kabab.ga/
185.143.234.120301 Moved Permanently 0 B IP 185.143.234.120:0
ASN #202468 Noyan Abr Arvan Co. ( Private Joint Stock)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: kabab.ga
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 08 Oct 2022 17:11:16 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=65
Location: https://kabab.ga/
Server: ArvanCloud
X-XSS-Protection: 1; mode=block
AR-PoweredBy: Arvan Cloud (arvancloud.com)
AR-SID: 6450
AR-ATIME: 0.002
AR-Request-ID: ab3d5d14e8a4ded16a66349ff639b5ab
firefox.settings.services.mozilla.com/v1/
54.230.111.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1aac651ec250c598683dd17ca2002c07
11595ac82e017f95190c2a36dc77323a3fedcbfc
93fa640d042452ae8455d026e30e3b4594c13d4be65f3552a4b5edae027c02f9
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Content-Length, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 08 Oct 2022 16:47:20 GMT
Expires: Sat, 08 Oct 2022 17:23:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _pp6DeZouATC7Sc6_5P8_QU7cUBzM7Cm67_VTPidKMaYa07zk-jiAw==
Age: 1436
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1273d41c84b2b39f78a8033130d00282
556757697b70e019ed502585fcc888e2403f3229
ee3c03cc0a659fbc43d34feaa79a8ad6627b9c525d675956cdb434c1590db89e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5323
Expires: Sat, 08 Oct 2022 18:39:59 GMT
Date: Sat, 08 Oct 2022 17:11:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7825
Expires: Sat, 08 Oct 2022 19:21:41 GMT
Date: Sat, 08 Oct 2022 17:11:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tOBYvMDXu9JULCUx6QIqSryDvQR7Z2X7VW2//WPOIziBRMe5CqV8Inlm/s3GWttdnrdxnKNV2DM=
x-amz-request-id: S4F610R8HT3S1P46
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 08 Oct 2022 16:31:43 GMT
age: 2373
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 17:11:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 57521bdf8d47ce6f14404bf7cdf50d63
ed96f1fb33cafe88be3fe98aefcb2b757609d697
a8597e2379e86d40cb0aa588dc7287e009a2a908f9ab4c1f7c76765072840d0a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8597E2379E86D40CB0AA588DC7287E009A2A908F9AB4C1F7C76765072840D0A"
Last-Modified: Sat, 08 Oct 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 08 Oct 2022 23:11:17 GMT
Date: Sat, 08 Oct 2022 17:11:17 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 08 Oct 2022 16:29:41 GMT
Expires: Sat, 08 Oct 2022 17:23:35 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SL7JNh08un8JNm8kXZBTWD145rNW1bVPrMwwbgnscM8o1tEdtJkVyg==
Age: 2496
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5479444ef227af03029fbb9d154f0107
0563678ec07ab3707b716ca4c638ece4c8ad7de4
4850d49786a140003b90ae108104ffbfe80a6e0d9f584656a09f0fff11dc9d0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4291
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 17:11:17 GMT
Last-Modified: Sat, 08 Oct 2022 15:59:46 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.160.51.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.51.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: y2TUuM5PrXYGC2JxEza25g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IUp6tQcgVnaCgT9wfTQpAF9Xfgk=
ocsp.starfieldtech.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 45ec0404d79b9bfcb88b8dababd77794
c22ba4b08ca82a15d11a048051a528939afa2f6e
7b6c8610a98e10a4241c18d8000a24c4e352737179f1907d4b2f6109eb8f760b
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 08 Oct 2022 17:11:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 07 Oct 2022 21:09:56 GMT
Expires: Sat, 08 Oct 2022 21:09:56 GMT
ETag: "c22ba4b08ca82a15d11a048051a528939afa2f6e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6367
Expires: Sat, 08 Oct 2022 18:57:25 GMT
Date: Sat, 08 Oct 2022 17:11:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6367
Expires: Sat, 08 Oct 2022 18:57:25 GMT
Date: Sat, 08 Oct 2022 17:11:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6367
Expires: Sat, 08 Oct 2022 18:57:25 GMT
Date: Sat, 08 Oct 2022 17:11:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6367
Expires: Sat, 08 Oct 2022 18:57:25 GMT
Date: Sat, 08 Oct 2022 17:11:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57a0ead-deef-46c2-985b-fb7ba539285b.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57a0ead-deef-46c2-985b-fb7ba539285b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bc50d1380ae8fc980ae1cc38f2371c7
be79aecfd7eefa89c409ed743402a292ff0ce6c0
43e015802ba453d4cd79984b53efa8a529ece62760f6693f9daeb2388179201f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57a0ead-deef-46c2-985b-fb7ba539285b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6366
