firefox.settings.services.mozilla.com/v1/
65.9.86.68200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 65.9.86.68:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 20:16:50 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: wscGSmsjR2D4Qx8oZBbAfuqRbkoF3onDwHOBTslu1nzae7dosq2ftQ==
Age: 3420
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 24cdc937930ac2ef9c8f46ba1deabcc5
397417929951bf20f235d5f91510163ac213dc71
eb128aec099dbf1919ee5d965221e904ad3a2162583683cec44518640b505447
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB128AEC099DBF1919EE5D965221E904AD3A2162583683CEC44518640B505447"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2168
Expires: Sun, 02 Oct 2022 21:49:58 GMT
Date: Sun, 02 Oct 2022 21:13:50 GMT
Connection: keep-alive
tusegurocontodo.pe/registro/2
201.234.76.214301 Moved Permanently 178 B URL HTTP/1.1 tusegurocontodo.pe/registro/2
IP 201.234.76.214:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Phishing
GET /registro/2 HTTP/1.1
Host: tusegurocontodo.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
server: nginx
date: Sun, 02 Oct 2022 21:13:50 GMT
content-type: text/html
content-length: 178
location: https://tusegurocontodo.pe/registro/2
content-security-policy: frame-ancestors 'self'
permissions-policy: geolocation=(*)
strict-transport-security: max-age=63072000 ; incluideSubDomains ; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
pragma: no-cache
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
65.9.86.112200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 65.9.86.112:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 b75b06741e5146585057681bd60737b2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: LDVGqIejIZf40ZcgVbH9F_G2KugLSqac9MsOw_qEwhinhDhZtWheJA==
age: 56724
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:13:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
65.9.86.68200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 65.9.86.68:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 20:29:34 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 20:57:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: LkJGG_MGfHV7xJWiwk6mMPDou8uWyOY8sfKsRBHahdIarsovU25dqw==
Age: 2658
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 493ca01d10ddf53c28d5c250a2345128
01f7f82f872aa3401fc5975e931146113fb57063
82cd78d5353defc12c71f6c83a172c4054ae9a90a868b77db31f461df1c32a00
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "82CD78D5353DEFC12C71F6C83A172C4054AE9A90A868B77DB31F461DF1C32A00"
Last-Modified: Sun, 02 Oct 2022 20:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3517
Expires: Sun, 02 Oct 2022 22:12:28 GMT
Date: Sun, 02 Oct 2022 21:13:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5711
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:13:51 GMT
Last-Modified: Sun, 02 Oct 2022 19:38:40 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
tusegurocontodo.pe/registro/2
201.234.76.214200 OK 961 B URL HTTP/2 tusegurocontodo.pe/registro/2
IP 201.234.76.214:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (959), with no line terminators
Hash 4c3d0899e9bbed48459ec9ef3a83fbbc
b62f2cc2398882349abfc0e60d9cc1afed339d2a
7a7f8fbf908fe88c3fd1c25bad9a6836160e629ccf5ed356b5b848c6e7ed1927
Analyzer Verdict Alert fortinet Phishing
GET /registro/2 HTTP/1.1
Host: tusegurocontodo.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:13:51 GMT
content-type: text/html
content-length: 961
last-modified: Sat, 01 Oct 2022 00:40:44 GMT
etag: "63378c8c-3c1"
content-security-policy: frame-ancestors 'self'
permissions-policy: geolocation=(*)
strict-transport-security: max-age=63072000 ; incluideSubDomains ; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
pragma: no-cache
accept-ranges: bytes
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
104.17.25.14200 OK 17 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65317)
Hash be9aeb2a05f665e3606faf11c09b542f
