r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 96abc4d0be3e74da1484937a66c5ff39
357520bead07e25b52d4ca0c0c69db60cfaa0d7c
32c544ef8b8a3faaf08bdb76f8a387510037dfc15a022fd59457cf45215a6ba8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "32C544EF8B8A3FAAF08BDB76F8A387510037DFC15A022FD59457CF45215A6BA8"
Last-Modified: Thu, 02 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4011
Expires: Fri, 03 Mar 2023 15:10:31 GMT
Date: Fri, 03 Mar 2023 14:03:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a39c6b0123e56e5b89743a8ad25c746e
feb61559594a73b319532dec130f10068fdf1242
d1adf9c8c7e63c33674a6af4b4111fe0ce1092d362ca4bf7c7dd00e6b6034f09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1ADF9C8C7E63C33674A6AF4B4111FE0CE1092D362CA4BF7C7DD00E6B6034F09"
Last-Modified: Thu, 02 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11604
Expires: Fri, 03 Mar 2023 17:17:04 GMT
Date: Fri, 03 Mar 2023 14:03:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d2383d0b67af7368d8e13a3013f4065a
cdf951e84f87d010cf40b76f7b91e82ad17f374f
5463c186f7f30f83be61e91a980c749b70089e48b234d73a6e7eeb179cfd7ee9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5463C186F7F30F83BE61E91A980C749B70089E48B234D73A6E7EEB179CFD7EE9"
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11476
Expires: Fri, 03 Mar 2023 17:14:56 GMT
Date: Fri, 03 Mar 2023 14:03:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Retry-After, Backoff, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Mar 2023 13:13:02 GMT
content-type: application/json
age: 3038
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /Wjr9TF5VCZf3SejnQHIY05qzpcHwBsnkgVSxYbOPkjkNc4qnUr8RLOoMVt1+ggDXhXkdFM8xbT23zfKrTQa9g==
x-amz-request-id: F8MSW9DBMB4PSKRT
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Mar 2023 13:15:50 GMT
age: 2870
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
7d5015.qxjrfppdpn.com/
307 Temporary Redirect 7.8 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (553)
Hash a9cd405a7f8bca68639aed314993e2ef
10728e7ef1a6b2c6c3351f85034c753bd669ab37
181aa5e952fd375c296b85bea83b4dd47e1801e0670d385ea01503a709cef8c7
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: 7d5015.qxjrfppdpn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 307 Temporary Redirect
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 03 Mar 2023 14:03:40 GMT
Server: nginx
X-Status: OK
X-UID: Root=1-6401fe3b-4914cb8853b3a80515531b70
Location: https://pr.hot-tubs-71052.com?backfill=0&lrt=1&KW1=V%C3%AD%C5%99ivka&KW2=Venkovni+V%C3%AD%C5%99ivka&KW3=Venkovni+Virivky&KW4=V%C3%AD%C5%99iv%C3%A9+Vany&KW5=V%C3%AD%C5%99ivka+Pro+2+Osoby&KW6=Celoro%C4%8Dn%C3%AD+V%C3%AD%C5%99ivka&domainname=0&searchbox=0&subid1=c6cd08296344c932c3463e54a31ad7035d3acd4a23235c4fef3dbc32481a7111&track_id=c6cd08296344c932c3463e54a31ad7035d3acd4a23235c4fef3dbc32481a7111&kcoptimize=1&theme=DoriPlus&vertical=Health&offer=Hot+Tubs+PR
Referrer-Policy: unsafe-url
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NXPGCKwXBYO3GOaa1QxHUZ0EVWYbGIkcq8I1NtON-_Ae3PIshYNM4Q==
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Mar 2023 14:03:40 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Retry-After, Alert, Content-Length, Backoff, ETag, Content-Type, Cache-Control, Last-Modified, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Mar 2023 13:12:26 GMT
age: 3074
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8ddb84e2157feb55046e9c38505fa076
13408d681d1058fd013bfc0ac3417c21958bd991
