srv181127.hoster-test.ru/pp
301 Moved Permanently 243 B URL HTTP/1.1 srv181127.hoster-test.ru/pp
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e0ad72b3542115912bfcf866678c304d
1205538b721c6341c1f5d8387713857b83e31dd0
e0cc18d7cde015f82673e955a45cfebe1f42b047a91fea4996567b21ab66936d
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Malware
GET /pp HTTP/1.1
Host: srv181127.hoster-test.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 13 Oct 2022 22:05:18 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Location: http://srv181127.hoster-test.ru/pp/
Content-Length: 243
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ef1ca48ca7fd21239a2a11fcfc6366b
ee44232c27fb39d25ac901df2247c3ffd2c5bcca
e9bad8be490429a84a567acd710f97a402bcf7b4ba4e47f2bed27cada418c439
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9BAD8BE490429A84A567ACD710F97A402BCF7B4BA4E47F2BED27CADA418C439"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11772
Expires: Fri, 14 Oct 2022 01:21:31 GMT
Date: Thu, 13 Oct 2022 22:05:19 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 19ad183be53fa3e7cd3b50da7f10fd11
0229f70e48b5e428af70e1e00f64505d2d6cc2ff
2b53dc6db7ec7dc240bee66720913e489656c8dbaf83dbf7868a8fec109b098d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2B53DC6DB7EC7DC240BEE66720913E489656C8DBAF83DBF7868A8FEC109B098D"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13902
Expires: Fri, 14 Oct 2022 01:57:01 GMT
Date: Thu, 13 Oct 2022 22:05:19 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
200 OK 37 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash e252e231b7385246d94d311dffd65bcc
b0579e525b28dde73738659a3d915c06ce369bca
535272688e90c08e01449e6c87961654f1dd57fea144432be87fd60f1263aabc
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: jJmhe_OdlvrOIqqRRCh18fZ5KtEuaFnFvJ7-ql7Di6hOnZ69w87ktw==
content-encoding: gzip
via: 1.1 637ef0a7bc474e9a314fa064b65e8082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 21:56:37 GMT
content-type: application/json
content-length: 37270
age: 522
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c5afb6d2acaf66af4c3fd458a0b70e17
ae58844d8753fe1b62240067b7c0efba86a858d0
42b37d16055f0f3ec52cbb45b4af4900baac4352e87c662811cdb377eb2d3c3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42B37D16055F0F3EC52CBB45B4AF4900BAAC4352E87C662811CDB377EB2D3C3E"
Last-Modified: Wed, 12 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7175
Expires: Fri, 14 Oct 2022 00:04:54 GMT
Date: Thu, 13 Oct 2022 22:05:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain
IP
File type PEM certificate\012- , ASCII text
Hash 48ca0beea419a9039591cf1aee5179e0
9e92629f505fcc07aab51221e8fe62197a23e307
630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PxAriRwVZmKhHakg/+MMOj47zxsz89u4jZL7e4LpFtYF33jv+u0n2fZST230yTHO3iXrlML+3h0=
x-amz-request-id: 685JHJF76T7WN8K3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 13 Oct 2022 21:06:36 GMT
age: 3523
last-modified: Wed, 11 May 2022 19:51:39 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 13 Oct 2022 21:49:40 GMT
Expires: Thu, 13 Oct 2022 22:31:50 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CMjAWSJYkcyBRQ9Uip1ECN742afrOTkd559yq4fXJRLNsIX9LqJZMA==
Age: 939
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 13 Oct 2022 22:05:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
srv181127.hoster-test.ru/pp/
200 OK 3.4 kB URL HTTP/1.1 srv181127.hoster-test.ru/pp/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash b350f83a0c20557beb3f987e8d896a7d
116df450a9bc0e615fdd8675e6e31d0c1551726e
d9368d833208ec8d69f18a396070f88af29867b9f0cc092f7fd782c4ede14e91
Analyzer Verdict Alert fortinet Malware
GET /pp/ HTTP/1.1
Host: srv181127.hoster-test.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 22:05:19 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
X-Powered-By: PHP/5.6.40
Set-Cookie: PHPSESSID=jtqtf9jm2mus399tj05i85qfe2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Transfer-Encoding: chunked
