thedenbeauty.com/M&T-HELP/login.php?online_id=adf36d117fc4a907181129b87&country=&iso=
208.87.98.235200 OK 15 kB URL HTTP/1.1 thedenbeauty.com/M&T-HELP/login.php?online_id=adf36d117fc4a907181129b87&country=&iso=
IP 208.87.98.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (960), with CRLF line terminators
Hash 081bdda16bbdeca91f420f7898d60f08
cb837a7c87fbd60615fb9453ca1c939a34f4e840
179f859e76864bbb7c6e4ca09d6b5f51f760679f8f3798edb2375244fa63a0a5
GET /M&T-HELP/login.php?online_id=adf36d117fc4a907181129b87&country=&iso= HTTP/1.1
Host: thedenbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 30 Sep 2022 14:52:02 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10664
Expires: Fri, 30 Sep 2022 17:49:46 GMT
Date: Fri, 30 Sep 2022 14:52:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 30 Sep 2022 13:58:05 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zYj5OeOBpUnV50JGejZe-8UgDumL2yfb2Wll3l7d6pBWiHBdyp4dcQ==
Age: 3237
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 30 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ttvLeZssLv2xHw9BYVWWePtrTjshBr9RmzvI1jE1Ai4vMKrfjmnpww==
age: 33815
X-Firefox-Spdy: h2
thedenbeauty.com/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=9
208.87.98.235404 Not Found 315 B URL HTTP/1.1 thedenbeauty.com/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=9
IP 208.87.98.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=9 HTTP/1.1
Host: thedenbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thedenbeauty.com/M&T-HELP/login.php?online_id=adf36d117fc4a907181129b87&country=&iso=
HTTP/1.1 404 Not Found
Date: Fri, 30 Sep 2022 14:52:02 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
thedenbeauty.com/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=17
208.87.98.235404 Not Found 315 B URL HTTP/1.1 thedenbeauty.com/TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=17
IP 208.87.98.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /TSPD/0856addebbab2000ba949201dad9f67efc42df64f349dd0cbd91a24e357d5af05b11616b8df1b84b?type=17 HTTP/1.1
Host: thedenbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thedenbeauty.com/M&T-HELP/login.php?online_id=adf36d117fc4a907181129b87&country=&iso=
HTTP/1.1 404 Not Found
Date: Fri, 30 Sep 2022 14:52:02 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
thedenbeauty.com/ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js
208.87.98.235404 Not Found 315 B URL HTTP/1.1 thedenbeauty.com/ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js
IP 208.87.98.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js HTTP/1.1
Host: thedenbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thedenbeauty.com/M&T-HELP/login.php?online_id=adf36d117fc4a907181129b87&country=&iso=
HTTP/1.1 404 Not Found
Date: Fri, 30 Sep 2022 14:52:02 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
thedenbeauty.com/Assets/scripts/Login/Index.js
208.87.98.235404 Not Found 315 B URL HTTP/1.1 thedenbeauty.com/Assets/scripts/Login/Index.js
IP 208.87.98.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /Assets/scripts/Login/Index.js HTTP/1.1
Host: thedenbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thedenbeauty.com/M&T-HELP/login.php?online_id=adf36d117fc4a907181129b87&country=&iso=
HTTP/1.1 404 Not Found
Date: Fri, 30 Sep 2022 14:52:02 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 14:52:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
thedenbeauty.com/ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js
208.87.98.235404 Not Found 315 B URL HTTP/1.1 thedenbeauty.com/ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js
IP 208.87.98.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /ruxitagentjs_ICA2SVfhjqrux_10205201218101503.js HTTP/1.1
