rezuke.gooredirect.xyz/go/9abe48ed-7a3f-43b9-9510-2bd9273935c4
3.70.16.242200 OK 290 B URL HTTP/1.1 rezuke.gooredirect.xyz/go/9abe48ed-7a3f-43b9-9510-2bd9273935c4
IP 3.70.16.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (371), with no line terminators
Hash 9ecc53dc05b31f39bfe14641d342798a
eb9507998b61ff75bee4738b474c7f6710fd463c
b356f56b4e0708583716bdb0bc3308466cf3f5f336a77fd58d0762739c8cbaa5
Analyzer Verdict Alert fortinet Malware
GET /go/9abe48ed-7a3f-43b9-9510-2bd9273935c4 HTTP/1.1
Host: rezuke.gooredirect.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 01 Apr 2023 11:17:04 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
Access-Control-Allow-Origin: *
ETag: W/"173-NtD130zlckwtSWTjCuRBtnLYwWk"
Set-Cookie: bemob-uniq-visit:9abe48ed-7a3f-43b9-9510-2bd9273935c4=1; Domain=rezuke.gooredirect.xyz; Path=/; Expires=Sun, 02 Apr 2023 11:17:04 GMT; HttpOnly
bemob-rotation:9abe48ed-7a3f-43b9-9510-2bd9273935c4:random:cc6d91c2083eb8932709e9695a3fac5f=0-0-0; Domain=rezuke.gooredirect.xyz; Path=/; Expires=Sun, 02 Apr 2023 11:17:04 GMT; HttpOnly
bemob-track-url=https%3A%2F%2Fspinwee1.online%2Froot%2Fspinwhel-iq-update%2F%3Fbemobdata%3Dc%253D9abe48ed-7a3f-43b9-9510-2bd9273935c4..l%253Dcac46cd2-6424-4f4e-827d-bdc33047e385..a%253D0..b%253D0..ts%253D1680347824954; Domain=rezuke.gooredirect.xyz; Path=/; Expires=Sun, 02 Apr 2023 11:17:04 GMT; HttpOnly
X-Response-Time: 17.523ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 034b06325b334948200ef1d79d4ddeb7
b9a3c93cff37cbaaf20cca79b965b1a21c525ce8
417ce2093027b05cc34199c75e6b29f155c4dd3150651b6b3dbe8564098c4143
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "417CE2093027B05CC34199C75E6B29F155C4DD3150651B6B3DBE8564098C4143"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9425
Expires: Sat, 01 Apr 2023 13:54:10 GMT
Date: Sat, 01 Apr 2023 11:17:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7680
Expires: Sat, 01 Apr 2023 13:25:05 GMT
Date: Sat, 01 Apr 2023 11:17:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 01 Apr 2023 11:16:16 GMT
content-type: application/json
age: 49
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 374c9e295a804e605c402f48ae7e2446
967394b36ecdff2dd32842f878887f061024c6b3
7652dfcb9e2d620ce1d033be8ecc53166d2881154c15decd60899415e5ac2706
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7652DFCB9E2D620CE1D033BE8ECC53166D2881154C15DECD60899415E5AC2706"
Last-Modified: Thu, 30 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3947
Expires: Sat, 01 Apr 2023 12:22:52 GMT
Date: Sat, 01 Apr 2023 11:17:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: quh3aArjSTbLvSxozx06vWx/BvzjaKoSZfOxPF6zLWoaZuusWQUfG39UkrBUTo1ztf+cWrhKsj8qqAWSNn1h1g==
x-amz-request-id: MGCBN4EA9QTZBZEW
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 01 Apr 2023 11:03:43 GMT
age: 802
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 01 Apr 2023 11:17:05 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0d58e41c695bac9649d14b76b471903a
0933bfd352e0fc752aef499040a439c6e27b36d1
b9053c6d2bced67fe3d3092cfc179c3e2cc9b8b56780c1c52ce75c68ad265c69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9053C6D2BCED67FE3D3092CFC179C3E2CC9B8B56780C1C52CE75C68AD265C69"
Last-Modified: Sat, 01 Apr 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12535
Expires: Sat, 01 Apr 2023 14:46:00 GMT
Date: Sat, 01 Apr 2023 11:17:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9e9f6891559058a4f43596719386a231
8b9bdfb379748c09759d43d9771a71269c0391d3
d1a9523b4094f8ce15ca02124033623203e20b8e375172c1f84491d6b4c0ea6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1A9523B4094F8CE15CA02124033623203E20B8E375172C1F84491D6B4C0EA6C"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12972
Expires: Sat, 01 Apr 2023 14:53:17 GMT
Date: Sat, 01 Apr 2023 11:17:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Expires, Retry-After, Cache-Control, Alert, Backoff, Pragma, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 01 Apr 2023 11:14:41 GMT
