prtr.app/1cjd-2086
52.72.49.79301 Moved Permanently 0 B IP 52.72.49.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /1cjd-2086 HTTP/1.1
Host: prtr.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 22 Nov 2022 17:02:38 GMT
Content-Length: 0
Cache-Control: no-cache, no-store
Expires: -1
Location: http://portrdevtracking.azurewebsites.net/?bookingref=AP16-1CJD&email=testv2@mailinator.com
Engine: Rebrandly.redirect, version 2.1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3639
Expires: Tue, 22 Nov 2022 18:03:17 GMT
Date: Tue, 22 Nov 2022 17:02:38 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2461
Cache-Control: max-age=151778
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:38 GMT
Etag: "637ca4f3-1d7"
Expires: Thu, 24 Nov 2022 11:12:16 GMT
Last-Modified: Tue, 22 Nov 2022 10:31:15 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 22 Nov 2022 16:09:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3195
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17835
Expires: Tue, 22 Nov 2022 21:59:53 GMT
Date: Tue, 22 Nov 2022 17:02:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: NsrhnKewdrEAT0MzpRgynBRaVS7t1WZociEGbQLS3upWFeOs9jZTfVQCD22ZC3PZq4u7feaFkq8=
x-amz-request-id: FFM114GZPGY2TZHZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 22 Nov 2022 16:39:37 GMT
age: 1381
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
portrdevtracking.azurewebsites.net/?bookingref=AP16-1CJD&email=testv2@mailinator.com
23.101.54.230200 OK 1.3 kB URL HTTP/1.1 portrdevtracking.azurewebsites.net/?bookingref=AP16-1CJD&email=testv2@mailinator.com
IP 23.101.54.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2022), with no line terminators
Hash d966e50c155444df87c5e0e31e8bd11b
62894c2a72fe2f592d9e3d4ce9c057cc32b28bb1
3c821bd55f18198172bbd539ff4e4d17acbdc30b644014f43cdf3cfef350171f
GET /?bookingref=AP16-1CJD&email=testv2@mailinator.com HTTP/1.1
Host: portrdevtracking.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Length: 1275
Content-Type: text/html
Date: Tue, 22 Nov 2022 17:02:38 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "0385d7027f8d81:0"
Last-Modified: Mon, 14 Nov 2022 12:48:48 GMT
Set-Cookie: ARRAffinity=01fe008fe6ecfd6296bf35768c986b0aea9966e3fcf87abc791efba34df4165c;Path=/;HttpOnly;Domain=portrdevtracking.azurewebsites.net
Vary: Accept-Encoding
X-Powered-By: ASP.NET
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 17:02:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
portrdevtracking.azurewebsites.net/styles.css
23.101.54.230200 OK 23 kB URL HTTP/1.1 portrdevtracking.azurewebsites.net/styles.css
IP 23.101.54.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Hash 725085d8c2a45ee8653a1c59d6cd4624
bf5c35d76e006c90d5294743858bece222a887b1
a817b60c34ca95056882b31778dd09f16accdf5f14dbf639b81b40cb9ccb2ff4
GET /styles.css HTTP/1.1
Host: portrdevtracking.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/?bookingref=AP16-1CJD&email=testv2@mailinator.com
Cookie: ARRAffinity=01fe008fe6ecfd6296bf35768c986b0aea9966e3fcf87abc791efba34df4165c
HTTP/1.1 200 OK
Content-Length: 23036
Content-Type: text/css
Date: Tue, 22 Nov 2022 17:02:39 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "0385d7027f8d81:0"
Last-Modified: Mon, 14 Nov 2022 12:48:48 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css
104.17.24.14200 OK 382 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (1290), with no line terminators
Hash 0fdccbc9ab0563b984da415344206bc3
32e2fe3151bd7656667ba951d2512a57efbd0593
83ab14487f326759ee1070e7e24724a7667a9311966eb9539d6cd2056af610d7
GET /ajax/libs/slick-carousel/1.6.0/slick.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 17:02:39 GMT
content-type: text/css; charset=utf-8
content-length: 382
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-50a"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1022393
expires: Sun, 12 Nov 2023 17:02:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rX5EEvcavEc%2BpX4FIh6om5MyO0Xn4V5Pgdr%2B49nefELr81ewt5LQ6X6KsKPrcGiBQF9M4uF7dyPqsadjrlhd2n7NyVEvCLwjMtFnUygZcdw%2BYT6NeVhliAGLNaSNqVNtz1I2jKZT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76e33be77a4f0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css
104.17.24.14200 OK 637 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (2341), with no line terminators
Hash ace16504c46d8af7874a2565d472756c
8336209df75ed19425fd89802eb1410e704fa621
8fdb69e4f981a611c55eb25f04cabb056bfad171363359786e03cfbf6af655fc
GET /ajax/libs/slick-carousel/1.6.0/slick-theme.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 17:02:39 GMT
content-type: text/css; charset=utf-8
content-length: 637
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-92d"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1023890
