root-naturesproduce.com/25serdt1?from_sms=1
104.21.36.62200 OK 58 kB URL HTTP/1.1 root-naturesproduce.com/25serdt1?from_sms=1
IP 104.21.36.62:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3301)
Hash fe1af7331cdf323b97efa9f502b63565
1d0b4c0a25066034870b16ee4519ee89ddb85f5c
9f5a16452bc76b427b1e31add83495025af1c0e944e629a37a51fbcbce56f959
Analyzer Verdict Alert quad9 Sinkholed
GET /25serdt1?from_sms=1 HTTP/1.1
Host: root-naturesproduce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:47:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6Ikk5U3JIQjhnOTZnU1AvU05NV0lDbWc9PSIsInZhbHVlIjoia015djhrekorWUxueks1L2xoSjRMWkNHdnFPSjhRRVNDUVA1cEwySFNWRHcwUDdWM2dsZDRiaTB6V3ZsWHQ2cC9HRGp2Nk1jcWpqQkpKQTJwQkVWcmI1TzJDWTROTVNlWTN5VU9WOG5KMFhIZUxmc3N1b1VuMWs5SmY0S3lnSWkiLCJtYWMiOiIyZTFkNTNmMTdiY2IwZjA4YWNhMDc2MTdhODFkYWRmMWM1NGE3Y2YzZjg4MDlkNTRlNDUxZWE2OTk5OTNjZGRlIiwidGFnIjoiIn0%3D; expires=Sun, 22-Jan-2023 20:47:01 GMT; Max-Age=7200; path=/; samesite=lax
public_session=eyJpdiI6InRSNitXTTROTW04UG9lN2d5bW1sekE9PSIsInZhbHVlIjoiRnp6RmNYK29vNXd2N3NzcEN4UkMrakIxK2oxS2x2WDlHNDNRczh3dSsrVWEyRGQ4d2dVQ1o0blNNb2ozak80ampGWEdHcDF2RXRiN3QwNkIvZmphVndsVVEzdXFGRkRML05ZcGw1ZjgvclJudlR2TnlhN2NONFFXK243UUlDZ2MiLCJtYWMiOiJjMTQzNTVmMzk0YzRhZmRiNjExZTllMTNjM2UzZGY1ODA4MjNkMmM4NTA2YTFlMTBmMDY1MDg3ZGY4ZjI4YTI0IiwidGFnIjoiIn0%3D; expires=Sun, 22-Jan-2023 20:47:01 GMT; Max-Age=7200; path=/; httponly; samesite=lax
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AN6iNeDPKDRffkAtcFxcWxTjQ2W2tXxn1kWIVf8xhLUO6268atwTGFzRjmLPIeQnX7R180JpwCDpzy5h93XAgajZKRxCnzPHvzrcAh8on4M8OogyYcn9DvPMBbq6l5hoMv%2FtHwHWOfeGZg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da74a8fa8e0b06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5863
Expires: Sun, 22 Jan 2023 20:24:44 GMT
Date: Sun, 22 Jan 2023 18:47:01 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4550
Expires: Sun, 22 Jan 2023 20:02:51 GMT
Date: Sun, 22 Jan 2023 18:47:01 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7313
Expires: Sun, 22 Jan 2023 20:48:54 GMT
Date: Sun, 22 Jan 2023 18:47:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 22 Jan 2023 18:34:52 GMT
content-type: application/json
age: 729
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qooJqXKV8MtOCyifLoeiSDYT7Kaz05FzMsigHNUQpA5SodMXLa6SRnk7xLjgNQjONhLm2BH2IZo=
x-amz-request-id: B6BH09W2F6TGRDZE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 22 Jan 2023 18:18:32 GMT
age: 1709
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:47:01 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7e3dfdf832e5fb2135c3d36e1c86a0c9
ed3854d36bb262a1733da44e9104e141c4957701
7506af80d0a96fbbb7d78c1f83cbcfd2355ee53246bcf6fd004212e6aded9515
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:47:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
root-naturesproduce.com/js/howler.min.js
104.21.36.62200 OK 9.3 kB URL HTTP/1.1 root-naturesproduce.com/js/howler.min.js
IP 104.21.36.62:0
File type ASCII text, with very long lines (25284)
Hash 66b81a4ec388472a70c0f3c0f06fc380
ecd4d85864481b0bbc86de6edbe5b30319214af8
a4b82b31bff2da07fdb66fcec76be56b65d3ae6b905f99d482bd0b919b39c886
Analyzer Verdict Alert quad9 Sinkholed
GET /js/howler.min.js HTTP/1.1
Host: root-naturesproduce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://root-naturesproduce.com/25serdt1?from_sms=1
Cookie: XSRF-TOKEN=eyJpdiI6Ikk5U3JIQjhnOTZnU1AvU05NV0lDbWc9PSIsInZhbHVlIjoia015djhrekorWUxueks1L2xoSjRMWkNHdnFPSjhRRVNDUVA1cEwySFNWRHcwUDdWM2dsZDRiaTB6V3ZsWHQ2cC9HRGp2Nk1jcWpqQkpKQTJwQkVWcmI1TzJDWTROTVNlWTN5VU9WOG5KMFhIZUxmc3N1b1VuMWs5SmY0S3lnSWkiLCJtYWMiOiIyZTFkNTNmMTdiY2IwZjA4YWNhMDc2MTdhODFkYWRmMWM1NGE3Y2YzZjg4MDlkNTRlNDUxZWE2OTk5OTNjZGRlIiwidGFnIjoiIn0%3D; public_session=eyJpdiI6InRSNitXTTROTW04UG9lN2d5bW1sekE9PSIsInZhbHVlIjoiRnp6RmNYK29vNXd2N3NzcEN4UkMrakIxK2oxS2x2WDlHNDNRczh3dSsrVWEyRGQ4d2dVQ1o0blNNb2ozak80ampGWEdHcDF2RXRiN3QwNkIvZmphVndsVVEzdXFGRkRML05ZcGw1ZjgvclJudlR2TnlhN2NONFFXK243UUlDZ2MiLCJtYWMiOiJjMTQzNTVmMzk0YzRhZmRiNjExZTllMTNjM2UzZGY1ODA4MjNkMmM4NTA2YTFlMTBmMDY1MDg3ZGY4ZjI4YTI0IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:47:01 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 16:11:10 GMT
ETag: W/"63cd601e-8742"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZG7tZ4KCkV7y6voxNwKlEBrqzmPKsydxePptn7gZVsImdqGLSPvkT5fkvA5XcvzuWaAopUt5vm5O%2BYAJB%2FG2UoySB9PuxV7Qbtq05YUbyPu4LgYaEvKvGReX82xzE2z8sPmXa6vxNmVILw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78da74abeef7b4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
root-naturesproduce.com/css/app.css?id=73cc550c649a562a8304
104.21.36.62200 OK 13 kB URL HTTP/1.1 root-naturesproduce.com/css/app.css?id=73cc550c649a562a8304
IP 104.21.36.62:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 42581910a3c2d8d850078b4151f3b30f
49ee3732b8be376439fa715c66e2954b229c5b90
4251b16d7a529f6a3f44d9c55b7867f84223e821450ed4c7b317f0572e19c7b4
Analyzer Verdict Alert quad9 Sinkholed
GET /css/app.css?id=73cc550c649a562a8304 HTTP/1.1
Host: root-naturesproduce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://root-naturesproduce.com/25serdt1?from_sms=1
Cookie: XSRF-TOKEN=eyJpdiI6Ikk5U3JIQjhnOTZnU1AvU05NV0lDbWc9PSIsInZhbHVlIjoia015djhrekorWUxueks1L2xoSjRMWkNHdnFPSjhRRVNDUVA1cEwySFNWRHcwUDdWM2dsZDRiaTB6V3ZsWHQ2cC9HRGp2Nk1jcWpqQkpKQTJwQkVWcmI1TzJDWTROTVNlWTN5VU9WOG5KMFhIZUxmc3N1b1VuMWs5SmY0S3lnSWkiLCJtYWMiOiIyZTFkNTNmMTdiY2IwZjA4YWNhMDc2MTdhODFkYWRmMWM1NGE3Y2YzZjg4MDlkNTRlNDUxZWE2OTk5OTNjZGRlIiwidGFnIjoiIn0%3D; public_session=eyJpdiI6InRSNitXTTROTW04UG9lN2d5bW1sekE9PSIsInZhbHVlIjoiRnp6RmNYK29vNXd2N3NzcEN4UkMrakIxK2oxS2x2WDlHNDNRczh3dSsrVWEyRGQ4d2dVQ1o0blNNb2ozak80ampGWEdHcDF2RXRiN3QwNkIvZmphVndsVVEzdXFGRkRML05ZcGw1ZjgvclJudlR2TnlhN2NONFFXK243UUlDZ2MiLCJtYWMiOiJjMTQzNTVmMzk0YzRhZmRiNjExZTllMTNjM2UzZGY1ODA4MjNkMmM4NTA2YTFlMTBmMDY1MDg3ZGY4ZjI4YTI0IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:47:01 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 06 Jan 2023 22:56:24 GMT
