singlegirls4date.com/de/multi/50-511880/?cep=KFJ2FF0hHpqT0uLoTS80eX17nr18DqmPNDgNbLYnFhZA3QTEzoooarWnoucWyxkITanXP9bv_DqapsTSZBEqL7k7kH801_HQaXYzitDxVE0wDQjpDYe2CbSi_RKfQaV1f_gulbggUKV0h2CDBtxipoLG1qESoUUZA6IgCZVaFqPbhEexQuRnRzWL_F0yAyLtFGJv0wzwGTXFlOyqVsIX8OqybGgiZK7d0k98vIhew9WMrLiV-2Ux03gnwi7k-igOhLzrxmcF7qe27kr7HqFq_PY7-VzTlSog71yRLGCTsnlWpT4nx8KVbomh1S_xvNXowfRDlVEkPYetxWjLd-V3Xc8pGZj9ufHWKRW-dYaoB-K3T8Bm8rkrVe1-j0BzoUpa&lptoken=164f668967a627f34241
172.67.210.176200 OK 2.7 kB URL HTTP/1.1 singlegirls4date.com/de/multi/50-511880/?cep=KFJ2FF0hHpqT0uLoTS80eX17nr18DqmPNDgNbLYnFhZA3QTEzoooarWnoucWyxkITanXP9bv_DqapsTSZBEqL7k7kH801_HQaXYzitDxVE0wDQjpDYe2CbSi_RKfQaV1f_gulbggUKV0h2CDBtxipoLG1qESoUUZA6IgCZVaFqPbhEexQuRnRzWL_F0yAyLtFGJv0wzwGTXFlOyqVsIX8OqybGgiZK7d0k98vIhew9WMrLiV-2Ux03gnwi7k-igOhLzrxmcF7qe27kr7HqFq_PY7-VzTlSog71yRLGCTsnlWpT4nx8KVbomh1S_xvNXowfRDlVEkPYetxWjLd-V3Xc8pGZj9ufHWKRW-dYaoB-K3T8Bm8rkrVe1-j0BzoUpa&lptoken=164f668967a627f34241
IP 172.67.210.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash f06a5243193d3f5727504e0d0c66ded7
c0f04c4127e752f3fded87c8c7539ccef844d5b2
09237e1888e4b036eb3bf25a32d2816effc1f2289e93121aceedccca5bd87932
GET /de/multi/50-511880/?cep=KFJ2FF0hHpqT0uLoTS80eX17nr18DqmPNDgNbLYnFhZA3QTEzoooarWnoucWyxkITanXP9bv_DqapsTSZBEqL7k7kH801_HQaXYzitDxVE0wDQjpDYe2CbSi_RKfQaV1f_gulbggUKV0h2CDBtxipoLG1qESoUUZA6IgCZVaFqPbhEexQuRnRzWL_F0yAyLtFGJv0wzwGTXFlOyqVsIX8OqybGgiZK7d0k98vIhew9WMrLiV-2Ux03gnwi7k-igOhLzrxmcF7qe27kr7HqFq_PY7-VzTlSog71yRLGCTsnlWpT4nx8KVbomh1S_xvNXowfRDlVEkPYetxWjLd-V3Xc8pGZj9ufHWKRW-dYaoB-K3T8Bm8rkrVe1-j0BzoUpa&lptoken=164f668967a627f34241 HTTP/1.1
Host: singlegirls4date.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:09:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNgv3IjjLbJ2B7VStgIRlV%2BBMGSwkwWM%2FJ6%2B4omHzjR%2Fs8ppx9Mx7chi5ITHdUzQn3OzVRi7WULRPXyF3oK44xfL%2FGK54E%2BbYm7u%2B9D%2FO1NQ4XnEz%2BIA4ESiBMOO4iMOWqKBCxC0Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75f81863a80cb4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash cd8d0809aa5948f2a6ee41d2158861af
098cd24ac587cdc70137af412678526de4d43969
88e6741d6bf076bf7132c7cf98456702cc775476095aafd839888edff52fb03e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Alert, Retry-After, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 25 Oct 2022 03:53:05 GMT
Expires: Tue, 25 Oct 2022 04:32:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: O0q72OSjk08MbsjdMpg9Vzjab6DhJ7LmaPvtGOaxP88Q7vGb5bVyRA==
Age: 966
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b3537658770790ad6cf0d727f0c0acd2
8365cadda05ef27b2ebd627d545e31886b512bde
df992311f130f15459739841de925c7eec2604d5a68ca6b2a67b6dc8d229212c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF992311F130F15459739841DE925C7EEC2604D5A68CA6B2A67B6DC8D229212C"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14372
Expires: Tue, 25 Oct 2022 08:08:43 GMT
Date: Tue, 25 Oct 2022 04:09:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9375
Expires: Tue, 25 Oct 2022 06:45:26 GMT
Date: Tue, 25 Oct 2022 04:09:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: z8dkSsj7oK+k1cCUF/ByClGP4wv1ZzH20gAzKpLn8Ykom+lOModc6XR69xtx3+81infubEMtQUs=
x-amz-request-id: E6N7S7GEN6NPP9JS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 25 Oct 2022 04:08:47 GMT
age: 24
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 04:09:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