expires: Sun, 12 Nov 2023 17:02:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqYVd6OKjKYnMu2CcMyvtAJAS0F3MDGVzoBKxy4yKH%2FvUKb9qH2yDBKHco75YQrk3XIqHsnE%2BhM%2FIxh4i205ZmTMOo0OIqq%2BjwtJedd4ynbTbYX5I%2BegYZeMqpaA6HPwQlJBTjkK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76e33be77a4c0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 585eab785e44953b9e6d7c389024ff3e
57582825e9a285177f38cd2fa868ad3a8eab85d1
f1c62af1e27c8510576adcb62b28be35f290d2ee71e873f7000c194980522e80
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-PM5VTF
142.250.74.168200 OK 84 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PM5VTF
IP 142.250.74.168:0
File type ASCII text, with very long lines (11309)
Hash 6c7dbd5516d5d1483aa4acaa1cdb0d0e
47b761cc5895f442bfca03422cd6243a3885aadb
c232807b87164b80040a7dec9f5f7c8b19d2b38ab704653230381ed31c03c92e
GET /gtm.js?id=GTM-PM5VTF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 22 Nov 2022 17:02:39 GMT
expires: Tue, 22 Nov 2022 17:02:39 GMT
cache-control: private, max-age=900
last-modified: Tue, 22 Nov 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83764
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 585eab785e44953b9e6d7c389024ff3e
57582825e9a285177f38cd2fa868ad3a8eab85d1
f1c62af1e27c8510576adcb62b28be35f290d2ee71e873f7000c194980522e80
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
portrdevtracking.azurewebsites.net/static/js/main.5d5dc860.js
23.101.54.230200 OK 573 kB URL HTTP/1.1 portrdevtracking.azurewebsites.net/static/js/main.5d5dc860.js
IP 23.101.54.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Size 573 kB (572751 bytes)
Hash ab397a98ec029ae7be53fe775fe096de
e7adea37150dd016e013e9ecf94c93fbfa705c52
f0502c2be8e80b84fddb727639e49c361b7cec811a49f3fa53765049642fb4a5
GET /static/js/main.5d5dc860.js HTTP/1.1
Host: portrdevtracking.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/?bookingref=AP16-1CJD&email=testv2@mailinator.com
Cookie: ARRAffinity=01fe008fe6ecfd6296bf35768c986b0aea9966e3fcf87abc791efba34df4165c
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Date: Tue, 22 Nov 2022 17:02:39 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "0385d7027f8d81:0"
Last-Modified: Mon, 14 Nov 2022 12:48:48 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: ASP.NET
fonts.googleapis.com/css?family=Open+Sans|Rock+Salt
142.250.74.10200 OK 976 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans|Rock+Salt
IP 142.250.74.10:0
Hash 5c89c3a0265d9a3d33be86f862ec5cd9
4e3e48a81ef646531951fd48005780ecc51337b5
6a528878febb063dc16ba9662d978edf30e41d994570da163a6892e2036416d2
GET /css?family=Open+Sans|Rock+Salt HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 22 Nov 2022 17:02:39 GMT
date: Tue, 22 Nov 2022 17:02:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3167
Cache-Control: max-age=147423
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:39 GMT
Etag: "637c912f-1d7"
Expires: Thu, 24 Nov 2022 09:59:42 GMT
Last-Modified: Tue, 22 Nov 2022 09:06:55 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
a1490faee06a48d2adac9d6195ce9caa.js.ubembed.com/
151.101.85.131200 OK 477 B URL HTTP/1.1 a1490faee06a48d2adac9d6195ce9caa.js.ubembed.com/
IP 151.101.85.131:0
File type ASCII text, with very long lines (477), with no line terminators
Hash 1d9b233e9a14637328bf008736e2c14c
dc7dc682c1dc25bb05a446ff4422caabb5a7cd1b
103d0b24859dd115750c17f412bf3d61bf8cddfb674f0d4f3c0eabe511199a03
GET / HTTP/1.1
Host: a1490faee06a48d2adac9d6195ce9caa.js.ubembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Type: application/json
x-amz-apigw-id: cA0LfFBVDoEF4kg=
X-Amz-Cf-Pop: ARN56-P2
X-Backend-Region: eu_west_1
Date: Tue, 22 Nov 2022 17:02:39 GMT
Age: 0
X-Cache: Miss from cloudfront, MISS
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, must-revalidate
Vary: Accept-Encoding, Referer
ETag: 5515ba14a7cec3203fd949e7a62c67de-v0.179.2
transfer-encoding: chunked
portrdevtracking.azurewebsites.net/favicon.svg
23.101.54.230200 OK 798 B URL HTTP/1.1 portrdevtracking.azurewebsites.net/favicon.svg
IP 23.101.54.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (798), with no line terminators
Hash 912932308bb85e8ed28d9286ed536bf0
1eafa83db886efc13a093dc0e130c5564fc96dfd
231a19d5ccf2f0b38ad1a7770eb7a84f5546d5595a12589b1af5f114fab72998
GET /favicon.svg HTTP/1.1
Host: portrdevtracking.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/?bookingref=AP16-1CJD&email=testv2@mailinator.com
Cookie: ARRAffinity=01fe008fe6ecfd6296bf35768c986b0aea9966e3fcf87abc791efba34df4165c
HTTP/1.1 200 OK
Content-Length: 798
Content-Type: image/svg+xml
Date: Tue, 22 Nov 2022 17:02:39 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0a65e5127f8d81:0"
Last-Modified: Mon, 14 Nov 2022 12:47:56 GMT
X-Powered-By: ASP.NET
assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
143.204.55.39200 OK 68 kB URL HTTP/2 assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
IP 143.204.55.39:0
File type Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Hash 350e0023d72212a5a6f4433584517c44
