my.cba.onlinebanking.com.au.vibetec.com/a1b2c3/d58afb55e489c79668fb826d3182f79f/
302 Found 0 B URL HTTP/1.1 my.cba.onlinebanking.com.au.vibetec.com/a1b2c3/d58afb55e489c79668fb826d3182f79f/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Commonwealth Bank of Australia
fortinet Phishing
GET /a1b2c3/d58afb55e489c79668fb826d3182f79f/ HTTP/1.1
Host: my.cba.onlinebanking.com.au.vibetec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.3.33
set-cookie: bid=d58afb55e489c79668fb826d3182f79f
location: login/?
content-type: text/html; charset=UTF-8
content-length: 0
date: Mon, 27 Feb 2023 14:42:41 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 666c7f3c3342b2fdca31a2355ee20bea
09bd5cbacba34412f5fff9d44f97e46c8c76d001
cb3a380fc71bc65dfde35069f0fc441400974afcf28c0fbb6fec8f41e16f70c8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB3A380FC71BC65DFDE35069F0FC441400974AFCF28C0FBB6FEC8F41E16F70C8"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8140
Expires: Mon, 27 Feb 2023 16:58:21 GMT
Date: Mon, 27 Feb 2023 14:42:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc3cacbc6c565bf2955b507302b8fb41
7b773e19aff1d4904cec328c456513e80f917ba4
b45c582b42efef5e8bd5744333a137f13e94a93cafbaace39b36cfa1eeb041bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B45C582B42EFEF5E8BD5744333A137F13E94A93CAFBAACE39B36CFA1EEB041BD"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7758
Expires: Mon, 27 Feb 2023 16:51:59 GMT
Date: Mon, 27 Feb 2023 14:42:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 955732a866f4168dcaaa1dbcfb06e776
24161b6d53bbf84abc87c943f67daadd7fbcc9f4
ac3d306cc00fcafe5d6fadd5bc1c4398ca87dec499fd0e4ffe60d0e1c3535578
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC3D306CC00FCAFE5D6FADD5BC1C4398CA87DEC499FD0E4FFE60D0E1C3535578"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12486
Expires: Mon, 27 Feb 2023 18:10:47 GMT
Date: Mon, 27 Feb 2023 14:42:41 GMT
Connection: keep-alive
my.cba.onlinebanking.com.au.vibetec.com/a1b2c3/d58afb55e489c79668fb826d3182f79f/login/?
302 Found 0 B URL HTTP/1.1 my.cba.onlinebanking.com.au.vibetec.com/a1b2c3/d58afb55e489c79668fb826d3182f79f/login/?
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a1b2c3/d58afb55e489c79668fb826d3182f79f/login/? HTTP/1.1
Host: my.cba.onlinebanking.com.au.vibetec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: bid=d58afb55e489c79668fb826d3182f79f
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.3.33
location: https://www.bing.com
content-type: text/html; charset=UTF-8
content-length: 0
date: Mon, 27 Feb 2023 14:42:41 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 27 Feb 2023 14:12:39 GMT
content-type: application/json
age: 1803
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: D6GXWmGUgnAElKZvZQFW7gtyBX77wxYHwLHHC+FomPROxHWvjQWVAmzdFTjd5NqSsONTVesPIeA=
x-amz-request-id: JET88Y0ACC0AD1H0
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 27 Feb 2023 14:14:09 GMT
age: 1713
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Feb 2023 14:42:41 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Last-Modified, Backoff, Alert, Cache-Control, ETag, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 27 Feb 2023 14:12:25 GMT
age: 1817
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 85cbb48f071581b644dd200623699bd6
0c9d7c3ca38562a97a4a6af3fb96f68982027594
d83caa4c6791e3b475a8ae8c255b84dc0bf0a8d06b65e5e6195af4f66e47eb86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D83CAA4C6791E3B475A8AE8C255B84DC0BF0A8D06B65E5E6195AF4F66E47EB86"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9186
Expires: Mon, 27 Feb 2023 17:15:49 GMT
Date: Mon, 27 Feb 2023 14:42:43 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BxPaksi7seP9klWihEsckg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LTxnGCeh82HCxNewhz+MD+QEM2A=