static.production.almightypush.com/mng/channels/init.min.js?ver=1629445164
54.230.111.2200 OK 22 kB URL HTTP/2 static.production.almightypush.com/mng/channels/init.min.js?ver=1629445164
IP 54.230.111.2:0
Hash 2ea196bb9d9670ec138eb0c8c23e6696
b0876fd8c0c56c5d34368c16a829c040c23cbaba
1475c052ae8dbc220775cd44b20e508e38db9f09168c57d4a73e0a9027f252f7
GET /mng/channels/init.min.js?ver=1629445164 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://singlegirls4date.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 21924
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 25 Oct 2022 00:25:43 GMT
etag: "2ea196bb9d9670ec138eb0c8c23e6696"
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jba7RnZNdLnNGkLAI7YT1ZLuA8ghEwVlC6jmwxT0lCFImT0vlBTaBg==
age: 15985
X-Firefox-Spdy: h2
static.production.almightypush.com/mng/subs_window.js?ver=1629445164
54.230.111.2200 OK 20 kB URL HTTP/2 static.production.almightypush.com/mng/subs_window.js?ver=1629445164
IP 54.230.111.2:0
Hash ae593f4be1dd1f0710123918b49c4933
66fbe30bb873e0a47d3d72e737d68aa4b6916c26
fdf9ff3f74dcf11d0fa456dcd53cb21550f67f0cfdc11dc29bef595f07b56206
GET /mng/subs_window.js?ver=1629445164 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://singlegirls4date.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 19491
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 25 Oct 2022 03:19:41 GMT
etag: "ae593f4be1dd1f0710123918b49c4933"
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V77ovGdUEz8jGddEQC7idl6Ji3FhNkLEOPYh72vl2dsW6h1Wm1-7WA==
age: 3071
X-Firefox-Spdy: h2
static.production.almightypush.com/mng/subs_window.css?ver=1629445164
54.230.111.2200 OK 6.9 kB URL HTTP/2 static.production.almightypush.com/mng/subs_window.css?ver=1629445164
IP 54.230.111.2:0
Hash bd7dbae15f904a4e1213439ebfefddbe
9f7a33b3d6e7965d8b99f0ff56cbf2e2ebb8f78e
30c08f3bb42d9a16155c65fbc952430048e4a84be70b98cb989b2dc977b49f8a
GET /mng/subs_window.css?ver=1629445164 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://singlegirls4date.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 6945
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 25 Oct 2022 03:19:41 GMT
etag: "bd7dbae15f904a4e1213439ebfefddbe"
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iaoz7FTDARnU1KqoVQd9Txy2dJ23xJx4y8kRLL-RkvKm38ZZaYcdmw==
age: 3004
X-Firefox-Spdy: h2
singlegirls4date.com/de/multi/50-511880/css/bootstrap-combined.no-icons.min.css
172.67.210.176200 OK 19 kB URL HTTP/1.1 singlegirls4date.com/de/multi/50-511880/css/bootstrap-combined.no-icons.min.css
IP 172.67.210.176:0
File type ASCII text, with very long lines (1463)
Hash 44383b03c7a285b827050cb0de2934b9
b34982c0463a31e1150a0a78e9e0877e744ef369
8b4c5cc90ac572a032eacf4c11a5e303e5691a663c529b5c4f647171a759b6f0
GET /de/multi/50-511880/css/bootstrap-combined.no-icons.min.css HTTP/1.1
Host: singlegirls4date.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://singlegirls4date.com/de/multi/50-511880/?cep=KFJ2FF0hHpqT0uLoTS80eX17nr18DqmPNDgNbLYnFhZA3QTEzoooarWnoucWyxkITanXP9bv_DqapsTSZBEqL7k7kH801_HQaXYzitDxVE0wDQjpDYe2CbSi_RKfQaV1f_gulbggUKV0h2CDBtxipoLG1qESoUUZA6IgCZVaFqPbhEexQuRnRzWL_F0yAyLtFGJv0wzwGTXFlOyqVsIX8OqybGgiZK7d0k98vIhew9WMrLiV-2Ux03gnwi7k-igOhLzrxmcF7qe27kr7HqFq_PY7-VzTlSog71yRLGCTsnlWpT4nx8KVbomh1S_xvNXowfRDlVEkPYetxWjLd-V3Xc8pGZj9ufHWKRW-dYaoB-K3T8Bm8rkrVe1-j0BzoUpa&lptoken=164f668967a627f34241