age: 144
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PslsDi4PTCMPjAWtOTFB3Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: D/+4de65PfHHgnAkCARPcz/7RhY=
Date: Sat, 01 Apr 2023 11:17:05 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6473ce6830c3db273ab68dd7a6c10bc6
f5f0ec84daf9ace0add0568ec4151e4f3424e676
ea8fdf7f5c5c414578b5f563c3c6e8bc68eabb0ba469aa674ba9524065aec6ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA8FDF7F5C5C414578B5F563C3C6E8BC68EABB0BA469AA674BA9524065AEC6EC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1556
Expires: Sat, 01 Apr 2023 11:43:01 GMT
Date: Sat, 01 Apr 2023 11:17:05 GMT
Connection: keep-alive
pu3hj.bemobpath.com/?redirectUrl=https%3A%2F%2Fspinwee1.online%2Froot%2Fspinwhel-iq-update%2F%3Fbemobdata%3Dc%253D9abe48ed-7a3f-43b9-9510-2bd9273935c4..l%253Dcac46cd2-6424-4f4e-827d-bdc33047e385..a%253D0..b%253D0..ts%253D1680347824954
3.70.16.242200 OK 69 kB URL HTTP/2 pu3hj.bemobpath.com/?redirectUrl=https%3A%2F%2Fspinwee1.online%2Froot%2Fspinwhel-iq-update%2F%3Fbemobdata%3Dc%253D9abe48ed-7a3f-43b9-9510-2bd9273935c4..l%253Dcac46cd2-6424-4f4e-827d-bdc33047e385..a%253D0..b%253D0..ts%253D1680347824954
IP 3.70.16.242:0
Hash f038a671f00d62b55c4eceecfb5403c9
f5883f68104423f427066ddddd036894e3ca3d5c
945a9ea3e9950328ea3f33c12955eda48e7590ec2ce04f686a152269e622117a
GET /?redirectUrl=https%3A%2F%2Fspinwee1.online%2Froot%2Fspinwhel-iq-update%2F%3Fbemobdata%3Dc%253D9abe48ed-7a3f-43b9-9510-2bd9273935c4..l%253Dcac46cd2-6424-4f4e-827d-bdc33047e385..a%253D0..b%253D0..ts%253D1680347824954 HTTP/1.1
Host: pu3hj.bemobpath.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sat, 01 Apr 2023 11:17:05 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
etag: W/"125-k3/e73CvZK9llgamnhnCZER0i9k"
x-response-time: 3.625ms
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
my.rtmark.net/p.js?f=sync&lr=1&partner=887609b5f4b8dbcf2e35aa2836a9fd8d8a017fb66ae8ee6345d1cd654b6f1994
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=887609b5f4b8dbcf2e35aa2836a9fd8d8a017fb66ae8ee6345d1cd654b6f1994
IP 139.45.195.8:0
Hash 4685fe11a9955835384195c9aaa587bd
cfc503c5dac47e834118894ad406b5d6b2efe684
fce110f120c5f5b605bbbc25445630b0c846ad71cf192eb230bfc96fbadaf004
GET /p.js?f=sync&lr=1&partner=887609b5f4b8dbcf2e35aa2836a9fd8d8a017fb66ae8ee6345d1cd654b6f1994 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spinwee1.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 01 Apr 2023 11:17:05 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 50c45a18fb93b87c01cc1aea5392f94c
05ed5e571dce4aca64d5001b65671bbd5352efed
de2a729415938969608d1ef6d382dd07ef7fcfb8f50764fb914f553a1c322a70
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE2A729415938969608D1EF6D382DD07EF7FCFB8F50764FB914F553A1C322A70"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10649
Expires: Sat, 01 Apr 2023 14:14:35 GMT
Date: Sat, 01 Apr 2023 11:17:06 GMT
Connection: keep-alive
ahaurgoo.net/zone?&pub=0&zone_id=5657473&is_mobile=false&domain=spinwee1.online&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest
139.45.197.251200 OK 0 B URL HTTP/2 ahaurgoo.net/zone?&pub=0&zone_id=5657473&is_mobile=false&domain=spinwee1.online&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5657473&is_mobile=false&domain=spinwee1.online&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: ahaurgoo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://spinwee1.online
Connection: keep-alive
Referer: https://spinwee1.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Apr 2023 11:17:06 GMT
content-length: 0
x-trace-id: ac4cf599597ce54b3b083e374d2b0095
access-control-allow-origin: https://spinwee1.online