x-amzn-requestid: ddcd915d-2606-4243-969e-19fb02b5b6d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1EJGoSIAMFcSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409bb3-1c7bd17a2dcdd25e4da6d346;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:35:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Cm4uaStVKEsemoOHrc04J9qNysQJoMB7-R8LEzmlRXt47mpXi2NRPA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:50:12 GMT
age: 69666
etag: "be79aecfd7eefa89c409ed743402a292ff0ce6c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff4d93b-bc27-41dd-ad6a-5d295cfb6472.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff4d93b-bc27-41dd-ad6a-5d295cfb6472.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7dcf23b32642f7a82a0a7d734a631bca
9dc8bd1a00dcb896fade6d3112ef53439ecb8fe7
add9aab4427819610f8d693758a752910cf314346e974b7636a82381ab9daa4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff4d93b-bc27-41dd-ad6a-5d295cfb6472.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4252
x-amzn-requestid: 8d6a225c-6389-4f20-9b90-494841f47c99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1R4GjCIAMFX-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409c0b-4076dc933185d9fd6b68e802;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:37:15 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Wb1JAlWtR9sSEi_KuYZivvMivSxZjo92LGpWgFppol5zgapK6eQ-dg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:37:16 GMT
etag: "9dc8bd1a00dcb896fade6d3112ef53439ecb8fe7"
content-type: image/jpeg
age: 70442
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e9e3511-179a-47a1-a41a-7b5f6ecbf14f.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e9e3511-179a-47a1-a41a-7b5f6ecbf14f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6207431ae268d805fb92237925c8fc0
075b576b0d47e0f6cbbb9dc85f87e8ca4e8eca87
bb8966bd5b80f1ba6c974925df0610e0a219759ab92df062e135baae02fa0071
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e9e3511-179a-47a1-a41a-7b5f6ecbf14f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5440
x-amzn-requestid: c9408e3c-29f6-4a53-b09d-0c3f49e99287
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp3AzFQ3oAMF_Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409ed1-1da6e8c500879b080c66fdfe;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:49:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bpAfspjZlm1y-CxYtXbhfwPHzcNxLJGVh_j685Z-TvTV-kdRttBjhg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 22:11:50 GMT
etag: "075b576b0d47e0f6cbbb9dc85f87e8ca4e8eca87"
content-type: image/jpeg
age: 68368
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ceff04a-841a-487e-8a19-5bf8deb18775.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ceff04a-841a-487e-8a19-5bf8deb18775.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c656736249c63b689259baf51691e164
f64c6152a5e4591e93e4a7b199785f1486354602
f4a342ef5a47b99e74d467dd23c9190bda65f8b58dfb469be07a5819f61f80f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ceff04a-841a-487e-8a19-5bf8deb18775.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9270
x-amzn-requestid: cbab3d28-6a82-4dcb-893f-2d65f62964b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1R5H7MoAMFjtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409c0b-0742c17042e08a403c3afcfb;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:37:15 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vvIXg3LNlltrHMME43_Z3L-qUTocl70oRb3qQnUyj3PQFaasDGijSQ==
via: 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:37:16 GMT
etag: "f64c6152a5e4591e93e4a7b199785f1486354602"
content-type: image/jpeg
age: 70442
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: Y_VpleudG3M2sQd7mFGVhPvfULiNQl3YY8xuhiTnTE5VIC64O8vqMA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:44:19 GMT
age: 70019
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kabab.ga/
185.143.234.120302 Found 5.2 kB IP 185.143.234.120:0
ASN #202468 Noyan Abr Arvan Co. ( Private Joint Stock)
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5c4757ceb6dce32d0f9d26d5b3df038
d8209d82f61c7a09e00756e5dd32c99bc61af4a8
6aa007279ba4cdea3f772e0601e4082d40ee947ef8cc1201ce0009fb42ca9885
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: kabab.ga
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 08 Oct 2022 17:11:18 GMT
content-type: text/html; charset=utf-8
location: https://shortener.secureserver.net/error_404
server: ArvanCloud
x-xss-protection: 1; mode=block
ar-poweredby: Arvan Cloud (arvancloud.com)
ar-sid: 6450
ar-atime: 1.089
ar-cache: BYPASS
ar-request-id: 679d342216566edb174fc49c5e4ba126
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/7c4a123069c201ce75da66eda7f84144/uxcore2.min.css