Host: thedenbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thedenbeauty.com/M&T-HELP/login.php?online_id=adf36d117fc4a907181129b87&country=&iso=
HTTP/1.1 404 Not Found
Date: Fri, 30 Sep 2022 14:52:02 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 30 Sep 2022 14:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 30 Sep 2022 15:04:31 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vzTM_y50izeXWwCODjDFqZ17AH08DLpOgtXzBRa7L-DljZAqLKIt2w==
Age: 1349
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 52ff3e3c910133c4bbe27c7cf1ae164f
deed1687f0c115816f5dc1f16718d1790a723fe5
dbb26f155f5789fa5829012543a0960df03167cdd1eae5fb8a3ae110f6c7b340
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "DBB26F155F5789FA5829012543A0960DF03167CDD1EAE5FB8A3AE110F6C7B340"
Last-Modified: Fri, 30 Sep 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Fri, 30 Sep 2022 15:52:02 GMT
Date: Fri, 30 Sep 2022 14:52:02 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 52ff3e3c910133c4bbe27c7cf1ae164f
deed1687f0c115816f5dc1f16718d1790a723fe5
dbb26f155f5789fa5829012543a0960df03167cdd1eae5fb8a3ae110f6c7b340
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "DBB26F155F5789FA5829012543A0960DF03167CDD1EAE5FB8A3AE110F6C7B340"
Last-Modified: Fri, 30 Sep 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Fri, 30 Sep 2022 15:52:02 GMT
Date: Fri, 30 Sep 2022 14:52:02 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 5a9c2cedf4fe49124887fb161141f8ee
2f61c5d0c38bcb6c06f1ece719fc79392e4212c2
7f05bfa8e5648ebee1a47eaf3e38cbeeb0e19b18e10b4429536c6fc58ab16284
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 71
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "7F05BFA8E5648EBEE1A47EAF3E38CBEEB0E19B18E10B4429536C6FC58AB16284"
Last-Modified: Fri, 30 Sep 2022 11:00:00 UTC
Content-Length: 1566
Cache-Control: public, no-transform, must-revalidate, max-age=3574
Expires: Fri, 30 Sep 2022 15:51:37 GMT
Date: Fri, 30 Sep 2022 14:52:03 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 1292a6832af94d165703f944f6da4378
c73d0ee1584b283393fd70b5d4879430b9b86899
4810d062b0fe561a0cac0af8563c7ebc729aff9784bb5f9defa7f2c0ddb1297f
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4810D062B0FE561A0CAC0AF8563C7EBC729AFF9784BB5F9DEFA7F2C0DDB1297F"
Last-Modified: Fri, 30 Sep 2022 08:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3554
Expires: Fri, 30 Sep 2022 15:51:17 GMT
Date: Fri, 30 Sep 2022 14:52:03 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 1292a6832af94d165703f944f6da4378
c73d0ee1584b283393fd70b5d4879430b9b86899
4810d062b0fe561a0cac0af8563c7ebc729aff9784bb5f9defa7f2c0ddb1297f
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4810D062B0FE561A0CAC0AF8563C7EBC729AFF9784BB5F9DEFA7F2C0DDB1297F"
Last-Modified: Fri, 30 Sep 2022 08:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3573
Expires: Fri, 30 Sep 2022 15:51:36 GMT
Date: Fri, 30 Sep 2022 14:52:03 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 1292a6832af94d165703f944f6da4378
c73d0ee1584b283393fd70b5d4879430b9b86899
4810d062b0fe561a0cac0af8563c7ebc729aff9784bb5f9defa7f2c0ddb1297f
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4810D062B0FE561A0CAC0AF8563C7EBC729AFF9784BB5F9DEFA7F2C0DDB1297F"
Last-Modified: Fri, 30 Sep 2022 08:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3597
Expires: Fri, 30 Sep 2022 15:52:00 GMT
Date: Fri, 30 Sep 2022 14:52:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d1be374a29f94481ff2c021e35f4eaa0
e05e92d94b5e434e9935e560fd8dc33bdc393aea
37a5132d2183f5c3bfaac5c89df691fea72cac4423110df88bdeb231f430deee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6509
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 14:52:03 GMT
Last-Modified: Fri, 30 Sep 2022 13:03:34 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
resources.mtb.com/r/simple-layout-responsive/css.mtb?v=08132020140516