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:09:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Jul 2021 07:50:24 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGdb112A4zatKV5V4Hj7uiZOLi8qc67tCof0MPGCpzWsW75Kewk3poOv8y51XT106a10ZJ%2BrVCpsTIxU69vg%2FV63b2IZKH4YoZWz6bUww3h3I22zgXsUi5%2BdkUiGkN%2BDaH0C%2B9iYkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75f81865d983b4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
singlegirls4date.com/de/multi/50-511880/js/backoffer.js
172.67.210.176200 OK 230 B URL HTTP/1.1 singlegirls4date.com/de/multi/50-511880/js/backoffer.js
IP 172.67.210.176:0
File type ASCII text, with very long lines (430), with no line terminators
Hash d1d761e3721375472889577260906f9c
c5e6e54e8b6b84af216d867dca79eb00c2819e42
de8798dd7447b4651ec2d44931c15ceb0d3e5099997b2ddc2452d3f95092a1a2
Analyzer Verdict Alert fortinet Malware
GET /de/multi/50-511880/js/backoffer.js HTTP/1.1
Host: singlegirls4date.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://singlegirls4date.com/de/multi/50-511880/?cep=KFJ2FF0hHpqT0uLoTS80eX17nr18DqmPNDgNbLYnFhZA3QTEzoooarWnoucWyxkITanXP9bv_DqapsTSZBEqL7k7kH801_HQaXYzitDxVE0wDQjpDYe2CbSi_RKfQaV1f_gulbggUKV0h2CDBtxipoLG1qESoUUZA6IgCZVaFqPbhEexQuRnRzWL_F0yAyLtFGJv0wzwGTXFlOyqVsIX8OqybGgiZK7d0k98vIhew9WMrLiV-2Ux03gnwi7k-igOhLzrxmcF7qe27kr7HqFq_PY7-VzTlSog71yRLGCTsnlWpT4nx8KVbomh1S_xvNXowfRDlVEkPYetxWjLd-V3Xc8pGZj9ufHWKRW-dYaoB-K3T8Bm8rkrVe1-j0BzoUpa&lptoken=164f668967a627f34241
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:09:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Jul 2021 07:50:24 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=moYHwlIE0v7TkD7SqtEcM%2FrbUNRmLkQA56qFBTOlD%2FCKOnVr9VGQK2Ur3F4KoxH595c%2Fd0ICMIeEGQEDt40OqWOyA68MWQSkrBf7uj%2BD9DRVlma1l3aR73m6EmU%2FET91ALMg9yaY1g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75f81865e8ed0b45-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
singlegirls4date.com/de/multi/50-511880/js/jquery.js
172.67.210.176200 OK 34 kB URL HTTP/1.1 singlegirls4date.com/de/multi/50-511880/js/jquery.js
IP 172.67.210.176:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 9fc2d457cbf1aaca9ccf2bb18edc5bbc
eb2ae914945d41653be41e8f67b0717682f34693
9bc3cf81822521b34b7532af21837246c07a0d9b83acb08e7dc043318127b7be
Analyzer Verdict Alert fortinet Malware
GET /de/multi/50-511880/js/jquery.js HTTP/1.1
Host: singlegirls4date.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://singlegirls4date.com/de/multi/50-511880/?cep=KFJ2FF0hHpqT0uLoTS80eX17nr18DqmPNDgNbLYnFhZA3QTEzoooarWnoucWyxkITanXP9bv_DqapsTSZBEqL7k7kH801_HQaXYzitDxVE0wDQjpDYe2CbSi_RKfQaV1f_gulbggUKV0h2CDBtxipoLG1qESoUUZA6IgCZVaFqPbhEexQuRnRzWL_F0yAyLtFGJv0wzwGTXFlOyqVsIX8OqybGgiZK7d0k98vIhew9WMrLiV-2Ux03gnwi7k-igOhLzrxmcF7qe27kr7HqFq_PY7-VzTlSog71yRLGCTsnlWpT4nx8KVbomh1S_xvNXowfRDlVEkPYetxWjLd-V3Xc8pGZj9ufHWKRW-dYaoB-K3T8Bm8rkrVe1-j0BzoUpa&lptoken=164f668967a627f34241
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:09:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Mar 2022 22:22:24 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJPDw%2BpuEUWh1NIsL0RIS%2FD8%2FvmSzkFKJh%2FPImYDI0J8SWffDtCNiGLEBk1Zkg1zKAN9V2k%2F%2Fco%2BZ5wz5OjZBSdvfMNI6kSN0sk3cIM9ufbv9HmSRiHDkZMpyzK9MZSUEzTvru5sQA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75f81865ee9cb505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fcdc104bee80bf62700ed80a9848a43f
