Overview

URL afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/html/8a2922_78851556e73f7076545dec98d3091029.html
IP34.102.176.152
ASNGOOGLE
Location United States
Report completed2022-09-23 09:57:43 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-22 2 afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/html/8a2922_78851556e73f7 (...) Mercado Libre
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-23 2 afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/html/8a2922_78851556e73f7 (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (19)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com (1) 0 No data No data 34.102.176.152 Domain (filesusr.com) ranked at: 19386
mnemonic passive DNS js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-09-23 04:55:15 UTC 151.101.86.137
mnemonic passive DNS ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-09-23 04:02:50 UTC 142.250.74.3
mnemonic passive DNS ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2022-09-23 04:04:38 UTC 93.184.220.29
mnemonic passive DNS analytics.mlstatic.com (1) 228040 2013-11-28 18:37:34 UTC 2022-08-01 13:28:29 UTC 23.36.79.8
mnemonic passive DNS data.mercadolibre.com (1) 32279 2021-02-01 12:33:52 UTC 2022-09-14 15:00:43 UTC 54.230.111.97
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-23 05:06:00 UTC 143.204.55.27
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-23 04:02:41 UTC 143.204.55.25
mnemonic passive DNS http2.mlstatic.com (13) 19098 2017-01-30 05:14:01 UTC 2022-09-23 08:55:17 UTC 23.36.76.179
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-23 04:33:31 UTC 142.250.74.72
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-23 05:02:25 UTC 52.89.17.198
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-23 04:02:43 UTC 34.120.237.76
mnemonic passive DNS static.hotjar.com (1) 641 2014-11-01 05:14:27 UTC 2022-09-23 04:35:06 UTC 143.204.55.98
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-23 04:34:39 UTC 23.36.76.226
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-23 04:33:41 UTC 34.117.237.239
mnemonic passive DNS us.creativecdn.com (2) 2797 2016-01-22 15:12:56 UTC 2022-09-23 04:51:26 UTC 185.184.10.30
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-09-23 04:33:34 UTC 157.240.200.35
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-09-23 04:34:37 UTC 157.240.200.14
mnemonic passive DNS bam.nr-data.net (1) 630 2015-02-10 00:06:27 UTC 2022-09-23 04:34:56 UTC 162.247.241.14


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.102.176.152

Date UQ / IDS / BL URL IP
2022-10-04 16:04:43 +0000
0 - 0 - 1 42502d2a-e7ed-4a16-9f11-33ffe6c54021.usrfiles (...) 34.102.176.152
2022-10-04 16:04:39 +0000
0 - 0 - 1 42502d2a-e7ed-4a16-9f11-33ffe6c54021.usrfiles (...) 34.102.176.152
2022-10-04 15:41:51 +0000
0 - 0 - 1 1b5622c7-2ce6-4cef-b1cd-19325efd8f45.usrfiles (...) 34.102.176.152
2022-10-04 15:41:42 +0000
0 - 0 - 1 42502d2a-e7ed-4a16-9f11-33ffe6c54021.usrfiles (...) 34.102.176.152
2022-10-04 15:41:39 +0000
0 - 0 - 1 1b5622c7-2ce6-4cef-b1cd-19325efd8f45.usrfiles (...) 34.102.176.152

Last 5 reports on ASN: GOOGLE

Date UQ / IDS / BL URL IP
2022-10-04 16:29:44 +0000
0 - 0 - 1 mtbonlime.co/login.php?success_redirect_url=/ 34.98.99.30
2022-10-04 16:25:16 +0000
0 - 0 - 1 leboncoin-cz.info/paymentcenter/login.php?id= (...) 35.205.61.67
2022-10-04 16:23:59 +0000
0 - 0 - 1 aerial-consultants.com/ex/2020/login.php 34.98.99.30
2022-10-04 16:14:01 +0000
0 - 0 - 2 comunicati-stampa-per-il-turismo.blogspot.com (...) 142.250.74.161
2022-10-04 16:08:19 +0000
0 - 0 - 1 storage.googleapis.com/fe5u9xbqfqnn7n.appspot (...) 142.250.74.112

Last 5 reports on domain: filesusr.com

Date UQ / IDS / BL URL IP
2022-10-03 20:48:25 +0000
0 - 0 - 3 fr-europe564598-com.filesusr.com/html/2d7ee9_ (...) 34.102.176.152
2022-10-03 20:23:50 +0000
0 - 0 - 3 mjaymuf1z3vzdde4mtf0aa.filesusr.com/html/c694 (...) 34.102.176.152
2022-10-02 20:15:16 +0000
0 - 0 - 3 mjayme9jdg9izxiymjnyza.filesusr.com/html/c694 (...) 34.102.176.152
2022-10-01 20:25:02 +0000
0 - 0 - 2 mjaymurly2vtymvymjiyn3ro.filesusr.com/html/c6 (...) 34.102.176.152
2022-10-01 20:20:10 +0000
0 - 0 - 3 mjaymup1bhk0mtf0aa.filesusr.com/html/c69417_3 (...) 34.102.176.152

No other reports with similar screenshot



JavaScript

Executed Scripts (17)


