firefox.settings.services.mozilla.com/v1/
108.157.229.91200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 108.157.229.91:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 3f17af4e8a1739eda4a518039f4892f9
c3feba08ae7e8f57e0fe9bcd2ebedea6bda67cbb
c485b09cad08b5233fe8753682faf59219fe0d18fcc34d90dc88fb0971295f5f
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 10 Oct 2022 18:48:24 GMT
Expires: Mon, 10 Oct 2022 19:28:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a1883601a786b7317faec0d94ef154f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: 6bKxSy1958wyiiWYpO86UeXuerJNo1R_bThDYgG8Yoztz4S9pngz8w==
Age: 1216
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 03c3cfc567661cca575e54ad505acd08
e73f7955b0c794a9cf8ff77b3ecaf436354521fe
50017e6eb57c5bcaa8dc74af6e3967362ec6b8f177a5bf722dd2d215698c4fa9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50017E6EB57C5BCAA8DC74AF6E3967362EC6B8F177A5BF722DD2D215698C4FA9"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14922
Expires: Mon, 10 Oct 2022 23:17:22 GMT
Date: Mon, 10 Oct 2022 19:08:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3d0ffae9abfdf558a6286013a0201c8b
2dc8ea0000a1b0c0f849611fdd73429bca51bfad
8e19eab9b6d16819f9ef3920971542cbcf5dd18280617e2de1a3827f0c149398
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E19EAB9B6D16819F9EF3920971542CBCF5DD18280617E2DE1A3827F0C149398"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3073
Expires: Mon, 10 Oct 2022 19:59:53 GMT
Date: Mon, 10 Oct 2022 19:08:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Gp6iBT6f35tCw1TYz9bnLeZmQqTl7yXt8a7DAHFXl3eVRE9ld9+00XJUVyUhJpZYlREznThNjqI=
x-amz-request-id: PPY2N38Q29DFET95
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 10 Oct 2022 18:32:36 GMT
age: 2164
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
helgakaren.com/
199.34.228.65301 Moved Permanently 234 B IP 199.34.228.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4994788cd1bd6b49d3b37ea04797510f
cdcce21f76aa0aa58f733a69563d390ecdd9b517
af7454597066ccd849c1816da24e43dcabf30e880062803232b0f2cfbcd23a24
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: helgakaren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 10 Oct 2022 19:08:40 GMT
Server: Apache
Location: http://www.helgakaren.com/
Content-Length: 234
Keep-Alive: timeout=10, max=63
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 10 Oct 2022 19:08:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
108.157.229.91200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 108.157.229.91:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 10 Oct 2022 18:29:41 GMT
Expires: Mon, 10 Oct 2022 18:33:06 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 471577f2b3efe669f21e138a1621a8ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: dxRsspHSzdLxiFBZOJ5GtfVA6Ao72AJzO_276P7PSHy6zmozYHkHKA==
Age: 2340
www.helgakaren.com/
199.34.228.65200 OK 6.8 kB IP 199.34.228.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1350)
Hash 4b1085378c7ba647d6e021f4b03b786c
35f14d4ffbc9d1dd9294587bf8f4c9d60cf9959a
d949fd8c00671f5636f80bec9935838f419105560601a0d37beff42d6b076241
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.helgakaren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 10 Oct 2022 19:08:41 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.helgakaren.com
language=en; expires=Mon, 24-Oct-2022 19:08:41 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"d25dda500f13d4c4df89bfebbcf21cbd-gzip"
Content-Encoding: gzip
X-Host: grn116.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 6760
Keep-Alive: timeout=10, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,300italic,200,200italic,700,400italic,700italic&subset=latin,latin-ext
142.250.74.10200 OK 964 B URL HTTP/1.1 fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,300italic,200,200italic,700,400italic,700italic&subset=latin,latin-ext
IP 142.250.74.10:0
Hash 6882bf46876efc826221ba9492299cae
cf98c827458ae30bab9267db64b3bd1196e024c2
cddc12c2c5d58c9821c843c19592ba22323e16f0ee047544a1930750d1257635
GET /css?family=Source+Sans+Pro:400,300,300italic,200,200italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 10 Oct 2022 19:08:41 GMT
Date: Mon, 10 Oct 2022 19:08:41 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
142.250.74.10200 OK 471 B URL HTTP/1.1 fonts.googleapis.com/css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
IP 142.250.74.10:0
Hash 0c25875b36f3fb245e7c2fd59057d479
8135703d160ed58535e2bc51db78aefb9a8b3907
a4b87ce4891dff7fbf8e40b1ed386c531b7488b23a9cd07d8b2ccd63c7d1d945
GET /css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 10 Oct 2022 19:08:41 GMT
Date: Mon, 10 Oct 2022 19:08:41 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Actor&subset=latin,latin-ext
142.250.74.10200 OK 260 B URL HTTP/1.1 fonts.googleapis.com/css?family=Actor&subset=latin,latin-ext
IP 142.250.74.10:0