ETag: W/"63b8a718-17ae5"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxcnnuecRX%2FayHRRkyzHZ%2BB6nUutpjX4hnpvcZE7x1Dc1H2JLM6DeKQ%2B3pLrOcidQHG0Kjxv05Oq7aoG0MX8O2J%2FI8gxIn0ZQE8lvl6OIQirg4v7AcaiCZNfAtysVCnb%2FBlvxq3SjmNXXA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78da74abdeb00b06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7e3dfdf832e5fb2135c3d36e1c86a0c9
ed3854d36bb262a1733da44e9104e141c4957701
7506af80d0a96fbbb7d78c1f83cbcfd2355ee53246bcf6fd004212e6aded9515
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:47:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 56418b02a87cfeb12bef2cccb2e742d0
56830f678d4b272e4c8a8004afde09791bb92ea0
ab60675e454f1a844fea402516dcb2a5b0c4aca969125916e4bab1523fee0bae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1676
Cache-Control: max-age=89618
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:47:01 GMT
Etag: "63cc392b-1d7"
Expires: Mon, 23 Jan 2023 19:40:39 GMT
Last-Modified: Sat, 21 Jan 2023 19:12:43 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
root-naturesproduce.com/js/jquery-1.11.2.min.js
104.21.36.62200 OK 39 kB URL HTTP/1.1 root-naturesproduce.com/js/jquery-1.11.2.min.js
IP 104.21.36.62:0
File type ASCII text, with very long lines (523)
Hash 6dd6b1373a682e8320ca49e433c141f0
02b6aeb50819396ffb3d1932be591d65d9ba12fa
4cd5cdfa2b44da1de55c10d4796eccf8cbef2f77c538d942c8b893fb536d60fd
Analyzer Verdict Alert quad9 Sinkholed
GET /js/jquery-1.11.2.min.js HTTP/1.1
Host: root-naturesproduce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://root-naturesproduce.com/25serdt1?from_sms=1
Cookie: XSRF-TOKEN=eyJpdiI6Ikk5U3JIQjhnOTZnU1AvU05NV0lDbWc9PSIsInZhbHVlIjoia015djhrekorWUxueks1L2xoSjRMWkNHdnFPSjhRRVNDUVA1cEwySFNWRHcwUDdWM2dsZDRiaTB6V3ZsWHQ2cC9HRGp2Nk1jcWpqQkpKQTJwQkVWcmI1TzJDWTROTVNlWTN5VU9WOG5KMFhIZUxmc3N1b1VuMWs5SmY0S3lnSWkiLCJtYWMiOiIyZTFkNTNmMTdiY2IwZjA4YWNhMDc2MTdhODFkYWRmMWM1NGE3Y2YzZjg4MDlkNTRlNDUxZWE2OTk5OTNjZGRlIiwidGFnIjoiIn0%3D; public_session=eyJpdiI6InRSNitXTTROTW04UG9lN2d5bW1sekE9PSIsInZhbHVlIjoiRnp6RmNYK29vNXd2N3NzcEN4UkMrakIxK2oxS2x2WDlHNDNRczh3dSsrVWEyRGQ4d2dVQ1o0blNNb2ozak80ampGWEdHcDF2RXRiN3QwNkIvZmphVndsVVEzdXFGRkRML05ZcGw1ZjgvclJudlR2TnlhN2NONFFXK243UUlDZ2MiLCJtYWMiOiJjMTQzNTVmMzk0YzRhZmRiNjExZTllMTNjM2UzZGY1ODA4MjNkMmM4NTA2YTFlMTBmMDY1MDg3ZGY4ZjI4YTI0IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:47:01 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 16:11:10 GMT
ETag: W/"63cd601e-26489"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzreqI8aKROo1sh1jK7IhBTFjkJybzj3BSfDLEjGu818hVCk%2BiYMxouuBwYfos%2FBnc%2BR1ikVYDo4N7ODJm9B%2F1FnWp9bwvj8Whr%2FJ7jF6rdCh%2BMLs7TacJozdnnFefdNMPyOhuck%2B9hPzw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78da74abde2eb521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
root-naturesproduce.com/js/app.js?id=526268af55d5b09ea7e8
104.21.36.62200 OK 110 kB URL HTTP/1.1 root-naturesproduce.com/js/app.js?id=526268af55d5b09ea7e8
IP 104.21.36.62:0
File type ASCII text, with very long lines (65475)
Size 110 kB (109687 bytes)
Hash 82cc49338ff648797572901eed211862
70ffeea9cf355ef0016293b125ef639765a96256
728b466cafb2f698f1502ac77d103c05c0718b0207bcd38d1f765c522788d604
Analyzer Verdict Alert quad9 Sinkholed
GET /js/app.js?id=526268af55d5b09ea7e8 HTTP/1.1
Host: root-naturesproduce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://root-naturesproduce.com/25serdt1?from_sms=1
Cookie: XSRF-TOKEN=eyJpdiI6Ikk5U3JIQjhnOTZnU1AvU05NV0lDbWc9PSIsInZhbHVlIjoia015djhrekorWUxueks1L2xoSjRMWkNHdnFPSjhRRVNDUVA1cEwySFNWRHcwUDdWM2dsZDRiaTB6V3ZsWHQ2cC9HRGp2Nk1jcWpqQkpKQTJwQkVWcmI1TzJDWTROTVNlWTN5VU9WOG5KMFhIZUxmc3N1b1VuMWs5SmY0S3lnSWkiLCJtYWMiOiIyZTFkNTNmMTdiY2IwZjA4YWNhMDc2MTdhODFkYWRmMWM1NGE3Y2YzZjg4MDlkNTRlNDUxZWE2OTk5OTNjZGRlIiwidGFnIjoiIn0%3D; public_session=eyJpdiI6InRSNitXTTROTW04UG9lN2d5bW1sekE9PSIsInZhbHVlIjoiRnp6RmNYK29vNXd2N3NzcEN4UkMrakIxK2oxS2x2WDlHNDNRczh3dSsrVWEyRGQ4d2dVQ1o0blNNb2ozak80ampGWEdHcDF2RXRiN3QwNkIvZmphVndsVVEzdXFGRkRML05ZcGw1ZjgvclJudlR2TnlhN2NONFFXK243UUlDZ2MiLCJtYWMiOiJjMTQzNTVmMzk0YzRhZmRiNjExZTllMTNjM2UzZGY1ODA4MjNkMmM4NTA2YTFlMTBmMDY1MDg3ZGY4ZjI4YTI0IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:47:01 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2022 19:05:18 GMT
ETag: W/"63ab41ee-59807"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fgSVDn%2BbqKRqTd%2FNsgx5o1pEqcVVbi9zax8%2FpqGUS8ve89Ll9UuzW5eMUN%2FOWgEqwzaqao%2BnsAr8BUTT2FOYDlDlx1pZIRnWR6ZfyLiRxSh9RN%2FQjb9MeiCtcEz7E9rK9HVgIYUkHdI%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78da74abefd30afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
lokalnie-prod-assets.storage.googleapis.com/ui/versions/cc32e06b/assets/home-537a20c19f796bef53d0c9223acf4369.css?vsn=d
142.250.74.112200 OK 10 kB URL HTTP/2 lokalnie-prod-assets.storage.googleapis.com/ui/versions/cc32e06b/assets/home-537a20c19f796bef53d0c9223acf4369.css?vsn=d
IP 142.250.74.112:0
File type Unicode text, UTF-8 text, with very long lines (60578), with no line terminators
Hash 24f3c44296c2d4e18fcc5aed41fa6bb0
55f2480c1cdb0db5845705ae9f04878062a3e57c
b530e156f5c1ff0d0325b293631455e2cf7fb5e2b28f2955317a5a4a691f9fdf
GET /ui/versions/cc32e06b/assets/home-537a20c19f796bef53d0c9223acf4369.css?vsn=d HTTP/1.1
Host: lokalnie-prod-assets.storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://root-naturesproduce.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvx58gS_67ZZAouUOx_Gsxi5o6Tq3ncfH5X8t9qw_POUVGB-fpXJ89S9XZ9u0ZgCdbTfDKqe-sCWzzrvqwESjZYWeQmkOcv