0b85d0ac4490a74f6465477dc5c225014b3b93e7
ec2c15d438526c53b5a00c90f3fa05c4e48364235592a860590fd28ae0d22e7b
GET /universalscript/releases/v0.179.2/bundle.js HTTP/1.1
Host: assets.ubembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 03 Sep 2022 23:09:05 GMT
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
etag: W/"359008fe01078c59c66e034866170bd2"
cache-control: max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kA_Xn7uMAIwA2KyqPQ2qDHqTwCrWqqvjEN0pjVG0gwQvu50x79jYKQ==
age: 6890014
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 461760f30678f8aa3ad801eb88dc59d9
7b3c33ec99c429ad19918895014e309ca947f31a
fe8c62f7c90fa17a3d286b4abc0c8d7aa338d26aa4724d0d5dbaaab7b889b382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Muli:300,400,600
142.250.74.10200 OK 425 B URL HTTP/2 fonts.googleapis.com/css?family=Muli:300,400,600
IP 142.250.74.10:0
Hash 04db2def93f2f1bd2c68245ed26d749a
78d0542fdf18ff6dffac7507d5ff7248f7fcc570
6a11375177189c9db7b9f0d63d45c8cbfdda9a48cac6f46edc493bf4319a73c6
GET /css?family=Muli:300,400,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 22 Nov 2022 17:02:39 GMT
date: Tue, 22 Nov 2022 17:02:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.43.58.150101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.58.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3mIlT2+M2Bc06T+NvI/UQA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 04YumYSPRASrLUAZJAnpdRRC/QI=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0be3e3b6a55789993d7a1a175bb8e335
70e1b2ef23731397872aa67d3da9f97d40e4fad4
155e55bec061fd76dc2a73b570ebbac9ad17f22e95394c7bf96094a0729a7a54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1247
Cache-Control: max-age=143344
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:40 GMT
Etag: "637c88c1-1d7"
Expires: Thu, 24 Nov 2022 08:51:44 GMT
Last-Modified: Tue, 22 Nov 2022 08:30:57 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/966109999/?random=1669136559280&cv=11&fst=1669136559280&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fportrdevtracking.azurewebsites.net%2F%3Fbookingref%3DAP16-1CJD%26email%3Dtestv2%40mailinator.com&tiba=Track%20your%20AirPortr%20booking&rfmt=3&fmt=4
142.250.74.98200 OK 916 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/966109999/?random=1669136559280&cv=11&fst=1669136559280&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fportrdevtracking.azurewebsites.net%2F%3Fbookingref%3DAP16-1CJD%26email%3Dtestv2%40mailinator.com&tiba=Track%20your%20AirPortr%20booking&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (1955), with no line terminators
Hash de6d23d03052daa1cb7adfea6ffa846b
173e4c673f31c21cdade5a6c2469403d7db8aa24
a28a710b78fa3a64e22032478b4ef0b3ec91515850eebdc7c4735f709292733e
GET /pagead/viewthroughconversion/966109999/?random=1669136559280&cv=11&fst=1669136559280&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fportrdevtracking.azurewebsites.net%2F%3Fbookingref%3DAP16-1CJD%26email%3Dtestv2%40mailinator.com&tiba=Track%20your%20AirPortr%20booking&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:02:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 916
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 22-Nov-2022 17:17:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dev-apigateway.airportr.com/Web/api/System/CurrentUKDateTime
40.113.11.222200 OK 0 B URL HTTP/1.1 dev-apigateway.airportr.com/Web/api/System/CurrentUKDateTime
IP 40.113.11.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /Web/api/System/CurrentUKDateTime HTTP/1.1
Host: dev-apigateway.airportr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: ocp-apim-subscription-key
Referer: http://portrdevtracking.azurewebsites.net/
Origin: http://portrdevtracking.azurewebsites.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
Access-Control-Allow-Headers: ocp-apim-subscription-key
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Access-Control-Allow-Methods: GET
Date: Tue, 22 Nov 2022 17:02:40 GMT
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 461760f30678f8aa3ad801eb88dc59d9
7b3c33ec99c429ad19918895014e309ca947f31a
fe8c62f7c90fa17a3d286b4abc0c8d7aa338d26aa4724d0d5dbaaab7b889b382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: RvEi4+WFTTo9wRS6aRPS/rIjRaleleGqchSBEgDaEBHf/NArnm+AktHqoRIXZ+oXjtGSQrS7iGAEmwvmbSiG3w==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Tue, 22 Nov 2022 17:02:40 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0be3e3b6a55789993d7a1a175bb8e335
70e1b2ef23731397872aa67d3da9f97d40e4fad4
155e55bec061fd76dc2a73b570ebbac9ad17f22e95394c7bf96094a0729a7a54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1247
Cache-Control: max-age=143344
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:40 GMT
Etag: "637c88c1-1d7"
Expires: Thu, 24 Nov 2022 08:51:44 GMT
Last-Modified: Tue, 22 Nov 2022 08:30:57 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