24.75.29.77200 OK 35 kB URL HTTP/1.1 resources.mtb.com/r/simple-layout-responsive/css.mtb?v=08132020140516
IP 24.75.29.77:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash a09551203c370fcc0c14eee4d7af4fac
6fcd08a7f0871a33ded481a49023de7c42bcdbf0
59df120e12a64898104a890d8a3d976a0c9ef2e31c0741215106fd1edfa172d9
GET /r/simple-layout-responsive/css.mtb?v=08132020140516 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://thedenbeauty.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Expires: Sat, 30 Sep 2023 14:52:03 GMT
Last-Modified: Fri, 30 Sep 2022 14:52:02 GMT
ETag: "1664549523:dtagent10247220811100421ZWhG"
Vary: User-Agent
X-Srv: B-SC-03
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-608569326"
Date: Fri, 30 Sep 2022 14:52:02 GMT
Cteonnt-Length: 258715
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_9_sn_95C97451AF23701F0BC466DCE16917F2_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=01fb46a926dfceec5d7c19524155e945b1af9c6d2cac40dce265832f4979c2c48d1a4dc0b303f842d3dda83e8c6a9fcb34151fe96d; Path=/
TS0128739d=01fb46a9263e6815184385d02b42a2d996e2127b07ac40dce265832f4979c2c48d1a4dc0b37a6062925d8bd64c81dad6105c3e38f2c6f574e156b3f3e1b8932c3428e2705b; path=/; domain=.mtb.com
TSea15929a027=0856addebbab20009b91775ef4d301bb8636cf4aff50761af4b6ec3175a4f27d8792b8a4d1fe3cb30800fdc33711300090d85307cef7df309ca73e20991ce267f029e26b887a92c399d5bb05725f8bcf6b0e17b5322d1bbdda3e01440e6bc6fd; Path=/
Transfer-Encoding: chunked
push.services.mozilla.com/
35.162.35.244101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.35.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7OZsvpws/IBk0jE+lA24GQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fTxTe5AzdapwiZOOFjIAz10PsQQ=
resources.mtb.com/Assets/img/mtb-equalhousinglender.svg
24.75.29.77200 OK 230 B URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-equalhousinglender.svg
IP 24.75.29.77:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 916635d10512ae6a1840614a895dcd38
db175de4c42281bb4d239c57d1b95b8e75c529ec
d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad
GET /Assets/img/mtb-equalhousinglender.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://thedenbeauty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Fri, 30 Sep 2022 01:52:38 GMT
Accept-Ranges: bytes
ETag: "0376d516fd4d81:0"
X-Srv: B-SC-03
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="847221259"
Date: Fri, 30 Sep 2022 14:52:03 GMT
Content-Length: 230
Set-Cookie: TSea15929a027=0856addebbab20007b90819302b24d409ab554eb0a55441b603ea285d3515965c7ab685f484190280866330eec113000408a2e8787754e779ca73e20991ce26764e75020d6f5f620dc78dfb5bdee5fc24e5d9def8c0743bd1b02bf37611a9866; Path=/
resources.mtb.com/Assets/img/mtb-logo.svg
24.75.29.77200 OK 2.0 kB URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-logo.svg
IP 24.75.29.77:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2039), with no line terminators
Hash f2b901cf895852a0866fe4a16c7f1730
c4240af1ec798477b4e65a185ddbb1b038817da4
5f5b0d9f678fe446631a33a4cbbe891a01b0ed972143702e67ae6617367096ac
GET /Assets/img/mtb-logo.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://thedenbeauty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Fri, 30 Sep 2022 01:52:38 GMT
Accept-Ranges: bytes
ETag: "0376d516fd4d81:0"
X-Srv: B-SC-03
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="562289656"
Date: Fri, 30 Sep 2022 14:52:03 GMT
Content-Length: 2039
Set-Cookie: TSea15929a027=0856addebbab200046471de0629198f75c24dad7ba7e303ba4096811cda30235a340f0ceef15cfd808cc5d491d1130008d56d7d839dabcfc9ca73e20991ce267303ea48113ca50de37f35eb004ba3dd552a40b9bf35174a4c71c6675a0cc127f; Path=/
nexus.ensighten.com/mtbank/OE-Prod/Bootstrap.js
54.230.111.74200 OK 15 B URL HTTP/1.1 nexus.ensighten.com/mtbank/OE-Prod/Bootstrap.js