23.36.79.18200 OK 24 kB URL HTTP/2 img6.wsimg.com/wrhs/7c4a123069c201ce75da66eda7f84144/uxcore2.min.css
IP 23.36.79.18:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 3f7ef4f31b19aa8f0b8e55eae4c1464a
9828d13e8cd14a385f438915b7bb2dafc90488b3
2b76a95c1bc1f4b1adfeba440f29ada165b415597355c0cc6d251b06b0a2f1ab
GET /wrhs/7c4a123069c201ce75da66eda7f84144/uxcore2.min.css HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
content-encoding: br
etag: "5d1957ac324416a4182d601710634bfa"
last-modified: Mon, 22 Aug 2022 19:16:59 GMT
vary: Accept-Encoding
x-amz-id-2: Z8uisexJrVtlwidXodjNs/C6Re7YYSX1TelTOgmnXAtqtWHy00F1lwl0Ga41aDg+pVNac6jQums=
x-amz-request-id: XWWHW7G3EBDC0NX4
x-amz-server-side-encryption: AES256
x-amz-version-id: vE3fFVJSbLrQBYG0Ytex6GB3K9Vm4K6b
content-length: 24301
cache-control: max-age=31536000
date: Sat, 08 Oct 2022 17:11:19 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/babel-core/5.8.23/browser.min.js
104.17.24.14200 OK 233 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/babel-core/5.8.23/browser.min.js
IP 104.17.24.14:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (32023)
Size 233 kB (232821 bytes)
Hash 7143179dd6f1c45f36de3b722d152ad6
ddd463334a8035d4f1b1f053d6a850629683a10e
a0dcfd7e90435e212eb2049c980ea0014f7a4f2ea064d25294735fb4a8cfe5a9
GET /ajax/libs/babel-core/5.8.23/browser.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 17:11:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 232821
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d6a-14bb0e"
last-modified: Mon, 04 May 2020 16:06:02 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10694941
expires: Thu, 28 Sep 2023 17:11:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xccW6Mfh3d19pXXN2xkYtrqM6cnCFE20zRm95TpyCby%2FzKmpt0l00nFTWuN857fcCW7lYh51Q%2B%2BBbPmyZ%2BQtHzawZwwRPI30ywi8jZBJXTnT16%2BXHfPQ2f7GzYCFMXWBsn3Q2mNz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75707eb8d8760b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
104.17.24.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32058)
Hash b51f9d778be466703e73aceee13d836d
cc5cd9dd2b48712dcf90f14a1ff19d729c43e378
f1e36d8f99614eef048fe3cb4275f3234536bff3e3b1b8f763f14a8a0cadab45
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shortener.secureserver.net
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 17:11:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 27277
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15283"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 917709
expires: Thu, 28 Sep 2023 17:11:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iReFvU%2BIyBQJSo4%2BLbpLFrTj444e1EOozv4CwN6CBNg9YR1wKGBLbjZzAIjIWvAC1IWGqjeZ2DnpSqBTNfMxWwDyvMV15oyd7FfEGAOpZd65%2B3H6YQNRPMOCWZXMlXN35zf%2Fbp9o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75707eb8de32b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/fe8b24892f96760c9dd36b9e6673e085/utilityheader.min.css
23.36.79.18200 OK 11 kB URL HTTP/2 img6.wsimg.com/wrhs/fe8b24892f96760c9dd36b9e6673e085/utilityheader.min.css
IP 23.36.79.18:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 33ae376cd6cac51840371ab224afe4d1
d56e51e6b22a75068f4bd6ba30a7b74f59aa015c
ac19e4f6f1a9f09dda62a21fdabca009aed4f8e40de9c7cbe43442ffdd5693bf
GET /wrhs/fe8b24892f96760c9dd36b9e6673e085/utilityheader.min.css HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
content-encoding: br
etag: "02fc06fbf92f87daf3dd028d66b696cd"
last-modified: Tue, 06 Sep 2022 22:23:01 GMT
vary: Accept-Encoding
x-amz-id-2: uCm9/raTyrAqhwfGSwNYWWGD4iKMcjvZcVFtzMbMfD7Tr48YWF+W3QqcCVtQvM/dZN+AGa0diuk=
x-amz-request-id: A9BNT316WYJKSFRY
x-amz-server-side-encryption: AES256
x-amz-version-id: CjoF9PIpu7KOLHemKIh3fNN2gOBU6Cb_
content-length: 10984
cache-control: max-age=31536000
date: Sat, 08 Oct 2022 17:11:19 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/44d932388379ed069764c5750d8799fe/tcc.min.js
23.36.79.18200 OK 27 kB URL HTTP/2 img6.wsimg.com/wrhs/44d932388379ed069764c5750d8799fe/tcc.min.js
IP 23.36.79.18:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash dd0c683c8d5b3e380a27f6969a050125
dc9187b3640cd2f95102ffd73b749bf3777e8f66
13e88d30bab1891aa663af57958f19985539a453c65020e16955cedc2447aff1
GET /wrhs/44d932388379ed069764c5750d8799fe/tcc.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "44d932388379ed069764c5750d8799fe"
last-modified: Thu, 06 Oct 2022 02:15:24 GMT
vary: Accept-Encoding
x-amz-id-2: cXu6ZEqJUI4xMgwvwGh70MbL7zpvmXkVKXq3zePSho/PcqjhX7eN75DBXhqfmbiHebKgF4vWH6M=
x-amz-request-id: VQ7SSHAEH8PSVPNS
x-amz-server-side-encryption: AES256
x-amz-version-id: SWJkKvYpxB1QWWYgeSvVgp_G3zLUb1Zz
content-length: 26759