dev-apigateway.airportr.com/Web/api/System/CurrentUKDateTime
40.113.11.222200 OK 150 B URL HTTP/1.1 dev-apigateway.airportr.com/Web/api/System/CurrentUKDateTime
IP 40.113.11.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with no line terminators
Hash f0b7c33a4c9c1b1ebacf4b5213978cb8
aed0f5128a67f236f6d777d4994325be23bb3797
815031f7844254ca4094f8874b2ff993577eb7308c4f90cba6b56bb0fba4f2e9
GET /Web/api/System/CurrentUKDateTime HTTP/1.1
Host: dev-apigateway.airportr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Ocp-Apim-Subscription-Key: c1601a74cfb5465e8b720c6cfc8fa7b0
Origin: http://portrdevtracking.azurewebsites.net
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Encoding,Date,Set-Cookie,Server,Transfer-Encoding,Vary,X-AspNet-Version,X-Powered-By
Set-Cookie: ARRAffinity=01fe008fe6ecfd6296bf35768c986b0aea9966e3fcf87abc791efba34df4165c;Path=/;HttpOnly;Secure;Domain=portrwebdevapi.azurewebsites.net
ARRAffinitySameSite=01fe008fe6ecfd6296bf35768c986b0aea9966e3fcf87abc791efba34df4165c;Path=/;HttpOnly;SameSite=None;Secure;Domain=portrwebdevapi.azurewebsites.net
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 22 Nov 2022 17:02:40 GMT
cdn.mouseflow.com/projects/418273ee-bca5-4064-a67f-2b0e393d2bcf_eu.js
151.139.128.10200 OK 18 kB URL HTTP/2 cdn.mouseflow.com/projects/418273ee-bca5-4064-a67f-2b0e393d2bcf_eu.js
IP 151.139.128.10:0
File type ASCII text, with very long lines (61747), with CRLF line terminators
Hash 06aefad98b552b9193cfec803ad48701
d0ad6f4d1905553049b6adc1ce769ea70486eff4
cfed341a4237641fe2ac2a429d9ab00422e0fd507c923e75291121ee43c6bf76
GET /projects/418273ee-bca5-4064-a67f-2b0e393d2bcf_eu.js HTTP/1.1
Host: cdn.mouseflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://portrdevtracking.azurewebsites.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 17:02:40 GMT
cache-control: max-age=86400
content-encoding: gzip
content-length: 17526
content-type: application/javascript; charset=utf-8
last-modified: Mon, 21 Nov 2022 09:17:02 GMT
accept-ranges: bytes
etag: "7d4a4e48afdd81:0"
server:
x-hw: 1669136560.cds249.sk1.hn,1669136560.cds235.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash dc18476a17e787dc0700f3ee8dc99bcf
4db3ef7edb2683d8141280b9dd780ce4375e3c0f
4082538731e62eb96bd62690e973875ef9e3048432a3a849d7bedd37872b79ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash fab2cb3bd48a955d89176110d75459e4
8e642591b32f0095b8302d23b2aa3d4849352c56
71e3ae0dd72335874bd1e42e216d72a6185fb21786e55efbf3012ee0094692a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dev-apigateway.airportr.com/Web/api/Tracking/GetTrackingStatus
40.113.11.222200 OK 0 B URL HTTP/1.1 dev-apigateway.airportr.com/Web/api/Tracking/GetTrackingStatus
IP 40.113.11.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /Web/api/Tracking/GetTrackingStatus HTTP/1.1
Host: dev-apigateway.airportr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: api_key,content-type,ocp-apim-subscription-key
Referer: http://portrdevtracking.azurewebsites.net/
Origin: http://portrdevtracking.azurewebsites.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
Access-Control-Allow-Headers: api_key,content-type,ocp-apim-subscription-key
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Access-Control-Allow-Methods: POST
Date: Tue, 22 Nov 2022 17:02:40 GMT
www.dwin1.com/18949.js
143.204.55.42200 OK 9.4 kB IP 143.204.55.42:0
Hash ab214dd1b40df49be3921d47a998989f
28d3f87c03cde78e39bbbf1ca1e3d91859589f16
c5ec9f3168960b7f6ae4229b8b1a9ea1dc2527947f4ed6c47b7ddef198316825
GET /18949.js HTTP/1.1
Host: www.dwin1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Nov 2022 12:11:36 GMT
x-amz-version-id: _7Wt_g.6g0EXCTYDhBcub.HkHLOcdaXD
server: AmazonS3
content-encoding: gzip
date: Tue, 22 Nov 2022 17:02:41 GMT
cache-control: max-age=600, s-maxage=600
etag: W/"1cc877e32ce5cc25fb60344b673cce07"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0K461gVX_8FS9Uz-SMdh5YbKGC1EvZ2MWrLD7dUH9VxZL772yWLBGQ==
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/966109999/?random=1669136559280&cv=11&fst=1669136400000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fportrdevtracking.azurewebsites.net%2F%3Fbookingref%3DAP16-1CJD%26email%3Dtestv2%40mailinator.com&tiba=Track%20your%20AirPortr%20booking&fmt=3&is_vtc=1&random=589590575&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/966109999/?random=1669136559280&cv=11&fst=1669136400000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fportrdevtracking.azurewebsites.net%2F%3Fbookingref%3DAP16-1CJD%26email%3Dtestv2%40mailinator.com&tiba=Track%20your%20AirPortr%20booking&fmt=3&is_vtc=1&random=589590575&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/966109999/?random=1669136559280&cv=11&fst=1669136400000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fportrdevtracking.azurewebsites.net%2F%3Fbookingref%3DAP16-1CJD%26email%3Dtestv2%40mailinator.com&tiba=Track%20your%20AirPortr%20booking&fmt=3&is_vtc=1&random=589590575&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:02:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-41497132-4&cid=1323930566.1669136560&jid=778013174&gjid=1905935745&_gid=56070373.1669136560&_u=KGBAiEIRBAAAAEAAI~&z=1196164872
