 GMT
Cache-Control: max-age=1209600
X-Host: blu123.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 27 Sep 2022 08:36:46 GMT
Age: 1036686
X-Served-By: cache-sjc10051-SJC, cache-bma1635-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 5269
X-Timer: S1664267806.185632,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (2512)
Size:   25752
Md5:    234327230add9a5a5d61a48829ea4565
Sha1:   7966cc0e4bd76f88ff193c8a99a067de804b7129
Sha256: bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
                                        
                                            GET /js/site/main-customer-accounts-site.js?buildTime=1660262238 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/

                                         
                                         151.101.85.46
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: keep-alive
Content-Length: 158930
Server: nginx
Last-Modified: Wed, 14 Sep 2022 16:19:21 GMT
ETag: "6321ff09-8250f"
Expires: Mon, 03 Oct 2022 13:26:50 GMT
Cache-Control: max-age=1209600
X-Host: blu104.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 27 Sep 2022 08:36:45 GMT
Age: 673795
X-Served-By: cache-sjc10080-SJC, cache-bma1635-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1664267806.628543,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (2632)
Size:   886
Md5:    5c465ace654da8d0e367f91e7751ae62
Sha1:   f218f483eccbba5be90abf97eff819569329f8b7
Sha256: 0c91c8e311bc809644913a2ff023585ba587ecfc834ba3cd152544e75d422bd9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 08:36:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /images/landing-pages/global/logotype.svg HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1664237694

                                         
                                         151.101.85.46
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Connection: keep-alive
Content-Length: 1488
X-GUploader-UploadID: ADPycduITtRhv_5h862549JhDllw6e8s6BnV_OXwumpJRf4tFUCeyTwCkktV2dvyagvDEGSph_ZPdebwS4sUYTbNDwxM4yW9wl-L
Cache-Control: public, max-age=86400, s-maxage=259200
Expires: Sat, 17 Sep 2022 00:08:57 GMT
Last-Modified: Wed, 10 Oct 2018 21:37:00 GMT
ETag: "bc61dcb431a14c508075eeff4f74523a"
x-goog-generation: 1539207420450301
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3507
x-goog-hash: crc32c=vgUlyw==, md5=vGHctDGhTFCAde7/T3RSOg==
x-goog-storage-class: STANDARD
Server: UploadServer
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Tue, 27 Sep 2022 08:36:46 GMT
Via: 1.1 varnish
Age: 116817
X-Served-By: cache-bma1635-BMA
X-Cache: HIT
X-Cache-Hits: 421
X-Timer: S1664267806.247579,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2858)
Size:   1488
Md5:    0d1c9fb7005532e7b245cfdf1280d805
Sha1:   2466421992f1fb0e44829833aaee7afc0e5ac7cc
Sha256: 8691b92eed1360903b2182d81e491c80141d0cd051366ce3e8c4f359538eb1ff
                                        
                                            GET /fonts/SQ_Market/sqmarket-medium.woff2 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.helgakaren.com
Connection: keep-alive
Referer: http://www.helgakaren.com/

                                         
                                         151.101.85.46
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Server: nginx
Last-Modified: Thu, 08 Sep 2022 17:37:45 GMT
ETag: "631a2869-7830"
Expires: Wed, 28 Sep 2022 08:35:40 GMT
Cache-Control: max-age=1209600
X-Host: blu74.sf2p.intern.weebly.net
Via: 1.1 varnish, 1.1 varnish
Content-Length: 30768
Accept-Ranges: bytes
Date: Tue, 27 Sep 2022 08:36:46 GMT
Age: 1123266
Connection: keep-alive
X-Served-By: cache-sjc10054-SJC, cache-bma1678-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 12, 334
X-Timer: S1664267806.260018,VS0,VE0
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30768, version 1.393\012- data
Size:   30768
Md5:    2344124773c71bf4fa4ad407e7c3a467
Sha1:   3394a43ab1efab8a22a1f07222f7f02a9e12cbb8
Sha256: bd4d2e29f503390e4951af9232fc43780b43d349647188d8f3f600835f16afb7
                                        
                                            GET /recaptcha/api.js?_=1664267804117 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.helgakaren.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Tue, 27 Sep 2022 08:36:46 GMT
date: Tue, 27 Sep 2022 08:36:46 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (850), with no line terminators
Size:   554
Md5:    2311f1fa9653aad9f269b060d254e517
Sha1:   5616b0baad9134f8e12ab3fb911578740aa392fb
Sha256: 51f53051cf837a6d1e0de5e5db5bb5d5a2c1e4b23d4e7323ce306e24a80ba2b7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 08:36:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ga.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/