5644d0bd4e12fdfb7235166d2883fc7acd0a2c5b
13ace8ab3d9e2cbaf3fe1768b9ba1fc5313a5541607b4c07121c0abbb7fadfae
GET /ajax/libs/font-awesome/6.1.1/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 21:13:51 GMT
content-type: text/css; charset=utf-8
content-length: 17041
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "623a082a-4291"
last-modified: Tue, 22 Mar 2022 17:32:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 412392
expires: Fri, 22 Sep 2023 21:13:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNAL4fqPKQxMuxdyYxCqSrQnj8DJ0BVwkMGt%2BNpQURqx1r5WrP9ZkMzC%2Bd%2BoS9vpK2Po%2F9ePvMLG5JNSgFr%2B8NSQC64cqUBOYuVSbaLSJWVYwNnA7XgagctLaTZx882rML9F6Hal"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 754071c3d882b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.43.58.150101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.58.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rULDAoYx7zddRmMnmvftHw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I4mT+2q5ayb7NxTblJWFGnspIpM=
tusegurocontodo.pe/static/css/main.c43a71e6.css
201.234.76.214200 OK 23 kB URL HTTP/2 tusegurocontodo.pe/static/css/main.c43a71e6.css
IP 201.234.76.214:0
Hash a983a014f2377427a624dcdd49182d47
b6773510c03f5874d0dba82c1652b19920ef3a7d
436e809b81e5d7a791736db33ec81ec0aeb963fa0cb53bbcc7af858e0406e90c
GET /static/css/main.c43a71e6.css HTTP/1.1
Host: tusegurocontodo.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:13:52 GMT
content-type: text/css
last-modified: Sat, 01 Oct 2022 00:40:44 GMT
vary: Accept-Encoding
etag: W/"63378c8c-1cada"
content-security-policy: frame-ancestors 'self'
permissions-policy: geolocation=(*)
strict-transport-security: max-age=63072000 ; incluideSubDomains ; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
tusegurocontodo.pe/static/js/main.eb24290e.js
201.234.76.214200 OK 286 kB URL HTTP/2 tusegurocontodo.pe/static/js/main.eb24290e.js
IP 201.234.76.214:0
Size 286 kB (286124 bytes)
Hash 42e4f1e008d3cacba71f2159c9f35602
0437822568cf7db7af022d097089962394c6bbeb
4a06c6c3fd425a9c6126b8c60dd08d93ed6e1ab605ea0e4f4dfb6612876480a1
Analyzer Verdict Alert fortinet Phishing
GET /static/js/main.eb24290e.js HTTP/1.1
Host: tusegurocontodo.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:13:52 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 01:48:19 GMT
vary: Accept-Encoding
etag: W/"63379c63-1096aa"
content-security-policy: frame-ancestors 'self'
permissions-policy: geolocation=(*)
strict-transport-security: max-age=63072000 ; incluideSubDomains ; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8802
Expires: Sun, 02 Oct 2022 23:40:35 GMT
Date: Sun, 02 Oct 2022 21:13:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8802
Expires: Sun, 02 Oct 2022 23:40:35 GMT
Date: Sun, 02 Oct 2022 21:13:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edded48f558f739287a040151349ef67
d63b6ba630736d32c364b0e6a369274b2389b7ff
33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
content-type: image/jpeg
age: 84018
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 463bdcfbec5426e18ecef83b1c373b71
2e533332ee5c49143e58dad32ee3717a39179532
2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:54:45 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
content-type: image/jpeg
age: 83948
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef85af3ef63e35a54bc15fbca5d7236b
e06bd8868eff8c42f5d2e2deec9a361170c8d3ea
0291104bb66ac4849ac5fd433fdf9cbbc7f4a2fcaa1f137aca08be2a4878f54c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7314
x-amzn-requestid: ba9e3b47-d9dd-49c1-9645-bac582351957
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpnGqOoAMFUTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-0604dff004a5f6364f0fe11c;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YIlHaBRTk6SiYb8HYfirSHj_stXgWp455OC-J5mRoKH0r42pn9mNeQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:36 GMT
