r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8f33f56c329fe0b1570d2ee3e000ce4e
b11fcecd7cc1210d3f3b4e1426a37d3cd138119e
ebcb744a032452533c000c0a9f193fd2566b2389729c41b6c5ed69b9e4cd42d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBCB744A032452533C000C0A9F193FD2566B2389729C41B6C5ED69B9E4CD42D4"
Last-Modified: Tue, 07 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4611
Expires: Thu, 09 Mar 2023 13:02:56 GMT
Date: Thu, 09 Mar 2023 11:46:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7989fc4a69327c765a7e4e68f46c169b
1f3e8e6e9e640c3d99ec52dc947b68fa9c1d335b
b15c98c58fae6a49e831bc0db617bedf8538bbfa011a84553debdcbe461433d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B15C98C58FAE6A49E831BC0DB617BEDF8538BBFA011A84553DEBDCBE461433D0"
Last-Modified: Tue, 07 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15955
Expires: Thu, 09 Mar 2023 16:12:00 GMT
Date: Thu, 09 Mar 2023 11:46:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d096b44c5db01960a5d03dbb2a238c0
8e818de0e82041f2d9edeb14ddaf3916983b3729
8c69b4883e45e3e993ffdf24922c6ff7f0131f1eece0c3d0016137ca29f48d04
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C69B4883E45E3E993FFDF24922C6FF7F0131F1EECE0C3D0016137CA29F48D04"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8784
Expires: Thu, 09 Mar 2023 14:12:29 GMT
Date: Thu, 09 Mar 2023 11:46:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Type, Retry-After, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Mar 2023 11:13:43 GMT
content-type: application/json
age: 1942
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: I52gUefXk6ttRuuf7m8wESwZXbyGve2eXFPp9YLchRxv1BfVlEs5wGgdpkVSg3CFRKdx4ws4Xdo=
x-amz-request-id: NZGWXHZE32P0R24X
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Mar 2023 11:36:01 GMT
age: 604
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
awevik.com/cl/948d4f927ebb1e14
172.67.179.68302 Found 654 B URL HTTP/1.1 awevik.com/cl/948d4f927ebb1e14
IP 172.67.179.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6fd8d10e1dd8c41313be57e9aee5fe6d
803b24df546be53913603d15a12efcff23496f1b
1311c2930bc4840e350e869039b55d7eeb131480907d20e615be5d575840be3c
Analyzer Verdict Alert fortinet Phishing
GET /cl/948d4f927ebb1e14 HTTP/1.1
Host: awevik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 09 Mar 2023 11:46:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.1.16
Cache-Control: no-cache
Location: https://p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4378461355
X-Frame-Options: DENY
Set-Cookie: sbc948d4f927ebb1e14=eyJpdiI6IlFnVkhTZU5Qd2h0VjJodHBYekVwZ1E9PSIsInZhbHVlIjoiQmc1S2JIYTY1VUJvUzFqMkpuWUhGZz09IiwibWFjIjoiNDNkYTNhMWU3YzlhYWQ2ZDdhYTBkZTNhZTU1NDI2ZGQ1YmRjZjllYTFjZjU1ZTk0YzBhMGRmMTJkYzE0NWU2YiIsInRhZyI6IiJ9; expires=Thu, 09 Mar 2023 12:46:05 GMT; Max-Age=3600; path=/; httponly; samesite=lax
vis=eyJpdiI6IldMWTlWYmdiUFVBQmRldFpEKzU2a0E9PSIsInZhbHVlIjoiKzBNdyt0QmUxRDJWOHZxUE5wRGk0UT09IiwibWFjIjoiYmI4NzQ3MDIxYTM5NGFmY2IyYzRmYmE0NzFjN2FlZjk1NjZkMGJlOTQwNGYzZTcxNjA1NGIxNjZmNTJkMTJhNiIsInRhZyI6IiJ9; expires=Wed, 07 Jun 2023 11:46:05 GMT; Max-Age=7776000; path=/; httponly; samesite=lax
Expires: Thu, 01 Jan 1970 00:00:01 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lm1RjRWDJawcLNU5WeGUwxZdusSZ66jjQUDG%2BT0DDQe5%2BSEd%2BjR%2FbPQ7xlA4PZDSgzlM9NDGzqoo9h4RcL73i0vhNvhFk0qkIxD%2Fik54ticadY5H42VzyDjT8%2BQT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a53134c3f90b51d-OSL
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 11:46:05 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Cache-Control, Alert, Expires, ETag, Pragma, Content-Length, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Mar 2023 11:12:30 GMT