6d11e311a30a80ea472f9687570e52783dbb355e
85036ecbb776f20c9500415b58521bbe6dedfda27c4d3e5440107ba07e7e1e4c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85036ECBB776F20C9500415B58521BBE6DEDFDA27C4D3E5440107BA07E7E1E4C"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11835
Expires: Tue, 25 Oct 2022 07:26:26 GMT
Date: Tue, 25 Oct 2022 04:09:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 03:33:32 GMT
Cache-Control: max-age=3600
Expires: Tue, 25 Oct 2022 04:02:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: y1dJxh3ruDQzIJCceXvxz7t59rnKvhkahGthsowFF5Wc6tkUROdavw==
Age: 2139
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7c6fdc8e76ef5875b5c965ade2df503e
45d548aa2a9d7ede163743274790700878eaea62
d2ff6eacd48af4892a2642e5d7bb925ca683062139f5a5cb4047f6f706830618
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 508
Cache-Control: max-age=101162
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 04:09:11 GMT
Etag: "63564795-1d7"
Expires: Wed, 26 Oct 2022 08:15:13 GMT
Last-Modified: Mon, 24 Oct 2022 08:06:45 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
IP 142.250.74.3:0
Hash bf553744b53bc7be6a82a967e14ec32a
95cc16bb530416a9d5013adbb4c7c7a841489c7f
d184213cc3e0225c3019c561d1ad36a7a379f8a7e1d9d5e328937ab64aa3b112
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 04:09:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
singlegirls4date.com/de/multi/50-511880/images/loading.gif
172.67.210.176200 OK 10 kB URL HTTP/1.1 singlegirls4date.com/de/multi/50-511880/images/loading.gif
IP 172.67.210.176:0
File type GIF image data, version 89a, 160 x 24\012- data
Hash 7e58f110091776c9ed216cd75bed68a5
452014fe5ab1c1375306287b0e4f94ee1d2eafa6
ff8450add924cd2736294e015d84b76feade7b95c3e059f111a88042215949e0
GET /de/multi/50-511880/images/loading.gif HTTP/1.1
Host: singlegirls4date.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://singlegirls4date.com/de/multi/50-511880/?cep=KFJ2FF0hHpqT0uLoTS80eX17nr18DqmPNDgNbLYnFhZA3QTEzoooarWnoucWyxkITanXP9bv_DqapsTSZBEqL7k7kH801_HQaXYzitDxVE0wDQjpDYe2CbSi_RKfQaV1f_gulbggUKV0h2CDBtxipoLG1qESoUUZA6IgCZVaFqPbhEexQuRnRzWL_F0yAyLtFGJv0wzwGTXFlOyqVsIX8OqybGgiZK7d0k98vIhew9WMrLiV-2Ux03gnwi7k-igOhLzrxmcF7qe27kr7HqFq_PY7-VzTlSog71yRLGCTsnlWpT4nx8KVbomh1S_xvNXowfRDlVEkPYetxWjLd-V3Xc8pGZj9ufHWKRW-dYaoB-K3T8Bm8rkrVe1-j0BzoUpa&lptoken=164f668967a627f34241
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:09:12 GMT
Content-Type: image/gif
Content-Length: 10427
Connection: keep-alive
Last-Modified: Tue, 27 Jul 2021 07:50:24 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBg%2FSxpOfmS59nqxg5UOUZD10FiUaAJl7%2FgnxHscy2Oj12sFcvB1bRuUhw6WsZLzFEzLvkjrKJ2LFFpxR4eo%2FDA3bPVEprXyuTe63tAPFdO3dnVNK9IyIz5dFYuRXdzarDGUv9qJrA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75f81869a86bb505-OSL
alt-svc: h2=":443"; ma=60
singlegirls4date.com/de/multi/50-511880/images/2.jpg
172.67.210.176200 OK 27 kB URL HTTP/1.1 singlegirls4date.com/de/multi/50-511880/images/2.jpg
IP 172.67.210.176:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash d2ce88742c77f469f2c5858f0bdf6a08
34ebac6f02c9fd9f6c1d261df8d5aeb01fdf330c
d46ea82678e71bbf629dddb3b48cbe37eb0f5dcde7b080b300ac81ec11971030
GET /de/multi/50-511880/images/2.jpg HTTP/1.1
