chin.maidweek.shop/wrcgfdtqbl/xjunsvh554uknbv/DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g
172.67.141.88200 OK 558 B URL HTTP/1.1 chin.maidweek.shop/wrcgfdtqbl/xjunsvh554uknbv/DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g
IP 172.67.141.88:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ed1c943460c460a4dc24ee07459b255b
21515de0add7de316f74f929512f01af9731c91c
44b5160eb62b27302b6df0d4de27a14048998fdf2607bcd5e33ac12993972a21
Analyzer Verdict Alert fortinet Malware
GET /wrcgfdtqbl/xjunsvh554uknbv/DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g HTTP/1.1
Host: chin.maidweek.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 06:59:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=If3CN4oWH7WRlihPoef2eZdwz8m2n8JxNskcRURfDygXJ76OpOkD2pOeRGNmy6OEt9bcL7kihZlCsws1lxZqKok0NAdDbVfNQDVxpIBnsXSBYIzcDVexJnLJO049JQ53Y0pBIpc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f043a92a85b4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17573
Expires: Thu, 24 Nov 2022 11:52:45 GMT
Date: Thu, 24 Nov 2022 06:59:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2387
Cache-Control: max-age=101471
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 06:59:52 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 11:11:03 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 06:17:15 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2557
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19962
Expires: Thu, 24 Nov 2022 12:32:34 GMT
Date: Thu, 24 Nov 2022 06:59:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tlvwEUrAw2fUs7nwIcHknv+ck9eYc3ig3ov9Px/5nB7RRAzqkhQDm0cK4sHQxLpUBMq7fFAA/1o=
x-amz-request-id: 54DYSF9AYJ6G3QS0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 06:43:18 GMT
age: 994
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 06:59:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
chin.maidweek.shop/jquery-1.11.0.min.js
172.67.141.88200 OK 33 kB URL HTTP/1.1 chin.maidweek.shop/jquery-1.11.0.min.js
IP 172.67.141.88:0
File type ASCII text, with very long lines (32341)
Hash 95fe3f4dd117c33f6015e1c3d6df1d0d
d5b8856932d1ea63f51824de0bb50670d2e960bc
e6945ac3f1927f242a9fd7a5cf67720f7763888127a7427eb24ffc52019d4b16
GET /jquery-1.11.0.min.js HTTP/1.1
Host: chin.maidweek.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://chin.maidweek.shop/wrcgfdtqbl/xjunsvh554uknbv/DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 06:59:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 08 Nov 2022 07:16:06 GMT
ETag: W/"636a0236-1787d"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 39
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M04EnmHnz52pINs3h6UPrdhr4mCaW8Q9cM0PIfYFI9ZGLoVLZWmBUTCjnOBKk207ex12FwbPE7yZo04mWfCttPoBt9qZze0BJpMlLq19DEwXG0pD%2BdZtjd4gbMhOV%2Bb6XKhx9rA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f043abfd0bb4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 06:59:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
chin.maidweek.shop/offer.php?id=1&sid=999738&h=DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g
172.67.141.88200 OK 346 B URL HTTP/1.1 chin.maidweek.shop/offer.php?id=1&sid=999738&h=DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g
IP 172.67.141.88:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (311)
Hash b9301624cbd4a411600d9b1190599154
2534ce7437056d26493796b72a4ee9fc57bec47c
4fd9d97ddae14b9675291b19e4cdd3935e64e339314d059ceb1459ff453096e4
GET /offer.php?id=1&sid=999738&h=DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g HTTP/1.1
Host: chin.maidweek.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://chin.maidweek.shop/wrcgfdtqbl/xjunsvh554uknbv/DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 06:59:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3s75QYWmSTfOBbZVa1GhIrlSogsI1b7xn252dtIOK4mrVcsq6teMNo5%2FCvNCQu7vdLXkfs4gOlsaMl2KKn6mRDcVClHWRWNF017f1eKEfBXoSIlgJjaG1VX%2B9rRfMt2Rk%2BMWxU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f043acadcdb4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
chin.maidweek.shop/clicks/Exipure_cb.php?sid=999738&h=DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g