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=sync&partner=887609b5f4b8dbcf2e35aa2836a9fd8d8a017fb66ae8ee6345d1cd654b6f1994&ttl=&rurl=https%3A%2F%2Fspinwee1.online%2Froot%2Fspinwhel-iq-update%2F%3Fbemobdata%3Dc%3D9abe48ed-7a3f-43b9-9510-2bd9273935c4..l%3Dcac46cd2-6424-4f4e-827d-bdc33047e385..a%3D0..b%3D0..ts%3D1680347824954%23
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=887609b5f4b8dbcf2e35aa2836a9fd8d8a017fb66ae8ee6345d1cd654b6f1994&ttl=&rurl=https%3A%2F%2Fspinwee1.online%2Froot%2Fspinwhel-iq-update%2F%3Fbemobdata%3Dc%3D9abe48ed-7a3f-43b9-9510-2bd9273935c4..l%3Dcac46cd2-6424-4f4e-827d-bdc33047e385..a%3D0..b%3D0..ts%3D1680347824954%23
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=887609b5f4b8dbcf2e35aa2836a9fd8d8a017fb66ae8ee6345d1cd654b6f1994&ttl=&rurl=https%3A%2F%2Fspinwee1.online%2Froot%2Fspinwhel-iq-update%2F%3Fbemobdata%3Dc%3D9abe48ed-7a3f-43b9-9510-2bd9273935c4..l%3Dcac46cd2-6424-4f4e-827d-bdc33047e385..a%3D0..b%3D0..ts%3D1680347824954%23 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spinwee1.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Apr 2023 11:17:06 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=e4ccbed515754bc899cc63fd016f32e4; expires=Sun, 31 Mar 2024 11:17:06 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8120
Expires: Sat, 01 Apr 2023 13:32:27 GMT
Date: Sat, 01 Apr 2023 11:17:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8120
Expires: Sat, 01 Apr 2023 13:32:27 GMT
Date: Sat, 01 Apr 2023 11:17:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8120
Expires: Sat, 01 Apr 2023 13:32:27 GMT
Date: Sat, 01 Apr 2023 11:17:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8120
Expires: Sat, 01 Apr 2023 13:32:27 GMT
Date: Sat, 01 Apr 2023 11:17:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8120
Expires: Sat, 01 Apr 2023 13:32:27 GMT
Date: Sat, 01 Apr 2023 11:17:07 GMT
Connection: keep-alive
backunder.com/script.js
172.67.169.6200 OK 19 kB IP 172.67.169.6:0
Hash 079556f8e08fe30adca66a13a37dc332
7f2407363c4e076113f13e19930ed95519e881e3
a62241fd4968eb30fa7be79e741919c7e9590487f415bcbedd0ceb9e198bae22
GET /script.js HTTP/1.1
Host: backunder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spinwee1.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Apr 2023 11:17:06 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 19:14:45 GMT
etag: W/"4cc-5f2f3364b2fe4-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BxH835s11kGjhp2Ibs%2FTheib3pzvcdjmS%2BSkP9BjvGPhKlopwu17U2DaO9yxfvkDdzbIBfGZNd5mdFxm0JxgUMNtTV8fAOSrSOJT46ExuSp%2F4qkJB1VD%2FO7YmtpHXqww"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b106c78dfe40b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d10d044-e7de-4065-bd3e-ced16ef7d028.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d10d044-e7de-4065-bd3e-ced16ef7d028.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 011eb872ec6df694a1d13849a17d9c11
6392fe7356a93a974194b2a0c80e6e1b52e6da62
ff4cb55e486a3e91d874b0a84e6da2c71ffd549ad5251137503a24e5ff6eeb4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d10d044-e7de-4065-bd3e-ced16ef7d028.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7477
x-amzn-requestid: 27593d9f-b255-4c64-b602-d7fcc54ee019
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ClVCqE-SoAMFjwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64253543-731d8cba4ae06f470383669c;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 07:07:47 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: WSkRncbzC6qgJ2JpjabOoRY_vZXmsvgZEMiOFy_7k5q_H1ZOxILHAw==
via: 1.1 626ad4a6bf529166d2aad94a2957694c.cloudfront.net (CloudFront), 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Apr 2023 07:19:12 GMT
age: 14275
etag: "6392fe7356a93a974194b2a0c80e6e1b52e6da62"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95196399-f417-4284-9902-cf35b1e83360.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95196399-f417-4284-9902-cf35b1e83360.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb930830ac86ec8ace6a232f67810ba