age: 2015
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc9a86b8d3035b57b58750f8896202e8
1485042fff689cadbf0c7a540f430993f23d45e3
b06e4961e184d51008f4adb9c8fe571f08b21b4728e5eac0bb4795861e03aa2f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B06E4961E184D51008F4ADB9C8FE571F08B21B4728E5EAC0BB4795861E03AA2F"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9236
Expires: Thu, 09 Mar 2023 14:20:01 GMT
Date: Thu, 09 Mar 2023 11:46:05 GMT
Connection: keep-alive
push.services.mozilla.com/
52.25.208.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.25.208.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: l5Asy+Mr0J/ZDlfUgWC5Yg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qjBicDkhVwoHQqD0MCmjx6o5CMo=
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 83ebc1c45ec8e190f618e327a409fac0
56b6e15f0d87a4c0dfe5b167f0a91875b26b8926
31bb769961abd89739c4447ec7f2693a2044f4bdd43f20f1f64a21b72996df66
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 11:46:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 13 Mar 2023 09:02:18 GMT
ETag: "56b6e15f0d87a4c0dfe5b167f0a91875b26b8926"
Last-Modified: Thu, 09 Mar 2023 09:02:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a5313511c7cb4f9-OSL
p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4378461355
103.56.211.129302 Found 6 B URL HTTP/1.1 p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4378461355
IP 103.56.211.129:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with CRLF line terminators
Hash ed19ca99581136d44b35bbb2240a6bf6
d0ac1626cb4713dd5e6b3ff63d818efac90ab4b3
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0
GET /norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4378461355 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Thu, 09 Mar 2023 11:46:06 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6
Connection: keep-alive
X-Powered-By: PHP/8.0.11
Set-Cookie: PHPSESSID=b2104b7ab548ebee87fa82ff4dc40ffc_545; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: http://103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4378461355%2F
Access-Control-Allow-Origin: *
103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4378461355%2F
103.56.211.129302 Found 0 B URL HTTP/1.1 103.56.211.129/he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4378461355%2F
IP 103.56.211.129:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /he_test/getHeaderForDhiragu.php?url=https%3A%2F%2Fp.hungama.com%2Fnorway_mm_play%2Findex.php%2Fpromotion%2Fpreview%2F3%3Faff_id%3D1641%26click_id%3D4378461355%2F HTTP/1.1
Host: 103.56.211.129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Thu, 09 Mar 2023 11:46:06 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/8.0.11
Location: https://p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4378461355/&mdnreturn=WDNadlpHRnRiM289
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 54939002388023971ddb6b7e7ad53403
21f73b23a35299dfbae64d57dd2762625a9a09f5
8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9584
Expires: Thu, 09 Mar 2023 14:25:51 GMT
Date: Thu, 09 Mar 2023 11:46:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 54939002388023971ddb6b7e7ad53403
21f73b23a35299dfbae64d57dd2762625a9a09f5
8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9584
Expires: Thu, 09 Mar 2023 14:25:51 GMT
Date: Thu, 09 Mar 2023 11:46:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 54939002388023971ddb6b7e7ad53403
21f73b23a35299dfbae64d57dd2762625a9a09f5
8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9584
Expires: Thu, 09 Mar 2023 14:25:51 GMT