172.67.141.88200 OK 2.6 kB URL HTTP/1.1 chin.maidweek.shop/clicks/Exipure_cb.php?sid=999738&h=DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g
IP 172.67.141.88:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (495), with CRLF line terminators
Hash c7496e649aa0c6780394f7b1cc10574c
b0e82845768992acd48d5e5b0a22322d5e4383a8
ed32e59c3e6f4a3563d8fe4a05d98f330fc7d4f6d6fe72579d44c2857677bc58
GET /clicks/Exipure_cb.php?sid=999738&h=DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g HTTP/1.1
Host: chin.maidweek.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 06:59:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fw7zr0sjEE1tUeaPy8GZsgvCfN%2BjTIn%2FPE5Z6tCyk8h2UrklaeSLS4dRS6vrYXcsdDQpgfHvRg8rbE8ErzH95Cb3TRy8gpGCyOYHXuuwuGMM9ZkapwzNsEgE73xmYOOaw%2FRce8U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f043adfef3b4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
chin.maidweek.shop/clicks/Exipure_cb_files/style-right2.css
172.67.141.88200 OK 1.9 kB URL HTTP/1.1 chin.maidweek.shop/clicks/Exipure_cb_files/style-right2.css
IP 172.67.141.88:0
File type ASCII text, with very long lines (411), with CRLF line terminators
Hash c7c710066df22d0d036f3a91f5519c2a
1797c818009d2a2ccbcbf4f7234d57f7d1e8da7a
c602af4ea2167cc56cc244f26a6eeda45cb28390438aad6832a1b8a87ddaee78
GET /clicks/Exipure_cb_files/style-right2.css HTTP/1.1
Host: chin.maidweek.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://chin.maidweek.shop/clicks/Exipure_cb.php?sid=999738&h=DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 06:59:52 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 07:02:32 GMT
ETag: W/"636f4508-19db"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 38
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBvl%2BvvZXn7EW%2BOMV9BVZuDGvK977DQbPznGeDU%2BOoBj0laTIQNVBp%2FoEY%2BxVwO5b7LX75Gw4gl6d3wJM0gb%2BCjVa%2FlhCebWoTny%2FowvnxxTw6hWBJoC8jBlxTcUP2I%2BhSad0RE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f043af59f4b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
chin.maidweek.shop/clicks/Exipure_cb_files/widgets.css
172.67.141.88200 OK 312 B URL HTTP/1.1 chin.maidweek.shop/clicks/Exipure_cb_files/widgets.css
IP 172.67.141.88:0
File type assembler source, ASCII text
Hash 20ae036c64c107b6dbb42bb34642f3d1
2b5a84e548de80ceab4d36d8954c44b741fd15cb
ddafbfaaeea160c0bde62a43605058ae694ccc1b7320dfb968ff57f1ea3914c7
GET /clicks/Exipure_cb_files/widgets.css HTTP/1.1
Host: chin.maidweek.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://chin.maidweek.shop/clicks/Exipure_cb.php?sid=999738&h=DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 06:59:52 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 07:02:32 GMT
ETag: W/"636f4508-2c9"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 38
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrezBvOUOh5nd%2B7cDRmltPOXMeSbGCPTCWKkQM2KnaTd1cNFfpAXaeKGaOtYCAw3uMmRS6ah4Qsyb6y1g%2BceRZDRItB1G9gXApX%2FlmXXHm0SzFBRwwOYZh2Kl7iF5r%2F22VxcCpE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f043af6b60b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
chin.maidweek.shop/clicks/Exipure_cb_files/font-awesome.min.css
172.67.141.88200 OK 5.9 kB URL HTTP/1.1 chin.maidweek.shop/clicks/Exipure_cb_files/font-awesome.min.css
IP 172.67.141.88:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (26474)
Hash fd1ffa82658b3459106c656c38a9cb82
5ad49dec3eec50c33c2a37b143b2de3293b7eb0f
811cc2e6c6cad1b510dd236f022fd19ca99a1f010bfc4851d449bf9a9595ad0d
GET /clicks/Exipure_cb_files/font-awesome.min.css HTTP/1.1
Host: chin.maidweek.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://chin.maidweek.shop/clicks/Exipure_cb.php?sid=999738&h=DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 06:59:52 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 07:02:32 GMT
ETag: W/"636f4508-6810"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 38
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7ys7zxsL5Z7kV98y2SkwZEzGlu4zM6xIno6a91SJHmSNYhlsy4hj%2BiI2I8Up9tpfs5RFbestvq2trUOEoOb7%2FhuOXg3QC0Fh6TNuJS0%2Fw9byMZYEf059FqlIu5ls%2FDHmPuhNB4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f043af6805b4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.googletagmanager.com/gtag/js?id=UA-22484186-3