                                         
                                         142.250.74.174
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Tue, 27 Sep 2022 07:04:57 GMT
Expires: Tue, 27 Sep 2022 09:04:57 GMT
Cache-Control: public, max-age=7200
Age: 5509
Last-Modified: Sun, 11 Sep 2022 13:50:09 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (1305)
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 08:36:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.helgakaren.com
Connection: keep-alive
Referer: http://www.helgakaren.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
age: 123051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (826)
Size:   158248
Md5:    db1b5789e9915e9c82f5df92e5982980
Sha1:   2e193e502995501c85f45fd89d9f83707a7f9573
Sha256: db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
                                        
                                            OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www.helgakaren.com/
Origin: http://www.helgakaren.com
Connection: keep-alive

                                         
                                         35.82.13.103
HTTP/1.1 200 OK
                                        
Date: Tue, 27 Sep 2022 08:36:46 GMT
Content-Length: 0
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: http://www.helgakaren.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, SP-Anonymous
Access-Control-Max-Age: 5

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.helgakaren.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
Cookie: is_mobile=0; language=en; _snow_ses.80aa=*; _snow_id.80aa=852c5099-7089-482f-b568-33640cd8515b.1664267804.1.1664267804.1664267804.3db51a82-6d2a-4602-a2d5-d1d8c0a84730

                                         
                                         199.34.228.65
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Tue, 27 Sep 2022 08:36:46 GMT
Content-Length: 4286
Connection: keep-alive
Last-Modified: Fri, 24 Sep 2021 21:48:12 GMT
x-rgw-object-type: Normal
ETag: "4d27526198ac873ccec96935198e0fb9"
x-amz-request-id: tx000000000000000c8f1f2-0061a70684-a9f1b25-sfo1
X-Storage-Bucket: z40a2
X-Storage-Object: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
X-Host: grn74.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size:   4286
Md5:    4d27526198ac873ccec96935198e0fb9
Sha1:   b98d8b73ad6a0f7477c3397561b4aab37bf262aa
Sha256: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
                                        
                                            POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1 
Host: www.helgakaren.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: http://www.helgakaren.com
Connection: keep-alive
Referer: http://www.helgakaren.com/
Cookie: is_mobile=0; language=en; _snow_ses.80aa=*; _snow_id.80aa=852c5099-7089-482f-b568-33640cd8515b.1664267804.1.1664267804.1664267804.3db51a82-6d2a-4602-a2d5-d1d8c0a84730

                                         
                                         199.34.228.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Tue, 27 Sep 2022 08:36:46 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn118.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=51
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Size:   348
Md5:    a944dd688c99d2901d6719be713271c0
Sha1:   4f5454d5d434829baf46671638610791758725d9
Sha256: adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
Content-Length: 1771
Origin: http://www.helgakaren.com
Connection: keep-alive
Referer: http://www.helgakaren.com/

                                         
                                         35.82.13.103
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 08:36:46 GMT
Content-Length: 2
Connection: keep-alive
Server: nginx
Set-Cookie: sp=8c7f2e4a-8d2d-4610-aa8c-486d24564d59; Expires=Wed, 27 Sep 2023 08:36:46 GMT; Domain=; Path=/; Secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: http://www.helgakaren.com
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            GET /uploads/9/3/6/2/93620912/background-images/928333336.jpg HTTP/1.1 
Host: www.helgakaren.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
Cookie: is_mobile=0; language=en