Host: singlegirls4date.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://singlegirls4date.com/de/multi/50-511880/?cep=KFJ2FF0hHpqT0uLoTS80eX17nr18DqmPNDgNbLYnFhZA3QTEzoooarWnoucWyxkITanXP9bv_DqapsTSZBEqL7k7kH801_HQaXYzitDxVE0wDQjpDYe2CbSi_RKfQaV1f_gulbggUKV0h2CDBtxipoLG1qESoUUZA6IgCZVaFqPbhEexQuRnRzWL_F0yAyLtFGJv0wzwGTXFlOyqVsIX8OqybGgiZK7d0k98vIhew9WMrLiV-2Ux03gnwi7k-igOhLzrxmcF7qe27kr7HqFq_PY7-VzTlSog71yRLGCTsnlWpT4nx8KVbomh1S_xvNXowfRDlVEkPYetxWjLd-V3Xc8pGZj9ufHWKRW-dYaoB-K3T8Bm8rkrVe1-j0BzoUpa&lptoken=164f668967a627f34241
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:09:12 GMT
Content-Type: image/jpeg
Content-Length: 26628
Connection: keep-alive
Last-Modified: Tue, 27 Jul 2021 07:50:24 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0JwilxwXBnpy2b28ihwM7X%2BZ7w%2FKJmTGft%2BIJrWWXx8gULRlzCAJVP9N77VkPddJTURbwGxYyuZIMu5eAtuAxJz%2BaArlWDTE8p8mirHiYp4R9Sg7O%2Bq9C1X5uZXoESzo6n0Y%2BVDEA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75f81869aa3a0b45-OSL
alt-svc: h2=":443"; ma=60
singlegirls4date.com/de/multi/50-511880/images/bg.jpg
172.67.210.176200 OK 1.1 kB URL HTTP/1.1 singlegirls4date.com/de/multi/50-511880/images/bg.jpg
IP 172.67.210.176:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 184x49, components 3\012- data
Hash 9917f24a235ddfd11620a74fa3e7dc6a
5ef9951e1574e2dfe10bed5bab9d77d3ec36a2b1
bbfcf70ca52f969de6d8bcd5615790b18b65ce281cfa4f5e228dfda600de3fbb
GET /de/multi/50-511880/images/bg.jpg HTTP/1.1
Host: singlegirls4date.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://singlegirls4date.com/de/multi/50-511880/?cep=KFJ2FF0hHpqT0uLoTS80eX17nr18DqmPNDgNbLYnFhZA3QTEzoooarWnoucWyxkITanXP9bv_DqapsTSZBEqL7k7kH801_HQaXYzitDxVE0wDQjpDYe2CbSi_RKfQaV1f_gulbggUKV0h2CDBtxipoLG1qESoUUZA6IgCZVaFqPbhEexQuRnRzWL_F0yAyLtFGJv0wzwGTXFlOyqVsIX8OqybGgiZK7d0k98vIhew9WMrLiV-2Ux03gnwi7k-igOhLzrxmcF7qe27kr7HqFq_PY7-VzTlSog71yRLGCTsnlWpT4nx8KVbomh1S_xvNXowfRDlVEkPYetxWjLd-V3Xc8pGZj9ufHWKRW-dYaoB-K3T8Bm8rkrVe1-j0BzoUpa&lptoken=164f668967a627f34241
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:09:12 GMT
Content-Type: image/jpeg
Content-Length: 1149
Connection: keep-alive
Last-Modified: Tue, 27 Jul 2021 07:50:24 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiCX4Q742kKyteSDq1LBQgJSbpLNGDtEga2s5ElM31ogueK%2Bqq81iqJvwXoww8BZhIl%2Bz2rh181fiFaZl%2B%2BD5ONMdO3OcAQiIlP3ZLVXpLnbTcQPPf1jtMOcXDIJIWkVkNkh1ZVRMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75f81869bb5bb4eb-OSL
alt-svc: h2=":443"; ma=60
singlegirls4date.com/favicon.ico
172.67.210.176404 Not Found 238 B URL HTTP/1.1 singlegirls4date.com/favicon.ico
IP 172.67.210.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
GET /favicon.ico HTTP/1.1
Host: singlegirls4date.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://singlegirls4date.com/de/multi/50-511880/?cep=KFJ2FF0hHpqT0uLoTS80eX17nr18DqmPNDgNbLYnFhZA3QTEzoooarWnoucWyxkITanXP9bv_DqapsTSZBEqL7k7kH801_HQaXYzitDxVE0wDQjpDYe2CbSi_RKfQaV1f_gulbggUKV0h2CDBtxipoLG1qESoUUZA6IgCZVaFqPbhEexQuRnRzWL_F0yAyLtFGJv0wzwGTXFlOyqVsIX8OqybGgiZK7d0k98vIhew9WMrLiV-2Ux03gnwi7k-igOhLzrxmcF7qe27kr7HqFq_PY7-VzTlSog71yRLGCTsnlWpT4nx8KVbomh1S_xvNXowfRDlVEkPYetxWjLd-V3Xc8pGZj9ufHWKRW-dYaoB-K3T8Bm8rkrVe1-j0BzoUpa&lptoken=164f668967a627f34241
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Tue, 25 Oct 2022 04:09:12 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OG7feGVA%2BYXgY%2F9Dn3Kjfh9Kfv45HDlDWV6lJvnLravWvhd9%2FIvLW3Oy9YfU8ayWnXm9rB7VMlJyLt3nCyncvazip5F%2BXuH4o5EUehtFBLNv2p4SZqWgwK8pYpOBgCQH1Is3SUO2XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75f8186ac940b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