Executed Evals (4)

#1 JavaScript::Eval (size: 101, repeated: 1) - SHA256: 0f9f75372248047b304c220ca2ee3ad2d369270b49ed3214a09e61463ff4d6b4

                                        (function() {
    var a = google_tag_manager["GTM-WPNTP5L"].macro(2).split("."),
        b = a.length;
    return a[b - 1]
})();
                                    

#2 JavaScript::Eval (size: 101, repeated: 1) - SHA256: 58d84d3677df2d1d50c146bcfb61f836db9f3a483180781343e10745be12d2f3

                                        (function() {
    var a = google_tag_manager["GTM-WPNTP5L"].macro(7).split("."),
        b = a.length;
    return a[b - 1]
})();
                                    

#3 JavaScript::Eval (size: 101, repeated: 1) - SHA256: 2c122caba45bfefefb1d5e6c79d16d1f2dfed0d7486b878a9fb74f3708344784

                                        (function() {
    var a = google_tag_manager["GTM-WPNTP5L"].macro(3).split("."),
        b = a.length;
    return a[b - 1]
})();
                                    

#4 JavaScript::Eval (size: 127, repeated: 1) - SHA256: 2c24f4b4fd2082b417cd61ad6f6c0ce6eb9e92ffaa8be093e41fd4d3324e1b9c

                                        (function() {
    return "true" === google_tag_manager["GTM-WPNTP5L"].macro(4) && "true" === google_tag_manager["GTM-WPNTP5L"].macro(5)
})();
                                    

Executed Writes (2)

#1 JavaScript::Write (size: 160, repeated: 1) - SHA256: 2d16db4f557654c39d858f669cdca18f08e6bbd5897b1502ae5dca5b381633e9

                                        < body onload = "var js = document.createElement('script');js.src = 'https://analytics.mlstatic.com/ga/mla-mp-analytics.min.gz.js';document.body.appendChild(js);" >
                                    

#2 JavaScript::Write (size: 201, repeated: 1) - SHA256: afdec6d181850c70a2c6f1f2222c5e36d0ac3a5b3a1ff285d9f24eae184a0248

                                        < body onload = "window.inDapIF = true;var js = document.createElement('script');js.src = 'https://http2.mlstatic.com/storage/melidata-web-sdk/js/3/0.0.68/melidata.min.js';document.body.appendChild(js);" >
                                    


HTTP Transactions (48)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 09:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9hyuJJeC6bfwxJn3UwM2kDYi0EserpDabxjovKjob0WBL_nFDTMv8g==
Age: 2605


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /html/8a2922_78851556e73f7076545dec98d3091029.html HTTP/1.1 
Host: afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         34.102.176.152
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: openresty/1.21.4.1
Date: Fri, 23 Sep 2022 09:57:32 GMT
Content-Length: 54135
X-GUploader-UploadID: ADPycdtbDBAAa3aCbS43Xm_4R-2Be698NYu1tH1okH8RcjPyFGTmfYEDFobrT4_-ZRlVTKGh_R9kmd1-NKjAGPTUSniXDpTo8ANL
x-goog-generation: 1534004356887429
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 54135
x-goog-meta-origin: awsus
x-goog-meta-base64md5: eIUVVuc/cHZUXeyY0wkQKQ==
x-goog-meta-md5: 78851556e73f7076545dec98d3091029
x-goog-hash: crc32c=MeRFhg==, md5=eIUVVuc/cHZUXeyY0wkQKQ==
x-goog-storage-class: STANDARD
Accept-Ranges: bytes
Expires: Fri, 23 Sep 2022 10:29:19 GMT
Cache-Control: public, max-age=15552000, immutable
Last-Modified: Sat, 11 Aug 2018 16:19:16 GMT
ETag: "78851556e73f7076545dec98d3091029"
Age: 1693
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Seen-By: gcp.us-central-1.media-router-765d45dbd8-2db96
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28223)
Size:   54135
Md5:    78851556e73f7076545dec98d3091029
Sha1:   e5b707a71e9af0ebc2fbfbdef9c67aab2b6e39ea
Sha256: 285baea6227ac9b6b5811079395567f81f1a09bc44a6bcd08dc8c8f523f97f14

Alerts:
  Blocklists:
    - openphish: Mercado Libre
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19008
Expires: Fri, 23 Sep 2022 15:14:20 GMT
Date: Fri, 23 Sep 2022 09:57:32 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: P5cfhXdqL87NZiYeUzBfR8iqDNRXEORKDHCHHCfatBQntesi2Vpu1g==
age: 19338
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 23 Sep 2022 09:57:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ui/webfonts/v3.0.0/proxima-nova/proximanova-light.woff2 HTTP/1.1 
Host: http2.mlstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.179
HTTP/2 200 OK
                                        