0a078ba6f36bb4ae763c046192a12db0cff7a38b138361837ec3035eda9b9ff4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A078BA6F36BB4AE763C046192A12DB0CFF7A38B138361837EC3035EDA9B9FF4"
Last-Modified: Wed, 01 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21594
Expires: Fri, 03 Mar 2023 20:03:34 GMT
Date: Fri, 03 Mar 2023 14:03:40 GMT
Connection: keep-alive
pr.hot-tubs-71052.com/?backfill=0&lrt=1&KW1=V%C3%AD%C5%99ivka&KW2=Venkovni+V%C3%AD%C5%99ivka&KW3=Venkovni+Virivky&KW4=V%C3%AD%C5%99iv%C3%A9+Vany&KW5=V%C3%AD%C5%99ivka+Pro+2+Osoby&KW6=Celoro%C4%8Dn%C3%AD+V%C3%AD%C5%99ivka&domainname=0&searchbox=0&subid1=c6cd08296344c932c3463e54a31ad7035d3acd4a23235c4fef3dbc32481a7111&track_id=c6cd08296344c932c3463e54a31ad7035d3acd4a23235c4fef3dbc32481a7111&kcoptimize=1&theme=DoriPlus&vertical=Health&offer=Hot+Tubs+PR
200 OK 5.8 kB URL HTTP/1.1 pr.hot-tubs-71052.com/?backfill=0&lrt=1&KW1=V%C3%AD%C5%99ivka&KW2=Venkovni+V%C3%AD%C5%99ivka&KW3=Venkovni+Virivky&KW4=V%C3%AD%C5%99iv%C3%A9+Vany&KW5=V%C3%AD%C5%99ivka+Pro+2+Osoby&KW6=Celoro%C4%8Dn%C3%AD+V%C3%AD%C5%99ivka&domainname=0&searchbox=0&subid1=c6cd08296344c932c3463e54a31ad7035d3acd4a23235c4fef3dbc32481a7111&track_id=c6cd08296344c932c3463e54a31ad7035d3acd4a23235c4fef3dbc32481a7111&kcoptimize=1&theme=DoriPlus&vertical=Health&offer=Hot+Tubs+PR
IP
ASN #61969 Team Internet AG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1811)
Hash c553fcfe05eb116cce30d1a02e9ac9f1
5eecd3ed82f0968b4fb0bbaee88b04da9802b773
5a8f96a1e71932943a1b7c88887ad4be51960691e10fd30d437511fc5f152e58
GET /?backfill=0&lrt=1&KW1=V%C3%AD%C5%99ivka&KW2=Venkovni+V%C3%AD%C5%99ivka&KW3=Venkovni+Virivky&KW4=V%C3%AD%C5%99iv%C3%A9+Vany&KW5=V%C3%AD%C5%99ivka+Pro+2+Osoby&KW6=Celoro%C4%8Dn%C3%AD+V%C3%AD%C5%99ivka&domainname=0&searchbox=0&subid1=c6cd08296344c932c3463e54a31ad7035d3acd4a23235c4fef3dbc32481a7111&track_id=c6cd08296344c932c3463e54a31ad7035d3acd4a23235c4fef3dbc32481a7111&kcoptimize=1&theme=DoriPlus&vertical=Health&offer=Hot+Tubs+PR HTTP/1.1
Host: pr.hot-tubs-71052.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-Ch-Lifetime: 30
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Mar 2023 14:03:40 GMT
Server: nginx
Vary: Accept-Encoding
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_KvqBCDIAs+GEpY2TXjQ+rz6mWjVVkTOnJcrue4eHc8LZ9f3OFmXIIAktucOqDYmm/QUgpfxOqXb2YCw2XYnpYA==
X-Buckets: bucket077
X-Domain: hot-tubs-71052.com
X-Language: norwegian
X-Subdomain: pr
X-Template: tpl_DoriPlus_twoclick
Transfer-Encoding: chunked
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 51e95d61b93964116033d39ca29d8e87
f4b94d787ce49da21c28fe7853b1a85d2b9494dc
083c886afce548aad4f54caa7f7766e38d9376d55077d4072dbddbdafa086f85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "083C886AFCE548AAD4F54CAA7F7766E38D9376D55077D4072DBDDBDAFA086F85"
Last-Modified: Thu, 02 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11336
Expires: Fri, 03 Mar 2023 17:12:36 GMT
Date: Fri, 03 Mar 2023 14:03:40 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e0c8f2eab04f81350f4ba6bd80e97bcb
7ed111523470ff20998f330417b53a619641ac55
24feadd95e199166c4d0c14e910bb80bfe0b5272d5cebd5e1850be00fab4a562
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Mar 2023 14:03:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c5e622053810f5ffbb809def8721f2e7
a0ec04b7ad55adb13d9f46b4f1fe13aa4855a53c