cache-control: max-age=31536000
date: Sat, 08 Oct 2022 17:11:19 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
shortener.secureserver.net/error_404
45.40.140.1404 Not Found 126 kB URL HTTP/2 shortener.secureserver.net/error_404
IP 45.40.140.1:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22567)
Size 126 kB (125873 bytes)
Hash a53de51ca86eed0bee0a25ba7c6b2c6f
251051c1c1c406c33314188abc4e4db5e8eb39ed
67b979dc6595c16d80997f5218b66c39dec10eaef3ff83c99aa4c44339941112
GET /error_404 HTTP/1.1
Host: shortener.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
server: nginx/1.20.1
date: Sat, 08 Oct 2022 17:11:18 GMT
content-type: text/html; charset=utf-8
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/a1ec4030e9dc43d22a343bffd99b8514/vendor~uxcore2.min.js
23.36.79.18200 OK 65 kB URL HTTP/2 img6.wsimg.com/wrhs/a1ec4030e9dc43d22a343bffd99b8514/vendor~uxcore2.min.js
IP 23.36.79.18:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65464)
Hash ba86bd8e24b982eac94d0587fc32ec45
8ba79ced054aa1bb0c5a31546bf333d729441581
16f2e3b98ded7afb34d43f620b307efcbf52525446a5c9af2429df4aaf74f8e7
GET /wrhs/a1ec4030e9dc43d22a343bffd99b8514/vendor~uxcore2.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "a1ec4030e9dc43d22a343bffd99b8514"
last-modified: Mon, 22 Aug 2022 19:27:19 GMT
vary: Accept-Encoding
x-amz-id-2: R5B/pooN2M0dAFv/+RkAmjhUDs8guurRqIw8qezaBnPyjfisXcXfoWwN2ZSoMab8hOKWx20znvs=
x-amz-request-id: 9XKY7Z3FKQ9KGDWW
x-amz-server-side-encryption: AES256
x-amz-version-id: ttGpfVpj.G2mN.RDPPZI8OWmmArIEI1b
content-length: 65105
cache-control: max-age=31536000
date: Sat, 08 Oct 2022 17:11:19 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs-next/0a3c9ed73591ea11f77b51a04edf210f/heartbeat.js
23.36.79.18200 OK 1.1 kB URL HTTP/2 img6.wsimg.com/wrhs-next/0a3c9ed73591ea11f77b51a04edf210f/heartbeat.js
IP 23.36.79.18:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2513)
Hash 9952df62c7de1874228d188a98340128
87736ead3b422d0f5ff3a828651c706a30346509
be2911a7ec305f60395806ad4d345b639a93710dd727145290e030c611ac6f4f
GET /wrhs-next/0a3c9ed73591ea11f77b51a04edf210f/heartbeat.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "0a3c9ed73591ea11f77b51a04edf210f"
last-modified: Wed, 18 May 2022 22:47:51 GMT
vary: Accept-Encoding
x-amz-id-2: aMj8TiOe9ZHkHMBl7+D79Tk3urszUftxyUUNMsLqvBtzMzzkAkH8Sdx2jGZRMPP5wryKOL4z/Uw=
x-amz-request-id: TQF2MMDRR7Y3E189
x-amz-server-side-encryption: AES256
x-amz-version-id: FzRQzzocPGwGQeIpdbfTJTNFUZkhGnos
content-length: 1060
cache-control: max-age=31536000
date: Sat, 08 Oct 2022 17:11:19 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/fa1f3e1460ed62b338ed22aea992b655/utilityheader.min.js
23.36.79.18200 OK 38 kB URL HTTP/2 img6.wsimg.com/wrhs/fa1f3e1460ed62b338ed22aea992b655/utilityheader.min.js
IP 23.36.79.18:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (6331)
Hash b1ef8b2f0d5cea1cf6095f8ab59d81b2
5fa36335e74d9ff3af9ac2942065552a1e93cc59
00021807a66910faa4f23018ee048fd7617c0f37de8e95b049af41944f363002
GET /wrhs/fa1f3e1460ed62b338ed22aea992b655/utilityheader.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "fa1f3e1460ed62b338ed22aea992b655"
last-modified: Wed, 21 Sep 2022 12:36:37 GMT
vary: Accept-Encoding
x-amz-id-2: nEoXgHnPXhxSBIeEaJOXAZRYKC/JHHQUDEUyRUG7fAXBGVt3x6BgClaWrqg8ncahGTGg3/CTHUQ=
x-amz-request-id: 4DHY879GSCS0S63H
x-amz-server-side-encryption: AES256
x-amz-version-id: 3HoczVP_GcWCFQg9bppQbueSh.edWeGN
content-length: 37788
cache-control: max-age=31536000
date: Sat, 08 Oct 2022 17:11:19 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
shortener.secureserver.net/error_404
45.40.140.1404 Not Found 101 kB URL HTTP/2 shortener.secureserver.net/error_404
IP 45.40.140.1:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22567)
Size 101 kB (101312 bytes)
Hash e86f17fa902e0a521cf6cbee5466a4af
340777b3fa253de38ea94ea5d8ab851b134203c2
95f82fcc3507be0bbe66b068b035870b85b8d2dc01969fcf5b8a0bc202f6f36a
GET /error_404 HTTP/1.1
Host: shortener.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shortener.secureserver.net/error_404
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.20.1
date: Sat, 08 Oct 2022 17:11:19 GMT
content-type: text/html; charset=utf-8
X-Firefox-Spdy: h2
gui.secureserver.net/pcjson/salesheader?plId=3153&shopperId=&sid=
104.110.14.92200 OK 368 B URL HTTP/1.1 gui.secureserver.net/pcjson/salesheader?plId=3153&shopperId=&sid=
IP 104.110.14.92:0
File type JSON data\012- , ASCII text, with very long lines (368), with no line terminators
Hash 51ac16850161fd5d40cb247effd2bd88
219a589bb89697c64db5b145b56cc76a1a876039
d2eb333c83b13b0ab5a97dc501b05ad32ed63df4d24ee4182c16d18d415cdcc4