142.251.1.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-41497132-4&cid=1323930566.1669136560&jid=778013174&gjid=1905935745&_gid=56070373.1669136560&_u=KGBAiEIRBAAAAEAAI~&z=1196164872
IP 142.251.1.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-41497132-4&cid=1323930566.1669136560&jid=778013174&gjid=1905935745&_gid=56070373.1669136560&_u=KGBAiEIRBAAAAEAAI~&z=1196164872 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://portrdevtracking.azurewebsites.net
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://portrdevtracking.azurewebsites.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 22 Nov 2022 17:02:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash dc18476a17e787dc0700f3ee8dc99bcf
4db3ef7edb2683d8141280b9dd780ce4375e3c0f
4082538731e62eb96bd62690e973875ef9e3048432a3a849d7bedd37872b79ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9ef11a2d1e232b4b45e40ff0c29fa8b0
0966963f13e3b149e3e3c8c2c81e7986d1d8a07b
9ce8b9ab5f1dfdc0686d1660ed64c6eff5cc3d1492d82aa769ac58e3a159dd1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=851578864931280&ev=PageView&dl=http%3A%2F%2Fportrdevtracking.azurewebsites.net%2F%3Fbookingref%3DAP16-1CJD%26email%3D_removed_%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522email%2522%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1669136560274&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1669136560273.68527601&it=1669136559944&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=851578864931280&ev=PageView&dl=http%3A%2F%2Fportrdevtracking.azurewebsites.net%2F%3Fbookingref%3DAP16-1CJD%26email%3D_removed_%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522email%2522%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1669136560274&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1669136560273.68527601&it=1669136559944&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=851578864931280&ev=PageView&dl=http%3A%2F%2Fportrdevtracking.azurewebsites.net%2F%3Fbookingref%3DAP16-1CJD%26email%3D_removed_%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522email%2522%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1669136560274&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1669136560273.68527601&it=1669136559944&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Nov 2022 17:02:40 GMT
X-Firefox-Spdy: h2
dev-apigateway.airportr.com/Web/api/Tracking/GetTrackingStatus
40.113.11.222200 OK 1.8 kB URL HTTP/1.1 dev-apigateway.airportr.com/Web/api/Tracking/GetTrackingStatus
IP 40.113.11.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (354), with CRLF line terminators
Hash 90810fa29a8b457fc481e208ab602b6d
923e1f0242cac48526c43b68039076d1004d1caf
9b02182f3ee87c63db3ed74fa1e1b3386ea1e419dea4bb3873e1badc4d4549d6
POST /Web/api/Tracking/GetTrackingStatus HTTP/1.1
Host: dev-apigateway.airportr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Ocp-Apim-Subscription-Key: c1601a74cfb5465e8b720c6cfc8fa7b0
API_KEY: 22559632145645
Content-Length: 102
Origin: http://portrdevtracking.azurewebsites.net
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Encoding,Date,Set-Cookie,Server,Transfer-Encoding,Vary,X-AspNet-Version,X-Powered-By
Set-Cookie: ARRAffinity=01fe008fe6ecfd6296bf35768c986b0aea9966e3fcf87abc791efba34df4165c;Path=/;HttpOnly;Secure;Domain=portrwebdevapi.azurewebsites.net
ARRAffinitySameSite=01fe008fe6ecfd6296bf35768c986b0aea9966e3fcf87abc791efba34df4165c;Path=/;HttpOnly;SameSite=None;Secure;Domain=portrwebdevapi.azurewebsites.net
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 22 Nov 2022 17:02:40 GMT
portrdevtracking.azurewebsites.net/static/media/logo_airportr.e47c8392.svg
23.101.54.230200 OK 7.8 kB URL HTTP/1.1 portrdevtracking.azurewebsites.net/static/media/logo_airportr.e47c8392.svg
IP 23.101.54.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1201), with CRLF line terminators
Hash e47c83924724a6d603fbac45eb31f5b7
5e925b0f32d6a61b5689b02c2db2d11046bb8388
f0a792e87d9c7f2899782ddfc0765731240ac7cf45f8de942a487fda71152125
GET /static/media/logo_airportr.e47c8392.svg HTTP/1.1
Host: portrdevtracking.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/?bookingref=AP16-1CJD&email=testv2@mailinator.com
Cookie: ARRAffinity=01fe008fe6ecfd6296bf35768c986b0aea9966e3fcf87abc791efba34df4165c; _ga=GA1.3.1323930566.1669136560; _gid=GA1.3.56070373.1669136560; _gat=1; _fbp=fb.2.1669136560273.68527601
HTTP/1.1 200 OK
Content-Length: 7755
Content-Type: image/svg+xml
Date: Tue, 22 Nov 2022 17:02:40 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0385d7027f8d81:0"