Hash 51867f8bad83f4b67a7bef4cec2ec0c5
2bae7cb31e9d2e875a67d4f7e64d6fbf27be6a42
7da17794363b1d8157bd2b633af0d2339e85e56f2dbafa604ac465eebf65c55c
GET /css?family=Actor&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 10 Oct 2022 19:08:41 GMT
Date: Mon, 10 Oct 2022 19:08:41 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Cabin:400,700,400italic,700italic&subset=latin,latin-ext
142.250.74.10200 OK 520 B URL HTTP/1.1 fonts.googleapis.com/css?family=Cabin:400,700,400italic,700italic&subset=latin,latin-ext
IP 142.250.74.10:0
Hash 3de06f0a80790203f3e0f42ca3001bd1
ae153a02970be42eb53aa6108d559e14db0d8e2b
e9eeca8661881c903fc2a0bfd50770ad3aa68b089324d382489e9b23a2b09721
GET /css?family=Cabin:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 10 Oct 2022 19:08:41 GMT
Date: Mon, 10 Oct 2022 19:08:41 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
cdn2.editmysite.com/fonts/Bebas/font.css?2
151.101.85.46200 OK 128 B URL HTTP/1.1 cdn2.editmysite.com/fonts/Bebas/font.css?2
IP 151.101.85.46:0
Hash ade9f0f357315a81d19eea855af91d93
aec8e5b4d6d4854c634e84bbb505efc01682ede7
6d05b3835b5b2fd7b8e1a23fefd66d7abd0d654c3cfb1a79c4b1eedbfa2180df
GET /fonts/Bebas/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 128
Server: nginx
Content-Type: text/css
Last-Modified: Tue, 20 Sep 2022 22:41:02 GMT
ETag: "632a417e-a2"
Expires: Tue, 11 Oct 2022 11:13:16 GMT
Cache-Control: max-age=1209600
X-Host: grn25.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 10 Oct 2022 19:08:41 GMT
Age: 1151725
X-Served-By: cache-sjc10080-SJC, cache-bma1661-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 2
X-Timer: S1665428921.439270,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
cdn2.editmysite.com/css/social-icons.css?buildtime=1660262238
151.101.85.46200 OK 1.6 kB URL HTTP/1.1 cdn2.editmysite.com/css/social-icons.css?buildtime=1660262238
IP 151.101.85.46:0
File type ASCII text, with very long lines (13080)
Hash 67056f09eaf504258010881f5bc71cfa
80821819c858ab42c83bb79fd06b702b3f3cb8b5
082ba6b8437c213cd561bebf0a2b4af2fef7ff7a461098daaf628a86306ed13e
GET /css/social-icons.css?buildtime=1660262238 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1640
Server: nginx
Content-Type: text/css
Last-Modified: Mon, 03 Oct 2022 17:47:23 GMT
ETag: W/"633b202b-3319"
Expires: Tue, 18 Oct 2022 08:12:11 GMT
Cache-Control: max-age=1209600
X-Host: grn116.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 10 Oct 2022 19:08:41 GMT
Age: 557790
X-Served-By: cache-sjc10082-SJC, cache-bma1637-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1
X-Timer: S1665428921.438381,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
cdn2.editmysite.com/css/old/fancybox.css?1660262238
151.101.85.46200 OK 1.2 kB URL HTTP/1.1 cdn2.editmysite.com/css/old/fancybox.css?1660262238
IP 151.101.85.46:0
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1660262238 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1218
Server: nginx
Content-Type: text/css
Last-Modified: Mon, 26 Sep 2022 23:22:27 GMT
ETag: "63323433-f47"
Expires: Tue, 11 Oct 2022 07:44:26 GMT
Cache-Control: max-age=1209600
X-Host: blu146.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 10 Oct 2022 19:08:41 GMT
Age: 1164255
X-Served-By: cache-sjc10045-SJC, cache-bma1623-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1665428921.439781,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1660262238&
151.101.85.46200 OK 33 kB URL HTTP/1.1 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1660262238&
IP 151.101.85.46:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (64997)
Hash b8736606557623d8a39fd26e43926dd3
039f940323d4f57ee45d8897d2ce550ed7334fe2
85ad367334d5df1a7d92c2fcc70eaf6a1876c3e132c07495db2a9dac01f04d1f
GET /js/lang/en/stl.js?buildTime=1660262238& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 32983
Server: nginx
Content-Type: application/javascript
Last-Modified: Mon, 03 Oct 2022 17:46:29 GMT
ETag: "633b1ff5-2c6bb"
Expires: Tue, 18 Oct 2022 10:57:36 GMT
Cache-Control: max-age=1209600
X-Host: grn79.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 10 Oct 2022 19:08:41 GMT
Age: 547865
X-Served-By: cache-sjc10055-SJC, cache-bma1637-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 15, 1
X-Timer: S1665428921.438025,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
cdn2.editmysite.com/css/sites.css?buildTime=1660262238
151.101.85.46200 OK 30 kB URL HTTP/1.1 cdn2.editmysite.com/css/sites.css?buildTime=1660262238
IP 151.101.85.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
GET /css/sites.css?buildTime=1660262238 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 29746
Server: nginx
Content-Type: text/css
Last-Modified: Mon, 26 Sep 2022 23:22:21 GMT
ETag: W/"6332342d-347ac"
Expires: Tue, 11 Oct 2022 10:27:46 GMT
Cache-Control: max-age=1209600
X-Host: grn93.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 10 Oct 2022 19:08:41 GMT