zeniocloud.com/JAIA.js?sub1=singlegirls4date.com
167.114.67.56200 OK 2.7 kB URL HTTP/2 zeniocloud.com/JAIA.js?sub1=singlegirls4date.com
IP 167.114.67.56:0
Hash 9927691afe41d47b80745e489903108d
9db75461a342ca62a190024a0fade771b11b9804
0530fde3c4b284ec8e85169b652bd00d6512757f79a89e4c7a4e0154288233a1
Analyzer Verdict Alert fortinet Phishing
GET /JAIA.js?sub1=singlegirls4date.com HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://singlegirls4date.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 25 Oct 2022 04:09:11 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.217.237.91101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.217.237.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hYFXlxBe4vSYn2cFRjaCjw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NEWfBmjbRojgdy1OynZsGCmgQP0=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4fe08d6ffc931438b886eb80f073ad2e
dae5e9eb8bd9053329d24a55b8017c8162cb21d2
49a26dbac4208540e0d361219db57bea3922a33b0fd692212fec7a61727d387c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 04:09:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
142.250.74.142302 Found 337 B URL HTTP/2 lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
IP 142.250.74.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 66a43eafe19fd2e9782007272dd06ced
9d5112f8b4482ef224d10b0d0a17bfaf053e8e23
f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb
GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1
Host: lh3.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
cache-control: private
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 04:09:12 GMT
server: fife
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4fe08d6ffc931438b886eb80f073ad2e
dae5e9eb8bd9053329d24a55b8017c8162cb21d2
49a26dbac4208540e0d361219db57bea3922a33b0fd692212fec7a61727d387c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 04:09:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c3e11e18c35ff030b8e8c70d88765879
e9642dd6cb4dd1fb409e12860057d38283555c1c
616d00bca0eb2970503260698a759812646ccd77bcf4a3bbd698cbcbbe61829b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 04:09:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
216.58.207.237302 Found 409 B URL HTTP/2 accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash cc518dde58f77300851406d86886cc4b
cb3636c584e79c0c6b59e384b5532031a1a865d6
bf4c165c1efde3e9f72fabd74d8f18ba42e520b7379ffd1211d2074e55014584
GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 25 Oct 2022 04:09:12 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S788840513%3A1666670952430613&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpNGGT_KESAx_ZIytP7dAzFYWki9liIUVJxdYW0xvH02BMVlX9YpaJuI9uoymdqBkItQgb5LA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-LH38sfvIZ-_xaxNn0GUMuw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 409
server: GSE
set-cookie: __Host-GAPS=1:P7LYKEYUHpHSZF-48CFUtK0-FVHptQ:m4Kde5maUu02bSR_;Path=/;Expires=Thu, 24-Oct-2024 04:09:12 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11947
Expires: Tue, 25 Oct 2022 07:28:20 GMT
Date: Tue, 25 Oct 2022 04:09:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11947
Expires: Tue, 25 Oct 2022 07:28:20 GMT
Date: Tue, 25 Oct 2022 04:09:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11947