Last-Modified: Mon, 14 Nov 2022 12:48:48 GMT
X-Powered-By: ASP.NET
portrdevtracking.azurewebsites.net/static/media/remember_1.d3b00a45.svg
23.101.54.230200 OK 2.6 kB URL HTTP/1.1 portrdevtracking.azurewebsites.net/static/media/remember_1.d3b00a45.svg
IP 23.101.54.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (976), with CRLF line terminators
Hash d3b00a45118f8c8c39d6d391a67b248e
854cd12e4dce87f71ab23ec16173a9f958cf895c
2b621304e3185f0a82abc9c5cd53f68a5f534af510c5965cf727dcd1673c3f02
GET /static/media/remember_1.d3b00a45.svg HTTP/1.1
Host: portrdevtracking.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/?bookingref=AP16-1CJD&email=testv2@mailinator.com
Cookie: ARRAffinity=01fe008fe6ecfd6296bf35768c986b0aea9966e3fcf87abc791efba34df4165c; _ga=GA1.3.1323930566.1669136560; _gid=GA1.3.56070373.1669136560; _gat=1; _fbp=fb.2.1669136560273.68527601
HTTP/1.1 200 OK
Content-Length: 2555
Content-Type: image/svg+xml
Date: Tue, 22 Nov 2022 17:02:40 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0385d7027f8d81:0"
Last-Modified: Mon, 14 Nov 2022 12:48:48 GMT
X-Powered-By: ASP.NET
portrdevtracking.azurewebsites.net/static/media/PortrTrackingIcons.1a4a4d44.ttf
23.101.54.230200 OK 3.9 kB URL HTTP/1.1 portrdevtracking.azurewebsites.net/static/media/PortrTrackingIcons.1a4a4d44.ttf
IP 23.101.54.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type TrueType Font data, 12 tables, 1st "GSUB", 14 names, Macintosh, type 1 string, PortrTrackingIcons\012- data
Hash 1a4a4d44a393c70dd04114a8b78117d0
e6a9939ebf62b25542dd2728bfbd0cedc5579b79
a66032ccfe52a52ca57a8c38d563efe150fd61e71aacf213f8cbb592b0abb49d
GET /static/media/PortrTrackingIcons.1a4a4d44.ttf HTTP/1.1
Host: portrdevtracking.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/styles.css
Cookie: ARRAffinity=01fe008fe6ecfd6296bf35768c986b0aea9966e3fcf87abc791efba34df4165c; _ga=GA1.3.1323930566.1669136560; _gid=GA1.3.56070373.1669136560; _gat=1; _fbp=fb.2.1669136560273.68527601
HTTP/1.1 200 OK
Content-Length: 3928
Content-Type: application/octet-stream
Date: Tue, 22 Nov 2022 17:02:40 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0385d7027f8d81:0"
Last-Modified: Mon, 14 Nov 2022 12:48:48 GMT
X-Powered-By: ASP.NET
portrdevtracking.azurewebsites.net/static/media/remember_2.093d4f6c.svg
23.101.54.230200 OK 4.1 kB URL HTTP/1.1 portrdevtracking.azurewebsites.net/static/media/remember_2.093d4f6c.svg
IP 23.101.54.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2388), with CRLF line terminators
Hash 093d4f6cb0559bd230b58cc2db77ce99
f7716b9623461d8cf250245e558c04b4b0f2e163
2a4d215ebd253a9dee6ed07ce09b2a3bb52e068e9f76cf7c18bf7adf365d193f
GET /static/media/remember_2.093d4f6c.svg HTTP/1.1
Host: portrdevtracking.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/?bookingref=AP16-1CJD&email=testv2@mailinator.com
Cookie: ARRAffinity=01fe008fe6ecfd6296bf35768c986b0aea9966e3fcf87abc791efba34df4165c; _ga=GA1.3.1323930566.1669136560; _gid=GA1.3.56070373.1669136560; _gat=1; _fbp=fb.2.1669136560273.68527601
HTTP/1.1 200 OK
Content-Length: 4112
Content-Type: image/svg+xml
Date: Tue, 22 Nov 2022 17:02:40 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0385d7027f8d81:0"
Last-Modified: Mon, 14 Nov 2022 12:48:48 GMT
X-Powered-By: ASP.NET
portrdevtracking.azurewebsites.net/static/media/remember_3.ba51349c.svg
23.101.54.230200 OK 2.5 kB URL HTTP/1.1 portrdevtracking.azurewebsites.net/static/media/remember_3.ba51349c.svg
IP 23.101.54.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1479), with CRLF line terminators
Hash ba51349c9f6c52457ab42505eacdb88e
cb7f9e9727bf2ab630c7212b853d7d69fb3b1cd7
d074c3a1427273e54ff98a70402ca9ebd6218c619a2417eb1d9e9eb4a7e255ab
GET /static/media/remember_3.ba51349c.svg HTTP/1.1
Host: portrdevtracking.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/?bookingref=AP16-1CJD&email=testv2@mailinator.com
Cookie: ARRAffinity=01fe008fe6ecfd6296bf35768c986b0aea9966e3fcf87abc791efba34df4165c; _ga=GA1.3.1323930566.1669136560; _gid=GA1.3.56070373.1669136560; _gat=1; _fbp=fb.2.1669136560273.68527601
HTTP/1.1 200 OK
Content-Length: 2516
Content-Type: image/svg+xml
Date: Tue, 22 Nov 2022 17:02:40 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0385d7027f8d81:0"
Last-Modified: Mon, 14 Nov 2022 12:48:48 GMT
X-Powered-By: ASP.NET
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 31196, version 1.0\012- data
Hash ea2343c7dccad57360fb611d67204445
b603d9e68bb1ed5e4b33d5e31121160cb4d23452
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
GET /s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://portrdevtracking.azurewebsites.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 06:19:58 GMT
expires: Fri, 17 Nov 2023 06:19:58 GMT
cache-control: public, max-age=31536000
age: 470562
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