Date: Thu, 09 Mar 2023 11:46:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 54939002388023971ddb6b7e7ad53403
21f73b23a35299dfbae64d57dd2762625a9a09f5
8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9584
Expires: Thu, 09 Mar 2023 14:25:51 GMT
Date: Thu, 09 Mar 2023 11:46:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 54939002388023971ddb6b7e7ad53403
21f73b23a35299dfbae64d57dd2762625a9a09f5
8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9623
Expires: Thu, 09 Mar 2023 14:26:30 GMT
Date: Thu, 09 Mar 2023 11:46:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcb7b5b1-0c4b-408c-8cd5-9eefd08402b5.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcb7b5b1-0c4b-408c-8cd5-9eefd08402b5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05f4cdc3272aedc4a6fb7b7eef4177fd
014fa1c8bb655e3dc2d7047fe1934fa3d4d28195
27b6a951f9fe1bbc7ab5290a170aa0506f1e5fc12b188427b3eead0140ee3fab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcb7b5b1-0c4b-408c-8cd5-9eefd08402b5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4779
x-amzn-requestid: 2b17d9dd-5471-4d32-b49b-d02d656ff32d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BWPHqF6oIAMF9rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64059230-40d6f50a5c99b19a09bc10f6;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 07:11:44 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: Q9-UoPTYCnyFdkOejus088TOAvKfyxOTRSI27U0KPo_kxF3Bn1iORQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 da4fa914888b330b3e8a08632b8e41be.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Mar 2023 08:07:50 GMT
age: 13097
etag: "014fa1c8bb655e3dc2d7047fe1934fa3d4d28195"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedc26d16-1c93-451f-bc00-adf9e2f92fac.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedc26d16-1c93-451f-bc00-adf9e2f92fac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f32c8032ccfea50340a5f5e8a45bd091
86cfba31fca35364a5b1642285f14665ff4c5386
d1f1cd14a388cbb02731e58cb8267b808402b8cb3a4e90be90858ae04af3c6f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedc26d16-1c93-451f-bc00-adf9e2f92fac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9081
x-amzn-requestid: 2ac239fb-ca70-41d5-8c86-fa398ac9a226
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BezeLGXFIAMF8ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6408ff8d-24722910513f5bd32e2411aa;Sampled=0
x-amzn-remapped-date: Wed, 08 Mar 2023 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: N7CdHUf92t4MRdgtsbaMlU8TVIF1NgUfD8xkZiZMSZVGJpiQzNuXew==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 6bdc2963c9ed59b475ec36c35e5932a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 21:45:27 GMT
etag: "86cfba31fca35364a5b1642285f14665ff4c5386"
content-type: image/jpeg
age: 50440
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5f13a1-64f5-41ac-aa1b-5fb0a6b438d4.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5f13a1-64f5-41ac-aa1b-5fb0a6b438d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd029abcba5db74cecb02bad1a036c43
bc714ee0389e279919dde08149be61c4dc9ab0a7
10ae90728b38f7aeba134961a7b80c68c213a09eeef618ef3d66f3305b19834e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5f13a1-64f5-41ac-aa1b-5fb0a6b438d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4770
x-amzn-requestid: 963dae3d-8336-4a5b-8b25-c3617f946d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BUZkWFhLIAMF6FQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6404d61b-1b705b460f7539f97c3dd7e5;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 17:49:15 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: HM56vjzUqmaOjBHUlhgopx3n5qjLe3x6v-AleC5P9ZRCJt5ndUZSsw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 6af3b573d8970d5db2a4d03354335b84.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 22:35:48 GMT