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 303d6f0adf2a45fac8a0689abdb4aae7
5269489e8a936bdd412ac79cee4ab3018e463046
7dc9f8e4c6787aebe0b36f4c09106c01049f148fdb534bd3fe7150b2e03677d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3761
Cache-Control: max-age=157960
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 22:05:19 GMT
Etag: "634842f6-1d7"
Expires: Sat, 15 Oct 2022 17:57:59 GMT
Last-Modified: Thu, 13 Oct 2022 16:55:18 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
srv181127.hoster-test.ru/pp/css/normalize.css
200 OK 7.8 kB URL HTTP/1.1 srv181127.hoster-test.ru/pp/css/normalize.css
IP
File type ASCII text, with CRLF line terminators
Hash 456575ec4d114fad0e848e8fdb6be13e
3d3792772d39feb1d2438ddf896fa117c13d081d
c13ab36ef47c80231ddd9e6774f9ada731e439a298e4a3471ad347cf5e4f36b5
GET /pp/css/normalize.css HTTP/1.1
Host: srv181127.hoster-test.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://srv181127.hoster-test.ru/pp/
Cookie: PHPSESSID=jtqtf9jm2mus399tj05i85qfe2
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 22:04:44 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Wed, 12 Oct 2022 21:38:56 GMT
ETag: "1e7e-5eadd38413285"
Accept-Ranges: bytes
Content-Length: 7806
Content-Type: text/css
Age: 35
X-Cache: HIT from t0.hoster.ru
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Connection: keep-alive
srv181127.hoster-test.ru/pp/css/login.css
200 OK 5.6 kB URL HTTP/1.1 srv181127.hoster-test.ru/pp/css/login.css
IP
Hash e062500e918f706f802ae346eafd0a6c
dc8e759d1daa6663e453970029732df2ef600e59
123a1d5f92b2744c003a176eb36ebcb867e8c46d6bea590ebccf57cac45d4f45
GET /pp/css/login.css HTTP/1.1
Host: srv181127.hoster-test.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://srv181127.hoster-test.ru/pp/
Cookie: PHPSESSID=jtqtf9jm2mus399tj05i85qfe2
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 22:04:46 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Wed, 12 Oct 2022 21:38:57 GMT
ETag: "15d8-5eadd3853a522"
Accept-Ranges: bytes
Content-Length: 5592
Content-Type: text/css
Age: 33
X-Cache: HIT from t0.hoster.ru
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Connection: keep-alive
srv181127.hoster-test.ru/pp/js/plugins.js
200 OK 1.3 kB URL HTTP/1.1 srv181127.hoster-test.ru/pp/js/plugins.js
IP
File type ASCII text, with CRLF line terminators
Hash a517773a5d7af10739adfe9345eb22a6
7c91596160dcdcff51a5444b088a6e30eb6743e0
4cca3c5b90856b37a2c2ff884eec75ec1c5ed885341f9d67f957935248ab412b
Analyzer Verdict Alert fortinet Malware
GET /pp/js/plugins.js HTTP/1.1
Host: srv181127.hoster-test.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://srv181127.hoster-test.ru/pp/
Cookie: PHPSESSID=jtqtf9jm2mus399tj05i85qfe2
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 22:04:51 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Wed, 12 Oct 2022 21:39:00 GMT
ETag: "50d-5eadd38818b05"
Accept-Ranges: bytes
Content-Length: 1293
Content-Type: application/javascript
Age: 28
X-Cache: HIT from t0.hoster.ru
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Connection: keep-alive
srv181127.hoster-test.ru/pp/css/font-awesome.min.css
200 OK 22 kB URL HTTP/1.1 srv181127.hoster-test.ru/pp/css/font-awesome.min.css
IP
File type ASCII text, with very long lines (21822)
Hash feda974a77ea5783b8be673f142b7c88
b71d1c7c315b67c614563382d1c2a868ac14d729
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
GET /pp/css/font-awesome.min.css HTTP/1.1
Host: srv181127.hoster-test.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://srv181127.hoster-test.ru/pp/
Cookie: PHPSESSID=jtqtf9jm2mus399tj05i85qfe2
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 22:04:46 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Wed, 12 Oct 2022 21:38:57 GMT
ETag: "55e0-5eadd385cb954"
Accept-Ranges: bytes
Content-Length: 21984
Content-Type: text/css
Age: 33
X-Cache: HIT from t0.hoster.ru
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Connection: keep-alive