date: Sun, 22 Jan 2023 18:47:01 GMT
cache-control: public, max-age=31536000,no-transform
expires: Mon, 22 Jan 2024 18:47:01 GMT
last-modified: Wed, 13 Apr 2022 12:41:31 GMT
etag: "24f3c44296c2d4e18fcc5aed41fa6bb0"
x-goog-generation: 1649853691180347
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 10432
content-type: text/css
content-encoding: gzip
x-goog-hash: crc32c=G9ObRw==, md5=JPPEQpbC1OGPzFrtQfprsA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 10432
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lokalnie-prod-assets.storage.googleapis.com/ui/versions/cc32e06b/assets/app-e72fc17c10a2ce1fabdc7d9d7da09b21.css?vsn=d
142.250.74.112200 OK 24 kB URL HTTP/2 lokalnie-prod-assets.storage.googleapis.com/ui/versions/cc32e06b/assets/app-e72fc17c10a2ce1fabdc7d9d7da09b21.css?vsn=d
IP 142.250.74.112:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash bf4cf82955addc133f0e949006605744
ebcced8251ffa407572938edfd5998c49f3ddce7
703d9668503a593a460cb280a680dfb84b8b0a350ed5c3fd47a3e930c8dc6159
GET /ui/versions/cc32e06b/assets/app-e72fc17c10a2ce1fabdc7d9d7da09b21.css?vsn=d HTTP/1.1
Host: lokalnie-prod-assets.storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://root-naturesproduce.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdt8a5ZD377T7eENWuAlkJuegKIW59IFNre71nqaqhlCxZb8JKB7zcyDv8W73XfMgLZoGzvIH4Pd5L8VM9jOlQ53YQ
date: Sun, 22 Jan 2023 18:47:01 GMT
cache-control: public, max-age=31536000,no-transform
expires: Mon, 22 Jan 2024 18:47:01 GMT
last-modified: Wed, 13 Apr 2022 12:41:34 GMT
etag: "bf4cf82955addc133f0e949006605744"
x-goog-generation: 1649853694303075
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 23620
content-type: text/css
content-encoding: gzip
x-goog-hash: crc32c=6yi3pA==, md5=v0z4KVWt3BM/DpSQBmBXRA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 23620
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7e3dfdf832e5fb2135c3d36e1c86a0c9
ed3854d36bb262a1733da44e9104e141c4957701
7506af80d0a96fbbb7d78c1f83cbcfd2355ee53246bcf6fd004212e6aded9515
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:47:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
root-naturesproduce.com/delivery-services/allegro/lokalnie-logo.svg
104.21.36.62200 OK 3.9 kB URL HTTP/1.1 root-naturesproduce.com/delivery-services/allegro/lokalnie-logo.svg
IP 104.21.36.62:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3772)
Hash f8854f961a1304ea8011380d5048a4a1
945685890abf8c8c1710d1f2541341aa4a91c0b0
229c76d5c56ef38dab8ddfa110c127f6cd7339cd7113c0037339d70ca8a47a76
Analyzer Verdict Alert quad9 Sinkholed
GET /delivery-services/allegro/lokalnie-logo.svg HTTP/1.1
Host: root-naturesproduce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://root-naturesproduce.com/25serdt1?from_sms=1
Cookie: XSRF-TOKEN=eyJpdiI6Ikk5U3JIQjhnOTZnU1AvU05NV0lDbWc9PSIsInZhbHVlIjoia015djhrekorWUxueks1L2xoSjRMWkNHdnFPSjhRRVNDUVA1cEwySFNWRHcwUDdWM2dsZDRiaTB6V3ZsWHQ2cC9HRGp2Nk1jcWpqQkpKQTJwQkVWcmI1TzJDWTROTVNlWTN5VU9WOG5KMFhIZUxmc3N1b1VuMWs5SmY0S3lnSWkiLCJtYWMiOiIyZTFkNTNmMTdiY2IwZjA4YWNhMDc2MTdhODFkYWRmMWM1NGE3Y2YzZjg4MDlkNTRlNDUxZWE2OTk5OTNjZGRlIiwidGFnIjoiIn0%3D; public_session=eyJpdiI6InRSNitXTTROTW04UG9lN2d5bW1sekE9PSIsInZhbHVlIjoiRnp6RmNYK29vNXd2N3NzcEN4UkMrakIxK2oxS2x2WDlHNDNRczh3dSsrVWEyRGQ4d2dVQ1o0blNNb2ozak80ampGWEdHcDF2RXRiN3QwNkIvZmphVndsVVEzdXFGRkRML05ZcGw1ZjgvclJudlR2TnlhN2NONFFXK243UUlDZ2MiLCJtYWMiOiJjMTQzNTVmMzk0YzRhZmRiNjExZTllMTNjM2UzZGY1ODA4MjNkMmM4NTA2YTFlMTBmMDY1MDg3ZGY4ZjI4YTI0IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:47:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 16:11:10 GMT
ETag: W/"63cd601e-268e"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiEV3wlHkOZ7ZJXxLBsneLHqV5FGlDDxNtzcJ7zxVdm88cHuTNm05EcsoKCs9n3TjHK0UIZ86r3Rz7TTVUFkAoQ4urglo0HzixQMt0YfvgA%2FKT7BtSSewHf04fXzVykp2Xj0QVsteVsloQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78da74ad8872b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
root-naturesproduce.com/delivery-services/allegro/app-banner-tablet.jpg
104.21.36.62200 OK 130 kB URL HTTP/1.1 root-naturesproduce.com/delivery-services/allegro/app-banner-tablet.jpg
IP 104.21.36.62:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 752x218, components 3\012- data
Size 130 kB (129930 bytes)
Hash 2ff3f10a0056f16885f29ec04b19d362
4f373c4d963549ac9eedb9cd9dc86fe0bdca42d2
764663fb2d4d4ac96d606cc6450279d3fb3f22e7e8699af3a21e85eeef78ed3b
Analyzer Verdict Alert quad9 Sinkholed
GET /delivery-services/allegro/app-banner-tablet.jpg HTTP/1.1
Host: root-naturesproduce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://root-naturesproduce.com/25serdt1?from_sms=1
Cookie: XSRF-TOKEN=eyJpdiI6Ikk5U3JIQjhnOTZnU1AvU05NV0lDbWc9PSIsInZhbHVlIjoia015djhrekorWUxueks1L2xoSjRMWkNHdnFPSjhRRVNDUVA1cEwySFNWRHcwUDdWM2dsZDRiaTB6V3ZsWHQ2cC9HRGp2Nk1jcWpqQkpKQTJwQkVWcmI1TzJDWTROTVNlWTN5VU9WOG5KMFhIZUxmc3N1b1VuMWs5SmY0S3lnSWkiLCJtYWMiOiIyZTFkNTNmMTdiY2IwZjA4YWNhMDc2MTdhODFkYWRmMWM1NGE3Y2YzZjg4MDlkNTRlNDUxZWE2OTk5OTNjZGRlIiwidGFnIjoiIn0%3D; public_session=eyJpdiI6InRSNitXTTROTW04UG9lN2d5bW1sekE9PSIsInZhbHVlIjoiRnp6RmNYK29vNXd2N3NzcEN4UkMrakIxK2oxS2x2WDlHNDNRczh3dSsrVWEyRGQ4d2dVQ1o0blNNb2ozak80ampGWEdHcDF2RXRiN3QwNkIvZmphVndsVVEzdXFGRkRML05ZcGw1ZjgvclJudlR2TnlhN2NONFFXK243UUlDZ2MiLCJtYWMiOiJjMTQzNTVmMzk0YzRhZmRiNjExZTllMTNjM2UzZGY1ODA4MjNkMmM4NTA2YTFlMTBmMDY1MDg3ZGY4ZjI4YTI0IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:47:02 GMT
Content-Type: image/jpeg
Content-Length: 129930
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 16:11:10 GMT