content-type: font/woff2
server: Tengine
x-amz-id-2: LrOuCO0ODm4a+h78AzvKuHkvIfLcmcZPf5yCePhV2STI6PW/3DgVz59jh/f7B50zDgFwrexNjG8=
x-amz-request-id: RWXQ346VPXH5GFVH
x-amz-replication-status: COMPLETED
last-modified: Tue, 07 Jun 2022 03:26:46 GMT
etag: "0de1fd16bf20e0b68646e390d439ab42"
x-amz-server-side-encryption: AES256
x-amz-version-id: C4CTuYdIvDB_0NcYDhbmfHFUFBfVxB.Q
accept-ranges: bytes
x-request-id: 0a5d3712-8cad-4a0f-9753-af79942a9d8d
x-request-device-id: 0a5d3712-8cad-4a0f-9753-af79942a9d8d
x-d2id: 0a5d3712-8cad-4a0f-9753-af79942a9d8d
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 09:57:32 GMT
content-length: 14099
x-cdn: a
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 14076, version 3.131\012- data
Size:   14099
Md5:    8e5f280b6447af2263926b0324e05852
Sha1:   11342c24e0abede2de649c76c19b60a7890d1dcc
Sha256: 8c7f42e73d1ab70c305bca15028228419e691f2ee55f8843b76c92193af9d3ee
                                        
                                            GET /ui/webfonts/v3.0.0/proxima-nova/proximanova-semibold.woff2 HTTP/1.1 
Host: http2.mlstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.179
HTTP/2 200 OK
                                        
content-type: font/woff2
server: Tengine
x-amz-id-2: 5KmBx+93CR8rb/uC3jLCp6ddU0/IvaQE4mudbaO8DU7gVuq+Pz8k1xp1d12gNuzWKZjr2EVibvs=
x-amz-request-id: RWXV1BJ7DC32ZCAF
x-amz-replication-status: COMPLETED
last-modified: Tue, 07 Jun 2022 03:26:52 GMT
etag: "a173db3743be3e63644aab4c442c169e"
x-amz-server-side-encryption: AES256
x-amz-version-id: QXtxTjNIRBQpICBRMemGkscbfcpzhxcO
accept-ranges: bytes
x-request-id: 7c6f5123-e281-458d-947e-66a56d3f518c
x-request-device-id: 7c6f5123-e281-458d-947e-66a56d3f518c
x-d2id: 7c6f5123-e281-458d-947e-66a56d3f518c
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 09:57:32 GMT
content-length: 13767
x-cdn: a
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13744, version 3.131\012- data
Size:   13767
Md5:    47d8ad8e357234e3ac56431b6a375e5f
Sha1:   20c17d806b6acb5a5a479356bb04b32efdc2aa2f
Sha256: ebc9678e550b93d31b66068f7c5ad3fca5f14eb7fd9689a59ce9c3901fb4333c
                                        
                                            GET /ui/webfonts/v3.0.0/proxima-nova/proximanova-regular.woff2 HTTP/1.1 
Host: http2.mlstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.179
HTTP/2 200 OK
                                        
content-type: font/woff2
server: Tengine
x-amz-id-2: 3ggIgvDh78nj+lWhxyYcZt6BYRkCV2Ixg+8ncpJ09dPFKUDXLqt6IUGlQms8HwOiwSFz5jYooEM=
x-amz-request-id: RWXVQ4XH4FJ4V2BR
x-amz-replication-status: COMPLETED
last-modified: Tue, 07 Jun 2022 03:26:49 GMT
etag: "67ff311675dbd02ddb898f02af6fddaf"
x-amz-server-side-encryption: AES256
x-amz-version-id: MocYTiXX0FcyQ3NLXQ4zZuxDhFDOReik
accept-ranges: bytes
x-request-id: 898c2f0d-fe3b-4d09-beba-c38a4e56ee39
x-request-device-id: 898c2f0d-fe3b-4d09-beba-c38a4e56ee39
x-d2id: 898c2f0d-fe3b-4d09-beba-c38a4e56ee39
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 09:57:32 GMT
content-length: 14099
x-cdn: a
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 14076, version 3.131\012- data
Size:   14099
Md5:    6c8a9a935f8302fc92ec49b1e0c3f2c5
Sha1:   d55240513d610c629aba62dafa55951da416a441
Sha256: d2ac471b314cd74ee9f95d0125fe8adcbc56947d40b9df1a18141ff6131eb73f
                                        
                                            GET /ui/webfonts/v4.2.0/proxima-nova/700-900.css HTTP/1.1 
Host: http2.mlstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.179
HTTP/2 200 OK
                                        
content-type: text/css
server: Tengine
x-amz-id-2: eNZdIRJZXGMQ2f+25yjxsevAmTVgCTbXWkZ9M6hiCxBrg1UnlPUkTS3TP7pObtqcoaaxtUGI2XU=
x-amz-request-id: Y0MXTJZ4TFSCNW7R
x-amz-replication-status: COMPLETED
last-modified: Wed, 08 Jun 2022 20:53:56 GMT
etag: W/"562b17cb0bf74f4e86a238538bfe7a5a"
x-amz-server-side-encryption: AES256
x-amz-version-id: qdMM9NTp0nPADjH9SOgtiM_Z8.pSCRWO
x-request-id: b7f19ef0-9827-4c13-ba83-ef04d187e7f7
x-request-device-id: b7f19ef0-9827-4c13-ba83-ef04d187e7f7
x-d2id: b7f19ef0-9827-4c13-ba83-ef04d187e7f7
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 102
content-encoding: br
x-envoy-decorator-operation: prod.assets-traffic.melifrontends.com
access-control-allow-origin: *
timing-allow-origin: *
content-length: 165
date: Fri, 23 Sep 2022 09:57:32 GMT
vary: Accept-Encoding
x-cdn: a
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (652), with no line terminators
Size:   165
Md5:    0feec52604ed2ed2456311bd3a108282
Sha1:   77c23766fa560ec5c053bb64265a7d77cb7f1bf5
Sha256: 026e30a65851df0d96b1fbfad5f7ca74b357d921c20dbb01e41ef9adaaad8904
                                        