age: 47419
etag: "bc714ee0389e279919dde08149be61c4dc9ab0a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff38cea88-980c-4bc3-9bc7-9a1bd822bec7.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff38cea88-980c-4bc3-9bc7-9a1bd822bec7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8f45f111388e764cdc6482be2307e0a1
f849869251bd94a51243604d94f9dd708930d3e2
8e7b32b34a50ba9ca3834a7d915b245590bd19d96ae13aa9881cdea8b7f5fcc2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff38cea88-980c-4bc3-9bc7-9a1bd822bec7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7804
x-amzn-requestid: c100b707-4225-449e-b028-4d9f9da81b3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BfIm7H1_IAMFRYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6409215f-192127435abb06342b869fff;Sampled=0
x-amzn-remapped-date: Wed, 08 Mar 2023 23:59:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: yaOxtlUTgbRwPPBnoaojhuHQpKYLKsn3R1BKlJlBK4kkrG3EElHuTQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b618c0f73dc30c968057784ed0185d7a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Mar 2023 00:14:35 GMT
etag: "f849869251bd94a51243604d94f9dd708930d3e2"
content-type: image/jpeg
age: 41492
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8327210c-f08f-45fb-8563-0fbd126e3ffb.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8327210c-f08f-45fb-8563-0fbd126e3ffb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ab6603d51a922110ab6f24d92204fcab
ced566c17a5bf05d9065e04dac4db1118ea8dce8
24d0f401f671317d654c7e5b208f540757f28e793281f18c39a5a1380eb39cdd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8327210c-f08f-45fb-8563-0fbd126e3ffb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9037
x-amzn-requestid: ddfc3b87-c99a-428d-8192-702184cf2deb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BMVzNGjrIAMFnFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64019ce1-654954256467c9e2308782d9;Sampled=0
x-amzn-remapped-date: Fri, 03 Mar 2023 07:08:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 9E9osa25YNfhhC4YMhxDSaU6GDGHczAnZtj8mFkHuZFbIv7VsrgQyw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 22:12:55 GMT
etag: "ced566c17a5bf05d9065e04dac4db1118ea8dce8"
content-type: image/jpeg
age: 48792
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9da3492d-91de-45e4-82a1-51dec7e4ba28.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9da3492d-91de-45e4-82a1-51dec7e4ba28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d541504b5777fedb1a4b99770ca977e0
1acb5b7a05f617c8fc7cd6fe420ab72646bfc306
34dfdf8d3d5fa6fed1a6eca3c852301dae86f3765f824d93c26980fb8ac519c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9da3492d-91de-45e4-82a1-51dec7e4ba28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4785
x-amzn-requestid: 57be76f4-6f1b-45d2-bfc1-fc573c56489a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BezeJEhZIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6408ff8d-5e469b5f2c0adfd619e0e7b4;Sampled=0
x-amzn-remapped-date: Wed, 08 Mar 2023 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: jl-Ed8eQYVXZpU-veP1wAdNiiwQe-ZlApp8BsN7vx7pLBL4FVceI8A==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 21:45:27 GMT
etag: "1acb5b7a05f617c8fc7cd6fe420ab72646bfc306"
content-type: image/jpeg
age: 50440
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4378461355/&mdnreturn=WDNadlpHRnRiM289