ETag: "63cd601e-1fb8a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jV8xNiJ38T4znLLkY%2BvBYEeHqvspGBZLTXd7HsDiOn9U5j5uhWtXlMBgM2sl9%2FpMzSTLsxZRDZunhoCDAER2xY%2Be5%2BrecpZ%2FS99JEujNzk7sLsRoBm4X9OF3BCjHLetfUjWKhO238ABHqg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78da74ad89640afa-OSL
alt-svc: h2=":443"; ma=60
a.allegroimg.com/original/1e5312/423afbbb4004b9d469d9d182e8e3
185.31.25.74200 OK 381 kB URL HTTP/2 a.allegroimg.com/original/1e5312/423afbbb4004b9d469d9d182e8e3
IP 185.31.25.74:0
ASN #31621 Allegro.pl sp. z o.o.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1], baseline, precision 8, 1024x768, components 3\012- data
Size 381 kB (380624 bytes)
Hash 0e079139a01b862047e2323190406a4a
3d2d82c28796ff7d4a940feaeaf5e49492bda373
3545f719e87adf865d1adc8bcd86dfae9691ebc687f28b5c39b4d4df608719d7
GET /original/1e5312/423afbbb4004b9d469d9d182e8e3 HTTP/1.1
Host: a.allegroimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://root-naturesproduce.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 18:47:01 GMT
content-type: image/jpeg
content-length: 380624
access-control-allow-origin: *
etag: "0e079139a01b862047e2323190406a4a"
cache-control: public, max-age=31536000, immutable
x-content-type-options: nosniff
accept-ch: Width
accept-ch-lifetime: 86400
vary: Accept
timing-allow-origin: https://allegro.pl, http://allegro.pl
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
root-naturesproduce.com/delivery-services/allegro/checkbox.png
104.21.36.62404 Not Found 2.1 kB URL HTTP/1.1 root-naturesproduce.com/delivery-services/allegro/checkbox.png
IP 104.21.36.62:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 82a6d6db7fd4ab7b8a203eb45900ca4e
1131bcc943356f5071e79833493d0ad85504eebc
848052a6209f3eb4c310063477210673a6df96929c1b0e5ce91a0cd00440650f
Analyzer Verdict Alert quad9 Sinkholed
GET /delivery-services/allegro/checkbox.png HTTP/1.1
Host: root-naturesproduce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://root-naturesproduce.com/css/app.css?id=73cc550c649a562a8304
Cookie: XSRF-TOKEN=eyJpdiI6Ikk5U3JIQjhnOTZnU1AvU05NV0lDbWc9PSIsInZhbHVlIjoia015djhrekorWUxueks1L2xoSjRMWkNHdnFPSjhRRVNDUVA1cEwySFNWRHcwUDdWM2dsZDRiaTB6V3ZsWHQ2cC9HRGp2Nk1jcWpqQkpKQTJwQkVWcmI1TzJDWTROTVNlWTN5VU9WOG5KMFhIZUxmc3N1b1VuMWs5SmY0S3lnSWkiLCJtYWMiOiIyZTFkNTNmMTdiY2IwZjA4YWNhMDc2MTdhODFkYWRmMWM1NGE3Y2YzZjg4MDlkNTRlNDUxZWE2OTk5OTNjZGRlIiwidGFnIjoiIn0%3D; public_session=eyJpdiI6InRSNitXTTROTW04UG9lN2d5bW1sekE9PSIsInZhbHVlIjoiRnp6RmNYK29vNXd2N3NzcEN4UkMrakIxK2oxS2x2WDlHNDNRczh3dSsrVWEyRGQ4d2dVQ1o0blNNb2ozak80ampGWEdHcDF2RXRiN3QwNkIvZmphVndsVVEzdXFGRkRML05ZcGw1ZjgvclJudlR2TnlhN2NONFFXK243UUlDZ2MiLCJtYWMiOiJjMTQzNTVmMzk0YzRhZmRiNjExZTllMTNjM2UzZGY1ODA4MjNkMmM4NTA2YTFlMTBmMDY1MDg3ZGY4ZjI4YTI0IiwidGFnIjoiIn0%3D
HTTP/1.1 404 Not Found
Date: Sun, 22 Jan 2023 18:47:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDMRogNCD3uAZrqcJaIeV5lCpU8UEkeAEjZ9V%2B2keXAqNM560gVECuX9MtEmNdp2hc%2BWXDXtZebII6gOcqiytMMn1szofouSMcS0DrHIL1%2BqVXzDKBbPfTJ06hIgfAl9v0nKMhUGCvRm7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78da74adf930b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 22 Jan 2023 18:17:30 GMT
age: 1772
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
root-naturesproduce.com/socket.io/?EIO=3&transport=polling&t=ONQpYHU
104.21.36.62200 OK 126 B URL HTTP/1.1 root-naturesproduce.com/socket.io/?EIO=3&transport=polling&t=ONQpYHU
IP 104.21.36.62:0
File type ASCII text, with no line terminators
Hash 151dd4b1c30740d87d0daf98f489d3c2
19a8cb3a4d49c54af1d8e457e01531aae9f68487
4bb0522b74a04a60ed6a44ef8be58402c8ef0b401f7ba7d516f339db8a48c3dd
Analyzer Verdict Alert quad9 Sinkholed
GET /socket.io/?EIO=3&transport=polling&t=ONQpYHU HTTP/1.1
Host: root-naturesproduce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://root-naturesproduce.com/25serdt1?from_sms=1
Cookie: XSRF-TOKEN=eyJpdiI6Ikk5U3JIQjhnOTZnU1AvU05NV0lDbWc9PSIsInZhbHVlIjoia015djhrekorWUxueks1L2xoSjRMWkNHdnFPSjhRRVNDUVA1cEwySFNWRHcwUDdWM2dsZDRiaTB6V3ZsWHQ2cC9HRGp2Nk1jcWpqQkpKQTJwQkVWcmI1TzJDWTROTVNlWTN5VU9WOG5KMFhIZUxmc3N1b1VuMWs5SmY0S3lnSWkiLCJtYWMiOiIyZTFkNTNmMTdiY2IwZjA4YWNhMDc2MTdhODFkYWRmMWM1NGE3Y2YzZjg4MDlkNTRlNDUxZWE2OTk5OTNjZGRlIiwidGFnIjoiIn0%3D; public_session=eyJpdiI6InRSNitXTTROTW04UG9lN2d5bW1sekE9PSIsInZhbHVlIjoiRnp6RmNYK29vNXd2N3NzcEN4UkMrakIxK2oxS2x2WDlHNDNRczh3dSsrVWEyRGQ4d2dVQ1o0blNNb2ozak80ampGWEdHcDF2RXRiN3QwNkIvZmphVndsVVEzdXFGRkRML05ZcGw1ZjgvclJudlR2TnlhN2NONFFXK243UUlDZ2MiLCJtYWMiOiJjMTQzNTVmMzk0YzRhZmRiNjExZTllMTNjM2UzZGY1ODA4MjNkMmM4NTA2YTFlMTBmMDY1MDg3ZGY4ZjI4YTI0IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:47:02 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Set-Cookie: io=3Cz55fMJXhnhabMrBGOt; Path=/; HttpOnly; SameSite=Strict
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGLPJwuwubzvT3NClc7Y0RWTZqGqNf85ReVQYUG5V1KlY%2B3mFTfX2peojpKuPiDQHsHwcMR6j2apcEker28zsogcgjsK3hppAiPdkQ%2BAPiSqjnLLym1%2BL6FpclHC%2FP4ax%2B5QPgJt0wbOVw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da74ae8a420afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
root-naturesproduce.com/sounds/new-message.mp3
104.21.36.62200 OK 41 kB URL HTTP/1.1 root-naturesproduce.com/sounds/new-message.mp3
IP 104.21.36.62:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Stereo\012- data
Hash 56a0f6cf9b07ab543e31b6775d53cd42
9a7bd8503a458d172e8b103923ca24b48474d9b5
ef09af6f51079f7a264e1ae0be2ed290c8f7d839ef7547cfade2ca0f07743690
Analyzer Verdict Alert quad9 Sinkholed
GET /sounds/new-message.mp3 HTTP/1.1
Host: root-naturesproduce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://root-naturesproduce.com/25serdt1?from_sms=1