Expires: Tue, 25 Oct 2022 07:28:20 GMT
Date: Tue, 25 Oct 2022 04:09:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11947
Expires: Tue, 25 Oct 2022 07:28:20 GMT
Date: Tue, 25 Oct 2022 04:09:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6977b5f01197ed4e914157b59ce56c2a
0c4bc06cb32bae6cdcbd61fde8b6289fa901a0c2
98ed9be1f79f4d1ff9acd3dc22aa64f7e0218d7c4854fc7cb71e70dd341dd7ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8031
x-amzn-requestid: 39e6cba4-dc3b-4fe8-9f00-f9042b3dfb3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3D7E2SoAMF_TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357054c-541d3ed176c9176913844804;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KfIXjRxRZXL0gD2Etdn5kfEjPkqA-faF2KHqrWikR0etkh6oGU4ifw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:50:09 GMT
age: 22744
etag: "0c4bc06cb32bae6cdcbd61fde8b6289fa901a0c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ac739ea-5d5d-4900-8e3f-c815c25f5c8d.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ac739ea-5d5d-4900-8e3f-c815c25f5c8d.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f22a424f72f369a3511d6af25d67a82
e9aabd2daee2d2e6265a69e309542c5b5983d1f2
600f1a4989fe65b14cfe5234c8bc723834d53543026c13eaf8217b22d3a3a9a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ac739ea-5d5d-4900-8e3f-c815c25f5c8d.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11916
x-amzn-requestid: 319eaac6-dfda-4a48-ae9a-612650705bd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: afdKuHK6IAMFnXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63560f11-61545bf1110795c0299b85f4;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 04:05:37 GMT
x-amz-cf-pop: SFO53-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wrxksbQXK96TvYk2rEf5biIaLtjbB1ia0FpYxnd908Dd_MkKQSRCtQ==
via: 1.1 0da7848263e39308b12bac6a925793b0.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 15:02:35 GMT
etag: "e9aabd2daee2d2e6265a69e309542c5b5983d1f2"
content-type: image/jpeg
age: 47198
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ab86bff-a678-4d24-8c74-b3d5fb6495e3.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ab86bff-a678-4d24-8c74-b3d5fb6495e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8f7dec290a5b32d2e1760ea01e0f160
bac869e97622c00d8ba2349ac03c6390229f8929
aa5d7fcb93818d291acce653a883c312595314685b9de29d788491d9310efcbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ab86bff-a678-4d24-8c74-b3d5fb6495e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4513
x-amzn-requestid: 32d9a3be-9964-4e53-a31c-ca4edffab306
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: acDxnGtTIAMFeVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6354b33d-371bb2cb770b34624ec753de;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 03:21:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sJv7RKOQsKqptRmrvXqAZZ8PzLWt9nCP9MNl--wcLRVe3zxjYdMCwA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:50:32 GMT
age: 22721
etag: "bac869e97622c00d8ba2349ac03c6390229f8929"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3694988-223c-4449-a1a5-28c1de7da771.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3694988-223c-4449-a1a5-28c1de7da771.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1970a25715283fecf7a05a199bf4cae6
3a3005e722d2e89c9218c34ba283bbcde72e4bbc
624f6f86abe8c7cb8b24669851103baf152802c3ea915dcdea88ce984d468361