2aac93f2264b10a205ae085d6bfbfb5717e3e1f77f1ee0fab010a44db60d8bb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Mar 2023 14:03:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pr.hot-tubs-71052.com/track.php?domain=hot-tubs-71052.com&toggle=browserjs&uid=MTY3Nzg1MjIyMC41ODg3OjA4ODkyZTgwOGJkZWJkNjY2Yjg1NDViMmIyNTI0MjBjYzQ2M2ZiOTU2OThmMDI5YzQ1ZjhhNWUyNWJkMmRhZTU6NjQwMWZlM2M4ZmI3OQ%3D%3D
200 OK 20 B URL HTTP/1.1 pr.hot-tubs-71052.com/track.php?domain=hot-tubs-71052.com&toggle=browserjs&uid=MTY3Nzg1MjIyMC41ODg3OjA4ODkyZTgwOGJkZWJkNjY2Yjg1NDViMmIyNTI0MjBjYzQ2M2ZiOTU2OThmMDI5YzQ1ZjhhNWUyNWJkMmRhZTU6NjQwMWZlM2M4ZmI3OQ%3D%3D
IP
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=hot-tubs-71052.com&toggle=browserjs&uid=MTY3Nzg1MjIyMC41ODg3OjA4ODkyZTgwOGJkZWJkNjY2Yjg1NDViMmIyNTI0MjBjYzQ2M2ZiOTU2OThmMDI5YzQ1ZjhhNWUyNWJkMmRhZTU6NjQwMWZlM2M4ZmI3OQ%3D%3D HTTP/1.1
Host: pr.hot-tubs-71052.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.hot-tubs-71052.com/?backfill=0&lrt=1&KW1=V%C3%AD%C5%99ivka&KW2=Venkovni+V%C3%AD%C5%99ivka&KW3=Venkovni+Virivky&KW4=V%C3%AD%C5%99iv%C3%A9+Vany&KW5=V%C3%AD%C5%99ivka+Pro+2+Osoby&KW6=Celoro%C4%8Dn%C3%AD+V%C3%AD%C5%99ivka&domainname=0&searchbox=0&subid1=c6cd08296344c932c3463e54a31ad7035d3acd4a23235c4fef3dbc32481a7111&track_id=c6cd08296344c932c3463e54a31ad7035d3acd4a23235c4fef3dbc32481a7111&kcoptimize=1&theme=DoriPlus&vertical=Health&offer=Hot+Tubs+PR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-Ch-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Mar 2023 14:03:40 GMT
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Content-Length: 20
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mCreryfgQJxjXScuPLv7KQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: arfLsvlCcPYbWhQfMEHwH7aMYJ0=
d1t9jheyiyj1h6.cloudfront.net/themes/doriplus_40a0ff4d/img/arrows.png
200 OK 11 kB URL HTTP/2 d1t9jheyiyj1h6.cloudfront.net/themes/doriplus_40a0ff4d/img/arrows.png
IP
File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Hash 0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
GET /themes/doriplus_40a0ff4d/img/arrows.png HTTP/1.1
Host: d1t9jheyiyj1h6.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.hot-tubs-71052.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 11375
server: nginx
last-modified: Thu, 23 Jun 2022 10:44:43 GMT
accept-ranges: bytes
front_end_https: on
date: Fri, 03 Mar 2023 06:00:26 GMT
etag: "62b4441b-2c6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pD6A_470Qo_2I-L1WsqWpIWMH4doKzbPjLjr1hoaE_mcR1em6D4QaQ==
age: 29084
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 376cc68c20ffb67603a7cd02031dbbac
98a271aa4dc8023a6949cc32042e79fa93e3ad62
616926a57b79cd93fd36b6dacf0f689b10f81f599113a36afc493218210d3b68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Mar 2023 14:03:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=pr.hot-tubs-71052.com&client=dp-teaminternet08_3ph&product=SAS&callback=__sasCookie
200 OK 243 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=pr.hot-tubs-71052.com&client=dp-teaminternet08_3ph&product=SAS&callback=__sasCookie
IP
File type ASCII text, with very long lines (376), with no line terminators
Hash 04c87c75b2c7b39e092f0e74a05d2f52
4a33345d6b012c74a6d2cf16ac4c0a6f63e2186c
b7b1fbf71ec1a5001616fcd0370a173de985b395e1f80e8e53da69b1f0bd0fe1
GET /gampad/cookie.js?domain=pr.hot-tubs-71052.com&client=dp-teaminternet08_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.hot-tubs-71052.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 03 Mar 2023 14:03:41 GMT
server: cafe