srv181127.hoster-test.ru/pp/js/bootstrap.min.js
200 OK 37 kB URL HTTP/1.1 srv181127.hoster-test.ru/pp/js/bootstrap.min.js
IP
File type ASCII text, with very long lines (32033)
Hash 5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Analyzer Verdict Alert fortinet Malware
GET /pp/js/bootstrap.min.js HTTP/1.1
Host: srv181127.hoster-test.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://srv181127.hoster-test.ru/pp/
Cookie: PHPSESSID=jtqtf9jm2mus399tj05i85qfe2
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 22:04:50 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Wed, 12 Oct 2022 21:39:04 GMT
ETag: "90b5-5eadd38c94a07"
Accept-Ranges: bytes
Content-Length: 37045
Content-Type: application/javascript
Age: 29
X-Cache: HIT from t0.hoster.ru
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Connection: keep-alive
srv181127.hoster-test.ru/pp/js/jquery-1.11.3.min.js
200 OK 87 kB URL HTTP/1.1 srv181127.hoster-test.ru/pp/js/jquery-1.11.3.min.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65447), with CRLF line terminators
Hash 7b5077a899c25e85a1fdeefd667f31c6
1998537c6b6e5b53ff88c0aeb7e570a8c3b11020
c470fbd3290232efb7fc774e58fa8da53bb9141fd2de1e1943c4bbb2384cdfbb
Analyzer Verdict Alert fortinet Malware
GET /pp/js/jquery-1.11.3.min.js HTTP/1.1
Host: srv181127.hoster-test.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://srv181127.hoster-test.ru/pp/
Cookie: PHPSESSID=jtqtf9jm2mus399tj05i85qfe2
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 22:04:48 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Wed, 12 Oct 2022 21:39:00 GMT
ETag: "15394-5eadd388674d1"
Accept-Ranges: bytes
Content-Length: 86932
Content-Type: application/javascript
Age: 31
X-Cache: HIT from t0.hoster.ru
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Connection: keep-alive
srv181127.hoster-test.ru/pp/css/bootstrap.min.css
200 OK 121 kB URL HTTP/1.1 srv181127.hoster-test.ru/pp/css/bootstrap.min.css
IP
File type ASCII text, with very long lines (65371)
Size 121 kB (121200 bytes)
Hash ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
GET /pp/css/bootstrap.min.css HTTP/1.1
Host: srv181127.hoster-test.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://srv181127.hoster-test.ru/pp/
Cookie: PHPSESSID=jtqtf9jm2mus399tj05i85qfe2
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 22:04:44 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Wed, 12 Oct 2022 21:38:55 GMT
ETag: "1d970-5eadd383b3749"
Accept-Ranges: bytes
Content-Length: 121200
Content-Type: text/css
Age: 35
X-Cache: HIT from t0.hoster.ru
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Connection: keep-alive
srv181127.hoster-test.ru/pp/img/ppt.PNG
200 OK 1.8 kB URL HTTP/1.1 srv181127.hoster-test.ru/pp/img/ppt.PNG
IP
File type PNG image data, 120 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash cc5f9e161c042a7e1bea10fa0eba5e24
7ef97f2833dbc958d28268b0758ef9a7b19ac40d
30956198f3f7ad95a65a31f44304a35f639917b4b7f7fdea4622b9549c037cd0
Analyzer Verdict Alert fortinet Malware
GET /pp/img/ppt.PNG HTTP/1.1
Host: srv181127.hoster-test.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://srv181127.hoster-test.ru/pp/
Cookie: PHPSESSID=jtqtf9jm2mus399tj05i85qfe2
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 21:27:11 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Wed, 12 Oct 2022 21:39:03 GMT
ETag: "6eb-5eadd38ba1b59"
Accept-Ranges: bytes
Content-Length: 1771
Content-Type: image/png
Age: 2288
X-Cache: HIT from t0.hoster.ru
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Connection: keep-alive
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Thu, 13 Oct 2022 22:05:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, ETag, Expires, Content-Type, Last-Modified, Content-Length, Cache-Control, Retry-After, Backoff, Pragma
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 13 Oct 2022 21:41:02 GMT
Cache-Control: max-age=3600