                                            GET /ui/navigation/3.4.0/mercadopago/navigation.css HTTP/1.1 
Host: http2.mlstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.179
HTTP/2 200 OK
                                        
content-type: text/css
server: Tengine
x-amz-id-2: 8piuoTlRsB6Db+v8TDh+rosj+GwvBEDl1+9qfm3vCVJZlVSqE2VUqLBvgLoeu7W2z6YhpOGSB0w=
x-amz-request-id: CX3TWWR60RBZANPE
x-amz-replication-status: COMPLETED
last-modified: Thu, 23 Jun 2022 13:59:14 GMT
etag: W/"4295c0e12c39b4fb4ef6276ced4c36d6"
x-amz-server-side-encryption: AES256
x-amz-meta-x-swift-migration-status: migrated
x-amz-version-id: cWraBd6jexEW.J.2HRC__zOOfG69rWjM
x-amz-meta-x-timestamp: 1561432416
cache-control: public, max-age=31536000, immutable
content-encoding: br
x-envoy-upstream-service-time: 69
x-envoy-decorator-operation: prod.assets-traffic.melifrontends.com
x-request-id: 1c58d1f22ddccc868a9dfaf4d21c976b
x-request-device-id: 1c58d1f22ddccc868a9dfaf4d21c976b
x-d2id: 1c58d1f22ddccc868a9dfaf4d21c976b
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
timing-allow-origin: *
content-length: 2380
date: Fri, 23 Sep 2022 09:57:32 GMT
vary: Accept-Encoding
x-cdn: a
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12546)
Size:   2380
Md5:    45207e59ed2485ee6205e21b079a1a41
Sha1:   00f1e88415106213c9bb6fbddc5d8a3d6b713a5b
Sha256: 789baf35a75a0f8a0e645e0071c7a93e5f33750c9c2d4ab8597301620bdcdcf0
                                        
                                            GET /resources/frontend/statics/point-landings/pointMLABluetoothDesktop.84ef7fce.css HTTP/1.1 
Host: http2.mlstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.179
HTTP/2 502 Bad Gateway
                                        
content-type: text/html
content-length: 3781
server: Tengine
etag: "62bd1122-ec5"
x-request-id: a1af715f-4115-40b5-8ad9-882e81dce974
x-request-device-id: a1af715f-4115-40b5-8ad9-882e81dce974
x-d2id: a1af715f-4115-40b5-8ad9-882e81dce974
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, max-age=300
date: Fri, 23 Sep 2022 09:57:32 GMT
x-cdn: a
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size:   3781
Md5:    0cd89224a1cfccc4475d83bf192902f3
Sha1:   54b1f1c377c47ff35382ffc7b6f4d2424d95406d
Sha256: d86673a63a4581e80b35b11e7ff5a16b1bb6dcac441f5c7179f1d84e7b1db3b8
                                        
                                            GET /ui/navigation/3.4.0/mercadopago/logo__large.png HTTP/1.1 
Host: http2.mlstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://http2.mlstatic.com/ui/navigation/3.4.0/mercadopago/navigation.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         23.36.76.179
HTTP/2 200 OK
                                        
content-type: image/png
content-length: 2018
server: Tengine
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
accept-ch: device-memory, dpr, viewport-width, rtt, downlink, ect, save-data
accept-ch-lifetime: 60
cache-control: public, max-age=31536000, immutable
etag: "7e2-ZnqNeZr0UX2g6JLpyLODcrDPszI"
x-envoy-upstream-service-time: 58
x-envoy-decorator-operation: prod.imageoptim.melifrontends.com
x-request-id: 21df408d-26d8-4320-9e85-73c01c22fdb4
x-request-device-id: 21df408d-26d8-4320-9e85-73c01c22fdb4
x-d2id: 21df408d-26d8-4320-9e85-73c01c22fdb4
access-control-allow-origin: *
timing-allow-origin: *
date: Fri, 23 Sep 2022 09:57:33 GMT
x-cdn: a
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 142 x 37, 8-bit colormap, non-interlaced\012- data
Size:   2018
Md5:    4f3f409ec20b9f634aa18fd53ebeedb1
Sha1:   667a8d799af4517da0e892e9c8b38372b0cfb332
Sha256: 78dbf8fcf3ce6414369917bdcb05216a40d7de3f4ac3f57358388be56be08df8
                                        