GET /pcjson/salesheader?plId=3153&shopperId=&sid= HTTP/1.1
Host: gui.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shortener.secureserver.net/
Origin: https://shortener.secureserver.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, no-cache, max-age=0
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ARR/2.5
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR OUR IND", policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Content-Length: 368
Date: Sat, 08 Oct 2022 17:11:20 GMT
Connection: keep-alive
Set-Cookie: market=en-US; domain=secureserver.net; expires=Sun, 08-Oct-2023 17:11:20 GMT; path=/
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-requested-with, content-type, accept, origin, authorization, x-csrftoken
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE
Access-Control-Allow-Origin: https://shortener.secureserver.net
Timing-Allow-Origin: *
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
23.36.79.18200 OK 7.5 kB URL HTTP/2 img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
IP 23.36.79.18:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (24676)
Hash b8a5a228a358454084c34dd1cf431c61
37aa5fe6e083b8147156ca66a1993a7bd74e8a61
06fae5ccf58a27a8e2ae6a0e7722f42db507c1873751f587cddd090810d94492
GET /wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "ce554d2333f3801abafb32da18213ff7"
last-modified: Wed, 16 Jun 2021 22:03:01 GMT
vary: Accept-Encoding
x-edgeconnect-midmile-rtt: 3
x-edgeconnect-origin-mex-latency: 654
x-amz-id-2: Bt3x3iTv8Fk+aaaS+GUkBMe+ASr0HEMDh339t8gjL9ozG+jBiKIjzxbTtgmm6ZRh5XVuxORtokQ=
x-amz-request-id: XNK8Z8KQATPTCZRH
x-amz-server-side-encryption: AES256
x-amz-version-id: F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-length: 7498
unused62: 8096267
x-edgeconnect-cache-status: 1
cache-control: max-age=31536000
date: Sat, 08 Oct 2022 17:11:20 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/a974b6af96b916742bfee8b383f17355/consent-main.js
23.36.79.18200 OK 20 kB URL HTTP/2 img6.wsimg.com/wrhs/a974b6af96b916742bfee8b383f17355/consent-main.js
IP 23.36.79.18:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 72ccd10ae3a0b739f3d3ce70d3848adf
9b9da429cd3ad70945da63f407ccc4e53d9c71da
2b42e98bc66802e5dadd45f250e2913f673bd4f9c1d3fa8464df0c5499b53d33
GET /wrhs/a974b6af96b916742bfee8b383f17355/consent-main.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "a974b6af96b916742bfee8b383f17355"
last-modified: Tue, 13 Sep 2022 17:51:04 GMT
vary: Accept-Encoding
x-amz-id-2: dyI0475fhoQzv/1S1NM7OLP+7xp2lhuwmAhNCG4dBZc4LnYZKUTuutAZGftI/uTvg4WK+3nezdI=
x-amz-request-id: Q6VEJ7XB6WMBK2ED
x-amz-server-side-encryption: AES256
x-amz-version-id: WyuMQf.UQe7b4Scwfbap0YIXQVjkLgKs
content-length: 19723
cache-control: max-age=31536000
date: Sat, 08 Oct 2022 17:11:20 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/995ded305b294ab5fd9678b5b984aa02/consent-main.css
23.36.79.18200 OK 33 kB URL HTTP/2 img6.wsimg.com/wrhs/995ded305b294ab5fd9678b5b984aa02/consent-main.css
IP 23.36.79.18:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (19508)
Hash 19658382d98c54e41cc765f338e3dda9
4d099566fcc2004a60fba0fc92cf6f51d0b7a4c4
20cd881c086f921cd14a6565fa73c2ee649d2ced14f5fd0c076b3bc46cbd1e0c
GET /wrhs/995ded305b294ab5fd9678b5b984aa02/consent-main.css HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
content-encoding: br
etag: "995ded305b294ab5fd9678b5b984aa02"
last-modified: Tue, 06 Sep 2022 22:32:26 GMT
vary: Accept-Encoding
x-amz-id-2: wikI0VW/DqigHNdaM5V7P0xwPzniivA42HQoQv5JIuOAJExw2bqcDzqe0kc3oKiu72jtR2ugYIc=
x-amz-request-id: M7RBT8A5JC3GDJW4
x-amz-server-side-encryption: AES256
x-amz-version-id: dp.grz_7vGeYKwKZK7xycnHa31_5aXE2
content-length: 33193
cache-control: max-age=31536000
date: Sat, 08 Oct 2022 17:11:20 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
events.api.secureserver.net/pageEvents.aspx?timestamp=1665249080442&corrid=548065391&referrer=&vs=visible&rand=780412446&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.event&usrin=market%2Cen-US%5Esplit%2C%5Euxcore%2C2%5Ecurrency%2CUSD%5Ehostname%2Cshortener.secureserver.net%5Epath%2Cundefined%5Equery%2C%7B%7D%5Ecountry%2CUnited%20States%5Elang%2CEnglish&eventdate=2022-10-08T17%3A11%3A20.443Z&eventtype=impression&e_id=uxp.hyd.int.utilityheader.shortener.impression&hit_id=bfffe6d4-2ed8-5cb8-8a5c-9093ee6a6645&visitor_guid=8c1b3f29-3c20-5c37-b837-54dfffd08382&has_consent=0&cv=3.20.2&client_name=tcc&trace_id=a53060d1f35f5e6ca93e14d7969fd388