etag: "e06bd8868eff8c42f5d2e2deec9a361170c8d3ea"
content-type: image/jpeg
age: 84017
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9dddb9d84a16a3004821d89836b83dc3
087521979efd5936416fd7f030779fa5725f0a8f
a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
age: 84018
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11f2e40823827b62bca89d18ee279cb2
fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38
c7811cb947483a033f31ff1e93b813f1bbc49b03ed78fcedab2090c71e5c4d1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: e83a86d3-f5ab-4645-92df-4b2da3d4afa3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDgmFdlIAMFzQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2d0-48c3fa150800475c790b95bd;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: f1aqkuvCub_vq9gBDgA4VL8hNf16FXzXhQjSHC1yDLISm85uOqJF9w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:54:50 GMT
etag: "fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38"
content-type: image/jpeg
age: 83943
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:39 GMT
age: 59534
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-PCB26S>m_auth=>m_preview=>m_cookies_win=x
142.250.74.168200 OK 66 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PCB26S>m_auth=>m_preview=>m_cookies_win=x
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (10062)
Hash f57d01f9bd5393ddaccc09de543f3dfa
d00737f60d8d7b88ece1a1a981630629684c53c5
8bf19e2a5e6cb4598911c722bc073c9ceff1d1488a4f47753a83f72cf284e987
GET /gtm.js?id=GTM-PCB26S>m_auth=>m_preview=>m_cookies_win=x HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 21:13:53 GMT
expires: Sun, 02 Oct 2022 21:13:53 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 65890
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tusegurocontodo.pe/assets/img/img_logo_cardif.png
201.234.76.214200 OK 2.2 kB URL HTTP/2 tusegurocontodo.pe/assets/img/img_logo_cardif.png
IP 201.234.76.214:0
File type PNG image data, 89 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash d0cc56c4ba09932f862a566c7d0f8a61
e5193639064f03219acaa1a5ba281d4550269be3
6c1c1840fe7583f5959342066e679a1c7099ef2c10bbf3259bd1c6879bfec381
GET /assets/img/img_logo_cardif.png HTTP/1.1
Host: tusegurocontodo.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:13:53 GMT
content-type: image/png
last-modified: Tue, 27 Sep 2022 23:59:56 GMT
vary: Accept-Encoding
etag: W/"63338e7c-88f"
content-security-policy: frame-ancestors 'self'
permissions-policy: geolocation=(*)
strict-transport-security: max-age=63072000 ; incluideSubDomains ; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
tusegurocontodo.pe/assets/img/ico_sello_transparencia.png
201.234.76.214200 OK 1.5 kB URL HTTP/2 tusegurocontodo.pe/assets/img/ico_sello_transparencia.png
IP 201.234.76.214:0
File type PNG image data, 55 x 56, 8-bit colormap, non-interlaced\012- data
Hash 86b982db71015cf06e57bf0decc2f2c9
19abf849fc2e05283ab185000ca1bb1a25aeb637
fb36e5951c86b2decdc681465ea5ed3aaeb5ee115e58138b5e23582ef35575ff
GET /assets/img/ico_sello_transparencia.png HTTP/1.1
Host: tusegurocontodo.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:13:53 GMT
content-type: image/png
last-modified: Tue, 27 Sep 2022 23:59:56 GMT
vary: Accept-Encoding
etag: W/"63338e7c-5dd"
content-security-policy: frame-ancestors 'self'
permissions-policy: geolocation=(*)
strict-transport-security: max-age=63072000 ; incluideSubDomains ; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
65.9.84.191200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 65.9.84.191:0
Hash 6289bd1c60e1a56589cd90e2d5c7ecc5
2c3bc2a247e94c05230f3d8196b1983f98679d96
1c928e34c5106ed4caff944805e99cfd9bbc89c350d3ca08a5d1d5e4ca368d6d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 21:13:53 GMT
Last-Modified: Sun, 02 Oct 2022 19:39:06 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: bfhqJrgKD5TPx1GLZv9rkLpQTjOLBSDqrC0aJRn0YRQPSEDzs77lNg==
Age: 5687