cache-control: private
content-length: 243
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pr.hot-tubs-71052.com/ls.php?token=4f4023c7a36b5a544f491e064a2ca512d10d1841
201 Created 16 B URL HTTP/1.1 pr.hot-tubs-71052.com/ls.php?token=4f4023c7a36b5a544f491e064a2ca512d10d1841
IP
ASN #61969 Team Internet AG
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Analyzer Verdict Alert fortinet Malware
GET /ls.php?token=4f4023c7a36b5a544f491e064a2ca512d10d1841 HTTP/1.1
Host: pr.hot-tubs-71052.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.hot-tubs-71052.com/?backfill=0&lrt=1&KW1=V%C3%AD%C5%99ivka&KW2=Venkovni+V%C3%AD%C5%99ivka&KW3=Venkovni+Virivky&KW4=V%C3%AD%C5%99iv%C3%A9+Vany&KW5=V%C3%AD%C5%99ivka+Pro+2+Osoby&KW6=Celoro%C4%8Dn%C3%AD+V%C3%AD%C5%99ivka&domainname=0&searchbox=0&subid1=c6cd08296344c932c3463e54a31ad7035d3acd4a23235c4fef3dbc32481a7111&track_id=c6cd08296344c932c3463e54a31ad7035d3acd4a23235c4fef3dbc32481a7111&kcoptimize=1&theme=DoriPlus&vertical=Health&offer=Hot+Tubs+PR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 201 Created
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-Ch-Lifetime: 30
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin:
Access-Control-Max-Age: 86400
Charset: utf-8
Content-Type: text/javascript;charset=UTF-8
Date: Fri, 03 Mar 2023 14:03:41 GMT
Server: nginx
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_IYMjT51ExhnbXdC8MXwFeOyivigAC/4tlUfRCtz/K4tzLMejGJRhzozzXOR+DT7aLEKYvz9fnitr9SizlHmWcg==
X-Log-Success: 6401fe3c68c8e4633e36ec39
Content-Length: 16
www.google.com/adsense/domains/caf.js?abp=1
200 OK 54 kB URL HTTP/2 www.google.com/adsense/domains/caf.js?abp=1
IP
Hash 101d39f98928696aff611b1f4b971563
9d4f3ddf2d2a63b34344bf846ee3092cb452097c
d0d2d35a2f231c76d2aeaa2240637289febb47d816e14a9d2d93480050c56617
GET /adsense/domains/caf.js?abp=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.hot-tubs-71052.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Fri, 03 Mar 2023 14:03:40 GMT
expires: Fri, 03 Mar 2023 14:03:40 GMT
cache-control: private, max-age=3600
etag: "9786195583487319148"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2393d19e737417f56b5042a61b7edea7
f812b40067520aa14de1a5e0ad0e414f5a3e216b
6008b465705be61a31d152a674409253005f0da99a6db5037e603d31cdedeace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Mar 2023 14:03:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2393d19e737417f56b5042a61b7edea7
f812b40067520aa14de1a5e0ad0e414f5a3e216b
6008b465705be61a31d152a674409253005f0da99a6db5037e603d31cdedeace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Mar 2023 14:03:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
200 OK 270 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash 5100391430a00e10ce60aa159f525b5c
231a4492d73b225f441b1e9028dc33c89862e498
52b1432a6e3002e41ed1d8f4c84b258fdc4c6dac863e3c0e5c06360c81be6067
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 02 Mar 2023 20:10:10 GMT
expires: Fri, 03 Mar 2023 19:10:10 GMT
cache-control: public, max-age=82800
age: 64411
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
200 OK 54 kB URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP
File type ASCII text, with very long lines (2193)
Hash 2b7c13d76c939d1ae07988e5f924257b
53e5ce048711e9bccb8f2bbce60c58c7c8ae3b27
64786f47b3c7023234b36dd204116689ac61f471a427dda19d1b672ad3970a49
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 02 Mar 2023 15:22:45 GMT
expires: Fri, 03 Mar 2023 14:22:45 GMT