                                            GET /ui/navigation/3.4.0/mercadopago/navigation.woff2 HTTP/1.1 
Host: http2.mlstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com
Connection: keep-alive
Referer: https://http2.mlstatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.179
HTTP/2 200 OK
                                        
content-type: application/octet-stream
content-length: 1608
server: Tengine
x-amz-id-2: s9YKYiC+jUQf3x7PtywlzSvQlHifLmTO7wz5r1/t1bVM7p+Dg31qNs9tTnJrAaHa++4jw4eABuQ=
x-amz-request-id: PRAYVGC8PJ5GT8D4
x-amz-replication-status: COMPLETED
last-modified: Thu, 23 Jun 2022 13:59:15 GMT
etag: "452569653c8f86198d4c83d2a13498f5"
x-amz-server-side-encryption: AES256
x-amz-meta-x-swift-migration-status: migrated
x-amz-version-id: HlDEGdNeNJnuaclDnEDDzUWEkGOzLTnj
x-amz-meta-x-timestamp: 1561432416
accept-ranges: bytes
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 46
x-envoy-decorator-operation: prod.assets-traffic.melifrontends.com
x-request-id: 3ec71ea4-555a-4e18-9c75-619fac466fe2
x-request-device-id: 3ec71ea4-555a-4e18-9c75-619fac466fe2
x-d2id: 3ec71ea4-555a-4e18-9c75-619fac466fe2
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
timing-allow-origin: *
date: Fri, 23 Sep 2022 09:57:33 GMT
x-cdn: a
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 1608, version 1.0\012- data
Size:   1608
Md5:    452569653c8f86198d4c83d2a13498f5
Sha1:   a619ebfa324dc57a72d662f35c832802582c3443
Sha256: 6e8e78b24d66c6d6595dc83efb8f4060d652a9d60cb88a1ae92021a3cbc94fbd
                                        
                                            GET /storage/melidata-web-sdk/js/3/0.0.68/melidata.min.js HTTP/1.1 
Host: http2.mlstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.179
HTTP/2 200 OK
                                        
content-type: application/javascript
server: Tengine
x-amz-id-2: L43QkO6JmyYu8V4+nU9yIOoZl8DTtelg6JSNMhgKsddDxop8veumcfum88boMIHoerAbYC0GxZk=
x-amz-request-id: J135SY3HP841QGD2
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Aug 2020 16:47:01 GMT
etag: "8f97a069c3e2f8c098e211ca1335f396"
x-amz-server-side-encryption: AES256
x-amz-version-id: bhOAmc42d79RwDLA2IjoLV37Xef0YauN
accept-ranges: bytes
x-request-id: d3302de6-52fc-4945-a0ff-e36714698a91
x-request-device-id: d3302de6-52fc-4945-a0ff-e36714698a91
x-d2id: d3302de6-52fc-4945-a0ff-e36714698a91
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 09:57:33 GMT
content-length: 7969
x-cdn: a
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21390), with no line terminators
Size:   7969
Md5:    b63f16af9bf5ec791996ed411117b81f
Sha1:   9681a37a3313aedb11030b9b458559fb39086664
Sha256: 94f3d70c3647450180dfbf04b44e0d48a6d23607073682a9304700e814baf626
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 23 Sep 2022 09:19:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 50O2iOYo2vLOtNKR6_xqkYB6Y5RC_ml4e02q7Ix_UZ3lgNqZpkK01g==
Age: 3251


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 09:57:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ui/navigation/3.4.0/mercadopago/152x152-precomposed.png HTTP/1.1 
Host: http2.mlstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.179
HTTP/2 200 OK
                                        
content-type: image/png
content-length: 2349
server: Tengine
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
accept-ch: device-memory, dpr, viewport-width, rtt, downlink, ect, save-data
accept-ch-lifetime: 60
cache-control: public, max-age=31536000, immutable
etag: "92d-l4pY14V04tCzQnv4Aj97xMzrvco"
x-envoy-upstream-service-time: 78
x-envoy-decorator-operation: prod.imageoptim.melifrontends.com
x-request-id: b03cebab-a120-4fa2-9953-0e63ab191843
x-request-device-id: b03cebab-a120-4fa2-9953-0e63ab191843
x-d2id: b03cebab-a120-4fa2-9953-0e63ab191843
access-control-allow-origin: *
timing-allow-origin: *
date: Fri, 23 Sep 2022 09:57:33 GMT
x-cdn: a
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 152 x 152, 8-bit colormap, non-interlaced\012- data
Size:   2349
Md5:    276ec37154d7932ddb3442fe91176a2d
Sha1:   978a58d78574e2d0b3427bf8023f7bc4ccebbdca
Sha256: e1eaddaa904216f3d8d128f2f0d7d6ae36eb091a3761567b9765e74d18e556df
                                        
                                            GET /resources/frontend/statics/point-landings/vendor.4e692d52.js HTTP/1.1 
Host: http2.mlstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.179
HTTP/2 502 Bad Gateway
                                        
content-type: text/html
content-length: 3781
server: Tengine
etag: "62bd1122-ec5"
x-request-id: 6d814aad-79b1-4914-aa66-bdd3e8cddaba
x-request-device-id: 6d814aad-79b1-4914-aa66-bdd3e8cddaba
x-d2id: 6d814aad-79b1-4914-aa66-bdd3e8cddaba
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, max-age=300
date: Fri, 23 Sep 2022 09:57:33 GMT
x-cdn: a
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size:   3781
Md5:    0cd89224a1cfccc4475d83bf192902f3
Sha1:   54b1f1c377c47ff35382ffc7b6f4d2424d95406d
Sha256: d86673a63a4581e80b35b11e7ff5a16b1bb6dcac441f5c7179f1d84e7b1db3b8
                                        