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-22484186-3
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 471202ceb97837c9bb34e2824978a443
4f44e3623604f66dc21b32df93ee3756fd798517
79a65742da357fd988f4f23c43bab1c4a63145822c49389e417372ae0f2aed5d
GET /gtag/js?id=UA-22484186-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://chin.maidweek.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 06:59:52 GMT
expires: Thu, 24 Nov 2022 06:59:52 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43722
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
chin.maidweek.shop/clicks/Exipure_cb_files/font-awesome.css
172.67.141.88200 OK 26 B URL HTTP/1.1 chin.maidweek.shop/clicks/Exipure_cb_files/font-awesome.css
IP 172.67.141.88:0
Hash 189298e19a6f8b602917a2156d5d834e
ccccfd25f81816d3c4dbc2a22aa30d406a8afabf
519f1acf822fc784b08e38c7e31616806b836994d954ebaadf18a9b7aed6734c
GET /clicks/Exipure_cb_files/font-awesome.css HTTP/1.1
Host: chin.maidweek.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://chin.maidweek.shop/clicks/Exipure_cb.php?sid=999738&h=DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 06:59:52 GMT
Content-Type: text/css
Content-Length: 26
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 07:02:32 GMT
ETag: "636f4508-1a"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 38
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUFbxJrnYAkqvamV6Gh9Pgs32gG7JzBkLaiU6JaEaXU1GxKW9GsKmcu37J8jyVgbLWSorsA%2BSlQCA%2BdO2awkGFgJPMxDx3plJM18ZcZ%2BlWgjifwe0HzBcJ4A802ZWV8lllOq6ak%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f043af6a30b515-OSL
alt-svc: h2=":443"; ma=60
chin.maidweek.shop/clicks/Exipure_cb_files/teeth2-org.jpg
172.67.141.88200 OK 34 kB URL HTTP/1.1 chin.maidweek.shop/clicks/Exipure_cb_files/teeth2-org.jpg
IP 172.67.141.88:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 300x200, components 3\012- data
Hash 77514ff7005e4947af8a4d3ed1c02352
289bb57dac83f224642a4590d6f88273a17df857
044154bfa5504cfc2f0e50fea1c5c840f1cce3f952092a7e13696f98211db18d
GET /clicks/Exipure_cb_files/teeth2-org.jpg HTTP/1.1
Host: chin.maidweek.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://chin.maidweek.shop/clicks/Exipure_cb.php?sid=999738&h=DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 06:59:52 GMT
Content-Type: image/jpeg
Content-Length: 33799
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 07:02:32 GMT
ETag: "636f4508-8407"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 38
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t54PtV96lClULfYLMkt5h3W6WTy6TpvioxEUAOJ9%2BC95ZeZPVbx8tZpuqDENZT%2F9dsQMkdr3Kzt9MZ7bopT%2Bpp3DJyqz1uOgZuVNNANE%2BLLayabVIQ%2F%2BaQ44rRgFz5fHrTrWonE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f043af8822b4f4-OSL
alt-svc: h2=":443"; ma=60
chin.maidweek.shop/clicks/Exipure_cb_files/backpain2-org.jpg
172.67.141.88200 OK 9.7 kB URL HTTP/1.1 chin.maidweek.shop/clicks/Exipure_cb_files/backpain2-org.jpg
IP 172.67.141.88:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x200, components 3\012- data
Hash 5ae39a503f71aa274923c6e50cdec91a
8e342b79e544fa886f51e9ef3d367c5b2d5474c0
84815960af3cc621de13acb1cad1a7f16418fda951aede1adc2e852e9d062f8e
GET /clicks/Exipure_cb_files/backpain2-org.jpg HTTP/1.1
Host: chin.maidweek.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://chin.maidweek.shop/clicks/Exipure_cb.php?sid=999738&h=DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 06:59:52 GMT
Content-Type: image/jpeg
Content-Length: 9663
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 07:02:32 GMT
ETag: "636f4508-25bf"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 38
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kIwN%2FOr0c4X92%2FhIeFmHDZY2K0Iwf%2BVYL3a%2F35ivegFCi9zwgtdYEIz4Al%2Fu0cFQKdQvrsvfhmiCul32oPyKYwWRXh0PqOqAxTQfSuplPlXHIofmGEI4xz4W%2FGSwPFOSvlZbaXo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f043af8a16b50c-OSL
alt-svc: h2=":443"; ma=60
chin.maidweek.shop/clicks/Exipure_cb_files/fungus3-org.jpg
172.67.141.88200 OK 58 kB URL HTTP/1.1 chin.maidweek.shop/clicks/Exipure_cb_files/fungus3-org.jpg