                                         
                                         199.34.228.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 27 Sep 2022 08:36:45 GMT
Content-Length: 364810
Connection: keep-alive
Last-Modified: Wed, 05 Sep 2018 11:24:16 GMT
x-rgw-object-type: Normal
ETag: "2f2d73856b92a61d3d48ea84271db636"
x-amz-request-id: tx000000000000013357c17-0062de6885-bfe36ba-sfo1
X-Storage-Bucket: z834a
X-Storage-Object: 834a6237b06da4d81d29dcbd74ad175309183d811b1c8ce568cb84d4c580d57c
X-Host: grn56.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2000x1500, components 3\012- data
Size:   364810
Md5:    2f2d73856b92a61d3d48ea84271db636
Sha1:   65c88abeff6d01261243d24a0fd0626e1dee970c
Sha256: 834a6237b06da4d81d29dcbd74ad175309183d811b1c8ce568cb84d4c580d57c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3083
Expires: Tue, 27 Sep 2022 09:28:10 GMT
Date: Tue, 27 Sep 2022 08:36:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3083
Expires: Tue, 27 Sep 2022 09:28:10 GMT
Date: Tue, 27 Sep 2022 08:36:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3083
Expires: Tue, 27 Sep 2022 09:28:10 GMT
Date: Tue, 27 Sep 2022 08:36:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3083
Expires: Tue, 27 Sep 2022 09:28:10 GMT
Date: Tue, 27 Sep 2022 08:36:47 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7701
x-amzn-requestid: 63bfd7b5-f18e-4396-99a8-fb24dee1ee0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGCmmGswoAMF2zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324af6-04fa1b18525182b7213f844c;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:59:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KT47E-2_0O70MgMbGzSjvVaFrWwQybXKo_dkWMw2vnqBElOZtT_Big==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
age: 27052
etag: "2f7876bd0e4b52aa04ccf1c2a45359156eaefb97"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7701
Md5:    9ff2dbdbf6d450f0d9774777b3c5aa6e
Sha1:   2f7876bd0e4b52aa04ccf1c2a45359156eaefb97
Sha256: 4c2184b8150834adf1e9ec807f3175b6fcd574920a98c857db2cfb01b78da2fe
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8255
x-amzn-requestid: 3bf29c4a-406a-4645-ad18-44cd6f05d457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VnFEV-IAMFQMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfc6-3eaa337d1e1c1b6d5e951419;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qkOlqM6tJ90H9572YLE0J-s79edBSceM5hLbJtyyuH86xdW8juoktA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 13:28:31 GMT
age: 68896
etag: "04a0665f771562c3e56ac3542abe5bd3c4c1a6b5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8255
Md5:    fa70ece15044b7318cb11ae5e37a64e7
Sha1:   04a0665f771562c3e56ac3542abe5bd3c4c1a6b5
Sha256: 8c974283b2ba0058114404af3e4818daa8cc56f270cb8a46f5f2f54de9d2f0e1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:25:52 GMT
age: 25855
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6390
Md5:    14218a43c5e5bbce546735a780c8ccce
Sha1:   61676358cdbb2373bc644e66f8a84fbc8cc5daf6
Sha256: 905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5319
x-amzn-requestid: d4c13fa8-eb03-4abf-9516-b74eac712b87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreHL5IAMFcOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-487923453bd27d6a744b5a31;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gGfaq_dx7NIHH43-iNn0Ah61HRLT8H3NxPGVoDvkKgBgy8zJWYwRuw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 38849
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5319
Md5:    46e31aa06b8e86a9a5f9ba1cc3feca08
Sha1:   75df3341e30281fcbf78c7074980356fdf0be8e2
Sha256: d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334b6513-7266-4f03-aae2-328c1b58a30e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10864
x-amzn-requestid: a6be937a-3e8f-4dad-bbca-f28554f5ff21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioQqFHsoAMFxXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420d0-78fecb9e2f76416044839a35;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:08:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: l-svEjPVAfeYvCQAHsARjTk9PNdkVGUJA_2415312kWF2x6MDI7o7A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 13:17:07 GMT
age: 69580
etag: "2a2fabd9f9792daf9c058fc754d5616267b703f1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10864
Md5:    56c3768b851e6a5206cbfbe3f5a97cae
Sha1:   2a2fabd9f9792daf9c058fc754d5616267b703f1
Sha256: 668dba22a0c81c4580637806c293521b176512b18ebcc2fe951be2f27f43134d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11881
x-amzn-requestid: 4562e550-9c0f-407b-be2a-3c5d8901d444
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2apSEPuIAMF5TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c0b08-5c5f052f146d25a7190412d1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:13:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EAiLlHN2h6EPX0idrlQG4TIyGBMt_In0_Tpy79foal99j4xoRasO-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:23:49 GMT
age: 36778
etag: "3b660de9902fbfcf2efb477f40480b08545ebc5f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11881
Md5:    91d97447a6a35813e57d942f685544c4
Sha1:   3b660de9902fbfcf2efb477f40480b08545ebc5f
Sha256: 08c1ea19c4918273da12c9a2e962edf4463c486a30f60c8a279a45e5edcf972a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 38856
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9163
Md5:    deb8d1e3b6d7fbc8c8ba478269621676
Sha1:   84f5a4c8b38acde814bc790e5b514347718d5bb9
Sha256: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b