103.56.211.129302 Found 6 B URL HTTP/1.1 p.hungama.com/norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4378461355/&mdnreturn=WDNadlpHRnRiM289
IP 103.56.211.129:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with CRLF line terminators
Hash ed19ca99581136d44b35bbb2240a6bf6
d0ac1626cb4713dd5e6b3ff63d818efac90ab4b3
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0
GET /norway_mm_play/index.php/promotion/preview/3?aff_id=1641&click_id=4378461355/&mdnreturn=WDNadlpHRnRiM289 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=b2104b7ab548ebee87fa82ff4dc40ffc_545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Thu, 09 Mar 2023 11:46:07 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6
Connection: keep-alive
X-Powered-By: PHP/8.0.11
Set-Cookie: PHPSESSID=b2104b7ab548ebee87fa82ff4dc40ffc_545; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://p.hungama.com/norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641
Access-Control-Allow-Origin: *
p.hungama.com/norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641
103.56.211.129302 Found 6 B URL HTTP/1.1 p.hungama.com/norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641
IP 103.56.211.129:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with CRLF line terminators
Hash ed19ca99581136d44b35bbb2240a6bf6
d0ac1626cb4713dd5e6b3ff63d818efac90ab4b3
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0
GET /norway_mm_play/index.php/plan/pack_purchase/164/0/22843?aff_id=1641 HTTP/1.1
Host: p.hungama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=b2104b7ab548ebee87fa82ff4dc40ffc_545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Thu, 09 Mar 2023 11:46:09 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6
Connection: keep-alive
X-Powered-By: PHP/8.0.11
Set-Cookie: PHPSESSID=b2104b7ab548ebee87fa82ff4dc40ffc_545; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: http://gateway.mondiapay.com/v1/web/purchase/initiate/930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d
Access-Control-Allow-Origin: *
gateway.mondiapay.com/v1/web/purchase/initiate/930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d
84.17.170.222200 2.3 kB URL HTTP/1.1 gateway.mondiapay.com/v1/web/purchase/initiate/930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d
IP 84.17.170.222:0
ASN #33873 Arvato Systems GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7dfcab89ed8007f9eb16664d502362f2
faa642e543087d6c54450349f7e3e5b047331626
2e4814c9e2e5e3d49d4bb43b228e7a30a9687e364fc01dc4b70bfa716d261647
GET /v1/web/purchase/initiate/930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Thu, 09 Mar 2023 11:46:09 GMT
Expires: 0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-MM-CORRELATION-ID: 7A8AFDAC-146F-EE7E-C7FC-45EAD7F4E8CE, 7A8AFDAC-146F-EE7E-C7FC-45EAD7F4E8CE
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Server: unknown
gateway.mondiapay.com/favicon.ico
84.17.170.222200 946 B URL HTTP/1.1 gateway.mondiapay.com/favicon.ico
IP 84.17.170.222:0
ASN #33873 Arvato Systems GmbH
File type MS Windows icon resource - 1 icon, 16x13, 32 bits/pixel\012- data
Hash 0488faca4c19046b94d07c3ee83cf9d6
02fb8c5e4c3d113f310651a4d021aecc68f79d54
a3fe67e3549fdbc5819762b43c7efd93b1caea734f87a33c909a4e4b2ba4e32b
GET /favicon.ico HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gateway.mondiapay.com/v1/web/purchase/initiate/930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d
HTTP/1.1 200
X-MM-CORRELATION-ID: 8CC6ECB2-E80E-50CF-24F1-7C4E165A832C
Last-Modified: Thu, 13 Dec 2018 16:04:02 GMT
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 946
Date: Thu, 09 Mar 2023 11:46:09 GMT
Server: unknown