IP 172.67.141.88:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 300x200, components 3\012- data
Hash 066eb8f6026f8639d2c474619036d5f4
271f4dcccddc4f39ab0eef18a31898cc876c35ba
a0c46f92fdb281fbed4d19d9bcc71ee33249cf9af7921247c3e5c3ef4e969537
GET /clicks/Exipure_cb_files/fungus3-org.jpg HTTP/1.1
Host: chin.maidweek.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://chin.maidweek.shop/clicks/Exipure_cb.php?sid=999738&h=DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 06:59:52 GMT
Content-Type: image/jpeg
Content-Length: 57495
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 07:02:32 GMT
ETag: "636f4508-e097"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 38
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6Nqx%2FaW48m%2F%2B1KGjkl6LAumg77xXFYefp2jD%2Fh6uiDXaVvJrL9RRGYcjtJTKCMsp%2FHMMX%2BJXFFNS1cNajSWKYAc%2FxUzJYMJQh4uunhOWdhSiz%2FMvLWWRCftoVyJ4vA6OuF32eQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f043af8913b4f7-OSL
alt-svc: h2=":443"; ma=60
chin.maidweek.shop/clicks/Exipure_cb_files/main.jpg
172.67.141.88200 OK 81 kB URL HTTP/1.1 chin.maidweek.shop/clicks/Exipure_cb_files/main.jpg
IP 172.67.141.88:0
File type JPEG image data, baseline, precision 8, 916x916, components 3\012- data
Hash 68bbd01c7bf86e164ed646c576701e88
fdf37a1226b8afd35b5d65451569e8f068b75d5d
39716f10e8eb65d242e90575662e7ada803abfaab7c7ac26c80f58eabed4aa4e
GET /clicks/Exipure_cb_files/main.jpg HTTP/1.1
Host: chin.maidweek.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://chin.maidweek.shop/clicks/Exipure_cb.php?sid=999738&h=DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 06:59:52 GMT
Content-Type: image/jpeg
Content-Length: 81010
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 07:02:32 GMT
ETag: "636f4508-13c72"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 38
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlD0Iv%2F3e5qcff7yhpOQ0VMAmc%2B4Kn0m9WOSGo2GsYQ8zU81eTsjD8ORDetL8TeRvSvvZ1WtzegzQeRc2zwbCOhhKJhU5TYH5lP5p%2FICYIZjmrryfU0yTQdKVeQJjKTGK0yTfm0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f043af8b8ab4f9-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 06:11:11 GMT
cache-control: public,max-age=3600
age: 2921
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
chin.maidweek.shop/clicks/Exipure_cb_files/blank.htm
172.67.141.88200 OK 548 B URL HTTP/1.1 chin.maidweek.shop/clicks/Exipure_cb_files/blank.htm
IP 172.67.141.88:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1254), with CRLF line terminators
Hash cd64b4aeec0a8560c0d6527312e2c806
3b84cb918c9cf6a06d81b2aee07f5fec52ec6878
7dc0902142b34ea216d209ad68f58687c2190ebb974b2f540f61cc64b2b22ef4
GET /clicks/Exipure_cb_files/blank.htm HTTP/1.1
Host: chin.maidweek.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://chin.maidweek.shop/clicks/Exipure_cb.php?sid=999738&h=DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 06:59:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 07:02:32 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSXMJX9UQk%2FijS%2BdkB4%2FD4KqofjeRViL%2BP%2F%2Fl4Ti5uH%2B4TpbQe7OqvaRTcx8%2BHl3qZq0E8tZ079lyJaBe8qC%2BTqvddKbO0NPWatgVrAnE4oy8rB1IVnb86iYH1MJs8U%2FCSCX%2FGw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f043af580eb4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 06:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
chin.maidweek.shop/favicon.ico
172.67.141.88200 OK 69 B URL HTTP/1.1 chin.maidweek.shop/favicon.ico
IP 172.67.141.88:0
File type MS Windows icon resource - 1 icon, 16x16\012- data
Hash f12fb6edbda074603f749a028770f49a
419983c6073469bac7fb8535a847b8f78c2040ce
8aec3412c7c37feacec2dc9d7b2f3560a2e0af0af573085665a57e1d09ab397d
GET /favicon.ico HTTP/1.1
Host: chin.maidweek.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://chin.maidweek.shop/clicks/Exipure_cb.php?sid=999738&h=DHd_8eS7V4T19Wb5AMNqcovltR_8LqO5RbWarTrZO4Q/Hdu-fWyDclZJM8Eg2yhxLbDYjqzZXi6aviKk2ztHCUtQJXY6_z4FghMG8coZYEx3oErfEKfaelzp3yrSJqDY-tMDV70SCmte9Oe-UNdQjcexr13Ura8a66aXtuzD0cGvOWLvEfw3qMtfXXUu7Qes6g
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 06:59:53 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 08 Nov 2022 07:16:01 GMT