tusegurocontodo.pe/assets/img/img_logo_crediscotia.png
201.234.76.214200 OK 32 kB URL HTTP/2 tusegurocontodo.pe/assets/img/img_logo_crediscotia.png
IP 201.234.76.214:0
Hash 8ccf9a2912a7bd196f9ca497e041f3ed
97cab9028d9586b4ed6fba5b0ee5a4c58dc4fb4d
801827056fa02d69c9fcec1a43b975f6b9e54268c40ab5fe85a10deea06ebf13
GET /assets/img/img_logo_crediscotia.png HTTP/1.1
Host: tusegurocontodo.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:13:53 GMT
content-type: image/png
last-modified: Tue, 27 Sep 2022 23:59:56 GMT
vary: Accept-Encoding
etag: W/"63338e7c-dfc"
content-security-policy: frame-ancestors 'self'
permissions-policy: geolocation=(*)
strict-transport-security: max-age=63072000 ; incluideSubDomains ; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
tusegurocontodo.pe/static/media/Scotia_Rg.c77522745e76bf53976e.ttf
201.234.76.214200 OK 58 kB URL HTTP/2 tusegurocontodo.pe/static/media/Scotia_Rg.c77522745e76bf53976e.ttf
IP 201.234.76.214:0
File type TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 26 names, Macintosh, \251 Copyright 2019, The Bank of Nova Scotia. Modification of this file requires prior written p\012- data
Hash be62cc1dbda3f06dcd6cdb1280b6a2a8
1481c96e86e7a4218c745234b0b5f39f77c431de
af207e728ab821769bffce4ab53fccb8057f457a655a24b122b984d2ce194682
Analyzer Verdict Alert fortinet Phishing
GET /static/media/Scotia_Rg.c77522745e76bf53976e.ttf HTTP/1.1
Host: tusegurocontodo.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:13:53 GMT
content-type: application/octet-stream
content-length: 58492
last-modified: Sat, 01 Oct 2022 00:40:44 GMT
etag: "63378c8c-e47c"
content-security-policy: frame-ancestors 'self'
permissions-policy: geolocation=(*)
strict-transport-security: max-age=63072000 ; incluideSubDomains ; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
pragma: no-cache
accept-ranges: bytes
X-Firefox-Spdy: h2
tusegurocontodo.pe/static/media/Scotia_Bd.b3d458926d402b21477e.ttf
201.234.76.214200 OK 58 kB URL HTTP/2 tusegurocontodo.pe/static/media/Scotia_Bd.b3d458926d402b21477e.ttf
IP 201.234.76.214:0
File type TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 26 names, Macintosh, \251 Copyright 2019, The Bank of Nova Scotia. Modification of this file requires prior written p\012- data
Hash c78152fce901caf539608a3f27082765
05eefadb435664ce77c6f95e977017fccf659843
2182e2a5a8b35ecbb114f8eaf8a69afd8683eee7cfd1d0f5b495173f96e9cdfa
Analyzer Verdict Alert fortinet Phishing
GET /static/media/Scotia_Bd.b3d458926d402b21477e.ttf HTTP/1.1
Host: tusegurocontodo.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:13:53 GMT
content-type: application/octet-stream
content-length: 58032
last-modified: Sat, 01 Oct 2022 00:40:44 GMT
etag: "63378c8c-e2b0"
content-security-policy: frame-ancestors 'self'
permissions-policy: geolocation=(*)
strict-transport-security: max-age=63072000 ; incluideSubDomains ; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
pragma: no-cache
accept-ranges: bytes
X-Firefox-Spdy: h2
tusegurocontodo.pe/static/media/Scotia_Headline.80aad6e4f154cea5df0f.ttf
201.234.76.214200 OK 61 kB URL HTTP/2 tusegurocontodo.pe/static/media/Scotia_Headline.80aad6e4f154cea5df0f.ttf
IP 201.234.76.214:0
File type TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 30 names, Macintosh, \251 Copyright 2019, The Bank of Nova Scotia. Modification of this file requires prior written p\012- data
Hash 3beb51b860d5f743d6442213d0ef98bf
edf54d86035d7c63fc3f69dae8caf70712b28631
25044b5768e675884ace3cbce205e4ee3aa60801c29b6d3ae55419e6b7d91f8b
Analyzer Verdict Alert fortinet Phishing
GET /static/media/Scotia_Headline.80aad6e4f154cea5df0f.ttf HTTP/1.1
Host: tusegurocontodo.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:13:53 GMT
content-type: application/octet-stream
content-length: 60780
last-modified: Sat, 01 Oct 2022 00:40:44 GMT
etag: "63378c8c-ed6c"
content-security-policy: frame-ancestors 'self'
permissions-policy: geolocation=(*)