Expires: Thu, 13 Oct 2022 21:27:39 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ni3VPGdZ0imLEU5tcas5cjckzLyuEX_3Zkky0iAJMxOfwDrv8OVQZw==
Age: 3457
srv181127.hoster-test.ru/pp/img/ppl.ico
200 OK 370 kB URL HTTP/1.1 srv181127.hoster-test.ru/pp/img/ppl.ico
IP
File type MS Windows icon resource - 6 icons, 256x256, 32 bits/pixel, 16x16, 32 bits/pixel\012- data
Size 370 kB (370070 bytes)
Hash 4f48b0ef0049adcaf3c9a9df4506f08e
98c5616c620a6cc08eb5aca5d1be5825cae66595
69e28ccdcbbb1c0e7d7a39bb8562498a59c932440530e5eb55452e0206ad4e0b
Analyzer Verdict Alert fortinet Malware
GET /pp/img/ppl.ico HTTP/1.1
Host: srv181127.hoster-test.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://srv181127.hoster-test.ru/pp/
Cookie: PHPSESSID=jtqtf9jm2mus399tj05i85qfe2
HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 22:04:46 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Wed, 12 Oct 2022 21:39:05 GMT
ETag: "5a596-5eadd38d03b5b"
Accept-Ranges: bytes
Content-Length: 370070
Content-Type: image/vnd.microsoft.icon
Age: 34
X-Cache: HIT from t0.hoster.ru
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 3583e23195fad53de085f55b7ae476b8
1e1ee824f8b5706b0a32b269af82769bb44f5d0f
0c3d6dbcec45e2d28fe0b43d2ae2eaf8cbb05d435b981edc1da311ce356fe30d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5105
Cache-Control: max-age=127595
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 22:05:20 GMT
Etag: "6347c71a-1d7"
Expires: Sat, 15 Oct 2022 09:31:55 GMT
Last-Modified: Thu, 13 Oct 2022 08:06:50 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SpAgY+QKaptCwRFwBxY4mA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 39wj+x2S36/2ScLdVFztr1FMAvQ=
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221665698079854%22
200 OK 4.5 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221665698079854%22
IP
File type JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Hash 2ac41677e2f20b6d6282f2e3ae3b7d73
6af6483c9b8b52f78a317bdd19547cf9746e2eb3
35db9f678232f95e708702bcd3a59d2bc51d0b3c80d89cd7761c9adaee678d8a
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 13 Oct 2022 21:57:15 GMT
Expires: Thu, 13 Oct 2022 22:57:15 GMT
Last-Modified: Thu, 13 Oct 2022 21:54:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zr2SmfBvkvcWpDsnoiU74IUp-6Sbkj0NSCJNqA51ugDW7vz3KjTbgQ==
Age: 485
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1665491838201&_since=%221653914271178%22
200 OK 13 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1665491838201&_since=%221653914271178%22
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 8848f1566e48e1aae929342eadfa7799
cb04a72d39ead0180ed632798f1430776608f2f0
74248d4efc71a91d58f59e44552f19598d7d91b0df6a6ccb6152c8e4831fd835
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1665491838201&_since=%221653914271178%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Content-Length, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Tue, 11 Oct 2022 12:37:18 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Thu, 13 Oct 2022 21:44:29 GMT
Cache-Control: max-age=3600
Expires: Thu, 13 Oct 2022 22:39:01 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: D8rsylDi8RCAVBz7q6yzIbxmPZ9ElJeqkcZA5f6onK6HfiIYKkN7ww==
Age: 1579
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: BswwNKiQK4MO0P/SbLz67T6dT2lfOcxvXcx2Kf2IHz8OMsdM1ktPqK/r84e//OMWdrCGhV8hjJo=
x-amz-request-id: Q5KN1DWT1WKJE0T2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 13 Oct 2022 22:01:54 GMT
age: 206
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 13 Oct 2022 21:49:40 GMT
Expires: Thu, 13 Oct 2022 22:31:50 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XqgmN5qCxtcPblThYxhmscoS77pRA8dZ2-WhdLsxVcMBLm0x6gAmTw==
Age: 941
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin
200 OK 796 kB URL HTTP/1.1 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin
IP
Size 796 kB (795699 bytes)
Hash 9b95765b0e26af76116a95a966d61354
3f7c1b40fc999b83f3696f455402e49ab484b027
34f969c8e082310785ec4262e2d5b58c919d4de856ffc64b3467507f83ac9571