www2.bing.com/ipv6test/test
200 OK 64 B URL HTTP/2 www2.bing.com/ipv6test/test
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with no line terminators
Hash 1bf1ff302246bc930c733c405f985472
de1fb6765de8bd2d9d98507705e24d51d2bd335c
c312aec426076b101ce2fadef09fc64b81aa601ba9bde94e4ad24ac737e715a8
GET /ipv6test/test HTTP/1.1
Host: www2.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: SUID=M; MUID=1BBF024F09EA6D642E6F108A08706C03; _EDGE_S=F=1&SID=3EF297DA7E3366EE121C851F7FA967DD; _EDGE_V=1; SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=DB87E9BF2ED2491EAC2878BB84718385&dmnchg=1; SRCHUSR=DOB=20230227&T=1677508962000; SRCHHPGUSR=SRCHLANG=en&BRW=M&BRH=M&CW=1280&CH=939&SCW=1280&SCH=939&DPR=1.0&UTC=0&DM=0; _SS=SID=3EF297DA7E3366EE121C851F7FA967DD; _HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0yN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6Mn0=; _UR=QS=0&TQS=0; ipv6=hit=1677512683495
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-length: 64
content-type: text/html; charset=utf-8
content-encoding: br
expires: -1
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
set-cookie: MUIDB=1BBF024F09EA6D642E6F108A08706C03; expires=Sat, 23-Mar-2024 14:42:43 GMT; path=/; HttpOnly
access-control-allow-origin: https://www.bing.com
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 641B0F85CD0A47B7B030246E440C0CFA Ref B: OSL30EDGE0407 Ref C: 2023-02-27T14:42:43Z
date: Mon, 27 Feb 2023 14:42:42 GMT
X-Firefox-Spdy: h2
login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=060f0bd2-5ca9-4a4c-91b3-6dbf44783661&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%225234BC5C8AD14D2C9227AF172439709F%22%7d
200 OK 679 B URL HTTP/1.1 login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=060f0bd2-5ca9-4a4c-91b3-6dbf44783661&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%225234BC5C8AD14D2C9227AF172439709F%22%7d
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (627), with CRLF line terminators
Hash b10c9b681d05cd1573ad3660b2d3c786
bdb01034011efa25a6f1489015d4aedf4c914bdf
0990dcea3b11e918204d596171108363111bc6c42606a1cc93a0a5f515685fea
GET /common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=060f0bd2-5ca9-4a4c-91b3-6dbf44783661&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%225234BC5C8AD14D2C9227AF172439709F%22%7d HTTP/1.1
Host: login.microsoftonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Cookie: brcap=0; MSFPC=GUID=27491a5fca0c436896bdbf20a1588da0&HASH=2749&LV=202205&V=4&LU=1652883922743; ESTSSSOTILES=1; AADSSOTILES=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: fe8d9f8a-d03e-4f98-a591-a576dc1e4600
x-ms-ests-server: 2.1.14649.20 - NEULR1 ProdSlices
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 0
Set-Cookie: buid=0.ARoAMe_N-B6jSkuT5F9XHpElWnmtoZ62_ZpPi8MrcPluNMcBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrPQ-2AH_80IHnu3zrPHUWU9ZVFrRhgUnaV6FxX_0zGkAYPDGI1T7kVpkVZXP8HCwryzMXMMiJR23ibRqILRQkak_MCHwP5jQ4DK6WMyzYerkgAA; expires=Wed, 29-Mar-2023 14:42:43 GMT; path=/; secure; HttpOnly; SameSite=None
fpc=ArxvOfpQ-mdHqGNe7sYtzlWCeMQLAQAAAGK4jtsOAAAA; expires=Wed, 29-Mar-2023 14:42:43 GMT; path=/; secure; HttpOnly; SameSite=None
esctx=PAQABAAEAAAD--DLA3VO7QrddgJg7WevrtlI93xJY3IDAMJ6mLhDwDcSHhBor9LJcJMw0pN9wZlIbHW-6X0POe_IlVZ2MD8tfU6NI_HBb2IDoauwF4JhPyB_jxXL9bo9Vf_LYgEsy5yb58Y1h8em11NbAqSBcnWyk6R7ExSMKl-0WFwkZr6SdaIqxCpwbUeNAk8jJwDOs82QgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Mon, 27 Feb 2023 14:42:42 GMT
Content-Length: 679
assets.msn.com/bundles/v1/bingHomepage/latest/widget-initializer.js
200 OK 4.6 kB URL HTTP/2 assets.msn.com/bundles/v1/bingHomepage/latest/widget-initializer.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13100)