strict-transport-security: max-age=63072000 ; incluideSubDomains ; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
pragma: no-cache
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 50366815306618737b22afb3327c4db9
d362647235cb883e1a58b6d4d6e6144813667119
8b8aa0dbd637f517324351c700f038a94fc87f5444576c337f2e7c6d860e2c50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/gtm/optimize.js?id=OPT-KNP9PKB
142.250.74.174200 OK 43 kB URL HTTP/2 www.google-analytics.com/gtm/optimize.js?id=OPT-KNP9PKB
IP 142.250.74.174:0
File type ASCII text, with very long lines (2039)
Hash d53bc20e0d27373944c90a925805884b
871d7721aaa6f277e34c7d708919dc0b0774ce50
ec5ae146b7557c7657ce313b83d33da00eaa08eddc17a6d5ee371beb3facc440
GET /gtm/optimize.js?id=OPT-KNP9PKB HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 21:13:53 GMT
expires: Sun, 02 Oct 2022 21:13:53 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42676
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tusegurocontodo.pe/assets/img/img_thumb_4.jpg
201.234.76.214200 OK 54 kB URL HTTP/2 tusegurocontodo.pe/assets/img/img_thumb_4.jpg
IP 201.234.76.214:0
Hash 977b33b996dcaaad29e202b97c4c0e2a
2861f5b28a71cd1105b8d819e010e2136aa84904
d95adfc4065eb159f83df81930afccd1f65f2e88c0e0e74d659d39c907d77001
GET /assets/img/img_thumb_4.jpg HTTP/1.1
Host: tusegurocontodo.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:13:53 GMT
content-type: image/jpeg
last-modified: Tue, 27 Sep 2022 23:59:56 GMT
vary: Accept-Encoding
etag: W/"63338e7c-d32e"
content-security-policy: frame-ancestors 'self'
permissions-policy: geolocation=(*)
strict-transport-security: max-age=63072000 ; incluideSubDomains ; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 50366815306618737b22afb3327c4db9
d362647235cb883e1a58b6d4d6e6144813667119
8b8aa0dbd637f517324351c700f038a94fc87f5444576c337f2e7c6d860e2c50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tusegurocontodo.pe/assets/img/img_thumb_6.jpg
201.234.76.214200 OK 101 kB URL HTTP/2 tusegurocontodo.pe/assets/img/img_thumb_6.jpg
IP 201.234.76.214:0
Size 101 kB (101152 bytes)
Hash 1b330ca47bd71267b18e18757c46ec0b
640994d936272c685f42e262986c1c64f1d7bda6
c39c6fc81d4b255bb9bf2d574a0279f43e725bda95e6e7c7895da2276c373a7c
GET /assets/img/img_thumb_6.jpg HTTP/1.1
Host: tusegurocontodo.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:13:53 GMT
content-type: image/jpeg
last-modified: Tue, 27 Sep 2022 23:59:56 GMT
vary: Accept-Encoding
etag: W/"63338e7c-18adf"
content-security-policy: frame-ancestors 'self'
permissions-policy: geolocation=(*)
strict-transport-security: max-age=63072000 ; incluideSubDomains ; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-169891887-1&cid=127124388.1664745233&jid=1712229137&gjid=2082309259&_gid=95381397.1664745234&_u=YCDAgEABQAAAAE~&z=213897245
74.125.131.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-169891887-1&cid=127124388.1664745233&jid=1712229137&gjid=2082309259&_gid=95381397.1664745234&_u=YCDAgEABQAAAAE~&z=213897245
IP 74.125.131.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-169891887-1&cid=127124388.1664745233&jid=1712229137&gjid=2082309259&_gid=95381397.1664745234&_u=YCDAgEABQAAAAE~&z=213897245 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://tusegurocontodo.pe
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://tusegurocontodo.pe
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 02 Oct 2022 21:13:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tusegurocontodo.pe/assets/img/img_thumb_2.jpg
201.234.76.214200 OK 115 kB URL HTTP/2 tusegurocontodo.pe/assets/img/img_thumb_2.jpg
IP 201.234.76.214:0
Size 115 kB (114661 bytes)
Hash be410b9d79dae1a1e7acfead6e2db02c
395c06c2746671e4cada73acfe0e696b7380fe8f
664986d65adfb4edd55b264bd30f0ecec81589d2f8b907bbce1e4d5259b2ace3
GET /assets/img/img_thumb_2.jpg HTTP/1.1
Host: tusegurocontodo.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:13:53 GMT