                                            GET /gtm.js?id=GTM-WPNTP5L HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
                                        
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Sep 2022 09:57:33 GMT
expires: Fri, 23 Sep 2022 09:57:33 GMT
cache-control: private, max-age=900
last-modified: Fri, 23 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85032
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (58895)
Size:   85032
Md5:    0ddf2517e316cb6764b3ad77cf8ada6b
Sha1:   c122e62db8724c2cb8d91b463b2cc38ce614a2bf
Sha256: 8b3b4a05d755a07a9136f53d785cbba0471798808eceba3a1a7ee9cb7b204fe9
                                        
                                            GET /resources/frontend/statics/point-landings/pointMLABluetoothDesktop.03155c15.js HTTP/1.1 
Host: http2.mlstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.179
HTTP/2 502 Bad Gateway
                                        
content-type: text/html
content-length: 3781
server: Tengine
etag: "62bd1122-ec5"
x-request-id: 329519f9-b651-4c49-b7b1-d520023f34ae
x-request-device-id: 329519f9-b651-4c49-b7b1-d520023f34ae
x-d2id: 329519f9-b651-4c49-b7b1-d520023f34ae
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, max-age=300
date: Fri, 23 Sep 2022 09:57:33 GMT
x-cdn: a
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size:   3781
Md5:    0cd89224a1cfccc4475d83bf192902f3
Sha1:   54b1f1c377c47ff35382ffc7b6f4d2424d95406d
Sha256: d86673a63a4581e80b35b11e7ff5a16b1bb6dcac441f5c7179f1d84e7b1db3b8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2376
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 09:57:33 GMT
Last-Modified: Fri, 23 Sep 2022 09:17:57 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 09:57:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /nr-1071.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.137
HTTP/2 200 OK
                                        
x-amz-id-2: X4OmIxHECzh1nuls85gMw9R9M0YziqqQ3gTF1TSthkm6bJOvqq1T6qw3baP7FLqgPwwdum4c3ow=
x-amz-request-id: 44AJY2P3Q90DJKHP
last-modified: Wed, 28 Feb 2018 23:33:31 GMT
etag: "a1a545c95f313a230157b47dca555c25"
x-amz-version-id: null
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 23 Sep 2022 09:57:33 GMT
via: 1.1 varnish
x-served-by: cache-bma1667-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1663927053.273478,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 9086
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (23651), with no line terminators
Size:   9086
Md5:    ea7d98da6b8048d3c3905a1c8c7413f1
Sha1:   222c966ad76450aefe8c8e8575678dd7733696bc
Sha256: 1ea4b27f6a8e25490b451cd0f484bb5f7ccf7031175f28f74ee14024461eef6a
                                        
                                            GET /ui/navigation/3.4.0/mercadopago/favicon.ico HTTP/1.1 
Host: http2.mlstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.179
HTTP/2 200 OK
                                        
content-type: image/vnd.microsoft.icon
server: Tengine
x-amz-id-2: afVj3Jt8we3KcY6Gp6UpaWqjynnyjqzgkA7tGn4udtOOj6OZfn/iTiqedKk0cKkv/b62uXLDaqs=
x-amz-request-id: 9CV55AT5H3JMAX54
x-amz-replication-status: COMPLETED
last-modified: Thu, 23 Jun 2022 13:59:15 GMT
etag: "6fba98024bc893a697ddcccf6dd3abb2"
x-amz-server-side-encryption: AES256
x-amz-meta-x-swift-migration-status: migrated
x-amz-version-id: _Lbo0JZ1IfgbN.nZYE4TF1oUXWAUF89P
x-amz-meta-x-timestamp: 1561432416
accept-ranges: bytes
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 65
x-envoy-decorator-operation: prod.assets-traffic.melifrontends.com
x-request-id: f291362e-f84e-414a-bf6f-ca36ff842aee
x-request-device-id: f291362e-f84e-414a-bf6f-ca36ff842aee
x-d2id: f291362e-f84e-414a-bf6f-ca36ff842aee
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 09:57:33 GMT
content-length: 5194
x-cdn: a
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   5194
Md5:    ef6e0caf900d7dd826a704deae8c8205
Sha1:   d3f3e1ce40e73d5a872cb75f64937cea7f26b985
Sha256: 466975542fe10fe957b3db67e3e27d76998c6185a963fa282f0dfb2fd2312642
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1030
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 09:57:33 GMT
Last-Modified: Fri, 23 Sep 2022 09:40:23 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5504
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 09:57:33 GMT
Last-Modified: Fri, 23 Sep 2022 08:25:49 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ga/mla-mp-analytics.min.gz.js HTTP/1.1 
Host: analytics.mlstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.8
HTTP/1.1 502 Bad Gateway
Content-Type: text/html
                                        