Age: 1154455
X-Served-By: cache-sjc10042-SJC, cache-bma1658-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1
X-Timer: S1665428921.438756,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1665424099
151.101.85.46200 OK 1.4 kB URL HTTP/1.1 cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1665424099
IP 151.101.85.46:0
File type ASCII text, with very long lines (3600), with no line terminators
Hash 121a5b9688d8e70ee7bb06cc79491f76
3a28220baa7d8879270c8311bed7dddefa7e43e9
181716c84474c9eb6685a809d69dda5d49ce44dfbf64c5dee89a3091e23def40
GET /js/site/footerSignup.js?buildTime=1665424099 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1372
Server: nginx
Content-Type: application/javascript
Last-Modified: Mon, 10 Oct 2022 17:19:28 GMT
ETag: "63445420-e10"
Expires: Mon, 24 Oct 2022 17:49:57 GMT
Cache-Control: max-age=1209600
X-Host: grn50.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 10 Oct 2022 19:08:41 GMT
Age: 4724
X-Served-By: cache-sjc10078-SJC, cache-bma1637-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 44, 33
X-Timer: S1665428921.453133,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
cdn2.editmysite.com/js/site/main.js?buildTime=1660262238
151.101.85.46200 OK 146 kB URL HTTP/1.1 cdn2.editmysite.com/js/site/main.js?buildTime=1660262238
IP 151.101.85.46:0
File type ASCII text, with very long lines (32147)
Size 146 kB (146400 bytes)
Hash 81b8673c5d3aa3ab8c0574f2a8f0e3b4
2e0661bc7907d9e2703b3347c3fec579f0aef5d6
0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
GET /js/site/main.js?buildTime=1660262238 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 146400
Server: nginx
Content-Type: application/javascript
Last-Modified: Mon, 26 Sep 2022 23:22:45 GMT
ETag: "63323445-74804"
Expires: Tue, 11 Oct 2022 09:59:40 GMT
Cache-Control: max-age=1209600
X-Host: grn8.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 10 Oct 2022 19:08:41 GMT
Age: 1156141
X-Served-By: cache-sjc10050-SJC, cache-bma1632-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 13032, 901
X-Timer: S1665428921.438423,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1660262238
151.101.85.46200 OK 159 kB URL HTTP/1.1 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1660262238
IP 151.101.85.46:0
File type ASCII text, with very long lines (32007)
Size 159 kB (158975 bytes)
Hash c29a5e4fd4ee0d3b7cd0597f2b9b602b
bb134ed641467954f4a724167dc7ea56a03e7fa8
bf9850a7e6dd269898b78ecf07a34438bc300cad0bbb2d280e10ccadf81646b2
GET /js/site/main-customer-accounts-site.js?buildTime=1660262238 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 158975
Server: nginx
Content-Type: application/javascript
Last-Modified: Fri, 30 Sep 2022 14:57:22 GMT
ETag: "633703d2-8250f"
Expires: Mon, 17 Oct 2022 13:26:50 GMT
Cache-Control: max-age=1209600
X-Host: blu87.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 10 Oct 2022 19:08:41 GMT
Age: 625311
X-Served-By: cache-sjc10037-SJC, cache-bma1623-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1665428921.454308,VS0,VE3
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d545bc725dcd5d6f1dfc10a8b35aeb3a
82d92587953dac8a05d691730b8318719328de6b
9d1e6f1bf4b1c138d9e07e67264cb9ac5090a1c338ff72c87e1758e187cccb24
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5173
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 10 Oct 2022 19:08:41 GMT
Last-Modified: Mon, 10 Oct 2022 17:42:28 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b80398e65c98d84250756256d31eed2d
3cc23d1d91745ddd04ee676f51762f37c0bcdbd3
f2cb6fda3fdbd8f04d380e7841875d322353864124bb5b25ce36fb327a2bfded
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 10 Oct 2022 19:08:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.helgakaren.com/files/main_style.css?1660297735
199.34.228.65200 OK 5.7 kB URL HTTP/1.1 www.helgakaren.com/files/main_style.css?1660297735
IP 199.34.228.65:0
File type ASCII text, with very long lines (785)
Hash 97ad5ddfcce6bf2e296ff2c89fdd2c18
7ff0d7a015937202b877d3e054deda738fe34e85
355f5bfa46700d7316c70a0c42f22cf53d4eb9f3c3a6523f243855116a955d2a
Analyzer Verdict Alert fortinet Malware
GET /files/main_style.css?1660297735 HTTP/1.1
Host: www.helgakaren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 19:08:41 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn50.sf2p.intern.weebly.net
Content-Encoding: gzip
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
216.58.211.10200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (65483)
Hash a54a444f20643b131117dc2112cca05f
074964746b12ff1d30f7656310d6154ae1cc98b5
aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.helgakaren.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 08 Oct 2022 09:37:50 GMT
expires: Sun, 08 Oct 2023 09:37:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 207051
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