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3694988-223c-4449-a1a5-28c1de7da771.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11051
x-amzn-requestid: 2eef9564-c660-421d-aff6-40644b72ffa1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFfupETyoAMF3qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634bacc3-48a6442d4ec030f50e8f8f13;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 07:03:32 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HgK4QTgdR6OSGV86ooPEJ0_jtGehzs1DHgeynAoCthtKlAAohrKVSg==
via: 1.1 912d83c7c9b4676eb19f09c9bfabda24.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 22:12:04 GMT
age: 21429
etag: "3a3005e722d2e89c9218c34ba283bbcde72e4bbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdaf6e77-1767-457b-be73-df8fbb3ea07a.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdaf6e77-1767-457b-be73-df8fbb3ea07a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 983b88b39042346cc10240d3db282ea4
bd6f82a917f5f4c9c86bfad52ddb137d1e648851
14bb4ea6ee7d95a5391ce82eb2473fbe250577a263e25a7348cda56a4ca218f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdaf6e77-1767-457b-be73-df8fbb3ea07a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14822
x-amzn-requestid: 2d382fec-bbc6-4e9e-a205-0b8edf9a588e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: agAZbEomoAMFSkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6356476f-3a392f81342806382bd89ab6;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 08:06:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nPcnUWCDQ7VH6d6T_lwt8kb-Q3yRGXEcGyNg5gCIRMlEpk30ufITuw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:51:33 GMT
etag: "bd6f82a917f5f4c9c86bfad52ddb137d1e648851"
content-type: image/jpeg
age: 22660
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 531f350512ac7712d932234803aa4602
2fb4599ad3d513a160c1f29fefda27b45852c381
7a4da3420f736c098806676359b8ff80578a2e1e98fc0e20e45e2d6192e1d566
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8090
x-amzn-requestid: a84a2888-e0eb-40d3-8377-9c1ea2af733c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVb2oH2uoAMFueA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63520cf7-204870ee3f63ced427033eb5;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 03:07:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fUBXr7SKYdvhryoB8p9to-Eo8twjspRYnHO2xf9TtvLJIIyOwe3W1w==
via: 1.1 1de1880e08f1cae7d1aca174a29a5c1e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 08:34:45 GMT
age: 70468
etag: "2fb4599ad3d513a160c1f29fefda27b45852c381"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S788840513%3A1666670952430613&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpNGGT_KESAx_ZIytP7dAzFYWki9liIUVJxdYW0xvH02BMVlX9YpaJuI9uoymdqBkItQgb5LA
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S788840513%3A1666670952430613&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpNGGT_KESAx_ZIytP7dAzFYWki9liIUVJxdYW0xvH02BMVlX9YpaJuI9uoymdqBkItQgb5LA
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S788840513%3A1666670952430613&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpNGGT_KESAx_ZIytP7dAzFYWki9liIUVJxdYW0xvH02BMVlX9YpaJuI9uoymdqBkItQgb5LA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 25 Oct 2022 04:09:12 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-7ggEkiDLOM_sOuYNvDiWiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2