d084bf4331446c35236019010b2bcf82d45dad1c
bb81782bf590d601110ec8fb891f701e0f5084bda46370d30345bd81403a33ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95196399-f417-4284-9902-cf35b1e83360.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5830
x-amzn-requestid: 0897bf26-6156-48d3-ba67-596cc326dddc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CqnHHG0JoAMF87w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6427522d-6f380d901d9d6b737ec19d6d;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:35:41 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Bn3MbOV7qxTzTjDiOpS3qgs61KZJTe8bY6sHQa_68HPqyLaL-ZsI3Q==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:50:38 GMT
age: 48389
etag: "d084bf4331446c35236019010b2bcf82d45dad1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24171d10-56ac-40e7-9d10-77b9e948da6e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24171d10-56ac-40e7-9d10-77b9e948da6e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c193cd4520e8ee5d17cd1f3faadc1c73
b46effcb93e0ad066474ec1f67bcd54020615caf
bc824341b884278e7e69ae3bb87484ad914e5909544959ebc8f8661a545cb929
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24171d10-56ac-40e7-9d10-77b9e948da6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10128
x-amzn-requestid: bdd46a1d-4b43-4450-be32-3e3947d2fcd7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm9VELdIAMFmmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751ee-346e92d143f6fcf46db741c8;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: TzZpij5xeF-mrrMvpNNPJQA62GcNd0qPNAh_7IAme7SI3WwmZ4itcg==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:47:54 GMT
etag: "b46effcb93e0ad066474ec1f67bcd54020615caf"
content-type: image/jpeg
age: 48553
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabf52f1a-4364-4b49-adea-7bf4d36f11d4.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabf52f1a-4364-4b49-adea-7bf4d36f11d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 04734b0c35626d752b7dddcbaa0fa4e1
ee66c3533a104626998925bb5beca3db458ddbf6
f780348104af10e94cec57e8d8f22609a00f978316893edd8d111e34f19fea4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabf52f1a-4364-4b49-adea-7bf4d36f11d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4911
x-amzn-requestid: 911b4c5f-1de9-472a-a0e2-d532d50ee210
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm7NFmFIAMFZ_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751e1-76cbfa4d0e30bbc22f913058;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:25 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: VMVm-JdJ_fHWp7H5FZYtlmRAFnOZy_uNRWKklXn1xRldnC7-BwN2Vg==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:38:48 GMT
age: 49099
etag: "ee66c3533a104626998925bb5beca3db458ddbf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98f2c747-737d-46e1-90cd-26a5e4face5a.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98f2c747-737d-46e1-90cd-26a5e4face5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c64c52860d25cdd6330a17db2638a94
cc5fad3935464cc2a0b52e4e45e40f0f99b99701
bb506b3cfded544edc342898ee559b732e9370444c34bdbc711c375a84fb8407
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98f2c747-737d-46e1-90cd-26a5e4face5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8669
x-amzn-requestid: 021c0ea7-9ac9-4170-bc19-4e8816bc3e60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CiBxmGpKIAMFqSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6423e33d-39a81c9b0cc4ebd1517b55fe;Sampled=0
x-amzn-remapped-date: Wed, 29 Mar 2023 07:05:33 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: R3nGvyWPH6rHuFE6Cc4xJ7Ynj21hpAHHXmJIqYwbRFq-YtpaWyj7oQ==
via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Apr 2023 03:55:29 GMT
age: 26498
etag: "cc5fad3935464cc2a0b52e4e45e40f0f99b99701"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2