151.101.85.46200 OK 9.7 kB URL HTTP/1.1 cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
IP 151.101.85.46:0
File type PNG image data, 199 x 97, 8-bit colormap, non-interlaced\012- data
Hash 6e0f7ad31bf187e0d88fc5787573ba71
14e8b85cc32a01c8901e4ac0160582d29a45e9e6
580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd
GET /images/site/footer/footer-toast-published-image-1.png HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 9677
X-GUploader-UploadID: ADPycdujQNpHaXULXK5hWOudOsrFbrCOJBmkXkf6lNHnzHxB1q3PphW4yFVZQbxms7rfGEwEu0IdDaAyLbpAPqDN6NvCrqCgiKDD
Cache-Control: public, max-age=86400, s-maxage=259200
Expires: Thu, 06 Oct 2022 22:59:09 GMT
Last-Modified: Tue, 12 Feb 2019 18:19:08 GMT
ETag: "6e0f7ad31bf187e0d88fc5787573ba71"
x-goog-generation: 1549995548326466
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9677
Content-Type: image/png
x-goog-hash: crc32c=QhrKCw==, md5=bg960xvxh+DYj8V4dXO6cQ==
x-goog-storage-class: STANDARD
Server: UploadServer
Accept-Ranges: bytes
Date: Mon, 10 Oct 2022 19:08:41 GMT
Via: 1.1 varnish
Age: 72565
X-Served-By: cache-bma1623-BMA
X-Cache: HIT
X-Cache-Hits: 326
X-Timer: S1665428922.567375,VS0,VE0
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b80398e65c98d84250756256d31eed2d
3cc23d1d91745ddd04ee676f51762f37c0bcdbd3
f2cb6fda3fdbd8f04d380e7841875d322353864124bb5b25ce36fb327a2bfded
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 10 Oct 2022 19:08:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
216.58.207.195200 OK 13 kB URL HTTP/1.1 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.helgakaren.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 13036
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 22:00:08 GMT
Expires: Thu, 05 Oct 2023 22:00:08 GMT
Cache-Control: public, max-age=31536000
Age: 421713
Last-Modified: Wed, 27 Apr 2022 16:04:42 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/actor/v17/wEOzEBbCkc5cO0ejVSk.woff2
216.58.207.195200 OK 22 kB URL HTTP/1.1 fonts.gstatic.com/s/actor/v17/wEOzEBbCkc5cO0ejVSk.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21976, version 1.0\012- data
Hash 7ee7f470152787952958d6adfa07b2ac
14a09075b2cbec9ff65302de9d634f9011f70e53
b31aaefa522d67846638fa4181bbb22375bd0cb1beb37d514609c3821953161a
GET /s/actor/v17/wEOzEBbCkc5cO0ejVSk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.helgakaren.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 21976
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 06:20:27 GMT
Expires: Thu, 05 Oct 2023 06:20:27 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 19 Apr 2022 19:22:29 GMT
Content-Type: font/woff2
Age: 478094
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
216.58.207.195200 OK 23 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data
Hash 716309aab2bca045f9627f63ad79d0bf
38804233a29aaf975d557fe14e762c627bef76e0
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.helgakaren.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23236
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 15:22:20 GMT
Expires: Thu, 05 Oct 2023 15:22:20 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 26 Apr 2022 16:04:12 GMT
Content-Type: font/woff2
Age: 445581
fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
216.58.207.195200 OK 26 kB URL HTTP/1.1 fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 26100, version 1.0\012- data
Hash 312bcfa92b0b0a09c3f404b2c662a0b6
5398ff9ee3c10bffc54e3a9f7e5e7506a822b38a
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.helgakaren.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 26100
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 10 Oct 2022 19:08:08 GMT
Expires: Tue, 10 Oct 2023 19:08:08 GMT
Cache-Control: public, max-age=31536000
Age: 33
Last-Modified: Fri, 24 Jun 2022 18:41:34 GMT
Content-Type: font/woff2
www.helgakaren.com/files/theme/mobile.js?1536078196
199.34.228.65200 OK 3.0 kB URL HTTP/1.1 www.helgakaren.com/files/theme/mobile.js?1536078196
IP 199.34.228.65:0
Hash b591482ea0b0fdad23bef9816cfc63c0
80ba3cc9c5dd2338252246ac5ea7dc1ae812c6a9
b8bf5d0afa35ff9dadc13577e08f1286d41508ba4e2b7bd84b356c1d2242e71b
Analyzer Verdict Alert fortinet Malware
GET /files/theme/mobile.js?1536078196 HTTP/1.1
Host: www.helgakaren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 19:08:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 04 Jan 2021 20:41:48 GMT
ETag: W/"3ea9513d9ec2d29696fe868fc83ba655"
x-amz-request-id: tx0000000000001385e0ef3-0060c0f8bb-15b3dc2-las
X-Storage-Bucket: zc64f
X-Storage-Object: c64f925bf80e6f3fe7c613726e8c011334a61fbe3a6071c77966c812cfacf269
X-Host: blu24.sf2p.intern.weebly.net
Content-Encoding: gzip
www.helgakaren.com/files/theme/custom.js?1536078196
199.34.228.65200 OK 3.3 kB URL HTTP/1.1 www.helgakaren.com/files/theme/custom.js?1536078196
IP 199.34.228.65:0
Hash 2b0353c06ab40e57f33edb8b523665a4
2753dcfff0b2bf9406b53e98c2292786e448caf8