Hash efeffb4eda40b16e38658170c235b5a3
e078e0d6863751d2a6701ca0330c9d12ca1df7f9
2da59d63f7bf73a152fb1d90b28ce1b92dac8e30c61b832cd085e6a7b4a452b9
GET /bundles/v1/bingHomepage/latest/widget-initializer.js HTTP/1.1
Host: assets.msn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bing.com/
Origin: https://www.bing.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 4555
content-md5: 7+/7TtpAsW44ZYFwwjW1ow==
last-modified: Fri, 24 Feb 2023 18:27:13 GMT
etag: 0x8DB1694BFEF3EA9
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cf4b9ebf-401e-001e-397d-482ffd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Mon, 27 Feb 2023 14:42:43 GMT
akamai-request-bc: [a=95.101.10.188,b=286983835,c=g,n=NO__OSLO,o=20940]
server-timing: clientrtt; dur=1, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 95.101.10.188
akamai-request-id: 111b069b
access-control-allow-credentials: true
access-control-allow-origin: https://www.bing.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
cache-control: public, no-transform, max-age=86400
timing-allow-origin: *
vary: Origin
X-Firefox-Spdy: h2
login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1677508962&rver=6.0.5286.0&wp=MBI_SSL&wreply=https:%2F%2fwww.bing.com%2Fsecure%2FPassport.aspx%3Fpopup%3D1%26ssl%3D1&lc=1044&id=264960&checkda=1
302 Found 0 B URL HTTP/1.1 login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1677508962&rver=6.0.5286.0&wp=MBI_SSL&wreply=https:%2F%2fwww.bing.com%2Fsecure%2FPassport.aspx%3Fpopup%3D1%26ssl%3D1&lc=1044&id=264960&checkda=1
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /login.srf?wa=wsignin1.0&rpsnv=11&ct=1677508962&rver=6.0.5286.0&wp=MBI_SSL&wreply=https:%2F%2fwww.bing.com%2Fsecure%2FPassport.aspx%3Fpopup%3D1%26ssl%3D1&lc=1044&id=264960&checkda=1 HTTP/1.1
Host: login.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bing.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Mon, 27 Feb 2023 14:41:43 GMT
Location: https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: R3_BL2
x-ms-request-id: c28a2238-b2f8-416f-9816-8b62683c9645
PPServer: PPV: 30 H: BL02PFA97DF3101 V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Set-Cookie: uaid=c9e86b22281a42c39627a2763e5f5ea0; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPRequ=id=264960<=1677508963&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
OParams=11O.DV16Ye*FGHAxW4qS*wdD!fFSZyeoc4zgShBK1D6PH7oe3xAiSuc1kaRrKO5Ll5KtIWbNT2xa27g!1*T70FBTHYvUPkb!mLqD1Ba36Cq9383Vid*vGBUC9BeVkJ3I1tW6OYC7SO4WdFB6!zhj0dNvfp!6sZU8taEsaGLtABfJgvqbLllR!sKUFo04ubM5suX0oIdupBKsz4*MJqnys3!fydr*MKkSq8xGvDLl8UVCwt7O**9!OoBzx8PGhY4TdxVOty*TBiTjhqAnU8qJt*qIQSJZzvkHFAMSY2Wa31iKp7uuSKPDJu5b4dhZywMrUqtWmw$$; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date: Mon, 27 Feb 2023 14:42:43 GMT
Content-Length: 0
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c930829bdcc2bf23ff3014e5dd21f270
7e175882efd19d1649537da3c2c2e70833558d87
c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8165
Expires: Mon, 27 Feb 2023 16:58:49 GMT
Date: Mon, 27 Feb 2023 14:42:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c930829bdcc2bf23ff3014e5dd21f270
7e175882efd19d1649537da3c2c2e70833558d87
c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8165
Expires: Mon, 27 Feb 2023 16:58:49 GMT
Date: Mon, 27 Feb 2023 14:42:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c930829bdcc2bf23ff3014e5dd21f270
7e175882efd19d1649537da3c2c2e70833558d87
c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8165
Expires: Mon, 27 Feb 2023 16:58:49 GMT
Date: Mon, 27 Feb 2023 14:42:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c930829bdcc2bf23ff3014e5dd21f270
7e175882efd19d1649537da3c2c2e70833558d87
c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8165