gateway.mondiapay.com/v1/web/purchase/validate/930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d
84.17.170.222200 19 B URL HTTP/1.1 gateway.mondiapay.com/v1/web/purchase/validate/930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d
IP 84.17.170.222:0
ASN #33873 Arvato Systems GmbH
File type JSON data\012- , ASCII text, with no line terminators
Hash 7371f4549137912d2f797e976caa3f7a
a6dbc3ae0138f2a5b50371323a7d8e3744f261ef
8519ccdbef3d14c543b2079d16bcc9c10e50ca44613391b0deb904a290ebe5ee
GET /v1/web/purchase/validate/930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://gateway.mondiapay.com/v1/web/purchase/initiate/930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d
HTTP/1.1 200
Date: Thu, 09 Mar 2023 11:46:11 GMT
Expires: 0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-MM-CORRELATION-ID: 656186A2-7D2C-551F-7A61-A888141C5C11, 656186A2-7D2C-551F-7A61-A888141C5C11
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Type: text/plain;charset=UTF-8
Transfer-Encoding: chunked
Server: unknown
gateway.mondiapay.com/mondiapay-strex-no-v1/web/purchase/subscription/930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d
84.17.170.222302 0 B URL HTTP/1.1 gateway.mondiapay.com/mondiapay-strex-no-v1/web/purchase/subscription/930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d
IP 84.17.170.222:0
ASN #33873 Arvato Systems GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mondiapay-strex-no-v1/web/purchase/subscription/930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gateway.mondiapay.com/v1/web/purchase/initiate/930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Date: Thu, 09 Mar 2023 11:46:12 GMT
X-MM-CORRELATION-ID: 6E2547FD-708A-61C5-8CBA-0F8BF5C4CE50, 6E2547FD-708A-61C5-8CBA-0F8BF5C4CE50
Location: https://track.greentropolo.com/g/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=F5aKyx_PSIT0u7GATkBAJ682n4F6GwQ15GJKOynbr_E&external_id=930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d&var1=7714&var2=77140001
Transfer-Encoding: chunked
Server: unknown
ocsp.pki.goog/s/gts1p5/qdRMuLT-iz0
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/qdRMuLT-iz0
IP 216.58.211.3:0
Hash 0d54253a60626f8b50328874f998bb12
1a4e917dbf0f9f30d868d8f5cf719667488ba075
ab45fec995e9f040d458f7dc0c0cad9cc05a0d5d2772fa759e86b09c746b712f
POST /s/gts1p5/qdRMuLT-iz0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 11:46:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/qdRMuLT-iz0
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/qdRMuLT-iz0
IP 216.58.211.3:0
Hash 0d54253a60626f8b50328874f998bb12
1a4e917dbf0f9f30d868d8f5cf719667488ba075
ab45fec995e9f040d458f7dc0c0cad9cc05a0d5d2772fa759e86b09c746b712f
POST /s/gts1p5/qdRMuLT-iz0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 11:46:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gateway.mondiapay.com/mondiapay-strex-no-v1/web/purchase/subscription/930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d?clickid=track_20230309114612_a8df88b7_ef33_4736_9df1_28406bc6bdfb&opt=YfpH4xT3mtmdyXd7FJq1CD1S3%2F3gf8zNbD69xPLm8l4ruyV0NAt1yDx5rcHYIjAhPC2ubvUMcFkPbvCbtoKNdBLIJaIYC8zpYR%2BUE03qPjaff7H6oVLC8SH4FnU1LPQ0N7rTo4xFU1tXDwe02ArD%2F%2FH5trICI0ErA3AvKHhOv9DxYQ4iiChWSeDh%2FzO%2FMwP2ej1SftL3Ef1MJxBn%2B9WaR%2B6bgFj6aOsnFXr5apWVrncokZatKM8OdVbk9trrypg7MVDl0vOSoVTDR%2FT5vyTBnlauVxm5BAmtn5DyQNqRYTLZ7TuIn1qh6lpOnHnRctum07LlhQirNO926SJyDfnKCG2gCXh7XF%2Ft4SjVGo7hz%2FqzIeoG04U6HXtL8F%2Bailzzd9OV5W5sU5scXLHQAVPoj3VRIeWRwwlyXWKAVDISmg2KvhwlyQBwxiz5092JHQnXHtdyvcprEuisMesvFwETZA%3D%3D&opt-hmac=Lea7i0MmUZRrzRojftb5iuev1Mm8WTNfJCkJ78Sl2VU%3D