09ebc712b649d3d4598207980101cd648cc6020ee0bfbb7ee38774318cdef3a6
Analyzer Verdict Alert fortinet Malware
GET /files/theme/custom.js?1536078196 HTTP/1.1
Host: www.helgakaren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 19:08:41 GMT
Content-Type: application/javascript
Content-Length: 3281
Connection: keep-alive
Last-Modified: Wed, 17 Feb 2021 18:05:21 GMT
x-rgw-object-type: Normal
ETag: "2b0353c06ab40e57f33edb8b523665a4"
x-amz-request-id: tx00000000000000206b82b-0061a81312-a9f6a62-sfo1
X-Storage-Bucket: z09eb
X-Storage-Object: 09ebc712b649d3d4598207980101cd648cc6020ee0bfbb7ee38774318cdef3a6
X-Host: blu34.sf2p.intern.weebly.net
Accept-Ranges: bytes
push.services.mozilla.com/
35.86.38.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.86.38.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R/1wB2q61AERemMTEdZY9Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: M1IhBQyBugD47NRVRUJ+t4jVkdo=
www.helgakaren.com/files/theme/plugins.js?1536078196
199.34.228.65200 OK 19 kB URL HTTP/1.1 www.helgakaren.com/files/theme/plugins.js?1536078196
IP 199.34.228.65:0
Hash 80b977ddf918a1ff63f2350225772ca6
6fbc6b952295c565f67ea251eeb7a4c0cccd1c6a
ca0e7374161e8f72ba8d049e4392e8785c6038763b1cba40726d15a87557d38d
GET /files/theme/plugins.js?1536078196 HTTP/1.1
Host: www.helgakaren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 19:08:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 02 Apr 2022 08:42:51 GMT
x-rgw-object-type: Normal
ETag: W/"4cf5477130f7311a5f0af1ecaf425ee4"
x-amz-request-id: tx000000000000001a8b169-0062847677-b9fbc77-sfo1
X-Storage-Bucket: zb83c
X-Storage-Object: b83c1bdb86ae601a4a54799c364306dd922e98d5fddc177d404611bf1a2706f3
X-Host: blu29.sf2p.intern.weebly.net
Content-Encoding: gzip
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.85.46200 OK 26 kB URL HTTP/1.1 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 25752
Server: nginx
Content-Type: application/javascript
Last-Modified: Wed, 28 Sep 2022 21:45:07 GMT
ETag: "6334c063-124fe"
Expires: Thu, 13 Oct 2022 08:38:41 GMT
Cache-Control: max-age=1209600
X-Host: blu29.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 10 Oct 2022 19:08:41 GMT
Age: 988200
X-Served-By: cache-sjc10077-SJC, cache-bma1623-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 4940
X-Timer: S1665428922.947296,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1665424099
151.101.85.46200 OK 886 B URL HTTP/1.1 cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1665424099
IP 151.101.85.46:0
File type ASCII text, with very long lines (2632)
Hash 5c465ace654da8d0e367f91e7751ae62
f218f483eccbba5be90abf97eff819569329f8b7
0c91c8e311bc809644913a2ff023585ba587ecfc834ba3cd152544e75d422bd9
GET /css/free-footer-v3.css?buildtime=1665424099 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 886
Server: nginx
Content-Type: text/css
Last-Modified: Mon, 10 Oct 2022 17:19:01 GMT
ETag: "63445405-a49"
Expires: Mon, 24 Oct 2022 17:49:57 GMT
Cache-Control: max-age=1209600
X-Host: blu101.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 10 Oct 2022 19:08:41 GMT
Age: 4724
X-Served-By: cache-sjc10081-SJC, cache-bma1623-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 39, 20
X-Timer: S1665428922.984516,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 67f3b94a0e4e21dd8b7686af075d0554
a336c7de6fe89885028407be920c5abadb503b1f
0071bc03310db98470d40073c0ba293ed17034cee235e221bdf483c0d8cce424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 10 Oct 2022 19:08:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?_=1665428921910
142.250.74.164200 OK 555 B URL HTTP/2 www.google.com/recaptcha/api.js?_=1665428921910
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash e97ac326fe7d86d6443c29db10dd14e7
6001bc7cf0bc44bb9fb4b3cb5e99928d988e5221
ceb685ffc1ceb8e12d13345098796805f46a8f97fb744a00739f57c8961a59b6
GET /recaptcha/api.js?_=1665428921910 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.helgakaren.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 10 Oct 2022 19:08:42 GMT
date: Mon, 10 Oct 2022 19:08:42 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn2.editmysite.com/images/landing-pages/global/logotype.svg
151.101.85.46200 OK 1.5 kB URL HTTP/1.1 cdn2.editmysite.com/images/landing-pages/global/logotype.svg
IP 151.101.85.46:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2858)
Hash 0d1c9fb7005532e7b245cfdf1280d805
2466421992f1fb0e44829833aaee7afc0e5ac7cc
8691b92eed1360903b2182d81e491c80141d0cd051366ce3e8c4f359538eb1ff
GET /images/landing-pages/global/logotype.svg HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1665424099
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1488
X-GUploader-UploadID: ADPycduITtRhv_5h862549JhDllw6e8s6BnV_OXwumpJRf4tFUCeyTwCkktV2dvyagvDEGSph_ZPdebwS4sUYTbNDwxM4yW9wl-L
Cache-Control: public, max-age=86400, s-maxage=259200
Expires: Sat, 17 Sep 2022 00:08:57 GMT
Last-Modified: Wed, 10 Oct 2018 21:37:00 GMT