Cookie: XSRF-TOKEN=eyJpdiI6Ikk5U3JIQjhnOTZnU1AvU05NV0lDbWc9PSIsInZhbHVlIjoia015djhrekorWUxueks1L2xoSjRMWkNHdnFPSjhRRVNDUVA1cEwySFNWRHcwUDdWM2dsZDRiaTB6V3ZsWHQ2cC9HRGp2Nk1jcWpqQkpKQTJwQkVWcmI1TzJDWTROTVNlWTN5VU9WOG5KMFhIZUxmc3N1b1VuMWs5SmY0S3lnSWkiLCJtYWMiOiIyZTFkNTNmMTdiY2IwZjA4YWNhMDc2MTdhODFkYWRmMWM1NGE3Y2YzZjg4MDlkNTRlNDUxZWE2OTk5OTNjZGRlIiwidGFnIjoiIn0%3D; public_session=eyJpdiI6InRSNitXTTROTW04UG9lN2d5bW1sekE9PSIsInZhbHVlIjoiRnp6RmNYK29vNXd2N3NzcEN4UkMrakIxK2oxS2x2WDlHNDNRczh3dSsrVWEyRGQ4d2dVQ1o0blNNb2ozak80ampGWEdHcDF2RXRiN3QwNkIvZmphVndsVVEzdXFGRkRML05ZcGw1ZjgvclJudlR2TnlhN2NONFFXK243UUlDZ2MiLCJtYWMiOiJjMTQzNTVmMzk0YzRhZmRiNjExZTllMTNjM2UzZGY1ODA4MjNkMmM4NTA2YTFlMTBmMDY1MDg3ZGY4ZjI4YTI0IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:47:02 GMT
Content-Type: audio/mpeg
Content-Length: 41212
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 16:11:10 GMT
ETag: "63cd601e-a0fc"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AOD7ldvix%2F7C4Pik5ZrQAdEg3GNApWUnMsSvxSgbFn9lcK3xszVF7MU0ywJay78Hs%2FnsETcvsroDzI2IUN8LJhfSZ8wSYdSlzLRkjDrqjy8aVYjEzrhQBR5QQkBm0CGbjH1pobDRIeQHg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78da74ae8addb4eb-OSL
alt-svc: h2=":443"; ma=60
root-naturesproduce.com/chat/avatar.png
104.21.36.62200 OK 19 kB URL HTTP/1.1 root-naturesproduce.com/chat/avatar.png
IP 104.21.36.62:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 12eb6708b698521be5518b01044b951f
9a4acd6a64c6b33e882322d4c8866d8e042e1271
ab8179aceba15189f15e43cfa01b58b4eeac1024bc64beb26303ae3f40786047
Analyzer Verdict Alert quad9 Sinkholed
GET /chat/avatar.png HTTP/1.1
Host: root-naturesproduce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://root-naturesproduce.com/25serdt1?from_sms=1
Cookie: XSRF-TOKEN=eyJpdiI6Ikk5U3JIQjhnOTZnU1AvU05NV0lDbWc9PSIsInZhbHVlIjoia015djhrekorWUxueks1L2xoSjRMWkNHdnFPSjhRRVNDUVA1cEwySFNWRHcwUDdWM2dsZDRiaTB6V3ZsWHQ2cC9HRGp2Nk1jcWpqQkpKQTJwQkVWcmI1TzJDWTROTVNlWTN5VU9WOG5KMFhIZUxmc3N1b1VuMWs5SmY0S3lnSWkiLCJtYWMiOiIyZTFkNTNmMTdiY2IwZjA4YWNhMDc2MTdhODFkYWRmMWM1NGE3Y2YzZjg4MDlkNTRlNDUxZWE2OTk5OTNjZGRlIiwidGFnIjoiIn0%3D; public_session=eyJpdiI6InRSNitXTTROTW04UG9lN2d5bW1sekE9PSIsInZhbHVlIjoiRnp6RmNYK29vNXd2N3NzcEN4UkMrakIxK2oxS2x2WDlHNDNRczh3dSsrVWEyRGQ4d2dVQ1o0blNNb2ozak80ampGWEdHcDF2RXRiN3QwNkIvZmphVndsVVEzdXFGRkRML05ZcGw1ZjgvclJudlR2TnlhN2NONFFXK243UUlDZ2MiLCJtYWMiOiJjMTQzNTVmMzk0YzRhZmRiNjExZTllMTNjM2UzZGY1ODA4MjNkMmM4NTA2YTFlMTBmMDY1MDg3ZGY4ZjI4YTI0IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:47:02 GMT
Content-Type: image/png
Content-Length: 18790
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 16:11:10 GMT
ETag: "63cd601e-4966"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mx%2Bq00LAT%2FChTbH7nFoy95tpweONvE20RzNRvM9TuKHqOqR5lsrEr%2FF4eyp4RAGonYDklQQnC9auwSk45KG0Ku9QQJNCJy7LOdAhu1HCMrdzyetHyis1ZzgINRxQiKqkpq15rXLlYWLsIw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78da74ae99db0b06-OSL
alt-svc: h2=":443"; ma=60
root-naturesproduce.com/chat/attach-file.png
104.21.36.62200 OK 919 B URL HTTP/1.1 root-naturesproduce.com/chat/attach-file.png
IP 104.21.36.62:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 189dab32055e0337ba3801ee128d757a
1847dace4ce84972b4435c31c1f0e1eb972e152b
ba6627d326721385e6a64d7b56cb98061f32f9667d3a6f1524d2e5ca73c2de97
Analyzer Verdict Alert quad9 Sinkholed
GET /chat/attach-file.png HTTP/1.1
Host: root-naturesproduce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://root-naturesproduce.com/25serdt1?from_sms=1
Cookie: XSRF-TOKEN=eyJpdiI6Ikk5U3JIQjhnOTZnU1AvU05NV0lDbWc9PSIsInZhbHVlIjoia015djhrekorWUxueks1L2xoSjRMWkNHdnFPSjhRRVNDUVA1cEwySFNWRHcwUDdWM2dsZDRiaTB6V3ZsWHQ2cC9HRGp2Nk1jcWpqQkpKQTJwQkVWcmI1TzJDWTROTVNlWTN5VU9WOG5KMFhIZUxmc3N1b1VuMWs5SmY0S3lnSWkiLCJtYWMiOiIyZTFkNTNmMTdiY2IwZjA4YWNhMDc2MTdhODFkYWRmMWM1NGE3Y2YzZjg4MDlkNTRlNDUxZWE2OTk5OTNjZGRlIiwidGFnIjoiIn0%3D; public_session=eyJpdiI6InRSNitXTTROTW04UG9lN2d5bW1sekE9PSIsInZhbHVlIjoiRnp6RmNYK29vNXd2N3NzcEN4UkMrakIxK2oxS2x2WDlHNDNRczh3dSsrVWEyRGQ4d2dVQ1o0blNNb2ozak80ampGWEdHcDF2RXRiN3QwNkIvZmphVndsVVEzdXFGRkRML05ZcGw1ZjgvclJudlR2TnlhN2NONFFXK243UUlDZ2MiLCJtYWMiOiJjMTQzNTVmMzk0YzRhZmRiNjExZTllMTNjM2UzZGY1ODA4MjNkMmM4NTA2YTFlMTBmMDY1MDg3ZGY4ZjI4YTI0IiwidGFnIjoiIn0%3D; io=3Cz55fMJXhnhabMrBGOt
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:47:02 GMT
Content-Type: image/png
Content-Length: 919
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 16:11:10 GMT
ETag: "63cd601e-397"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4oio2vzT15BWJjnQEnHexfS4NtPAe8ce8Pe1RypJzF6BaTOP72T0SMtstxXMOxPmL60tW5b%2FjnYvmW3RsFjwnt2hX0IObsBlh51Xd17obaLFz%2BDA1VZXJ6lccjDiD%2FigwhhWIwm0DhtoA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78da74af1affb521-OSL
alt-svc: h2=":443"; ma=60
root-naturesproduce.com/chats/client/messages?advert_id=980537&bank_id=&location=Allegro+Lokalnie+-+Wystaw+og%C5%82oszenia+za+darmo+i+kupuj+od+os%C3%B3b+z+Twojej+okolicy
104.21.36.62200 OK 88 B URL HTTP/1.1 root-naturesproduce.com/chats/client/messages?advert_id=980537&bank_id=&location=Allegro+Lokalnie+-+Wystaw+og%C5%82oszenia+za+darmo+i+kupuj+od+os%C3%B3b+z+Twojej+okolicy
IP 104.21.36.62:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8fe5239aef41b9d2de861f1b5f503f63
9e29a40a4cff471a26f6c92d4de21a7fa5e52e08
19fad298b238cba5feda4abd800f64561833fbd0d804386ed5fc0fcaf0b5f21a
Analyzer Verdict Alert quad9 Sinkholed
GET /chats/client/messages?advert_id=980537&bank_id=&location=Allegro+Lokalnie+-+Wystaw+og%C5%82oszenia+za+darmo+i+kupuj+od+os%C3%B3b+z+Twojej+okolicy HTTP/1.1
Host: root-naturesproduce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-XSRF-TOKEN: eyJpdiI6Ikk5U3JIQjhnOTZnU1AvU05NV0lDbWc9PSIsInZhbHVlIjoia015djhrekorWUxueks1L2xoSjRMWkNHdnFPSjhRRVNDUVA1cEwySFNWRHcwUDdWM2dsZDRiaTB6V3ZsWHQ2cC9HRGp2Nk1jcWpqQkpKQTJwQkVWcmI1TzJDWTROTVNlWTN5VU9WOG5KMFhIZUxmc3N1b1VuMWs5SmY0S3lnSWkiLCJtYWMiOiIyZTFkNTNmMTdiY2IwZjA4YWNhMDc2MTdhODFkYWRmMWM1NGE3Y2YzZjg4MDlkNTRlNDUxZWE2OTk5OTNjZGRlIiwidGFnIjoiIn0=