cache-control: public, max-age=82800
age: 81656
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pr.hot-tubs-71052.com/favicon.ico
200 OK 0 B URL HTTP/1.1 pr.hot-tubs-71052.com/favicon.ico
IP
ASN #61969 Team Internet AG
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: pr.hot-tubs-71052.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.hot-tubs-71052.com/?backfill=0&lrt=1&KW1=V%C3%AD%C5%99ivka&KW2=Venkovni+V%C3%AD%C5%99ivka&KW3=Venkovni+Virivky&KW4=V%C3%AD%C5%99iv%C3%A9+Vany&KW5=V%C3%AD%C5%99ivka+Pro+2+Osoby&KW6=Celoro%C4%8Dn%C3%AD+V%C3%AD%C5%99ivka&domainname=0&searchbox=0&subid1=c6cd08296344c932c3463e54a31ad7035d3acd4a23235c4fef3dbc32481a7111&track_id=c6cd08296344c932c3463e54a31ad7035d3acd4a23235c4fef3dbc32481a7111&kcoptimize=1&theme=DoriPlus&vertical=Health&offer=Hot+Tubs+PR
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 0
Content-Type: image/x-icon
Date: Fri, 03 Mar 2023 14:03:41 GMT
Etag: "5ebab1f0-0"
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Server: nginx
pr.hot-tubs-71052.com/track.php?domain=hot-tubs-71052.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3Nzg1MjIyMC41ODg3OjA4ODkyZTgwOGJkZWJkNjY2Yjg1NDViMmIyNTI0MjBjYzQ2M2ZiOTU2OThmMDI5YzQ1ZjhhNWUyNWJkMmRhZTU6NjQwMWZlM2M4ZmI3OQ%3D%3D
200 OK 20 B URL HTTP/1.1 pr.hot-tubs-71052.com/track.php?domain=hot-tubs-71052.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3Nzg1MjIyMC41ODg3OjA4ODkyZTgwOGJkZWJkNjY2Yjg1NDViMmIyNTI0MjBjYzQ2M2ZiOTU2OThmMDI5YzQ1ZjhhNWUyNWJkMmRhZTU6NjQwMWZlM2M4ZmI3OQ%3D%3D
IP
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=hot-tubs-71052.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3Nzg1MjIyMC41ODg3OjA4ODkyZTgwOGJkZWJkNjY2Yjg1NDViMmIyNTI0MjBjYzQ2M2ZiOTU2OThmMDI5YzQ1ZjhhNWUyNWJkMmRhZTU6NjQwMWZlM2M4ZmI3OQ%3D%3D HTTP/1.1
Host: pr.hot-tubs-71052.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.hot-tubs-71052.com/?backfill=0&lrt=1&KW1=V%C3%AD%C5%99ivka&KW2=Venkovni+V%C3%AD%C5%99ivka&KW3=Venkovni+Virivky&KW4=V%C3%AD%C5%99iv%C3%A9+Vany&KW5=V%C3%AD%C5%99ivka+Pro+2+Osoby&KW6=Celoro%C4%8Dn%C3%AD+V%C3%AD%C5%99ivka&domainname=0&searchbox=0&subid1=c6cd08296344c932c3463e54a31ad7035d3acd4a23235c4fef3dbc32481a7111&track_id=c6cd08296344c932c3463e54a31ad7035d3acd4a23235c4fef3dbc32481a7111&kcoptimize=1&theme=DoriPlus&vertical=Health&offer=Hot+Tubs+PR
Cookie: __gsas=ID=8eb515b4c308e5f7:T=1677852221:S=ALNI_MYt3NusuM8ss6vBax51kjS8Ud-d5A
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-Ch-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Mar 2023 14:03:41 GMT
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: answercheck
Content-Length: 20
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2393d19e737417f56b5042a61b7edea7
f812b40067520aa14de1a5e0ad0e414f5a3e216b
6008b465705be61a31d152a674409253005f0da99a6db5037e603d31cdedeace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Mar 2023 14:03:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pr.hot-tubs-71052.com/track.php?toggle=adloaded&uid=MTY3Nzg1MjIyMC41ODg3OjA4ODkyZTgwOGJkZWJkNjY2Yjg1NDViMmIyNTI0MjBjYzQ2M2ZiOTU2OThmMDI5YzQ1ZjhhNWUyNWJkMmRhZTU6NjQwMWZlM2M4ZmI3OQ%3D%3D&domain=hot-tubs-71052.com&data=%7B%22containerName%22%3A%22tc%22%2C%22adsLoaded%22%3Atrue%2C%22callbackOptions%22%3A%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-teaminternet08_3ph%22%2C%22adult%22%3Afalse%7D%2C%22termPositions%22%3A%7B%22Celoro%C4%8Dn%C3%AD%20V%C3%AD%C5%99ivka%22%3A0%2C%22V%C3%AD%C5%99iv%C3%A9%20Vany%22%3A1%2C%22Venkovni%20Virivky%22%3A2%2C%22Venkovni%20V%C3%AD%C5%99ivka%22%3A3%7D%7D%2C%22terms%22%3A%22V%C3%AD%C5%99ivka%2CVenkovni%20V%C3%AD%C5%99ivka%2CVenkovni%20Virivky%2CV%C3%AD%C5%99iv%C3%A9%20Vany%2CV%C3%AD%C5%99ivka%20Pro%202%20Osoby%2CCeloro%C4%8Dn%C3%AD%20V%C3%AD%C5%99ivka%22%7D