Expires: Mon, 27 Feb 2023 16:58:49 GMT
Date: Mon, 27 Feb 2023 14:42:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c930829bdcc2bf23ff3014e5dd21f270
7e175882efd19d1649537da3c2c2e70833558d87
c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8165
Expires: Mon, 27 Feb 2023 16:58:49 GMT
Date: Mon, 27 Feb 2023 14:42:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a5f3d376fe6a3a78a5d1fe136f962fb
3e9b03cc296e954d63526a4e7e75beea3130fc3b
c8cf4f1c0352102764247e4dc5a2076921e0eaa18bfd110e5b0b97a55c706690
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: 3fd9f8c8-cf10-4222-a2cc-5f18ff7b2e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9D3HqmoAMFeBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbb2-352315613cc0c2bc7eb28e05;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:33:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mn6TjisRzQNNHhkTMjHjsiOQosH9A5TZVtJypfHstcjuAG-DLUbIag==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Feb 2023 21:35:04 GMT
age: 61660
etag: "3e9b03cc296e954d63526a4e7e75beea3130fc3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62916a14-6002-4814-a837-bec7f1ee4740.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62916a14-6002-4814-a837-bec7f1ee4740.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a24564de916ef38129e489d5bbdb2d
593121aed65422def36e9fca69ee9f7780462334
e87b9d199d64c9f8df9556cde07c599906c6d652ecae21ecc50a4076862f2e90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62916a14-6002-4814-a837-bec7f1ee4740.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12856
x-amzn-requestid: 95399446-e5e0-49a5-aa44-0204ca04612b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A4jifHwroAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f9b2dc-382dc0ea54b7d4e24fc2f1a9;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 07:03:56 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: azWoTLvd-in17atYMQaACXFZg_415P56hYjoEu_g8jWD0BIP4MmXbA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Feb 2023 06:29:31 GMT
age: 29593
etag: "593121aed65422def36e9fca69ee9f7780462334"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ccc54d-e372-4fdd-b8cd-4217795ead1f.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ccc54d-e372-4fdd-b8cd-4217795ead1f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bff52cab0d2539ca09f1816873d62647
c75b6c338e7e7b24c0b25a55e924d95d59dd78f5
1b16d898cc5635695fd4bcdd264704d00ce19335fd800dc394859f4b872b0741
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ccc54d-e372-4fdd-b8cd-4217795ead1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6947
x-amzn-requestid: 81f3227a-2b63-4b63-af54-a33bff52c2ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A92f8F9ooAMFz9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fbd132-73b58965526d8b3e1994ede2;Sampled=0
x-amzn-remapped-date: Sun, 26 Feb 2023 21:37:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: uiEvA75Zn_WEfci5BP5BlDTzhNX8nqa85_vbdc1a_5zIliPUL9NKiw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 f268a165a18929fd0a24a3189fbd16b2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Feb 2023 21:48:52 GMT
age: 60832
etag: "c75b6c338e7e7b24c0b25a55e924d95d59dd78f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc20aa394-e9e1-42e1-bfe2-87bf5f21211a.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc20aa394-e9e1-42e1-bfe2-87bf5f21211a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash acdc95cb094faaa1bc8de6466e534d82
3e66ae8d704653a3a3b60423256bd99175e75fe7
153bf472aa6f75d30c321bb77014bb7126113cf7529af9f91327592887d34ead
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc20aa394-e9e1-42e1-bfe2-87bf5f21211a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10875