Connection: keep-alive
Referer: http://root-naturesproduce.com/25serdt1?from_sms=1
Cookie: XSRF-TOKEN=eyJpdiI6Ikk5U3JIQjhnOTZnU1AvU05NV0lDbWc9PSIsInZhbHVlIjoia015djhrekorWUxueks1L2xoSjRMWkNHdnFPSjhRRVNDUVA1cEwySFNWRHcwUDdWM2dsZDRiaTB6V3ZsWHQ2cC9HRGp2Nk1jcWpqQkpKQTJwQkVWcmI1TzJDWTROTVNlWTN5VU9WOG5KMFhIZUxmc3N1b1VuMWs5SmY0S3lnSWkiLCJtYWMiOiIyZTFkNTNmMTdiY2IwZjA4YWNhMDc2MTdhODFkYWRmMWM1NGE3Y2YzZjg4MDlkNTRlNDUxZWE2OTk5OTNjZGRlIiwidGFnIjoiIn0%3D; public_session=eyJpdiI6InRSNitXTTROTW04UG9lN2d5bW1sekE9PSIsInZhbHVlIjoiRnp6RmNYK29vNXd2N3NzcEN4UkMrakIxK2oxS2x2WDlHNDNRczh3dSsrVWEyRGQ4d2dVQ1o0blNNb2ozak80ampGWEdHcDF2RXRiN3QwNkIvZmphVndsVVEzdXFGRkRML05ZcGw1ZjgvclJudlR2TnlhN2NONFFXK243UUlDZ2MiLCJtYWMiOiJjMTQzNTVmMzk0YzRhZmRiNjExZTllMTNjM2UzZGY1ODA4MjNkMmM4NTA2YTFlMTBmMDY1MDg3ZGY4ZjI4YTI0IiwidGFnIjoiIn0%3D; io=3Cz55fMJXhnhabMrBGOt
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:47:02 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6ImdPWUVrQVR4NHQyTCtTOFVuOS9DQmc9PSIsInZhbHVlIjoiYmRIbzhkY2NyTXIvdk9ZZHBhTnRCb1dRbzNVL0c5eGQ4WTZwMXhRZDd1UkQ0M3d1RFVOUG1wMlpvM0doSERFWk1JMWJidjRrNTFKK05WZkxaMElIZVF3WEl0WjgyQlB2bUV3bEdlVmwxc0NMOGF1R0hCenV6TUxyNm9ZK1I1SWoiLCJtYWMiOiI0ZmNmMDE3NzIyYWQxNzM2YTkyYTY0ZWE2NjBhNDMwNDI3NDU0MzZlMTNlYjMzOWNmZjBiNDU3NGYyMDQzNTM2IiwidGFnIjoiIn0%3D; expires=Sun, 22-Jan-2023 20:47:02 GMT; Max-Age=7200; path=/; samesite=lax
public_session=eyJpdiI6InRSQndON3FCa2loOFVESlRNNUVyYUE9PSIsInZhbHVlIjoiSm9LZjMrb0o0Mk92dVREbDNxTUFLRURqQnBtbU5SbEk4ckFtMlRTdnIrNWFaL2NOWHFLc1VJMi9mM01OR3diUDVtMnRWSnZJS1NNSXdQWVBkY2E2empWYlZWU3BWRUxrSzRXcm1hU1NubWxpeXVSSU42TWpVdzdMVlo2STd6REkiLCJtYWMiOiIxZDQ4N2MyNzEyMjJhODdhZTFkYjNkNjY5YjI5ZTY0OTI1MzJjNmRiNThkZDNjMWI2YjBiZWExYjNiODljZGQ0IiwidGFnIjoiIn0%3D; expires=Sun, 22-Jan-2023 20:47:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=la3Fn7RDw0THStf9GdVhIReiQfdsZWeEtl7occV9Pk%2B%2FO9iG79jZ9kVmV5SSJe5TcCXfdig2%2B7mCOY2EMJN3EkJvbPC5EV6xQUvmOjmrw1kCOLJr9p8k3db11ztcwAp9eqZkByUGGl0Fwg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da74af1aaa0afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
root-naturesproduce.com/socket.io/?EIO=3&transport=polling&t=ONQpYK7&sid=3Cz55fMJXhnhabMrBGOt
104.21.36.62200 OK 28 B URL HTTP/1.1 root-naturesproduce.com/socket.io/?EIO=3&transport=polling&t=ONQpYK7&sid=3Cz55fMJXhnhabMrBGOt
IP 104.21.36.62:0
File type ASCII text, with no line terminators
Hash 86de097d54457ad4fbf85150ea2dc2fb
194863f4b15ecf7eb4f38bf7ed46b688289be8a4
6301b31e8f84ba8a7465199ebf1c2341253198f21763ad7e7cf6fdebe3d832ec
Analyzer Verdict Alert quad9 Sinkholed
POST /socket.io/?EIO=3&transport=polling&t=ONQpYK7&sid=3Cz55fMJXhnhabMrBGOt HTTP/1.1
Host: root-naturesproduce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: text/plain;charset=UTF-8
Content-Length: 67
Origin: http://root-naturesproduce.com
Connection: keep-alive
Referer: http://root-naturesproduce.com/25serdt1?from_sms=1
Cookie: XSRF-TOKEN=eyJpdiI6Ikk5U3JIQjhnOTZnU1AvU05NV0lDbWc9PSIsInZhbHVlIjoia015djhrekorWUxueks1L2xoSjRMWkNHdnFPSjhRRVNDUVA1cEwySFNWRHcwUDdWM2dsZDRiaTB6V3ZsWHQ2cC9HRGp2Nk1jcWpqQkpKQTJwQkVWcmI1TzJDWTROTVNlWTN5VU9WOG5KMFhIZUxmc3N1b1VuMWs5SmY0S3lnSWkiLCJtYWMiOiIyZTFkNTNmMTdiY2IwZjA4YWNhMDc2MTdhODFkYWRmMWM1NGE3Y2YzZjg4MDlkNTRlNDUxZWE2OTk5OTNjZGRlIiwidGFnIjoiIn0%3D; public_session=eyJpdiI6InRSNitXTTROTW04UG9lN2d5bW1sekE9PSIsInZhbHVlIjoiRnp6RmNYK29vNXd2N3NzcEN4UkMrakIxK2oxS2x2WDlHNDNRczh3dSsrVWEyRGQ4d2dVQ1o0blNNb2ozak80ampGWEdHcDF2RXRiN3QwNkIvZmphVndsVVEzdXFGRkRML05ZcGw1ZjgvclJudlR2TnlhN2NONFFXK243UUlDZ2MiLCJtYWMiOiJjMTQzNTVmMzk0YzRhZmRiNjExZTllMTNjM2UzZGY1ODA4MjNkMmM4NTA2YTFlMTBmMDY1MDg3ZGY4ZjI4YTI0IiwidGFnIjoiIn0%3D; io=3Cz55fMJXhnhabMrBGOt
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:47:02 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://root-naturesproduce.com
Set-Cookie: io=3Cz55fMJXhnhabMrBGOt; Path=/; HttpOnly; SameSite=Strict
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Lr8mo2hEpAWd8ObBnTLSYIBs4uNEG%2FwM1yrEb8q5pIa1XLr5VtZFBIxtGefbjVeJ1V8nd0v14IQWd%2FNJSdCRyLRmb5%2BDSVDkxLnmgldC5acr11eeQvzDAri4nUz15ADR50Z2lAR0rOXDA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da74afbc43b4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
root-naturesproduce.com/socket.io/?EIO=3&transport=websocket&sid=3Cz55fMJXhnhabMrBGOt
104.21.36.62101 Switching Protocols 0 B URL HTTP/1.1 root-naturesproduce.com/socket.io/?EIO=3&transport=websocket&sid=3Cz55fMJXhnhabMrBGOt
IP 104.21.36.62:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /socket.io/?EIO=3&transport=websocket&sid=3Cz55fMJXhnhabMrBGOt HTTP/1.1
Host: root-naturesproduce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Sec-WebSocket-Version: 13
Origin: http://root-naturesproduce.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gi2ueI/JCxICw9unKaqEtg==
Connection: keep-alive, Upgrade
Cookie: XSRF-TOKEN=eyJpdiI6Ikk5U3JIQjhnOTZnU1AvU05NV0lDbWc9PSIsInZhbHVlIjoia015djhrekorWUxueks1L2xoSjRMWkNHdnFPSjhRRVNDUVA1cEwySFNWRHcwUDdWM2dsZDRiaTB6V3ZsWHQ2cC9HRGp2Nk1jcWpqQkpKQTJwQkVWcmI1TzJDWTROTVNlWTN5VU9WOG5KMFhIZUxmc3N1b1VuMWs5SmY0S3lnSWkiLCJtYWMiOiIyZTFkNTNmMTdiY2IwZjA4YWNhMDc2MTdhODFkYWRmMWM1NGE3Y2YzZjg4MDlkNTRlNDUxZWE2OTk5OTNjZGRlIiwidGFnIjoiIn0%3D; public_session=eyJpdiI6InRSNitXTTROTW04UG9lN2d5bW1sekE9PSIsInZhbHVlIjoiRnp6RmNYK29vNXd2N3NzcEN4UkMrakIxK2oxS2x2WDlHNDNRczh3dSsrVWEyRGQ4d2dVQ1o0blNNb2ozak80ampGWEdHcDF2RXRiN3QwNkIvZmphVndsVVEzdXFGRkRML05ZcGw1ZjgvclJudlR2TnlhN2NONFFXK243UUlDZ2MiLCJtYWMiOiJjMTQzNTVmMzk0YzRhZmRiNjExZTllMTNjM2UzZGY1ODA4MjNkMmM4NTA2YTFlMTBmMDY1MDg3ZGY4ZjI4YTI0IiwidGFnIjoiIn0%3D; io=3Cz55fMJXhnhabMrBGOt