200 OK 20 B URL HTTP/1.1 pr.hot-tubs-71052.com/track.php?toggle=adloaded&uid=MTY3Nzg1MjIyMC41ODg3OjA4ODkyZTgwOGJkZWJkNjY2Yjg1NDViMmIyNTI0MjBjYzQ2M2ZiOTU2OThmMDI5YzQ1ZjhhNWUyNWJkMmRhZTU6NjQwMWZlM2M4ZmI3OQ%3D%3D&domain=hot-tubs-71052.com&data=%7B%22containerName%22%3A%22tc%22%2C%22adsLoaded%22%3Atrue%2C%22callbackOptions%22%3A%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-teaminternet08_3ph%22%2C%22adult%22%3Afalse%7D%2C%22termPositions%22%3A%7B%22Celoro%C4%8Dn%C3%AD%20V%C3%AD%C5%99ivka%22%3A0%2C%22V%C3%AD%C5%99iv%C3%A9%20Vany%22%3A1%2C%22Venkovni%20Virivky%22%3A2%2C%22Venkovni%20V%C3%AD%C5%99ivka%22%3A3%7D%7D%2C%22terms%22%3A%22V%C3%AD%C5%99ivka%2CVenkovni%20V%C3%AD%C5%99ivka%2CVenkovni%20Virivky%2CV%C3%AD%C5%99iv%C3%A9%20Vany%2CV%C3%AD%C5%99ivka%20Pro%202%20Osoby%2CCeloro%C4%8Dn%C3%AD%20V%C3%AD%C5%99ivka%22%7D
IP
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?toggle=adloaded&uid=MTY3Nzg1MjIyMC41ODg3OjA4ODkyZTgwOGJkZWJkNjY2Yjg1NDViMmIyNTI0MjBjYzQ2M2ZiOTU2OThmMDI5YzQ1ZjhhNWUyNWJkMmRhZTU6NjQwMWZlM2M4ZmI3OQ%3D%3D&domain=hot-tubs-71052.com&data=%7B%22containerName%22%3A%22tc%22%2C%22adsLoaded%22%3Atrue%2C%22callbackOptions%22%3A%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-teaminternet08_3ph%22%2C%22adult%22%3Afalse%7D%2C%22termPositions%22%3A%7B%22Celoro%C4%8Dn%C3%AD%20V%C3%AD%C5%99ivka%22%3A0%2C%22V%C3%AD%C5%99iv%C3%A9%20Vany%22%3A1%2C%22Venkovni%20Virivky%22%3A2%2C%22Venkovni%20V%C3%AD%C5%99ivka%22%3A3%7D%7D%2C%22terms%22%3A%22V%C3%AD%C5%99ivka%2CVenkovni%20V%C3%AD%C5%99ivka%2CVenkovni%20Virivky%2CV%C3%AD%C5%99iv%C3%A9%20Vany%2CV%C3%AD%C5%99ivka%20Pro%202%20Osoby%2CCeloro%C4%8Dn%C3%AD%20V%C3%AD%C5%99ivka%22%7D HTTP/1.1
Host: pr.hot-tubs-71052.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.hot-tubs-71052.com/?backfill=0&lrt=1&KW1=V%C3%AD%C5%99ivka&KW2=Venkovni+V%C3%AD%C5%99ivka&KW3=Venkovni+Virivky&KW4=V%C3%AD%C5%99iv%C3%A9+Vany&KW5=V%C3%AD%C5%99ivka+Pro+2+Osoby&KW6=Celoro%C4%8Dn%C3%AD+V%C3%AD%C5%99ivka&domainname=0&searchbox=0&subid1=c6cd08296344c932c3463e54a31ad7035d3acd4a23235c4fef3dbc32481a7111&track_id=c6cd08296344c932c3463e54a31ad7035d3acd4a23235c4fef3dbc32481a7111&kcoptimize=1&theme=DoriPlus&vertical=Health&offer=Hot+Tubs+PR
Cookie: __gsas=ID=8eb515b4c308e5f7:T=1677852221:S=ALNI_MYt3NusuM8ss6vBax51kjS8Ud-d5A
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-Ch-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Mar 2023 14:03:41 GMT
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: adloaded
Content-Length: 20
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0880782ffbede81650c9d4a97c298bdf
0e35c0d6cba0bef0b9eeb039ebc9104b39b24e2e
77e1a8623eeadfa78646a661f4541b47b8f0a4ac6ad73825ce3a43fc57c21cd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77E1A8623EEADFA78646A661F4541B47B8F0A4AC6AD73825CE3A43FC57C21CD1"
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9144
Expires: Fri, 03 Mar 2023 16:36:06 GMT
Date: Fri, 03 Mar 2023 14:03:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0880782ffbede81650c9d4a97c298bdf
0e35c0d6cba0bef0b9eeb039ebc9104b39b24e2e
77e1a8623eeadfa78646a661f4541b47b8f0a4ac6ad73825ce3a43fc57c21cd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77E1A8623EEADFA78646A661F4541B47B8F0A4AC6AD73825CE3A43FC57C21CD1"