IP 54.230.111.74:0
Hash ffe905f50d9b47e6353b68513c4d48ac
d2c2ee4201cca3be67abf771ed1f1922fa94d083
c0d8671e209f009f9c1ad8153222f942087ec193b7e87f856e60971bd5424633
GET /mtbank/OE-Prod/Bootstrap.js HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thedenbeauty.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 15
Connection: keep-alive
Date: Fri, 30 Sep 2022 14:52:04 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Fri, 22 Jul 2022 23:48:01 GMT
ETag: "ffe905f50d9b47e6353b68513c4d48ac"
x-amz-server-side-encryption: AES256
Cache-Control: no-cache, no-store
x-amz-version-id: aoJA4xuOoFemAhjg4lZAdeni.2iMq5FL
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -q4NV0ESKM2Xh_jpc2tFQM8KFu104IsYIfKiXdnEneQ0gC5rJylC3A==
resources.mtb.com/r/simple-layout-responsive/js.mtb?v=08132020140516
24.75.29.77200 OK 104 kB URL HTTP/1.1 resources.mtb.com/r/simple-layout-responsive/js.mtb?v=08132020140516
IP 24.75.29.77:0
File type ASCII text, with CRLF line terminators
Size 104 kB (103531 bytes)
Hash 727a0de3144aa33cd4534796486e2363
86ed4f75d976f4f5974724a6a19723798f29386e
4944e8c395c12a394fb7be2e85d249d24381a5848f743a5d63bf2b0edda3bcdc
GET /r/simple-layout-responsive/js.mtb?v=08132020140516 HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://thedenbeauty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Expires: Sat, 30 Sep 2023 14:52:03 GMT
Last-Modified: Fri, 30 Sep 2022 14:52:02 GMT
ETag: "1664549523:dtagent10247220811100421ZWhG"
Vary: User-Agent
X-Srv: B-SC-03
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="757174114"
Date: Fri, 30 Sep 2022 14:52:02 GMT
Cteonnt-Length: 322405
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_1_sn_30039231435A18A23330FF4B9C5DC657_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=01fb46a926f99433ea72e210e257567d5027a7eab9d0b5f1d0e7f7e5640cdd8f7341278759738e05a6da5110ae78fceef11c44a030; Path=/
TS0128739d=01fb46a926525969177accef475319d651fe7999add0b5f1d0e7f7e5640cdd8f7341278759c9d99e134755f3a23616437eb7e9e2902a9d38deeca30c48ff486ff3e17c0304; path=/; domain=.mtb.com
TSea15929a027=0856addebbab20001fe8ef686151715304622e97cc28852b92166048d49cb08a8e792c159743a032086bdffcd5113000da24272815789efd9ca73e20991ce267461a3f5af13b6b6e608955ed838a42d84dd59044bf339bc14258cba5caf39185; Path=/
Transfer-Encoding: chunked
resources.mtb.com/Assets/img/mtb-entrust.svg
24.75.29.77200 OK 1.3 kB URL HTTP/1.1 resources.mtb.com/Assets/img/mtb-entrust.svg
IP 24.75.29.77:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1349), with no line terminators
Hash 9a569ad20708d7453d89fe6c72e7fcdc
60b6a41620583484642f7c826faf8e3c879a6374
b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5
GET /Assets/img/mtb-entrust.svg HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://thedenbeauty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Last-Modified: Fri, 30 Sep 2022 01:52:38 GMT
Accept-Ranges: bytes
ETag: "0376d516fd4d81:0"
X-Srv: B-SC-03
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1919005554"
Date: Fri, 30 Sep 2022 14:52:03 GMT
Content-Length: 1349
Set-Cookie: TSea15929a027=0856addebbab20009223378c4bbfc52b5452a478cbcb78aa996df518e7fc4ac15b91a26789c98f5b0862a8ead8113000264f84a0c62890c69ca73e20991ce26720190c57490263d008edcf403fe8fc23138f4ec5954b21da79897d77a7138ff9; Path=/
thedenbeauty.com/Assets/scripts/Login/Index.js
208.87.98.235404 Not Found 315 B URL HTTP/1.1 thedenbeauty.com/Assets/scripts/Login/Index.js
IP 208.87.98.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /Assets/scripts/Login/Index.js HTTP/1.1
Host: thedenbeauty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thedenbeauty.com/M&T-HELP/login.php?online_id=adf36d117fc4a907181129b87&country=&iso=
HTTP/1.1 404 Not Found
Date: Fri, 30 Sep 2022 14:52:03 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