ETag: W/"636a0231-57e"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 38
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jqoh9ym%2F66iUiO2W1egldlMYHzSJrQusA62ReK5qAijcLMu1gNPxdh9hOM9W2JsupyXQ1PndAe%2B7eogbBgbU3Gb2PdXN1wU8Lws%2Bx3kWMofsSlfQrhvKVbUFn59qEYa2fWjDAs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f043b06c66b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
chin.maidweek.shop/clicks/Exipure_cb_files/blank_data/inject.css
172.67.141.88200 OK 928 B URL HTTP/1.1 chin.maidweek.shop/clicks/Exipure_cb_files/blank_data/inject.css
IP 172.67.141.88:0
File type ASCII text, with CRLF line terminators
Hash e1c22e631b7cce42e3ef13cd9bb02ff5
6c6c2b15c56e776d9eac10babf3a6c4a2bd964ae
93950a736308fe62073a44a76b8ec05b9a651062f6ecee4782059d0718aab6dc
GET /clicks/Exipure_cb_files/blank_data/inject.css HTTP/1.1
Host: chin.maidweek.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://chin.maidweek.shop/clicks/Exipure_cb_files/blank.htm
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 06:59:53 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 07:02:32 GMT
ETag: W/"636f4508-f28"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 39
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nfNelDEFiJ%2BwowdKkyEoMU3EC%2Fj0lSlfgcmV52pVJH%2BUhQi55P74H3g9K8Aivo4CjlF8Q%2BlCPMFLjyoZAijnALl5le20TomcWWMwC4lArbP1GpjlavO8IOnhI7rCJSS%2FByXaTg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f043b09c93b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2101
Cache-Control: max-age=96121
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 06:59:53 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 09:41:54 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://chin.maidweek.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 06:41:08 GMT
expires: Thu, 24 Nov 2022 08:41:08 GMT
cache-control: public, max-age=7200
age: 1125
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 06:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=1699242556.1669273193&jid=160401909&gjid=1040035955&_gid=2081082928.1669273193&_u=YEBAAUAAAAAAACAAI~&z=921527998
142.251.1.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=1699242556.1669273193&jid=160401909&gjid=1040035955&_gid=2081082928.1669273193&_u=YEBAAUAAAAAAACAAI~&z=921527998
IP 142.251.1.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=1699242556.1669273193&jid=160401909&gjid=1040035955&_gid=2081082928.1669273193&_u=YEBAAUAAAAAAACAAI~&z=921527998 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://chin.maidweek.shop
Connection: keep-alive
Referer: http://chin.maidweek.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://chin.maidweek.shop
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 24 Nov 2022 06:59:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.43.61.95101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.61.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9zRv5DSpk7Ksu6qCZpExGg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XXD7+a37L7N2E71GuqWqkUAHeCI=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 06:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 06:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 06:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=1699242556.1669273193&jid=160401909&_u=YEBAAUAAAAAAACAAI~&z=715449613
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=1699242556.1669273193&jid=160401909&_u=YEBAAUAAAAAAACAAI~&z=715449613
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=1699242556.1669273193&jid=160401909&_u=YEBAAUAAAAAAACAAI~&z=715449613 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://chin.maidweek.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 06:59:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=1699242556.1669273193&jid=160401909&_u=YEBAAUAAAAAAACAAI~&z=715449613
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=1699242556.1669273193&jid=160401909&_u=YEBAAUAAAAAAACAAI~&z=715449613
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=1699242556.1669273193&jid=160401909&_u=YEBAAUAAAAAAACAAI~&z=715449613 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://chin.maidweek.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 06:59:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 06:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 06:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4149