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9144
Expires: Fri, 03 Mar 2023 16:36:06 GMT
Date: Fri, 03 Mar 2023 14:03:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0880782ffbede81650c9d4a97c298bdf
0e35c0d6cba0bef0b9eeb039ebc9104b39b24e2e
77e1a8623eeadfa78646a661f4541b47b8f0a4ac6ad73825ce3a43fc57c21cd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77E1A8623EEADFA78646A661F4541B47B8F0A4AC6AD73825CE3A43FC57C21CD1"
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9144
Expires: Fri, 03 Mar 2023 16:36:06 GMT
Date: Fri, 03 Mar 2023 14:03:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecd5f51d-c165-4228-b31e-35e9516c7ad5.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecd5f51d-c165-4228-b31e-35e9516c7ad5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7b980c564a4ca7c7b68c4716e2398db
e2b327c261d113b17053f475f2d4ef06fe5fb770
478886f4d7ac80275da33753926320384665b246f85ede4c2547aba2f724e97e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecd5f51d-c165-4228-b31e-35e9516c7ad5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10504
x-amzn-requestid: ee0a1e46-71ea-4647-ba9b-b350c7ca2ad0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BLCyvEy5oAMF8NQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64011811-7f3cecd06abd02671a7af460;Sampled=0
x-amzn-remapped-date: Thu, 02 Mar 2023 21:41:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: JHTbysB2kG3MJz7_r7K3xo8C3w5P4U8Iv6ZVNpicDLcRJK4hSw1KrA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Mar 2023 22:10:05 GMT
etag: "e2b327c261d113b17053f475f2d4ef06fe5fb770"
content-type: image/jpeg
age: 57217
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdba647c7-b8d3-4043-b8c8-caba179b5589.jpeg
200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdba647c7-b8d3-4043-b8c8-caba179b5589.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6c6971746047136e4cbf0dd381a2bf1
07cb3900b31e286c0ee6ef4e6344969a5ad893b4
4f35efad14bd441063c58fff5a44e05a9497c91266ff5b4c48a9386288bbc886
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdba647c7-b8d3-4043-b8c8-caba179b5589.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4371
x-amzn-requestid: 4996a003-e275-4edb-a0a3-f5d7e72cd1ce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BLChFE_NoAMFYPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640117a0-31d3ea3b1e196aaa372dd016;Sampled=0
x-amzn-remapped-date: Thu, 02 Mar 2023 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 6TMBH_aSock0V22r3Xt99HQs1N7qY65SsSyiYPrtXYAPW-l3d3lC7g==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 3aed32068dbe2f7fb3a27284c9c26498.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Mar 2023 21:54:35 GMT
age: 58147
etag: "07cb3900b31e286c0ee6ef4e6344969a5ad893b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg
200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4726917eabc29a977873ad26e264e70d
4619a0418ee08d6618ead537f31823c98f355b5a
d3c6b43d46ccff30f0003a063b6c4c78d4a782262bfdeb138e6c015555ce2dcb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3381
x-amzn-requestid: 8b89e7ab-b8b3-45cd-af3a-cc419e61f1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A-PNPFynoAMFn8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fbf8ba-616bedc230d1c2b13a09beae;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 00:26:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 7f5O-v2e1_OXVVveu0_kNtjOTnUAC5shUmd4JejtlrnliJsxeitcYA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Mar 2023 07:15:41 GMT