GET /staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 795699
Connection: keep-alive
Last-Modified: Mon, 27 Jun 2022 12:39:11 GMT
x-amz-version-id: 9np1boOrxtHVWzMczpbX1a.N_ewQWHDF
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 13 Oct 2022 06:34:46 GMT
ETag: "9b95765b0e26af76116a95a966d61354"
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UwV9OYILv1D04xvNYkXtzvbLiDjHveR-VOwKmLTcv7nXCuwWidyf2A==
Age: 55845
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1665698079854&_since=%221646250823109%22
200 OK 906 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1665698079854&_since=%221646250823109%22
IP
File type JSON data\012- , ASCII text, with very long lines (906), with no line terminators
Hash d939b7fc731241b8f15466bc3504ddee
b774e188c388c1120df4326dd7464ffefe49047a
08b880f51d007f8786a859d545f7e1edb8987e2430fb5ef71ae10f1d6d13ece2
GET /v1/buckets/main/collections/message-groups/changeset?_expected=1665698079854&_since=%221646250823109%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 906
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 13 Oct 2022 21:54:50 GMT
Expires: Thu, 13 Oct 2022 22:54:50 GMT
Last-Modified: Thu, 13 Oct 2022 21:54:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EFWLYT7lTkD3qSAIAP8qaTa9ftW7FgsD6J9gl0dadpChGqhvxW8Xgg==
Age: 631
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1665681163982&_since=%221654636467710%22
200 OK 4.9 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1665681163982&_since=%221654636467710%22
IP
File type ASCII text, with very long lines (33669), with no line terminators
Hash 16c2f81ef83a40f48aa2037370d3e4bd
042cdd92657bb113695806a3bd142f550878c59a
ec05d9e9ae91b71980fb79f6b32eb6d7a315597c08f2fc0f8d9fe6adc87983fe
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1665681163982&_since=%221654636467710%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 13 Oct 2022 17:12:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Cache-Control: max-age=3600
Date: Thu, 13 Oct 2022 21:19:34 GMT
Expires: Thu, 13 Oct 2022 21:28:55 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cft6hsRJabo15gT475e6gTuzLXK4ciFK7bTyQ91w1SnWh7o9hYd4CQ==
Age: 2747
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22
200 OK 1.4 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22
IP
File type JSON data\012- , ASCII text, with very long lines (3677), with no line terminators
Hash e9285c19ae43c1c564b958bb4bcbd1b1
5fdab94253d56f2c09d37b6e5db48bad8ec7ed8f
463b08fa2da750674f9fee1f1b87f678aea1988ee6a75086598bbcdee901d094
GET /v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 03 Aug 2022 17:26:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Thu, 13 Oct 2022 21:53:53 GMT
Cache-Control: max-age=3600
Expires: Thu, 13 Oct 2022 22:16:40 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iX0q7uR8NEXab2xICeRpyD1JmP5FQERmYGvYMasuuLk8vL7BfnmKuw==
Age: 1047
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1665619264612&_since=%221654732864402%22
200 OK 12 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1665619264612&_since=%221654732864402%22
IP
File type JSON data\012- , ASCII text, with very long lines (58916), with no line terminators
Hash 8191532a8c06b34807433c8e430220c2
41be78c71212f93f38f49cca01a21aa43a410573
6c6584b4df2e373e1b76748864c7965a243e7ec72be9ffc9166235cb7d716b7a
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1665619264612&_since=%221654732864402%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Content-Length, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 13 Oct 2022 00:01:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Cache-Control: max-age=3600
Date: Thu, 13 Oct 2022 21:25:58 GMT
Expires: Thu, 13 Oct 2022 21:41:38 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QR6lYAlZBicMcgxDNJ15HhEj9_cnjmFunrkTofmzvW4p7flfxwHP3A==
Age: 2363
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
200 OK 682 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP
File type JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Hash f2fa6655b2ab272cbc85633f624deae0
eace1533cbdfe7aac4d9f938808d84d3721aa1b3
0a1aabe03137dd63c3a473782fdc5f09a1adf64c26429b580e6d2a6402381fa1
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 682
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, ETag, Expires, Content-Type, Last-Modified, Content-Length, Cache-Control, Retry-After, Backoff, Pragma
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 12 Oct 2022 16:36:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 13 Oct 2022 21:18:24 GMT
Expires: Thu, 13 Oct 2022 21:30:05 GMT
ETag: "1665592615409"
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6aNEtqf7Kj_H7BshQxdNU3ulqKiMN4VENKZloGUtzh_Ucr1_3NwxnA==
Age: 2817
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22
200 OK 954 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22
IP
File type JSON data\012- , ASCII text, with very long lines (1708), with no line terminators
Hash cfabf139ce65efac5099b2334d192280
1f41042108cc0eb72564625faff32a9e6c64eb53
d53ebca8435274b2443eec8dedf961c8d188581ace4ea503439b3a8724023e31
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 30 Jun 2022 10:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Thu, 13 Oct 2022 21:35:35 GMT
Cache-Control: max-age=3600
Expires: Thu, 13 Oct 2022 22:05:24 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rpCAmDaYyZlmkC-h3Bl39XdcsnkgizbQQnEkwmEocsEbBooitY6IJA==
Age: 1798
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22
200 OK 1.0 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22
IP
File type JSON data\012- , ASCII text, with very long lines (2194), with no line terminators
Hash 026eaaf98fc162c9737a35537a5e9598
11bc765832d5b7f4cfe4c10969abc7f38ccc92f8
0fd4985545fee6a565a2001dbe3225ad92b7a425ea633f92b79fe1a7dd62156d
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 13 Jul 2022 21:25:10 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Thu, 13 Oct 2022 22:00:37 GMT
Cache-Control: max-age=3600
Expires: Thu, 13 Oct 2022 22:17:47 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fUNsF_emtOaTTJyBHND-F1wTiqLgJkSasp7Jjckg9XwREDrRcrK3qw==
Age: 384
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22
200 OK 5.5 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22
IP
File type JSON data\012- , ASCII text, with very long lines (20424), with no line terminators
Hash 30902c39c0a08d0b02cdc585712e0eab
c156d8644c37bfaf2fab6e991936d6d075a083fd
4c9dc930ca4e3c5c61d6303ffe506fa3d7ddf7dc5a1c4c8c49db619200b5b13f
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 01 Sep 2022 14:54:45 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Thu, 13 Oct 2022 21:48:51 GMT
Cache-Control: max-age=3600
Expires: Thu, 13 Oct 2022 22:16:08 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7bhS1qXsa-JduVUv6Ga1wcBpcdRoiZF9hui5gl-VlP1aSiIWOsES0w==
Age: 1052
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: o/HABwI1f63ecHrYKDN5BvpjMtbpPnv0u3A2iZj+zRFt2ZUXwE2c+xl5G9rPvcrLbUvangNiJfo=
x-amz-request-id: HNBR4W59GXFYS8A1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 13 Oct 2022 21:48:25 GMT
age: 1016
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22
200 OK 823 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22
IP
File type JSON data\012- , ASCII text, with very long lines (1394), with no line terminators
Hash e5a72eb0b3bcf64c65aff8447fe0603c
59d30b877a3b773ae0165c37a7ea7206e1e290be
d03a0e2a08e99c98a162477ddbc3679709baf51f30b17234d9a42ee18a53f72d
GET /v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:06:49 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Thu, 13 Oct 2022 22:01:16 GMT
Cache-Control: max-age=3600
Expires: Thu, 13 Oct 2022 22:13:41 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: S-o6n-Y06ZhJAEHvFbkoHfCwZNaQMtGzbQGu94gqyXzKcDEvk0IGUw==
Age: 2109
firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22
200 OK 3.3 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22