Content-Length: 3781
Server: Tengine
ETag: "632bd3bd-ec5"
X-Request-Id: 9ce12ae3-d3c1-4cf0-82b3-50cc867e8847
X-Request-Device-Id: 9ce12ae3-d3c1-4cf0-82b3-50cc867e8847
X-D2id: 9ce12ae3-d3c1-4cf0-82b3-50cc867e8847
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Date: Fri, 23 Sep 2022 09:57:33 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size:   3781
Md5:    0cd89224a1cfccc4475d83bf192902f3
Sha1:   54b1f1c377c47ff35382ffc7b6f4d2424d95406d
Sha256: d86673a63a4581e80b35b11e7ff5a16b1bb6dcac441f5c7179f1d84e7b1db3b8
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.14
HTTP/2 200 OK
                                        
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: NrXMayDftUL641VPRPK34tffu1o9Lp3ZraJlH6AZIu4A7JBC8sLffmkYSU595QxaRHm+nyWU5scSyB8aFpAM2Q==
priority: u=3,i
content-length: 26839
x-fb-trip-id: 1679558926
date: Fri, 23 Sep 2022 09:57:33 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   26839
Md5:    9ecd89752214ef749272eef344b9089a
Sha1:   70a58a49c08934265ee34c74efb01d6b3124095d
Sha256: f76c51487e348977288fcaf83984cd8fe4e73758cc352402774d9eb94680d528
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5504
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 09:57:33 GMT
Last-Modified: Fri, 23 Sep 2022 08:25:49 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /1/3009922991?a=57775993&v=1071.385e752&to=bgRaYENYWBdWABdfXVdOfUxBS1MXRAkQGXV8NRcbXEkbBUUEBlhGUA9ZG0FWXwpDTApYRFAVXRsLWlkRRwwN&rst=1192&ref=http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/html/8a2922_78851556e73f7076545dec98d3091029.html&ap=191.269102&be=329&fe=906&dc=763&tt=c627552bc34c10&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1663927051407,%22n%22:0,%22f%22:-10,%22dn%22:-10,%22dne%22:-6,%22c%22:-6,%22ce%22:1,%22rq%22:102,%22rp%22:231,%22rpe%22:249,%22dl%22:306,%22di%22:680,%22ds%22:762,%22de%22:764,%22dc%22:905,%22l%22:905,%22le%22:909%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 403 Forbidden
Content-Type: text/plain;charset=UTF-8
                                        
Date: Fri, 23 Sep 2022 09:57:33 GMT
Content-Length: 2
Connection: keep-alive
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f26ab389a1b523-OSL


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jTZcTbkKTfd+yBSunfB/jg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.89.17.198
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6gaLLOlY3KA18sVyClN/QJKqXPk=

                                        
                                            POST /tracks HTTP/1.1 
Host: data.mercadolibre.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 1154
Origin: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/

                                         
                                         54.230.111.97
HTTP/1.1 400 Bad Request
Content-Type: application/json;charset=UTF-8
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 23 Sep 2022 09:57:33 GMT
Server: Tengine
Set-Cookie: _d2id=00d434b3-8ec4-40b3-b2bb-355d2e1ee844-n; Path=/; Domain=.mercadolibre.com; Expires=Sat, 23 Sep 2023 09:57:33 GMT
x-api-server-time: 1663927053507
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-encoding: gzip
vary: Accept-Encoding
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.melidata-api.melifrontends.com
X-Request-Id: 00d434b3-8ec4-40b3-b2bb-355d2e1ee844
X-Request-Device-Id: 00d434b3-8ec4-40b3-b2bb-355d2e1ee844
X-D2id: 00d434b3-8ec4-40b3-b2bb-355d2e1ee844
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
X-Cache: Error from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8TJejIP6RZtG-NLUqaWbxjvWjeXHvIk5fu0rxWjVNBAUbGn0yrF5ZQ==


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1295), with no line terminators
Size:   463
Md5:    416849f39f217baa953926aaf419baf8
Sha1:   6b31b5acc2678cd3e1214f72dce8d1cf15ff8010
Sha256: 17faf342539a640d704e9436b71805cb902948ed386f79dcd3bc266b894a2d22
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5946
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 09:57:33 GMT
Last-Modified: Fri, 23 Sep 2022 08:18:27 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /tags?type=iframe&id=pr_2It0QMmvDooyx0qqgIry&id=pr_2It0QMmvDooyx0qqgIry_lid_f3UbiZr1bQjLOa5HENgS&su=http%3A%2F%2Fafe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com%2Fhtml%2F8a2922_78851556e73f7076545dec98d3091029.html&sr=&ts=1663927052588 HTTP/1.1 
Host: us.creativecdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.184.10.30
HTTP/2 302 Found
                                        