84.17.170.222302 0 B URL HTTP/1.1 gateway.mondiapay.com/mondiapay-strex-no-v1/web/purchase/subscription/930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d?clickid=track_20230309114612_a8df88b7_ef33_4736_9df1_28406bc6bdfb&opt=YfpH4xT3mtmdyXd7FJq1CD1S3%2F3gf8zNbD69xPLm8l4ruyV0NAt1yDx5rcHYIjAhPC2ubvUMcFkPbvCbtoKNdBLIJaIYC8zpYR%2BUE03qPjaff7H6oVLC8SH4FnU1LPQ0N7rTo4xFU1tXDwe02ArD%2F%2FH5trICI0ErA3AvKHhOv9DxYQ4iiChWSeDh%2FzO%2FMwP2ej1SftL3Ef1MJxBn%2B9WaR%2B6bgFj6aOsnFXr5apWVrncokZatKM8OdVbk9trrypg7MVDl0vOSoVTDR%2FT5vyTBnlauVxm5BAmtn5DyQNqRYTLZ7TuIn1qh6lpOnHnRctum07LlhQirNO926SJyDfnKCG2gCXh7XF%2Ft4SjVGo7hz%2FqzIeoG04U6HXtL8F%2Bailzzd9OV5W5sU5scXLHQAVPoj3VRIeWRwwlyXWKAVDISmg2KvhwlyQBwxiz5092JHQnXHtdyvcprEuisMesvFwETZA%3D%3D&opt-hmac=Lea7i0MmUZRrzRojftb5iuev1Mm8WTNfJCkJ78Sl2VU%3D
IP 84.17.170.222:0
ASN #33873 Arvato Systems GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mondiapay-strex-no-v1/web/purchase/subscription/930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d?clickid=track_20230309114612_a8df88b7_ef33_4736_9df1_28406bc6bdfb&opt=YfpH4xT3mtmdyXd7FJq1CD1S3%2F3gf8zNbD69xPLm8l4ruyV0NAt1yDx5rcHYIjAhPC2ubvUMcFkPbvCbtoKNdBLIJaIYC8zpYR%2BUE03qPjaff7H6oVLC8SH4FnU1LPQ0N7rTo4xFU1tXDwe02ArD%2F%2FH5trICI0ErA3AvKHhOv9DxYQ4iiChWSeDh%2FzO%2FMwP2ej1SftL3Ef1MJxBn%2B9WaR%2B6bgFj6aOsnFXr5apWVrncokZatKM8OdVbk9trrypg7MVDl0vOSoVTDR%2FT5vyTBnlauVxm5BAmtn5DyQNqRYTLZ7TuIn1qh6lpOnHnRctum07LlhQirNO926SJyDfnKCG2gCXh7XF%2Ft4SjVGo7hz%2FqzIeoG04U6HXtL8F%2Bailzzd9OV5W5sU5scXLHQAVPoj3VRIeWRwwlyXWKAVDISmg2KvhwlyQBwxiz5092JHQnXHtdyvcprEuisMesvFwETZA%3D%3D&opt-hmac=Lea7i0MmUZRrzRojftb5iuev1Mm8WTNfJCkJ78Sl2VU%3D HTTP/1.1
Host: gateway.mondiapay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Date: Thu, 09 Mar 2023 11:46:13 GMT
X-MM-CORRELATION-ID: 083B6372-4E30-A707-BB7C-AA8CBC3E0EBE, 083B6372-4E30-A707-BB7C-AA8CBC3E0EBE
Location: http://35.200.222.172/v2/cgredirection/cgReturnTelenorNorwayMM.php?trans_id=20230309171609424003395155&status=403&message=PERMISSION_DENIED
Transfer-Encoding: chunked
Server: unknown
track.greentropolo.com/g/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=F5aKyx_PSIT0u7GATkBAJ682n4F6GwQ15GJKOynbr_E&external_id=930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d&var1=7714&var2=77140001
104.21.78.194200 OK 0 B URL HTTP/2 track.greentropolo.com/g/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=F5aKyx_PSIT0u7GATkBAJ682n4F6GwQ15GJKOynbr_E&external_id=930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d&var1=7714&var2=77140001
IP 104.21.78.194:0
GET /g/4625709cd492e17ee2?next_url=http%3A%2F%2Fgateway.mondiapay.com%2Fmondiapay-strex-no-v1%2Fweb%2Fpurchase%2Fsubscription%2F930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d%3Fclickid%3D%7Bclick_id%7D%26opt%3D%7BOPT%7D%26opt-hmac%3D%7BOPT-HMAC%7D&hmac=F5aKyx_PSIT0u7GATkBAJ682n4F6GwQ15GJKOynbr_E&external_id=930f1f0b-dc4a-4c91-99b6-3c5a15ceff6d&var1=7714&var2=77140001 HTTP/1.1
Host: track.greentropolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gateway.mondiapay.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Mar 2023 11:46:12 GMT
content-type: text/html;charset=utf-8
cache-control: private, max-age=0, no-cache, must-revalidate
pragma: no-cache
accept-ch: Width, Viewport-Width, Viewport-Height, Device-Memory, Content-DPR, DPR, Save-Data, Downlink, ECT, RTT, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding, User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnRfhuzGFSuoJAmXC1%2FxvgLT3VXDg27zKpTMgi6l%2BZBDDmoYOookfe6brh6z9ovd2uLWwJ6ryFlAg5cjfAAT12MESAWumeY91gZOYhr%2B03agOfVC%2Bvpy1OJEIfbgEVIu3A7h7jsZK%2BF3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a53137bedb60b59-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2