age: 24481
etag: "4619a0418ee08d6618ead537f31823c98f355b5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc81172d5-849a-4947-895d-7b645a656f98.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc81172d5-849a-4947-895d-7b645a656f98.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c627140fb587a52035e07a0e4849aa4
0fda39fd9db63f210a73fe14d6cb445d877303f1
ef144a10c04afa87fe3ae0c30906495f42b87678d6a5bab9ac934e8425d8ced3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc81172d5-849a-4947-895d-7b645a656f98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9043
x-amzn-requestid: b198e6ac-b731-4300-ba73-0dae7c426334
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BLC6CHbBIAMF59w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6401183f-4e716af671ac66683937eaca;Sampled=0
x-amzn-remapped-date: Thu, 02 Mar 2023 21:42:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: YD6GO0_TJOT0OzkJ3jEz4PUuk2oIZ-JrwBZDbI5wWTA0iEdUsLy6ew==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 9adef5b1c5fc9ca80d6f4f8d19e103a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Mar 2023 22:10:05 GMT
etag: "0fda39fd9db63f210a73fe14d6cb445d877303f1"
content-type: image/jpeg
age: 57217
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cb94071-e9a3-41a5-a749-2673fe94c69d.jpeg
200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cb94071-e9a3-41a5-a749-2673fe94c69d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0434a796c70c1df5c82845eb5b19b8cb
0c84cf11487867cc6b9f955b12de4d6199804e4d
c43e2da686b91d44e8a619413c5439973246ce31722745d96c0a6a6286dad155
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cb94071-e9a3-41a5-a749-2673fe94c69d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9807
x-amzn-requestid: f855150d-9f03-40a3-a425-0704a4334db1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BLC6uFzSoAMFzWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64011844-3db631d0459704b904a0701a;Sampled=0
x-amzn-remapped-date: Thu, 02 Mar 2023 21:42:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: vViNho1i2pxmYwxrCV7xa2XXMeqb_PJDS2aYrl0lEYEQOZmv8fR_0A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Mar 2023 22:13:48 GMT
age: 56994
etag: "0c84cf11487867cc6b9f955b12de4d6199804e4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080edfd7-ca45-4d02-a82e-695dc100f1bc.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080edfd7-ca45-4d02-a82e-695dc100f1bc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9562ddfb26d6176ec12e8e71cc55895c
86bd68def54b0b50e6f728690b2ddf08f858bc33
b51ad98c7c8cb4b2be7af430f4a5963457661d4f13e8029a4bb2cd2ebeb00498
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F080edfd7-ca45-4d02-a82e-695dc100f1bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: d9b61fbe-db88-4902-92d2-b3d97bd7be88
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BLCh4FTuoAMFeIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640117a5-4ced7773195e43cd4c4f8e25;Sampled=0
x-amzn-remapped-date: Thu, 02 Mar 2023 21:39:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 2KexfhAKjKH-mpGBSN3EiemXuGjVsHTfT8--Kb12Bb5cQpN_aeoC8A==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Mar 2023 22:07:31 GMT
age: 57371
etag: "86bd68def54b0b50e6f728690b2ddf08f858bc33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
54.230.111.55
23.36.77.32
185.53.179.92
0.0.0.0