IP
File type JSON data\012- , ASCII text, with very long lines (8682), with no line terminators
Hash 43ca54322d55fb59979cb10bc0b30a3e
e2c56532fbe8201e4e9e25ac1a1926e2de00fdb5
75f3f51896ab455cc6462a4010bfb3653bf01c4239dbbd92bb9a814267accad6
GET /v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=2592000
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 05:47:53 GMT
Last-Modified: Mon, 08 Aug 2022 02:07:26 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lrFMx1Tp8Cm057hTD--URkJ2NocQAzODjBsl8ZSw7zrL5kylizGSUw==
Age: 1354648
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22
200 OK 3.4 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22
IP
File type JSON data\012- , ASCII text, with very long lines (14029), with no line terminators
Hash f7c5f0b53834a586a80f0aef753f8e2e
b5c3bfadc52776a53d0809f4338b5d7c32c53da9
39189a6522501947ffeea9146b4edfccbef03fa25318c07f02a95a014d84968a
GET /v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 22 Aug 2022 20:25:49 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Thu, 13 Oct 2022 21:41:50 GMT
Cache-Control: max-age=3600
Expires: Thu, 13 Oct 2022 21:51:43 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VVDPGu4Lg1sN02W4abAUHtLERg_Q2QXUiON1mqrH1KZ8r73SKd5A_A==
Age: 1416
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4921
Expires: Thu, 13 Oct 2022 23:27:22 GMT
Date: Thu, 13 Oct 2022 22:05:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4921
Expires: Thu, 13 Oct 2022 23:27:22 GMT
Date: Thu, 13 Oct 2022 22:05:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4921
Expires: Thu, 13 Oct 2022 23:27:22 GMT
Date: Thu, 13 Oct 2022 22:05:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4921
Expires: Thu, 13 Oct 2022 23:27:22 GMT
Date: Thu, 13 Oct 2022 22:05:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4921
Expires: Thu, 13 Oct 2022 23:27:22 GMT
Date: Thu, 13 Oct 2022 22:05:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3261ab5d-a8bc-4570-b3a7-6a84af32a316.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3261ab5d-a8bc-4570-b3a7-6a84af32a316.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8cb88b15f7586a43b2f80b8079afd374
11fd9e6c872c6eb6e03761dbbcf38bf3707b741a
8bfffc22e8ea19dab232e21f1f5f76811e37b048f80cad532f905f5a1047b9c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3261ab5d-a8bc-4570-b3a7-6a84af32a316.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10731
x-amzn-requestid: 30e35246-dd7f-421c-afcf-5c5372edd5d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z0fEgESiIAMFTtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6344dee9-06ab66382ab2d71a18b6a8be;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 03:11:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sLN92JGZJT1ehNSM8XWtJdKGINIQ5n4uwLcx8ib_tMRzqZese2DtuA==
via: 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 04:47:06 GMT
age: 62295
etag: "11fd9e6c872c6eb6e03761dbbcf38bf3707b741a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ada65cb-c437-4614-ad56-8612a5eb3d39.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ada65cb-c437-4614-ad56-8612a5eb3d39.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c2fb169144739a1240a832df181cf24
a7eb3a1289135eeafd639dffba6daf3e0bd0aee5
6f471bf8a40088a008efc818c762f8ec99988b9b68478034762cf872c809d246
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ada65cb-c437-4614-ad56-8612a5eb3d39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6005
x-amzn-requestid: f9cd6d19-f5f8-44ad-a809-9c66b2cea9ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9m7YEw7oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63488515-74c9354b031430335dfea732;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2ajNm0eHqNm4Rel0IY5TN-cQSUP3b1PGbu-DkiSEY3vJZThcU2Jkxg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 21:48:24 GMT
age: 1017