104.84.152.235200 OK 43 B URL HTTP/2 events.api.secureserver.net/pageEvents.aspx?timestamp=1665249080442&corrid=548065391&referrer=&vs=visible&rand=780412446&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.event&usrin=market%2Cen-US%5Esplit%2C%5Euxcore%2C2%5Ecurrency%2CUSD%5Ehostname%2Cshortener.secureserver.net%5Epath%2Cundefined%5Equery%2C%7B%7D%5Ecountry%2CUnited%20States%5Elang%2CEnglish&eventdate=2022-10-08T17%3A11%3A20.443Z&eventtype=impression&e_id=uxp.hyd.int.utilityheader.shortener.impression&hit_id=bfffe6d4-2ed8-5cb8-8a5c-9093ee6a6645&visitor_guid=8c1b3f29-3c20-5c37-b837-54dfffd08382&has_consent=0&cv=3.20.2&client_name=tcc&trace_id=a53060d1f35f5e6ca93e14d7969fd388
IP 104.84.152.235:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pageEvents.aspx?timestamp=1665249080442&corrid=548065391&referrer=&vs=visible&rand=780412446&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.event&usrin=market%2Cen-US%5Esplit%2C%5Euxcore%2C2%5Ecurrency%2CUSD%5Ehostname%2Cshortener.secureserver.net%5Epath%2Cundefined%5Equery%2C%7B%7D%5Ecountry%2CUnited%20States%5Elang%2CEnglish&eventdate=2022-10-08T17%3A11%3A20.443Z&eventtype=impression&e_id=uxp.hyd.int.utilityheader.shortener.impression&hit_id=bfffe6d4-2ed8-5cb8-8a5c-9093ee6a6645&visitor_guid=8c1b3f29-3c20-5c37-b837-54dfffd08382&has_consent=0&cv=3.20.2&client_name=tcc&trace_id=a53060d1f35f5e6ca93e14d7969fd388 HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shortener.secureserver.net
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Cookie: traffic=; _policy=%7B%22restricted_market%22:true,%22tracking_market%22:%22explicit%22%7D; pathway=8c1b3f29-3c20-5c37-b837-54dfffd08382; fb_sessiontraffic=S_TOUCH=&pathway=8c1b3f29-3c20-5c37-b837-54dfffd08382&V_DATE=&pc=0; visitor=vid=8c1b3f29-3c20-5c37-b837-54dfffd08382
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://shortener.secureserver.net
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Sat, 08 Oct 2022 17:11:20 GMT
X-Firefox-Spdy: h2
events.api.secureserver.net/b.aspx?timestamp=1665249080460&corrid=548065391&referrer=&vs=visible&rand=1664762003&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.log&eventdate=2022-10-08T17%3A11%3A20.461Z&eventtype=pageperf&nav_type=hard&tccin=auto&connectEnd=1665249078633&connectStart=1665249078137&domComplete=1665249080453&domContentLoadedEventEnd=1665249080423&domContentLoadedEventStart=1665249080419&domInteractive=1665249080346&domLoading=1665249078947&domainLookupEnd=1665249078137&domainLookupStart=1665249078120&fetchStart=1665249078117&navigationStart=1665249076467&requestStart=1665249078634&responseEnd=1665249078941&responseStart=1665249078941&loadEventStart=1665249080453&loadEventEnd=0&transferSize=95011&encodedBodySize=94878&decodedBodySize=94878&navigationType=navigate&fcp=3944&hit_id=5503a095-dc63-55e3-9873-a7a962e84c9f&visitor_guid=8c1b3f29-3c20-5c37-b837-54dfffd08382&has_consent=0&cv=3.20.2&client_name=tcc&trace_id=a53060d1f35f5e6ca93e14d7969fd388
104.84.152.235200 OK 43 B URL HTTP/2 events.api.secureserver.net/b.aspx?timestamp=1665249080460&corrid=548065391&referrer=&vs=visible&rand=1664762003&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.log&eventdate=2022-10-08T17%3A11%3A20.461Z&eventtype=pageperf&nav_type=hard&tccin=auto&connectEnd=1665249078633&connectStart=1665249078137&domComplete=1665249080453&domContentLoadedEventEnd=1665249080423&domContentLoadedEventStart=1665249080419&domInteractive=1665249080346&domLoading=1665249078947&domainLookupEnd=1665249078137&domainLookupStart=1665249078120&fetchStart=1665249078117&navigationStart=1665249076467&requestStart=1665249078634&responseEnd=1665249078941&responseStart=1665249078941&loadEventStart=1665249080453&loadEventEnd=0&transferSize=95011&encodedBodySize=94878&decodedBodySize=94878&navigationType=navigate&fcp=3944&hit_id=5503a095-dc63-55e3-9873-a7a962e84c9f&visitor_guid=8c1b3f29-3c20-5c37-b837-54dfffd08382&has_consent=0&cv=3.20.2&client_name=tcc&trace_id=a53060d1f35f5e6ca93e14d7969fd388
IP 104.84.152.235:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /b.aspx?timestamp=1665249080460&corrid=548065391&referrer=&vs=visible&rand=1664762003&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.log&eventdate=2022-10-08T17%3A11%3A20.461Z&eventtype=pageperf&nav_type=hard&tccin=auto&connectEnd=1665249078633&connectStart=1665249078137&domComplete=1665249080453&domContentLoadedEventEnd=1665249080423&domContentLoadedEventStart=1665249080419&domInteractive=1665249080346&domLoading=1665249078947&domainLookupEnd=1665249078137&domainLookupStart=1665249078120&fetchStart=1665249078117&navigationStart=1665249076467&requestStart=1665249078634&responseEnd=1665249078941&responseStart=1665249078941&loadEventStart=1665249080453&loadEventEnd=0&transferSize=95011&encodedBodySize=94878&decodedBodySize=94878&navigationType=navigate&fcp=3944&hit_id=5503a095-dc63-55e3-9873-a7a962e84c9f&visitor_guid=8c1b3f29-3c20-5c37-b837-54dfffd08382&has_consent=0&cv=3.20.2&client_name=tcc&trace_id=a53060d1f35f5e6ca93e14d7969fd388 HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shortener.secureserver.net