portrdevtracking.azurewebsites.net/static/media/help_contact.090acb50.svg
23.101.54.230200 OK 3.6 kB URL HTTP/1.1 portrdevtracking.azurewebsites.net/static/media/help_contact.090acb50.svg
IP 23.101.54.230:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (475), with CRLF line terminators
Hash 090acb50e99fbde4ad7db3e6bd7d56e8
2ca48396881987a381aaf044f2a6d3d02f1cc2a6
bcc5dfc16ba1f2858dd72bed42183cbf145e6b395533e008d747a9b591523e57
GET /static/media/help_contact.090acb50.svg HTTP/1.1
Host: portrdevtracking.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/styles.css
Cookie: ARRAffinity=01fe008fe6ecfd6296bf35768c986b0aea9966e3fcf87abc791efba34df4165c; _ga=GA1.3.1323930566.1669136560; _gid=GA1.3.56070373.1669136560; _gat=1; _fbp=fb.2.1669136560273.68527601
HTTP/1.1 200 OK
Content-Length: 3566
Content-Type: image/svg+xml
Date: Tue, 22 Nov 2022 17:02:40 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0385d7027f8d81:0"
Last-Modified: Mon, 14 Nov 2022 12:48:48 GMT
X-Powered-By: ASP.NET
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9ef11a2d1e232b4b45e40ff0c29fa8b0
0966963f13e3b149e3e3c8c2c81e7986d1d8a07b
9ce8b9ab5f1dfdc0686d1660ed64c6eff5cc3d1492d82aa769ac58e3a159dd1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 17:02:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
portrdevimagestorage.blob.core.windows.net/app-images/34f51495-75ca-4e59-8b77-ac1bb54fb686.png
52.239.248.196200 OK 25 kB URL HTTP/1.1 portrdevimagestorage.blob.core.windows.net/app-images/34f51495-75ca-4e59-8b77-ac1bb54fb686.png
IP 52.239.248.196:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash cc42682db863c5befa70fdc26bc55f27
b9f327e7b91b4f4846a898a14f0fd08de2827eb7
cd98cd49abd7f62571003db1d263fa1e2177fb2666e66a8d229be863ecd3c393
GET /app-images/34f51495-75ca-4e59-8b77-ac1bb54fb686.png HTTP/1.1
Host: portrdevimagestorage.blob.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 24912
Content-Type: application/octet-stream
Content-MD5: zEJoLbhjxb76cP3Ca8VfJw==
Last-Modified: Wed, 13 Oct 2021 10:36:37 GMT
Accept-Ranges: bytes
ETag: "0x8D98E3555B24504"
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ceca9f8f-801e-002c-1e94-fec27e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
Date: Tue, 22 Nov 2022 17:02:40 GMT
maps.google.com/maps/api/js?key=AIzaSyA1MJ2M9dGMpKZ7ipdb2rRl2LpfaKzgPUY
216.58.211.14200 OK 53 kB URL HTTP/2 maps.google.com/maps/api/js?key=AIzaSyA1MJ2M9dGMpKZ7ipdb2rRl2LpfaKzgPUY
IP 216.58.211.14:0
File type ASCII text, with very long lines (2380)
Hash 4c9baff4b3982bcbc1a5e707c38bddb6
8bb2c291c4570f6bbd5d730b5e2af30fd3907453
4703266479fb05af3444f67686e6c11a44de9d7140e2212354a2930ea9e39679
GET /maps/api/js?key=AIzaSyA1MJ2M9dGMpKZ7ipdb2rRl2LpfaKzgPUY HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 17:02:41 GMT
expires: Tue, 22 Nov 2022 17:32:41 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 53334
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.74200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.74:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://portrdevtracking.azurewebsites.net
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 22 Nov 2022 17:02:41 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: http://portrdevtracking.azurewebsites.net
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16998
Expires: Tue, 22 Nov 2022 21:45:59 GMT
Date: Tue, 22 Nov 2022 17:02:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16998
Expires: Tue, 22 Nov 2022 21:45:59 GMT
Date: Tue, 22 Nov 2022 17:02:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16998
Expires: Tue, 22 Nov 2022 21:45:59 GMT
Date: Tue, 22 Nov 2022 17:02:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16998
Expires: Tue, 22 Nov 2022 21:45:59 GMT
Date: Tue, 22 Nov 2022 17:02:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dafd9e17dc0023e71ae513c6025e4b80
12e2654db1f384bb04f5c5042848b25dda86b710
e9c885a102dc811648cec4ac292db63564e81a48d7a3611cb31fba73b37286dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4639
x-amzn-requestid: 8a93fa29-158b-4402-aac4-85ad29a74ae1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6oELooAMFWFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-5a85509b26d9aeef7ae59b4c;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bmrDryUp_4bvIikGkppa36e9isEfvK0gjunV6xmU5ApJtxlLR_GYkA==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:05:18 GMT
age: 68243
etag: "12e2654db1f384bb04f5c5042848b25dda86b710"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nwXP5jm9A2Cl3_-Lm194ycXkeClig1L9hwgUgE8i8NF-Vv2gNfj_4Q==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 15:03:51 GMT
age: 7130
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f3fad7453f45dfa617243c8beac64e1
56414a905340e1b1478a0a40a52b25365a724524
7befcfbedac5652eb04bc675b67f7b642631d4e918f7aaee17b0b594e26854d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6031