content-type: image/jpeg
last-modified: Tue, 27 Sep 2022 23:59:56 GMT
vary: Accept-Encoding
etag: W/"63338e7c-1b927"
content-security-policy: frame-ancestors 'self'
permissions-policy: geolocation=(*)
strict-transport-security: max-age=63072000 ; incluideSubDomains ; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-R2K96GJ6LH>m=2oe9s0&_p=2080005406&_gaz=1&cid=127124388.1664745233&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664745233&sct=1&seg=0&dl=https%3A%2F%2Ftusegurocontodo.pe%2Fregistro%2F2&dt=Bienvenido%20a%20tu%20Seguro%20BNP%20Paribas%20Cardif&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-R2K96GJ6LH>m=2oe9s0&_p=2080005406&_gaz=1&cid=127124388.1664745233&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664745233&sct=1&seg=0&dl=https%3A%2F%2Ftusegurocontodo.pe%2Fregistro%2F2&dt=Bienvenido%20a%20tu%20Seguro%20BNP%20Paribas%20Cardif&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R2K96GJ6LH>m=2oe9s0&_p=2080005406&_gaz=1&cid=127124388.1664745233&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664745233&sct=1&seg=0&dl=https%3A%2F%2Ftusegurocontodo.pe%2Fregistro%2F2&dt=Bienvenido%20a%20tu%20Seguro%20BNP%20Paribas%20Cardif&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: null
date: Sun, 02 Oct 2022 21:13:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
script.hotjar.com/modules.61e17720cf639c3e96a7.js
65.9.86.102200 OK 66 kB URL HTTP/2 script.hotjar.com/modules.61e17720cf639c3e96a7.js
IP 65.9.86.102:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash ca82760cd662a268a9b556ae44a96740
7d7e28b6029ab3449f2183a73b8f0dbb93dd9386
0e98f16bb4945f08b2f0e9be3108864e2f2db7ed792bc9049404cac6038d75d3
GET /modules.61e17720cf639c3e96a7.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 66156
date: Fri, 30 Sep 2022 07:19:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "ca82760cd662a268a9b556ae44a96740"
last-modified: Fri, 30 Sep 2022 07:18:43 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: MBBQ4y2Nggsqz5PADaMFGDHuKqpCx-b9Cgeavl_zR9UZQjVJehdmkg==
age: 222888
X-Firefox-Spdy: h2
vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
65.9.86.62200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
IP 65.9.86.62:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2431), with no line terminators
Hash f6a9ca04b0687ea3c0d98e8430c8c77b
35503b2deb23091a9a9c6c68d4020dbdf879588e
8e4328ecb6b395499567369e3c227231dbdaf361f43ce315934d7a2a3abbed41
GET /box-69edcc3187336f9b0a3fbb4c73be9fe6.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1044
date: Wed, 07 Sep 2022 09:17:07 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: P2C5gc8L_zb8DbXWDgUox7MwemDxomCCLVEAJVI7k9pSK-K6V_y4fw==
age: 2203007
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53aa134dc3b33b709b6ccf39e549055f
2e85a28ef73d7c403ad693fc8602e95fe3d803f3
877de7cadd4fc848afaac488f89ed987929505b563a03eb79e4e9d8fa0b41a0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-169891887-1&cid=127124388.1664745233&jid=1712229137&_u=YCDAgEABQAAAAE~&z=1731160624
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-169891887-1&cid=127124388.1664745233&jid=1712229137&_u=YCDAgEABQAAAAE~&z=1731160624
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-169891887-1&cid=127124388.1664745233&jid=1712229137&_u=YCDAgEABQAAAAE~&z=1731160624 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 21:13:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8c665d81a8995febfec300bd9f554c90
aa3599f282cff5e07d5681ec4854b70a82590f6d
57cd30b987eb23f54208b51c04daefd3657fdd84325f4035817b32e4ad5b5461
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
65.9.84.191200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 65.9.84.191:0
Hash 55357a586bee6e1df8493f5b4a47cd96
4809fff87e91133ab9c2d95cd0c3b3cc6386ddd8
056e3d2a4dd8c1155b4f6e3c62df0a5ee0b5c10c57f46258d3685d83966ed3b9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 21:13:54 GMT