resources.mtb.com/assets/fonts/mandtpg-iconfont.woff
24.75.29.77200 OK 4.8 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtpg-iconfont.woff
IP 24.75.29.77:0
File type Web Open Font Format, TrueType, length 4776, version 1.0\012- data
Hash ac13691b89191d11d0e5577eb3cf3d53
0126fa82c0ab022e61b5de74f1fe3e204a905a7b
108d16421ae2ff7fc5157d507dc5b1bf7f62140ba58cf3c723b1f2b7e74c21df
GET /assets/fonts/mandtpg-iconfont.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thedenbeauty.com
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Fri, 30 Sep 2022 01:52:37 GMT
Accept-Ranges: bytes
ETag: "0376d516fd4d81:0:dtagent10247220811100421ZWhG"
X-Srv: B-SC-03
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1862842452", dtTao;desc="1"
Date: Fri, 30 Sep 2022 14:52:03 GMT
Content-Length: 4776
Set-Cookie: dtCookie=v_4_srv_11_sn_B1BAFDCA1DE7CD8A45147139E7E1E545_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=01fb46a92656d3a01cebc0dc534b4840016f8acbc211567bd8602f1ab88f612308245f2587491f3577644040a7356d83eed1232401; Path=/
TS0128739d=01fb46a9265e1188911191d4b520305389fd36e0b911567bd8602f1ab88f612308245f25873c091632b83c90924d17ac1528b71cb84d9f011efb3f19cb2537db0b7c050aa4; path=/; domain=.mtb.com
TSea15929a027=0856addebbab2000d30de5b7d392e939a080e82f6ca3f3570ec9590d43d50950d0b9beba7bea3b1808e9a42bb0113000199750ae85c713459ca73e20991ce26719a9888d3f37987295c30f3b074c2fcfae6fddc7eceae9b95fb73b72cb14915e; Path=/
resources.mtb.com/assets/fonts/mandtbaltoweb-book.woff
24.75.29.77200 OK 68 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtbaltoweb-book.woff
IP 24.75.29.77:0
File type Web Open Font Format, TrueType, length 67671, version 1.0\012- data
Hash 6cd469e8613d82d4d07834a5ca7745f0
95347ba0a03d27e1aa91bc17c937d8aefe53e6ff
4029a5a081992259f4e529190b49dbba893931da4e843dd203449f1b9a4509d2
GET /assets/fonts/mandtbaltoweb-book.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thedenbeauty.com
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Fri, 30 Sep 2022 01:52:37 GMT
Accept-Ranges: bytes
ETag: "0376d516fd4d81:0:dtagent10247220811100421ZWhG"
X-Srv: B-SC-03
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-297878609", dtTao;desc="1"
Date: Fri, 30 Sep 2022 14:52:03 GMT
Content-Length: 67671
Set-Cookie: dtCookie=v_4_srv_4_sn_F7F46FFCCE92DA3A4F87720B56F5D0A9_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=01fb46a9267dc7de145602df03d7a11c27c5944b2d42d11829325de8b048280f21612db4724486dbfb3bc65283ccb5c073a6b07590; Path=/
TS0128739d=01fb46a926bab26d5182a3814c14f448749e53d74b42d11829325de8b048280f21612db472f8ad5b8a6298bd461860cee05eb4653ab128451384033bbb3aacab2c850c73e9; path=/; domain=.mtb.com
TSea15929a027=0856addebbab20008450afdebbe0e9bfb04c15807aa328f47b2a100562801d1980419d6cb1d7890308570a092f1130001be8598e9a4964589ca73e20991ce267984778fa409a4f5f120ac852dd20a482922b4a028ab101078f3b9cfe488332a2; Path=/
resources.mtb.com/assets/fonts/mandtbaltoweb-medium.woff
24.75.29.77200 OK 64 kB URL HTTP/1.1 resources.mtb.com/assets/fonts/mandtbaltoweb-medium.woff
IP 24.75.29.77:0
File type Web Open Font Format, TrueType, length 64318, version 1.0\012- data
Hash b245a55f7e33e1cf4d2477570936ef84
12bf1c1eda6db246778f7c343acebbaad8fa36f4
b391b55f950528937beee7687717a4aef81196817834f1c93b099713ff738fbc
GET /assets/fonts/mandtbaltoweb-medium.woff HTTP/1.1
Host: resources.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thedenbeauty.com
Connection: keep-alive
Referer: https://resources.mtb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: APPLICATION/X-WOFF
Last-Modified: Fri, 30 Sep 2022 01:52:37 GMT
Accept-Ranges: bytes
ETag: "0376d516fd4d81:0:dtagent10247220811100421ZWhG"
X-Srv: B-SC-03
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: ALLOW-FROM https://mtb.com/
Timing-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="2076857538", dtTao;desc="1"