x-amzn-requestid: f59b04c5-4955-4847-9a7f-d9d53b47ca52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3cV0GC-oAMF5hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637940f1-0425b3cf6a4650b60936feba;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 20:47:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VabInML1mfcQLIp29OWRNsixwfSWt0Wv9l7I-Ak7TdUHlNt2ZEVtPg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 15:21:36 GMT
age: 6065
etag: "56414a905340e1b1478a0a40a52b25365a724524"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 472ceca597feefba355fbd65998977b7
f3f2e5a8d14e009d0eaa3d7637730c4c525e3a9a
e201f706ba38f04ef07d74a67eec187ad8b882027b96b0e4e700162f96da422f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7751
x-amzn-requestid: 577947ab-4fbe-4b07-944a-2b65cf5ed6d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b4UE9GJ9IAMFVtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63799a1f-1a26961e20c88cd54a613ddb;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 03:08:15 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: QB2RJo7NR7FMDRC7fC9eLMW99KR7andopIeu4qi0yp_tihE0vtpkXw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 04:49:03 GMT
age: 44018
etag: "f3f2e5a8d14e009d0eaa3d7637730c4c525e3a9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed6b76d15fc8d6295acdb6fb47461d3
b8c928f93a8d82b48491448d811a95ad99dc6aef
de326836a9de677438b9ae724198e94348b0900c62817ff10de3677ce93fdae0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8685
x-amzn-requestid: 66455cc7-83d7-4570-99f9-5fa838da947f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrAHwKoAMFUHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee46-354d65e9609bc05647556a5a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -9tZPsMl7i5hr0N1rwJdQBLiOImuEO12RDL0pcPNjf6t-LkRbPaN2A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:58:29 GMT
age: 68652
etag: "b8c928f93a8d82b48491448d811a95ad99dc6aef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ab62c5a7c3296600de924eb0b283bc1
bc4a2dc43898e3fb78ba7301d8b09b280991d221
f2a4c0829a4fb9a585113ed358832d16470ec391035a302a8f3c4666172f02bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10556
x-amzn-requestid: d2426c6d-5e78-496c-8649-0496a872b380
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-Iq0GPVoAMF9bg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee45-1ee6dc09394731cc4dbfc38a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sBNLrVAl4G6pJ-OBZ6aJZC64MrkkGQdsuZKITQwcqgYgP6-GJiblfA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:59:20 GMT
age: 68601
etag: "bc4a2dc43898e3fb78ba7301d8b09b280991d221"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
maps.gstatic.com/mapfiles/openhand_8_8.cur
142.250.74.163200 OK 326 B URL HTTP/2 maps.gstatic.com/mapfiles/openhand_8_8.cur
IP 142.250.74.163:0
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @8x8\012- data
Hash feff9159f56cb2069041d660b484eb07
0d0a08cf25a258511957f357b89d3908f3c5e6e3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
GET /mapfiles/openhand_8_8.cur HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/bmp
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 326
date: Tue, 22 Nov 2022 17:02:41 GMT
expires: Tue, 22 Nov 2022 17:02:41 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
portrlivecdnstorage.blob.core.windows.net/webimages/location.png
20.150.104.100200 OK 890 B URL HTTP/1.1 portrlivecdnstorage.blob.core.windows.net/webimages/location.png
IP 20.150.104.100:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 44b3862b14b179c865f173f5a455d14a
b232d6188befe2ed3176159d3c648f711f7ecef5
c9092fba839291a319ccc56c589705087f1486ccf5578a9014d926d2c408d38b
GET /webimages/location.png HTTP/1.1
Host: portrlivecdnstorage.blob.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 890
Content-Type: image/png
Content-MD5: RLOGKxSxechl8XP1pFXRSg==
Last-Modified: Mon, 08 Oct 2018 14:06:37 GMT
ETag: 0x8D62D274309B58D
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1b215045-801e-006d-1294-fea649000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
Date: Tue, 22 Nov 2022 17:02:40 GMT
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://portrdevtracking.azurewebsites.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:08 GMT
expires: Thu, 16 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 509314
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-1034993.js?sv=6
143.204.55.54200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-1034993.js?sv=6
IP 143.204.55.54:0
GET /c/hotjar-1034993.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://portrdevtracking.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Tue, 22 Nov 2022 17:02:40 GMT
cache-control: max-age=60
etag: W/3881fe5d966225ac82f71e1eba695d7f
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LqpkrhTjYNaVKWQFu1YHdWQYvAM6JHtnyEWZkY8jovMVdD9WBCNFHA==
X-Firefox-Spdy: h2