Expires: Thu, 24 Nov 2022 08:09:03 GMT
Date: Thu, 24 Nov 2022 06:59:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4149
Expires: Thu, 24 Nov 2022 08:09:03 GMT
Date: Thu, 24 Nov 2022 06:59:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4149
Expires: Thu, 24 Nov 2022 08:09:03 GMT
Date: Thu, 24 Nov 2022 06:59:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4149
Expires: Thu, 24 Nov 2022 08:09:03 GMT
Date: Thu, 24 Nov 2022 06:59:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1404c6b865808ea73ca5b2062fefecc0
c66fd3a955cd81ab93474fb1aabc4c19d5775bcc
0a92ca52eff8baa4ba43bdb29008c59bcd37c55e78ac657de25819e980ea8e96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5545
x-amzn-requestid: 215b9f9b-4941-4c13-a1d4-6fdc5b453fad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtEkIIAMF3gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-27081b9e0dc1de6522299e4e;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SFO53-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xr183esurgfu-4jjQtCS5s_np_CtltrPx48zpq-NMwZbcGnAwTxtkg==
via: 1.1 68914922a694954838e87fc9b0aa10fe.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:51:07 GMT
age: 32927
etag: "c66fd3a955cd81ab93474fb1aabc4c19d5775bcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65d6aa89-922d-4c2b-9601-956358f8ac22.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65d6aa89-922d-4c2b-9601-956358f8ac22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1234c13159d1531a698ece38a3bd7ff6
6bd60504d4450a090e6f82d15f2f28b371e4dfcc
488a827d4d2074371860dd556b3611c56a19502d3348e0a7d35c4f7556f63b3a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65d6aa89-922d-4c2b-9601-956358f8ac22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11969
x-amzn-requestid: e7ab6bb2-9bc5-4862-901b-32f18322db46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwBJFkUoAMFRFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e93a0-56d902c0481eef0932dad57c;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:41:52 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zluh8EkvyvbxVT_lmb1uh3eLph9eMUrsuLlwPYAOmP9-sWAhGyxeMw==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:45:09 GMT
age: 33285
etag: "6bd60504d4450a090e6f82d15f2f28b371e4dfcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18708671-8ed1-458b-a0a3-fba50832ecb7.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18708671-8ed1-458b-a0a3-fba50832ecb7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af618f978f520f4f15acd660f5e91ad4
fcbe3938574e2a3b0d303b7464ae6f414d7dc356
6f8c21090c99c98e8ae89f60b1cf1cd882194dc83db96808a0b5bd553ece8a56
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18708671-8ed1-458b-a0a3-fba50832ecb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9119
x-amzn-requestid: 0321de47-3dae-4ad5-86e7-fd766326c6c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvClGQWoAMFWqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9210-5bc883d93cedf8ec36517fe3;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gvEmzs6OvdD0s03wFTgS0RYBkikZ9VHk0eOArDVQwZ1vNSMBcJ97mQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:45:09 GMT
etag: "fcbe3938574e2a3b0d303b7464ae6f414d7dc356"
content-type: image/jpeg
age: 33285
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 8f679d7f-2ea5-4e47-b78d-79af59435a62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFPHYHkAIAMFpBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec562-26108a785e910dc3355d58f1;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:14:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xYCpAPfR8rrHKURifh5EhDmMte-T2EgDeqP5jD24Jb0ICkXcpbnU5Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:30:43 GMT
age: 5351
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rrs7G6Wto6iY0rT6KsKwKAOPJjehXqD0jHZrR_eaiqpepQILFr7Dtw==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:07 GMT
age: 33047
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 33122
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2