ETag: "bc61dcb431a14c508075eeff4f74523a"
x-goog-generation: 1539207420450301
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3507
Content-Type: image/svg+xml
x-goog-hash: crc32c=vgUlyw==, md5=vGHctDGhTFCAde7/T3RSOg==
x-goog-storage-class: STANDARD
Server: UploadServer
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Mon, 10 Oct 2022 19:08:42 GMT
Via: 1.1 varnish
Age: 241066
X-Served-By: cache-bma1623-BMA
X-Cache: HIT
X-Cache-Hits: 1129
X-Timer: S1665428922.028204,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
cdn2.editmysite.com/fonts/SQ_Market/sqmarket-medium.woff2
151.101.85.46200 OK 31 kB URL HTTP/1.1 cdn2.editmysite.com/fonts/SQ_Market/sqmarket-medium.woff2
IP 151.101.85.46:0
File type Web Open Font Format (Version 2), TrueType, length 30768, version 1.393\012- data
Hash 2344124773c71bf4fa4ad407e7c3a467
3394a43ab1efab8a22a1f07222f7f02a9e12cbb8
bd4d2e29f503390e4951af9232fc43780b43d349647188d8f3f600835f16afb7
GET /fonts/SQ_Market/sqmarket-medium.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.helgakaren.com
Connection: keep-alive
Referer: http://www.helgakaren.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 30768
Server: nginx
Content-Type: font/woff2
Last-Modified: Tue, 20 Sep 2022 22:41:04 GMT
ETag: "632a4180-7830"
Expires: Tue, 11 Oct 2022 09:22:37 GMT
Cache-Control: max-age=1209600
X-Host: grn42.sf2p.intern.weebly.net
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 10 Oct 2022 19:08:42 GMT
Age: 1158365
X-Served-By: cache-sjc10053-SJC, cache-bma1644-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1571
X-Timer: S1665428922.044414,VS0,VE0
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5855dca2f41651669a3211635c24ce5a
3f17ede289a3ac814e80a0acefbcd97246ab51de
ca400e5e49929039d4382b1ce2defadc76d86b5756fac8dbaa6d237d5ef1699c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 10 Oct 2022 19:08:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/ga.js
142.250.74.174200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Mon, 10 Oct 2022 19:05:15 GMT
Expires: Mon, 10 Oct 2022 21:05:15 GMT
Cache-Control: public, max-age=7200
Age: 207
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d86e14ff3ce5350e8b876fa551583c57
f5d6a4f4a7da1e11bc5bebd89a1fe6f3ac60cb30
6db523ab57767f22ee6cebc4050b55f11ffc9937ad3868c63090df084cc9a7b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 10 Oct 2022 19:08:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
142.250.74.163200 OK 160 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (608)
Size 160 kB (159789 bytes)
Hash 1230a090d5cedcb9e764406ab9497c1b
3d175bcf4ad9957c3e32611713c01347299b173e
585cafe3d6a3b932804aaa5aeb19a650688a2c15767f513d0d60c1941475c428
GET /recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.helgakaren.com
Connection: keep-alive
Referer: http://www.helgakaren.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 159789
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:23:47 GMT
expires: Thu, 05 Oct 2023 19:23:47 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
content-type: text/javascript
age: 431095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
35.82.13.103200 OK 0 B URL HTTP/1.1 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 35.82.13.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www.helgakaren.com/
Origin: http://www.helgakaren.com
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 10 Oct 2022 19:08:42 GMT
Content-Length: 0
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: http://www.helgakaren.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, SP-Anonymous
Access-Control-Max-Age: 5
www.helgakaren.com/favicon.ico
199.34.228.65200 OK 4.3 kB URL HTTP/1.1 www.helgakaren.com/favicon.ico
IP 199.34.228.65:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 4d27526198ac873ccec96935198e0fb9
b98d8b73ad6a0f7477c3397561b4aab37bf262aa
40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
GET /favicon.ico HTTP/1.1
Host: www.helgakaren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
Cookie: is_mobile=0; language=en; _snow_ses.80aa=*; _snow_id.80aa=d8c80040-1fbd-4e12-905f-51ea4bf0cfea.1665428922.1.1665428922.1665428922.4a2368d9-0387-4c84-9ed1-3901d1a94f8f
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 19:08:42 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: keep-alive
Last-Modified: Fri, 24 Sep 2021 21:48:12 GMT
x-rgw-object-type: Normal
ETag: "4d27526198ac873ccec96935198e0fb9"
x-amz-request-id: tx000000000000001ad46ef-0062847663-b9fbc7f-sfo1
X-Storage-Bucket: z40a2
X-Storage-Object: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
X-Host: blu139.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.helgakaren.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
199.34.228.65200 OK 348 B URL HTTP/1.1 www.helgakaren.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP 199.34.228.65:0