etag: "a7eb3a1289135eeafd639dffba6daf3e0bd0aee5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93eddeb4-5d60-45e5-a978-bc0a910a3fcd.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93eddeb4-5d60-45e5-a978-bc0a910a3fcd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ecc0a0369c7f81831c480304fe52468a
3faa05e1192c8c7fb9d7e6a96878d60caf00e43a
6e4260562a8c914be85e2371205b27d632f093dd01c82193301b9b5eb70990f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93eddeb4-5d60-45e5-a978-bc0a910a3fcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7712
x-amzn-requestid: 4a536f5c-ce98-4d46-9c29-10ffe51f2f45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9m8OEsFoAMFVMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348851a-7de25e69271c4d504493fae5;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: WSiVLhzmJUbPFzIxlLchtvHbJCjiiegHe8BthRRqFCqubzejAoh2Iw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 21:48:24 GMT
etag: "3faa05e1192c8c7fb9d7e6a96878d60caf00e43a"
content-type: image/jpeg
age: 1017
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89c09e4f-2618-4056-a3aa-62e5f7d0129c.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89c09e4f-2618-4056-a3aa-62e5f7d0129c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb57be3ab323719753798cd274e4a4c5
cda5920bc00d0cc36c402687d07b689b00176dbc
8006237393269cb9b749baa2516dae69fa67175c7414cadc816d5b9eca2dba21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89c09e4f-2618-4056-a3aa-62e5f7d0129c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10394
x-amzn-requestid: f7467a49-90f7-4606-814e-31d0388a9cb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9nAXEgdIAMFmXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63488535-53fd94c920f20cbe26feaa0e;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:37:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NBGnW3lCJb6bDKOMxXZF2VH9xBguZjUtPuKuhv-DfrvLgqy1RCnS9A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 21:44:25 GMT
age: 1256
etag: "cda5920bc00d0cc36c402687d07b689b00176dbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F632226c4-240c-4da7-964e-05e8c7eda9e6.jpeg
200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F632226c4-240c-4da7-964e-05e8c7eda9e6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7d50fbdca33195d0f62b882545991a2
b6176b0973df1708dd03cbfcfba95fbb34fc12d7
0def0d270de3149cd15734b7ad2ed0b4da12bfd8d2ad77500034ac27bf3dc0fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F632226c4-240c-4da7-964e-05e8c7eda9e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5545
x-amzn-requestid: 369c52b4-50bf-4e4c-8a10-b4483f9fc7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9m8OGALoAMFmlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348851a-0ca1f453344f80be4f02ec41;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0lGqLTQVXDUPj7i12MyGU53ernlCsK0tWVyV8m-Rj75HuuTTcbMeXg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 21:47:36 GMT
age: 1065
etag: "b6176b0973df1708dd03cbfcfba95fbb34fc12d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ec33fc3-5eaa-47cc-9f0b-5f4ad3bbe48e.jpeg
200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ec33fc3-5eaa-47cc-9f0b-5f4ad3bbe48e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce182ae0057063c4d317625dc811bb08
8ed054286e6752a184afa939b724bb310509b684
86142ed081a697ab5b9bd15f2f5dfa6884b47f49a9707ff558e9045be0243bf5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ec33fc3-5eaa-47cc-9f0b-5f4ad3bbe48e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7196
x-amzn-requestid: f705cfb0-f445-4940-ad70-5f644733a049
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9m7XFq_oAMF_vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63488515-4691a9da2c8aaf0e7ab02b3c;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AbJk17AfowLQ9-JWWB0izVg-_aN8-pNpU-DaVOBtdK4bzmBLhsLtgQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 21:48:24 GMT
age: 1017
etag: "8ed054286e6752a184afa939b724bb310509b684"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
31.28.24.125
54.230.111.7
23.36.77.32
93.184.220.29