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sun, 22 Jan 2023 18:47:02 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: b7ACrQ3Wa+r8L3cUUUPukFB18EQ=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7o%2BEL%2Fqgo7IRGQ9%2FfLmkRSDZes2%2F1tWeJeYchSc6TJTcptHE7G1OE%2FUy774f39YTh4fl6pNlX68jMxVMWvXH9HTLXXSDV%2FXrkefuuW1ZwSQAX4o8oMJpaL%2BdC%2FEjp1NjtKPxoPpwyMJvnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da74afbd8e0b31-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4333
Cache-Control: max-age=142318
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:47:02 GMT
Etag: "63ccfca7-1d7"
Expires: Tue, 24 Jan 2023 10:19:00 GMT
Last-Modified: Sun, 22 Jan 2023 09:06:47 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
root-naturesproduce.com/socket.io/?EIO=3&transport=polling&t=ONQpYK8&sid=3Cz55fMJXhnhabMrBGOt
104.21.36.62200 OK 3 B URL HTTP/1.1 root-naturesproduce.com/socket.io/?EIO=3&transport=polling&t=ONQpYK8&sid=3Cz55fMJXhnhabMrBGOt
IP 104.21.36.62:0
File type ASCII text, with no line terminators
Hash 9b9065b3ba2c3c87f1e30fdf998d791e
cc471c1ac39e9f79d65111b47de18d7bf187f1ed
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
Analyzer Verdict Alert quad9 Sinkholed
GET /socket.io/?EIO=3&transport=polling&t=ONQpYK8&sid=3Cz55fMJXhnhabMrBGOt HTTP/1.1
Host: root-naturesproduce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://root-naturesproduce.com/25serdt1?from_sms=1
Cookie: XSRF-TOKEN=eyJpdiI6Ikk5U3JIQjhnOTZnU1AvU05NV0lDbWc9PSIsInZhbHVlIjoia015djhrekorWUxueks1L2xoSjRMWkNHdnFPSjhRRVNDUVA1cEwySFNWRHcwUDdWM2dsZDRiaTB6V3ZsWHQ2cC9HRGp2Nk1jcWpqQkpKQTJwQkVWcmI1TzJDWTROTVNlWTN5VU9WOG5KMFhIZUxmc3N1b1VuMWs5SmY0S3lnSWkiLCJtYWMiOiIyZTFkNTNmMTdiY2IwZjA4YWNhMDc2MTdhODFkYWRmMWM1NGE3Y2YzZjg4MDlkNTRlNDUxZWE2OTk5OTNjZGRlIiwidGFnIjoiIn0%3D; public_session=eyJpdiI6InRSNitXTTROTW04UG9lN2d5bW1sekE9PSIsInZhbHVlIjoiRnp6RmNYK29vNXd2N3NzcEN4UkMrakIxK2oxS2x2WDlHNDNRczh3dSsrVWEyRGQ4d2dVQ1o0blNNb2ozak80ampGWEdHcDF2RXRiN3QwNkIvZmphVndsVVEzdXFGRkRML05ZcGw1ZjgvclJudlR2TnlhN2NONFFXK243UUlDZ2MiLCJtYWMiOiJjMTQzNTVmMzk0YzRhZmRiNjExZTllMTNjM2UzZGY1ODA4MjNkMmM4NTA2YTFlMTBmMDY1MDg3ZGY4ZjI4YTI0IiwidGFnIjoiIn0%3D; io=3Cz55fMJXhnhabMrBGOt
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:47:02 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 3
Connection: keep-alive
Access-Control-Allow-Origin: *
Set-Cookie: io=3Cz55fMJXhnhabMrBGOt; Path=/; HttpOnly; SameSite=Strict
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9l1W2jaLLRE%2F%2BhXhVZuIOcoupyKfEXt60BMALDj3La3oxzSL09RxPKptxE0I11lO5ZMiz%2BdFmSribMMUn4ZuhrnsF%2B2Qgt%2FH7qUWpg4kcyG1NWk3fsnksMlEjTx3hQietovTkbwoupP2Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78da74afbbe9b521-OSL
alt-svc: h2=":443"; ma=60
root-naturesproduce.com/delivery-services/allegro/favicon-android-chrome-192x192-1202c51ba7dbf5e1e6a2b61c5cbdae04.png?vsn=d
104.21.36.62200 OK 10 kB URL HTTP/1.1 root-naturesproduce.com/delivery-services/allegro/favicon-android-chrome-192x192-1202c51ba7dbf5e1e6a2b61c5cbdae04.png?vsn=d
IP 104.21.36.62:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 1202c51ba7dbf5e1e6a2b61c5cbdae04
c69245a92d9f80e561d815a0ef05c85092c78dbe
8ddab0ec9f6bc1a24d7fa60ec4aae72ff2239eaddf32c7c0d0be00fb595d9072
Analyzer Verdict Alert quad9 Sinkholed
GET /delivery-services/allegro/favicon-android-chrome-192x192-1202c51ba7dbf5e1e6a2b61c5cbdae04.png?vsn=d HTTP/1.1
Host: root-naturesproduce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://root-naturesproduce.com/25serdt1?from_sms=1
Cookie: XSRF-TOKEN=eyJpdiI6ImdPWUVrQVR4NHQyTCtTOFVuOS9DQmc9PSIsInZhbHVlIjoiYmRIbzhkY2NyTXIvdk9ZZHBhTnRCb1dRbzNVL0c5eGQ4WTZwMXhRZDd1UkQ0M3d1RFVOUG1wMlpvM0doSERFWk1JMWJidjRrNTFKK05WZkxaMElIZVF3WEl0WjgyQlB2bUV3bEdlVmwxc0NMOGF1R0hCenV6TUxyNm9ZK1I1SWoiLCJtYWMiOiI0ZmNmMDE3NzIyYWQxNzM2YTkyYTY0ZWE2NjBhNDMwNDI3NDU0MzZlMTNlYjMzOWNmZjBiNDU3NGYyMDQzNTM2IiwidGFnIjoiIn0%3D; public_session=eyJpdiI6InRSQndON3FCa2loOFVESlRNNUVyYUE9PSIsInZhbHVlIjoiSm9LZjMrb0o0Mk92dVREbDNxTUFLRURqQnBtbU5SbEk4ckFtMlRTdnIrNWFaL2NOWHFLc1VJMi9mM01OR3diUDVtMnRWSnZJS1NNSXdQWVBkY2E2empWYlZWU3BWRUxrSzRXcm1hU1NubWxpeXVSSU42TWpVdzdMVlo2STd6REkiLCJtYWMiOiIxZDQ4N2MyNzEyMjJhODdhZTFkYjNkNjY5YjI5ZTY0OTI1MzJjNmRiNThkZDNjMWI2YjBiZWExYjNiODljZGQ0IiwidGFnIjoiIn0%3D; io=3Cz55fMJXhnhabMrBGOt
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:47:02 GMT
Content-Type: image/png
Content-Length: 9977
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 16:11:10 GMT
ETag: "63cd601e-26f9"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azMa4ZauQdjhV2IwEBxkLoVA2ZvpbXvisDfdDnfk61VtrHi%2BETbDIWyoeKaBxmGOg%2B1owefY6LtvWG%2BNX76XDueDOoAitSI2klRqkMjiFiXJVDTyfLa%2FaZm0yCpXNkMtVScESkddoi4NPw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78da74b0dc400afa-OSL
alt-svc: h2=":443"; ma=60
root-naturesproduce.com/delivery-services/allegro/favicon-26163d9262bb348da27e0c994e5cc5d2.ico?vsn=d
104.21.36.62200 OK 2.6 kB URL HTTP/1.1 root-naturesproduce.com/delivery-services/allegro/favicon-26163d9262bb348da27e0c994e5cc5d2.ico?vsn=d
IP 104.21.36.62:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 959fea7e81d585f0a4431c28547670a1
a6ae85fdf98b96f2610d50bfa06f10404481b818
349b38bd78ca3af36ee12a36d22929d7102f6778733c276a0fa258afa11edd39
Analyzer Verdict Alert quad9 Sinkholed
GET /delivery-services/allegro/favicon-26163d9262bb348da27e0c994e5cc5d2.ico?vsn=d HTTP/1.1
Host: root-naturesproduce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://root-naturesproduce.com/25serdt1?from_sms=1