date: Fri, 23 Sep 2022 09:57:33 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=4GBMRUZ6Ci2SPzzAiBPe;Path=/;Domain=.creativecdn.com;Expires=Sat, 23-Sep-2023 09:57:33 GMT;Max-Age=31536000;Secure;SameSite=None ts=1663927053;Path=/;Domain=.creativecdn.com;Expires=Sat, 23-Sep-2023 09:57:33 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://us.creativecdn.com/tags?type=iframe&id=pr_2It0QMmvDooyx0qqgIry&id=pr_2It0QMmvDooyx0qqgIry_lid_f3UbiZr1bQjLOa5HENgS&su=http%3A%2F%2Fafe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com%2Fhtml%2F8a2922_78851556e73f7076545dec98d3091029.html&sr=&ts=1663927052588&tc=1
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /tags?type=iframe&id=pr_2It0QMmvDooyx0qqgIry&id=pr_2It0QMmvDooyx0qqgIry_lid_f3UbiZr1bQjLOa5HENgS&su=http%3A%2F%2Fafe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com%2Fhtml%2F8a2922_78851556e73f7076545dec98d3091029.html&sr=&ts=1663927052588&tc=1 HTTP/1.1 
Host: us.creativecdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.184.10.30
HTTP/2 204 No Content
                                        
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=361293025839139&ev=PageView&dl=http%3A%2F%2Fafe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com%2Fhtml%2F8a2922_78851556e73f7076545dec98d3091029.html&rl=&if=false&ts=1663927053771&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663927053770.1123228839&it=1663927052723&coo=false&tm=1&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
                                        
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Fri, 23 Sep 2022 09:57:34 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   86282
Md5:    8b573a4b0400e72c177b3be4fdd88161
Sha1:   974ee1be29087d81ad53f93ba36e9f38e0ccfb58
Sha256: db089ce9e3d519307a9fc25c9c1402abda79227d45a5713a78946caf6f3ad647
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9343
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 09:57:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9343
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 09:57:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9343
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 09:57:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9343
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 09:57:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9343
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 09:57:34 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6uqNnpll2kgC_0_t5e9yp0AgFAvprQq_GF_jgwj2sX2TE9S1l023Aw==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 03:58:47 GMT
age: 21527
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10279
Md5:    8ea5f06ad31f0cedd2cb5c6df82f35f4
Sha1:   60a83a1618ffae06e49ca3002bac1db9980dcfe8
Sha256: 5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KKYAef15NoI3It5UfVcqhPx50Fr6IK7O2VFasuAILVN9PP8CH1_7Ng==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:58:25 GMT
age: 43149
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10127
Md5:    b877ead4a15221fdd278ef27f281a7ec
Sha1:   48c10714503e8dfdd3e3c3d39b919ef2792f0d15
Sha256: f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5ur411n5hU7eWb68iExZCUrhpCybRyTBHCi72ra8dS2kd3UhW8sb1A==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:59:00 GMT
age: 43114
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8029
Md5:    02a682b4703bb9d6381c762726c05531
Sha1:   1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
Sha256: fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:04:45 GMT
age: 42769
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5340
Md5:    3b318ea5c36d2b22b925f7dfe382df5f
Sha1:   0264e73c4cfff0bb255757c7e1c760a5ad3ece80
Sha256: 0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac33f06-9198-44a5-b43b-9cbcc092cf52.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9481
x-amzn-requestid: d527d22a-6822-4b90-b9cb-034f58f73c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0IGl7oAMFSKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4e7-13a676d9596cbd20663d2d8f;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V8vtLV7n0bPpR5xQtqcH6WK7uBV4ObaMdy_9qN_TtISqAozEwPe0hA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:12:22 GMT
age: 42312
etag: "4156c37b612d5fb99c6b061187a3cb0b314ae4a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9481
Md5:    1eab8da8cc1495a0221efadddd1a0bcc
Sha1:   4156c37b612d5fb99c6b061187a3cb0b314ae4a8
Sha256: 2fc5dbd9216f775cd305de80d17db2e6c74abcb1e30bfa7065c4d763a7345026
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10822
x-amzn-requestid: 0cec2f7d-e906-4f5f-baa7-5d8a1a7c6820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2P7bEeQoAMFhGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bf9e2-5bdf18be72eed24028034edb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 06:00:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Pj5hSr5LtIWPRDYjHxp8-K8gVghjf8GlO-FnXDvxscJqdygfZH8hIA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 19:36:01 GMT
age: 51693
etag: "dd94d525ad264856a0fdcb7a4b1faa2d68c3f68b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10822
Md5:    948abf9bedd1bd67010284080ba06d01
Sha1:   dd94d525ad264856a0fdcb7a4b1faa2d68c3f68b
Sha256: 236639cc2279c6f269dd521796a087a40b43b252cb55faf3e4214cbdc8369a62
                                        
                                            GET /c/hotjar-492923.js?sv=7 HTTP/1.1 
Host: static.hotjar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afe79950-be7c-48b2-b461-8945dc0ba14d.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.98
HTTP/2 200 OK
                                        
content-type: application/javascript; charset=UTF-8
date: Fri, 23 Sep 2022 09:57:16 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/4b6e166fcdb42c33545c740bdae51939
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IVb4xOgXkabS4bFvu39MNqrRoSHuY6jhE6AwEqWuQpLknxISnNBc8A==
age: 17
X-Firefox-Spdy: h2


--- Additional Info ---