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Cookie: traffic=; _policy=%7B%22restricted_market%22:true,%22tracking_market%22:%22explicit%22%7D; pathway=8c1b3f29-3c20-5c37-b837-54dfffd08382; fb_sessiontraffic=S_TOUCH=&pathway=8c1b3f29-3c20-5c37-b837-54dfffd08382&V_DATE=&pc=0; visitor=vid=8c1b3f29-3c20-5c37-b837-54dfffd08382
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://shortener.secureserver.net
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Sat, 08 Oct 2022 17:11:20 GMT
X-Firefox-Spdy: h2
events.api.secureserver.net/image.aspx?referrer=×tamp=1665249080437&corrid=548065391&vs=visible&rand=1571268185&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.request&hw=1&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&trace_id=a53060d1f35f5e6ca93e14d7969fd388&hit_id=70174e6b-3da0-522d-8020-20315cf7548c&visitor_guid=8c1b3f29-3c20-5c37-b837-54dfffd08382&has_consent=0&cv=3.20.2&client_name=tcc
104.84.152.235200 OK 43 B URL HTTP/2 events.api.secureserver.net/image.aspx?referrer=×tamp=1665249080437&corrid=548065391&vs=visible&rand=1571268185&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.request&hw=1&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&trace_id=a53060d1f35f5e6ca93e14d7969fd388&hit_id=70174e6b-3da0-522d-8020-20315cf7548c&visitor_guid=8c1b3f29-3c20-5c37-b837-54dfffd08382&has_consent=0&cv=3.20.2&client_name=tcc
IP 104.84.152.235:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /image.aspx?referrer=×tamp=1665249080437&corrid=548065391&vs=visible&rand=1571268185&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.request&hw=1&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&trace_id=a53060d1f35f5e6ca93e14d7969fd388&hit_id=70174e6b-3da0-522d-8020-20315cf7548c&visitor_guid=8c1b3f29-3c20-5c37-b837-54dfffd08382&has_consent=0&cv=3.20.2&client_name=tcc HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shortener.secureserver.net
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Cookie: traffic=; _policy=%7B%22restricted_market%22:true,%22tracking_market%22:%22explicit%22%7D; pathway=8c1b3f29-3c20-5c37-b837-54dfffd08382; fb_sessiontraffic=S_TOUCH=&pathway=8c1b3f29-3c20-5c37-b837-54dfffd08382&V_DATE=&pc=0; visitor=vid=8c1b3f29-3c20-5c37-b837-54dfffd08382
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://shortener.secureserver.net
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Sat, 08 Oct 2022 17:11:20 GMT
set-cookie: tcc_refer=; domain=.secureserver.net; expires=Fri, 7 Oct 2022 17:11:20 GMT; path=/;
fb_sessiontraffic=S_TOUCH=10/08/2022%2017:11:20.669&pathway=8c1b3f29-3c20-5c37-b837-54dfffd08382&V_DATE=10/08/2022%2010:11:20.669&pc=1; max-age=1200; domain=.secureserver.net; path=/;
pathway=8c1b3f29-3c20-5c37-b837-54dfffd08382; max-age=1200; domain=.secureserver.net; path=/;
visitor=vid=8c1b3f29-3c20-5c37-b837-54dfffd08382; max-age=31536000; domain=.secureserver.net; expires=Sun, 8 Oct 2023 17:11:20 GMT; path=/;
traffic=; domain=.secureserver.net; path=/;
X-Firefox-Spdy: h2
events.api.secureserver.net/pageEvents.aspx?timestamp=1665249080605&corrid=548065391&referrer=&marketid=en-US&vs=visible&rand=2120747034&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.event&eventdate=2022-10-08T17%3A11%3A20.606Z&eventtype=impression&e_id=gtp.consent_banners.express.impression&hit_id=bd9b5a8b-976a-5830-a760-8c21526e59a3&visitor_guid=8c1b3f29-3c20-5c37-b837-54dfffd08382&has_consent=0&cv=3.20.2&client_name=tcc&trace_id=a53060d1f35f5e6ca93e14d7969fd388
104.84.152.235200 OK 43 B URL HTTP/2 events.api.secureserver.net/pageEvents.aspx?timestamp=1665249080605&corrid=548065391&referrer=&marketid=en-US&vs=visible&rand=2120747034&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.event&eventdate=2022-10-08T17%3A11%3A20.606Z&eventtype=impression&e_id=gtp.consent_banners.express.impression&hit_id=bd9b5a8b-976a-5830-a760-8c21526e59a3&visitor_guid=8c1b3f29-3c20-5c37-b837-54dfffd08382&has_consent=0&cv=3.20.2&client_name=tcc&trace_id=a53060d1f35f5e6ca93e14d7969fd388
IP 104.84.152.235:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pageEvents.aspx?timestamp=1665249080605&corrid=548065391&referrer=&marketid=en-US&vs=visible&rand=2120747034&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.event&eventdate=2022-10-08T17%3A11%3A20.606Z&eventtype=impression&e_id=gtp.consent_banners.express.impression&hit_id=bd9b5a8b-976a-5830-a760-8c21526e59a3&visitor_guid=8c1b3f29-3c20-5c37-b837-54dfffd08382&has_consent=0&cv=3.20.2&client_name=tcc&trace_id=a53060d1f35f5e6ca93e14d7969fd388 HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shortener.secureserver.net