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.helgakaren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: http://www.helgakaren.com
Connection: keep-alive
Referer: http://www.helgakaren.com/
Cookie: is_mobile=0; language=en; _snow_ses.80aa=*; _snow_id.80aa=d8c80040-1fbd-4e12-905f-51ea4bf0cfea.1665428922.1.1665428922.1665428922.4a2368d9-0387-4c84-9ed1-3901d1a94f8f
HTTP/1.1 200 OK
Date: Mon, 10 Oct 2022 19:08:42 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu99.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=56
Connection: Keep-Alive
Content-Type: application/json
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
35.82.13.103200 OK 2 B URL HTTP/1.1 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 35.82.13.103:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
Content-Length: 1771
Origin: http://www.helgakaren.com
Connection: keep-alive
Referer: http://www.helgakaren.com/
HTTP/1.1 200 OK
Date: Mon, 10 Oct 2022 19:08:42 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Server: nginx
Set-Cookie: sp=3ce0e744-e7a1-4785-a47b-fc0ab496b29e; Expires=Tue, 10 Oct 2023 19:08:42 GMT; Domain=; Path=/; Secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: http://www.helgakaren.com
Access-Control-Allow-Credentials: true
www.helgakaren.com/uploads/9/3/6/2/93620912/background-images/928333336.jpg
199.34.228.65200 OK 365 kB URL HTTP/1.1 www.helgakaren.com/uploads/9/3/6/2/93620912/background-images/928333336.jpg
IP 199.34.228.65:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2000x1500, components 3\012- data
Size 365 kB (364810 bytes)
Hash 2f2d73856b92a61d3d48ea84271db636
65c88abeff6d01261243d24a0fd0626e1dee970c
834a6237b06da4d81d29dcbd74ad175309183d811b1c8ce568cb84d4c580d57c
GET /uploads/9/3/6/2/93620912/background-images/928333336.jpg HTTP/1.1
Host: www.helgakaren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.helgakaren.com/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 19:08:41 GMT
Content-Type: image/jpeg
Content-Length: 364810
Connection: keep-alive
Last-Modified: Wed, 05 Sep 2018 11:24:16 GMT
x-rgw-object-type: Normal
ETag: "2f2d73856b92a61d3d48ea84271db636"
x-amz-request-id: tx000000000000013357c17-0062de6885-bfe36ba-sfo1
X-Storage-Bucket: z834a
X-Storage-Object: 834a6237b06da4d81d29dcbd74ad175309183d811b1c8ce568cb84d4c580d57c
X-Host: blu24.sf2p.intern.weebly.net
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8559
Expires: Mon, 10 Oct 2022 21:31:21 GMT
Date: Mon, 10 Oct 2022 19:08:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8559
Expires: Mon, 10 Oct 2022 21:31:21 GMT
Date: Mon, 10 Oct 2022 19:08:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8559
Expires: Mon, 10 Oct 2022 21:31:21 GMT
Date: Mon, 10 Oct 2022 19:08:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8559
Expires: Mon, 10 Oct 2022 21:31:21 GMT
Date: Mon, 10 Oct 2022 19:08:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3c21914-dac1-455d-9533-b584e9bd6225.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3c21914-dac1-455d-9533-b584e9bd6225.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cefb9479bc2fe5087f9d2b89ef3cec2b
aa219f193812c6a2d0313316ce13fe74f1d468d0
a806ef995ed2285bd9f0d553df49aa28924e640805e1f50284baad1c0aec06bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3c21914-dac1-455d-9533-b584e9bd6225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10113
x-amzn-requestid: 7a9800c5-81ed-4a23-bbe0-0041ab682856
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZwalQEPPoAMF3yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63433e21-5a9bedb10c4f8c2c60ab3769;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 21:33:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MROeeTPtb6DfMHkig6fHcYuYiv1-udvJVfB1jygcDYLy4LuZmgRE_Q==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 22:24:52 GMT
age: 74630
etag: "aa219f193812c6a2d0313316ce13fe74f1d468d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d3fa05a-2c1d-4a1d-9d91-bc70cb4e4ee5.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d3fa05a-2c1d-4a1d-9d91-bc70cb4e4ee5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a09bd7160451852652bccbcbcdcbd527
f42137372ab3b592977b1b736c1b12fc5ed81bf6
568b1c7cbe260d05919ff7232855441f70bf048c32380d8c0b848aa80a1696c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d3fa05a-2c1d-4a1d-9d91-bc70cb4e4ee5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6923
x-amzn-requestid: 507e5591-c06e-4ee8-b567-a11b6c95024e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZwalRGFcoAMFslw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63433e21-5e5bf5026b2121931e035270;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 21:33:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EgQIb89afJS1uPY9ZUyDS_E7C_JQT8Scm3EC3K5OZKB2nE7wMx8PIw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 22:12:34 GMT
age: 75368