Cookie: XSRF-TOKEN=eyJpdiI6ImdPWUVrQVR4NHQyTCtTOFVuOS9DQmc9PSIsInZhbHVlIjoiYmRIbzhkY2NyTXIvdk9ZZHBhTnRCb1dRbzNVL0c5eGQ4WTZwMXhRZDd1UkQ0M3d1RFVOUG1wMlpvM0doSERFWk1JMWJidjRrNTFKK05WZkxaMElIZVF3WEl0WjgyQlB2bUV3bEdlVmwxc0NMOGF1R0hCenV6TUxyNm9ZK1I1SWoiLCJtYWMiOiI0ZmNmMDE3NzIyYWQxNzM2YTkyYTY0ZWE2NjBhNDMwNDI3NDU0MzZlMTNlYjMzOWNmZjBiNDU3NGYyMDQzNTM2IiwidGFnIjoiIn0%3D; public_session=eyJpdiI6InRSQndON3FCa2loOFVESlRNNUVyYUE9PSIsInZhbHVlIjoiSm9LZjMrb0o0Mk92dVREbDNxTUFLRURqQnBtbU5SbEk4ckFtMlRTdnIrNWFaL2NOWHFLc1VJMi9mM01OR3diUDVtMnRWSnZJS1NNSXdQWVBkY2E2empWYlZWU3BWRUxrSzRXcm1hU1NubWxpeXVSSU42TWpVdzdMVlo2STd6REkiLCJtYWMiOiIxZDQ4N2MyNzEyMjJhODdhZTFkYjNkNjY5YjI5ZTY0OTI1MzJjNmRiNThkZDNjMWI2YjBiZWExYjNiODljZGQ0IiwidGFnIjoiIn0%3D; io=3Cz55fMJXhnhabMrBGOt
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 18:47:02 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 16:11:10 GMT
ETag: W/"63cd601e-3c2e"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eq275xgAfMpCOy88XzubfnUBQwCHhSp0H5%2Fz8ec4PNFZhCpAni78WMuA3xzCyH9P3853ZQCyvsLwnN8Fv%2FApqyJmCx%2FMEjuHRMcRKHIaJmRqnhN6K59O68xEREvEru%2Bi3R%2FVi%2BpuUEU%2Bdg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78da74b0ddccb4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
44.241.236.90101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.241.236.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iCdBykmn4p6gRrHPEHaewQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1Eg1Z55GF+UBhR1MdZ7pY5FXt9E=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2189
Expires: Sun, 22 Jan 2023 19:23:33 GMT
Date: Sun, 22 Jan 2023 18:47:04 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2189
Expires: Sun, 22 Jan 2023 19:23:33 GMT
Date: Sun, 22 Jan 2023 18:47:04 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2189
Expires: Sun, 22 Jan 2023 19:23:33 GMT
Date: Sun, 22 Jan 2023 18:47:04 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2189
Expires: Sun, 22 Jan 2023 19:23:33 GMT
Date: Sun, 22 Jan 2023 18:47:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e5cb3e8d03fffcd307c5ebaef08167
1a813821d15afd416b82c3343a7920a0ffc909cb
84a81b6f63faa3f17a20222b8fa389761a0fb0512a1549b4848849c0425539c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7656
x-amzn-requestid: 6e1ebd9d-6ef0-48d0-a891-51bbf914ed42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNlYHaUoAMFr-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c88-479e8fb72b0b248d020d9e77;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Pu5h9aerRhgCkbAszYjgiRrblEiomyl7ev5WRmdAjQSTQNgSqczG0A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:58:15 GMT
age: 74929
etag: "1a813821d15afd416b82c3343a7920a0ffc909cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd73f3807-16ae-46ce-a9a5-84b639ea80c6.jpeg
34.120.237.76200 OK 2.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd73f3807-16ae-46ce-a9a5-84b639ea80c6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83d96b777a2cac4cb6d577309c8d07e7
86bc900c65d14a338c1d08a0b407590940b39059
50856a41d2bbaec73e06255e06e5ee648f1e7ed1fb04049810d4c03650621bdf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd73f3807-16ae-46ce-a9a5-84b639ea80c6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2555
x-amzn-requestid: d5425eec-2182-4b90-a03f-47dfa76439bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHOFpEoIoAMF83A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d57-5326fe1a504805be37823571;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:47:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S5pp0McLDY4eeGgd1a_L2f0MGujxWo2WLylb2fskiSFHc383oxNCLQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:54:17 GMT
age: 75167
etag: "86bc900c65d14a338c1d08a0b407590940b39059"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f86ec004a2042b4030cd2cce2bf1e1d
e3c00dcc55f095f03a6f4505960ac1cee0b3877c
64b5084d4145d5931af05c335d21e31e75db30b1f9e8a2efd92fc4cd0aa7ac07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8221
x-amzn-requestid: 02db02af-4f05-450d-9370-0e7a9dda6948
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHOEWGUMoAMF2QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d4e-050e7cdf21878aa159f36d0b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:46:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2bxIP5fBGoswPsQAvhRGhNlrHNQtiCpgWFr_S3fjQuyEXPW8amllzw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:58:50 GMT
age: 74894
etag: "e3c00dcc55f095f03a6f4505960ac1cee0b3877c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54bb2c2439cbf0cefc3075f25576f161
e4e506d7acc877b266c18ae6da3b948e0d41bb1e
8cfef01c8eea67086fdea9865d760f9ed1ecc15dc42f3b2c94fc85d609a31aa2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9334
x-amzn-requestid: 23f9071b-5274-4c6a-9a4a-d63ea74c7483
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNWQETCoAMFdjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c27-393e62854ba77f783f142985;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3n5ILyjGGUjvn66yRrz02tfI9FZpfSsZq5c6Oo_kB9OCOpBxD6aAAw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:46:00 GMT
age: 75664
etag: "e4e506d7acc877b266c18ae6da3b948e0d41bb1e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tYwSI7_1wwDixmup43f8j54sJ541GjyzB2rboENRXfSpuwPKImlNjA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 01:38:03 GMT
age: 61741
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e71636bb9a13ad7d52d253e16cd6a3f
401dd58e34982d3434739b9a2f7182487ea1cac5
1ac336df72b6eb569983e197f094378a26a175113249bedca0610cabd57e2e54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8057
x-amzn-requestid: 5469b005-6740-4f3d-80ca-a45fd39cae68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkCFiZoAMF8oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c80-210da08f113a3273257b7d61;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bvxndyaEjWVBvL2nJxC78dz74Pd-mf2NwURh-C-y548P9KfPZiWaZQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:54:17 GMT
age: 75167
etag: "401dd58e34982d3434739b9a2f7182487ea1cac5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2