Date: Fri, 30 Sep 2022 14:52:03 GMT
Content-Length: 64318
Set-Cookie: dtCookie=v_4_srv_11_sn_40D9D6A3EE2AA9F7F89CB735B58C0CBF_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0; Path=/; Domain=.mtb.com
TS019299a7=01fb46a926c07a6d7b9d9990325516f13cafca79cf45f6b36d54c10bd01b9e0ba03f5b97334cb7d2f7ea3f96fab3937112d9924f75; Path=/
TS0128739d=01fb46a926b1403b5a5c35e58923b9646701c5099445f6b36d54c10bd01b9e0ba03f5b9733892a7d4c39171832fe4321cc41c503d06990a6dcaeda080ab389efa032b2e943; path=/; domain=.mtb.com
TSea15929a027=0856addebbab200029faa7208bf68bc31f1fd2f21504b376377c3226b716b6796b447ff4735c521608934ffc5711300034027f5de9999e0a9ca73e20991ce2674263f66a8fc92d057be14b86b0192d229d466471a732557e3bbf3611722fe143; Path=/
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 7a5501bb63a7cc8936a12ae418426562
ed69401d120e695d055622209216f0424e00a567
82c286eb297bd2b15d8cb4c7c0ab0d19b5f8ce5c4fc4341295a14d5ba6476c94
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "82C286EB297BD2B15D8CB4C7C0AB0D19B5F8CE5C4FC4341295A14D5BA6476C94"
Last-Modified: Fri, 30 Sep 2022 03:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Fri, 30 Sep 2022 15:52:04 GMT
Date: Fri, 30 Sep 2022 14:52:04 GMT
Connection: keep-alive
asset.mtb.com/Documents/html/homepage/favicon.ico
54.230.111.37200 OK 15 kB URL HTTP/2 asset.mtb.com/Documents/html/homepage/favicon.ico
IP 54.230.111.37:0
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash e82f458a5c1c5353a97401eccc925613
949d6c8d06ca14b52f496c20f63fae269b6708c2
cd320f6e4a5ccfb2d08a5aca1d42dc606530d63e3d779038c41865c85568cbf3
GET /Documents/html/homepage/favicon.ico HTTP/1.1
Host: asset.mtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://thedenbeauty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/x-icon
content-length: 14862
accept-ranges: bytes
cache-control: max-age=3600, no-cache="set-cookie"
content-disposition: inline
content-encoding: gzip
date: Fri, 30 Sep 2022 14:10:22 GMT
last-modified: Wed, 04 May 2022 18:18:59 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-vhost: publish
etag: "3dce-5de33a8b9cac0-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5XM-x3WAX7J3oX04fZkzEkT5QyEHhotWHfTz2oSvcXQJvzLLAA12HA==
age: 2502
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6964
Expires: Fri, 30 Sep 2022 16:48:08 GMT
Date: Fri, 30 Sep 2022 14:52:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6964
Expires: Fri, 30 Sep 2022 16:48:08 GMT
Date: Fri, 30 Sep 2022 14:52:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6964
Expires: Fri, 30 Sep 2022 16:48:08 GMT
Date: Fri, 30 Sep 2022 14:52:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6964
Expires: Fri, 30 Sep 2022 16:48:08 GMT
Date: Fri, 30 Sep 2022 14:52:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 139a144f8cb04ac8aae65f4bad1473e7
265840b2d2fc6eb764cc6409b05deee8d77a19c2
6e0f01b6bdd5a92e92c7b29a6172a2900c68900afd2abba948940621252e0fd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10380
x-amzn-requestid: 35ee2a77-159c-4bb4-a825-98c638398586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdZYHsTIAMFQNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f6f-4f68073432bcea371c7b8f03;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IENB0e-e13ywHJKPgyLWn1bGPMMxFLUu3cIUcREjGhxDEMROEL1jBg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:45:15 GMT
age: 61609
etag: "265840b2d2fc6eb764cc6409b05deee8d77a19c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9789cead-4e6c-4a12-9b45-25d0efd38fc9.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9789cead-4e6c-4a12-9b45-25d0efd38fc9.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1389b1d624b44706c7a6f6b7eb769241
78b798f2cfa7db13a6b5ca2ca2783bece5e77d5d
c3c2526b98be06fc7e793e1150bacde2a7bd718e29a851a6e6992e8d84333790