etag: "f42137372ab3b592977b1b736c1b12fc5ed81bf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e9aa9808428e5fd81ac9d61d6f7c708
3a8d76badce50dd98938885082dcb6e30363ae88
d8f7c48a1cbe04af2f7e0455d1ef7af9b63506b9ae343ebf14ece8689bb06bf6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11800
x-amzn-requestid: 5f2ce4dd-0df8-4df7-a12d-e6fffd622752
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZnTQHGADIAMFXfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f98cd-5044665325e5d64975c1ff0c;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 03:11:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LhwkinWopo6RX-yo5_35HWL9S2dGpdi7rAiwVWLxUicaHfHW3VF7DQ==
via: 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 22:22:12 GMT
age: 74790
etag: "3a8d76badce50dd98938885082dcb6e30363ae88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b12fb41-30af-4093-a2e5-407e0dba7f9f.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b12fb41-30af-4093-a2e5-407e0dba7f9f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cb1e1243af4405d2ddfc86ece266cff
bcd47a41fc6b0384c03fa00b8fa4a23805fa3b28
6df8b3b5420bad300304d14e8e18d65e4179a76d2f7e0a24bce23655318f49a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b12fb41-30af-4093-a2e5-407e0dba7f9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8218
x-amzn-requestid: 694a656a-0f68-4d3a-a316-1da1ce908c11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZwatMFwzoAMF4Ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63433e54-277be490531f4d3b4cf11540;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 21:34:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bQ8XleDVmNo8uFPqs6hSr55SYWa4yF2R4nZ_oMnObdl3PlTGM7l7Dg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 22:02:57 GMT
etag: "bcd47a41fc6b0384c03fa00b8fa4a23805fa3b28"
content-type: image/jpeg
age: 75945
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fddaf1070-ebad-430c-b856-6b6704ae51dd.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fddaf1070-ebad-430c-b856-6b6704ae51dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b2bd332e22751757c71b82b703f167e
5150043db72276380d5b265760112c05c233b873
18d961e14c5be703efce24f0e94ad4e046ad28b49325fdf22b5445fd24baf58d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fddaf1070-ebad-430c-b856-6b6704ae51dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6533
x-amzn-requestid: 56d11966-2442-410b-9c4f-eed2a3bf0d5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZwatMEpwoAMF1aA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63433e54-50740bf0455199093d849abe;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 21:34:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bF5vJ0uF9J5J9ZUQ1vteSfu3DVq2QxZEGFvRZKYMyGaCCZ3RU0Essg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 21:57:03 GMT
age: 76299
etag: "5150043db72276380d5b265760112c05c233b873"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ade344-507f-44c8-8fe3-b03ac965aee2.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ade344-507f-44c8-8fe3-b03ac965aee2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ff8cfe3904cca89e3bdfa8186ae382ba
0b9dce744f5facad9a0a136d81cf24e928211856
a6f0925a9666a43d018c05d717310f57b86316290fb4a7cdd309c35842e557a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ade344-507f-44c8-8fe3-b03ac965aee2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7674
x-amzn-requestid: 126f9400-fa43-413b-b496-338908efb777
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZeqScHUVoAMFrRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633c240f-1b7cff3e3415299a4d17e19e;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 12:16:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BjBiRKpvs2LQznegxhvMFrczSZGWXGSMvk3bxR8UPpcthRUUA2eTBg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 21:58:37 GMT
age: 76205
etag: "0b9dce744f5facad9a0a136d81cf24e928211856"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1241bbb-560d-4946-b821-3d3fd848e5c8.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1241bbb-560d-4946-b821-3d3fd848e5c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f8b93f2b38b076ed186f3baed866bdd6
47cf653b8a6e172875082b92653c631bfc881105
cada99e3a8cf87992e884e86adb5288f54a109209e88d11a076f9f664b63fed3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1241bbb-560d-4946-b821-3d3fd848e5c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5689
x-amzn-requestid: 26b4078b-a915-46d8-9a8b-12c57c604d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zql_ZH0uoAMF15g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6340e9fb-708725bd19ed94a64965f2d6;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 03:09:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vTerEoCHWE7_FisyrkM1dOr7aDAKENTErY1qvKLuZ0HUzeSfZbhSRg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 04:57:11 GMT
age: 51098
etag: "47cf653b8a6e172875082b92653c631bfc881105"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2