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Cookie: traffic=; _policy=%7B%22restricted_market%22:true,%22tracking_market%22:%22explicit%22%7D; pathway=8c1b3f29-3c20-5c37-b837-54dfffd08382; fb_sessiontraffic=S_TOUCH=&pathway=8c1b3f29-3c20-5c37-b837-54dfffd08382&V_DATE=&pc=0; visitor=vid=8c1b3f29-3c20-5c37-b837-54dfffd08382; market=en-US; OPTOUTMULTI=0:0%7Cc2:1%7Cc9:1%7Cc11:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://shortener.secureserver.net
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Sat, 08 Oct 2022 17:11:20 GMT
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1216.min.js
151.101.86.137200 OK 14 kB URL HTTP/2 js-agent.newrelic.com/nr-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32022)
Hash b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 08 Oct 2022 17:11:20 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 3231
x-timer: S1665249081.872711,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
bam.nr-data.net/1/d89ec68706?a=74176617&v=1216.487a282&to=MldVZUJYCkoDABVeWwsdcUReWhBQDQ1ORFwKQENUXlwWFxQKBEBHX1dFQ19LOw1SVw%3D%3D&rst=4404&ck=1&ref=https://shortener.secureserver.net/error_404&ap=140&be=2642&fe=3986&dc=3953&perf=%7B%22timing%22:%7B%22of%22:1665249076467,%22n%22:0,%22f%22:1650,%22dn%22:1653,%22dne%22:1670,%22c%22:1670,%22s%22:1835,%22ce%22:2166,%22rq%22:2167,%22rp%22:2474,%22rpe%22:2474,%22dl%22:2480,%22di%22:3879,%22ds%22:3952,%22de%22:3956,%22dc%22:3986,%22l%22:3986,%22le%22:3990%7D,%22navigation%22:%7B%7D%7D&fcp=3944&jsonp=NREUM.setToken
162.247.241.14200 OK 73 B URL HTTP/1.1 bam.nr-data.net/1/d89ec68706?a=74176617&v=1216.487a282&to=MldVZUJYCkoDABVeWwsdcUReWhBQDQ1ORFwKQENUXlwWFxQKBEBHX1dFQ19LOw1SVw%3D%3D&rst=4404&ck=1&ref=https://shortener.secureserver.net/error_404&ap=140&be=2642&fe=3986&dc=3953&perf=%7B%22timing%22:%7B%22of%22:1665249076467,%22n%22:0,%22f%22:1650,%22dn%22:1653,%22dne%22:1670,%22c%22:1670,%22s%22:1835,%22ce%22:2166,%22rq%22:2167,%22rp%22:2474,%22rpe%22:2474,%22dl%22:2480,%22di%22:3879,%22ds%22:3952,%22de%22:3956,%22dc%22:3986,%22l%22:3986,%22le%22:3990%7D,%22navigation%22:%7B%7D%7D&fcp=3944&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 814f8120cdf5a972bdb0fd5521a92a5d
47f7b3cd340d1fe91766ff27602e319a79bcd14c
5f520e553ae6a634e84b7c8c8d36908d2efa441d716834fd98c012c402b1c3c8
GET /1/d89ec68706?a=74176617&v=1216.487a282&to=MldVZUJYCkoDABVeWwsdcUReWhBQDQ1ORFwKQENUXlwWFxQKBEBHX1dFQ19LOw1SVw%3D%3D&rst=4404&ck=1&ref=https://shortener.secureserver.net/error_404&ap=140&be=2642&fe=3986&dc=3953&perf=%7B%22timing%22:%7B%22of%22:1665249076467,%22n%22:0,%22f%22:1650,%22dn%22:1653,%22dne%22:1670,%22c%22:1670,%22s%22:1835,%22ce%22:2166,%22rq%22:2167,%22rp%22:2474,%22rpe%22:2474,%22dl%22:2480,%22di%22:3879,%22ds%22:3952,%22de%22:3956,%22dc%22:3986,%22l%22:3986,%22le%22:3990%7D,%22navigation%22:%7B%7D%7D&fcp=3944&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 17:11:21 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75707ec3b9ecfab4-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=e103bc2d397b4ee2; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
shortener.secureserver.net/css/icons.css
45.40.140.1302 Found 0 B URL HTTP/2 shortener.secureserver.net/css/icons.css
IP 45.40.140.1:0
ASN #398101 GO-DADDY-COM-LLC
GET /css/icons.css HTTP/1.1
Host: shortener.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/error_404
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Sat, 08 Oct 2022 17:11:19 GMT
content-type: text/html; charset=utf-8
location: https://shortener.secureserver.net/error_404
X-Firefox-Spdy: h2
shortener.secureserver.net/favicon.ico
45.40.140.1302 Found 0 B URL HTTP/2 shortener.secureserver.net/favicon.ico
IP 45.40.140.1:0
ASN #398101 GO-DADDY-COM-LLC
GET /favicon.ico HTTP/1.1
Host: shortener.secureserver.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/error_404
Cookie: traffic=; _policy=%7B%22restricted_market%22:true,%22tracking_market%22:%22explicit%22%7D; pathway=8c1b3f29-3c20-5c37-b837-54dfffd08382; fb_sessiontraffic=S_TOUCH=10/08/2022%2017:11:20.669&pathway=8c1b3f29-3c20-5c37-b837-54dfffd08382&V_DATE=10/08/2022%2010:11:20.669&pc=1; visitor=vid=8c1b3f29-3c20-5c37-b837-54dfffd08382; market=en-US; OPTOUTMULTI=0:0%7Cc2:1%7Cc9:1%7Cc11:1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Sat, 08 Oct 2022 17:11:21 GMT
content-type: text/html; charset=utf-8
location: https://shortener.secureserver.net/error_404
X-Firefox-Spdy: h2