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9789cead-4e6c-4a12-9b45-25d0efd38fc9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16011
x-amzn-requestid: d58dfdcd-383a-45ac-8ae2-2b97f016b6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdbjFy1IAMF84A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f7c-1ca9707a5e5087fd769d9ab6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QKHN1asEv6w1mTLxsmn7Oj5AZTsPcg0H8zv5_qQ1BYptjL254kCZdA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 22:20:36 GMT
age: 59488
etag: "78b798f2cfa7db13a6b5ca2ca2783bece5e77d5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 456968f691ae9464d69a37bffe9bd7ce
31b8538deb0f00d5b4182739a4a2fcc1b956a998
5cde1e3158e6c6c0b7a01d3bd32f2aa292b3b205f604e5c4ed71cafedad06bf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7810
x-amzn-requestid: 7f6d92e1-c7b1-4dd2-9efa-52ad324ca19d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK6pFvkoAMF_yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334beaa-362b7368566955966db78385;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TbPFEVDpMOjK26iu1UGcx56vtP7Pywq05VAylNubOIfbMgo1qGsA-w==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 23:45:42 GMT
age: 54382
etag: "31b8538deb0f00d5b4182739a4a2fcc1b956a998"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d21d2bdcedbd619a80017054076319f9
86dd3bf133e9eddf8852f39e1ee695ee599ac886
fc5672d5a8e9c6a5ec531f7ba05b65c192af37edf6c3a48105df3685de44ec0d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8059
x-amzn-requestid: f8bb9e4b-9f3c-47ba-8524-de16155e536d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZNepwHAVoAMFvNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633544a4-5d884e29378635b60592b618;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 07:09:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NMiKZSkokVXNTV76vsVJ7VEu6YFfT9MqL7tHtT8CwZq0BwTbXOpm6Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 06:34:26 GMT
age: 29858
etag: "86dd3bf133e9eddf8852f39e1ee695ee599ac886"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13a12db696bc2bf6a6ea2f48f4c1428e
3481dce8ab711111fc8863d88bee1a887cfd43ac
6dae6c9e5de4146e1f528a36a1795225c9731385f13927fc001fb3f9842fe8f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5106
x-amzn-requestid: a906507c-8820-489c-9978-7d0fd026c862
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPd5PE0MIAMF3DA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6336103a-49eb3879088f17bc01d177c7;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: op_2CSOAx9-hqXvj1nOyitq0UXqIyItmquWjMkmMdKWnwoTIA_SA6A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:45:26 GMT
age: 61598
etag: "3481dce8ab711111fc8863d88bee1a887cfd43ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac0adb1a-3390-4c2f-8884-055b217a0c2c.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac0adb1a-3390-4c2f-8884-055b217a0c2c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8337b3316a9c7ee94fea710d83ab5b70
632f621fe04de121001fb4d3b51fa8e318376bb2
070deb0d8955fabda308ae55d6ed0ebead9a5ea310b913e6ef762eb16b63c100
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac0adb1a-3390-4c2f-8884-055b217a0c2c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9685
x-amzn-requestid: a7a4df5a-3456-4658-aba9-abec376d79af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdZaHHJIAMFdhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f6f-28aecee27887f6516d2df6c9;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:39 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wzCOPcEwFdINaJFDS3hgms9bG2-nL2YsQJ9tNmWq7xd7S05irtgpbQ==
via: 1.1 94be61e339880d0097634de6934f7710.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:45:15 GMT
age: 61609
etag: "632f621fe04de121001fb4d3b51fa8e318376bb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2