Last-Modified: Sun, 02 Oct 2022 20:11:50 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: fK9W70FzdY1AeB96UAFBTYltsGXUweIaHyDNnZwtyqtCVbGlVxIQCQ==
Age: 3724
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1526ec30-d948-4741-bb43-1e4c0afdc4d7.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1526ec30-d948-4741-bb43-1e4c0afdc4d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fbddbe1f7958f13b80e50ab39094b9ab
f73cabc101017a4af09e675ca9262774c177d16a
ebbe6a54e5c390f49452d0afd55899f4dec3836451906945c79bbf165e4e0724
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1526ec30-d948-4741-bb43-1e4c0afdc4d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 14117
x-amzn-requestid: adb8a06b-48c2-4805-90ed-1db82d873d49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpmFdjoAMFY_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-7f09d2c748de72ca663022df;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awdd8Vr7y-2zR0OTFdMb8PnD2XDg6hsS736tOIH_c5AVOwOSik1zPQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:47:13 GMT
age: 84406
etag: "f73cabc101017a4af09e675ca9262774c177d16a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tusegurocontodo.pe/assets/img/img_thumb_1.jpg
201.234.76.214200 OK 0 B URL HTTP/2 tusegurocontodo.pe/assets/img/img_thumb_1.jpg
IP 201.234.76.214:0
GET /assets/img/img_thumb_1.jpg HTTP/1.1
Host: tusegurocontodo.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:13:53 GMT
content-type: image/jpeg
last-modified: Tue, 27 Sep 2022 23:59:56 GMT
vary: Accept-Encoding
etag: W/"63338e7c-23736"
content-security-policy: frame-ancestors 'self'
permissions-policy: geolocation=(*)
strict-transport-security: max-age=63072000 ; incluideSubDomains ; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
tusegurocontodo.pe/assets/img/img_thumb_3.jpg
201.234.76.214200 OK 0 B URL HTTP/2 tusegurocontodo.pe/assets/img/img_thumb_3.jpg
IP 201.234.76.214:0
GET /assets/img/img_thumb_3.jpg HTTP/1.1
Host: tusegurocontodo.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:13:53 GMT
content-type: image/jpeg
last-modified: Tue, 27 Sep 2022 23:59:56 GMT
vary: Accept-Encoding
etag: W/"63338e7c-1fe6c"
content-security-policy: frame-ancestors 'self'
permissions-policy: geolocation=(*)
strict-transport-security: max-age=63072000 ; incluideSubDomains ; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
tusegurocontodo.pe/assets/img/img_thumb_5.jpg
201.234.76.214200 OK 0 B URL HTTP/2 tusegurocontodo.pe/assets/img/img_thumb_5.jpg
IP 201.234.76.214:0
GET /assets/img/img_thumb_5.jpg HTTP/1.1
Host: tusegurocontodo.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:13:53 GMT
content-type: image/jpeg
last-modified: Tue, 27 Sep 2022 23:59:56 GMT
vary: Accept-Encoding
etag: W/"63338e7c-be94"
content-security-policy: frame-ancestors 'self'
permissions-policy: geolocation=(*)
strict-transport-security: max-age=63072000 ; incluideSubDomains ; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
tusegurocontodo.pe/assets/img/img_home_hero.jpg
201.234.76.214200 OK 0 B URL HTTP/2 tusegurocontodo.pe/assets/img/img_home_hero.jpg
IP 201.234.76.214:0
GET /assets/img/img_home_hero.jpg HTTP/1.1
Host: tusegurocontodo.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:13:53 GMT
content-type: image/jpeg
last-modified: Tue, 27 Sep 2022 23:59:56 GMT
vary: Accept-Encoding
etag: W/"63338e7c-96e9a"
content-security-policy: frame-ancestors 'self'
permissions-policy: geolocation=(*)
strict-transport-security: max-age=63072000 ; incluideSubDomains ; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/2603672/visit-data?sv=7
34.251.196.147200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/2603672/visit-data?sv=7
IP 34.251.196.147:0
POST /api/v2/client/sites/2603672/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 120
Origin: https://tusegurocontodo.pe
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 21:13:54 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2