x-amzn-requestid: e1a6aa11-ddea-4ace-a51d-2274d999bf9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A91zIEfnIAMFi8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fbd013-1bbce6907a7bce643bb8cffa;Sampled=0
x-amzn-remapped-date: Sun, 26 Feb 2023 21:33:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: rQl4jWhuZZ8wGcjff3KWhmQndShWZ-TEA_BBIAaVXdOGoVkrxYGeZg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 f958a3846d80a3925f664b320dfad9c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Feb 2023 21:48:47 GMT
age: 60837
etag: "3e66ae8d704653a3a3b60423256bd99175e75fe7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F016462a1-fadc-4180-93f8-995cab0e1395.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F016462a1-fadc-4180-93f8-995cab0e1395.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 32d08a3dc7c1e88313f487d74babdfe5
12f4693c36cb8980a5c740b735b7cf64542734e4
ae717a6760a0a6c179b950643eb3590c0ab5ec6cf159061246c6e8fc38a7ae89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F016462a1-fadc-4180-93f8-995cab0e1395.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8170
x-amzn-requestid: bd3ecc5c-1efc-4589-8789-48693fbfa6d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A6i2sGKkIAMFXtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fa7e90-7acdeb5b05f8bcf726309125;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 21:33:04 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: OIer9IgcIIbMg6EdrYFpojiEtN5oxPBijKFbX4UzURWTKha09i8NcQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Feb 2023 21:53:01 GMT
age: 60583
etag: "12f4693c36cb8980a5c740b735b7cf64542734e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec402fde-1c7d-4dbd-8447-addb3a661518.jpeg
200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec402fde-1c7d-4dbd-8447-addb3a661518.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffb8f5b4089baa7b82374b8fbe70ebe0
02facc492b9e6cd658e0cca772d302a881c1d99c
7f98075dee46110a3095e3c9821748846cb21167cfbdd835a9108f53f1306dab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec402fde-1c7d-4dbd-8447-addb3a661518.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7926
x-amzn-requestid: afce3b0b-4fac-4c22-8557-604cb33a3b2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A0umGFmWoAMFjaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f82af3-34d2c99729dcd2a9591b6ef2;Sampled=0
x-amzn-remapped-date: Fri, 24 Feb 2023 03:11:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oMkeYQyU0a_ItGOMCRMMZ9PKMeJRzGUW-bzBhXip84Hg7UjtgqEKxw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Feb 2023 05:12:08 GMT
age: 34236
etag: "02facc492b9e6cd658e0cca772d302a881c1d99c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.bing.com/
200 OK 0 B IP
ASN #20940 Akamai International B.V.
GET / HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: private
content-encoding: br
vary: Accept-Encoding
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
strict-transport-security: max-age=31536000; includeSubDomains; preload
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Mon, 27 Feb 2023 14:42:42 GMT
set-cookie: SUID=M; domain=.bing.com; expires=Tue, 28-Feb-2023 02:42:42 GMT; path=/; secure; HttpOnly; SameSite=None
MUID=1BBF024F09EA6D642E6F108A08706C03; domain=.bing.com; expires=Sat, 23-Mar-2024 14:42:42 GMT; path=/; secure; SameSite=None
MUIDB=1BBF024F09EA6D642E6F108A08706C03; expires=Sat, 23-Mar-2024 14:42:42 GMT; path=/; HttpOnly
_EDGE_S=F=1&SID=3EF297DA7E3366EE121C851F7FA967DD; domain=.bing.com; path=/; HttpOnly
_EDGE_V=1; domain=.bing.com; expires=Sat, 23-Mar-2024 14:42:42 GMT; path=/; HttpOnly
SRCHD=AF=NOFORM; domain=.bing.com; expires=Sat, 23-Mar-2024 14:42:42 GMT; path=/; secure; SameSite=None
SRCHUID=V=2&GUID=DB87E9BF2ED2491EAC2878BB84718385&dmnchg=1; domain=.bing.com; expires=Sat, 23-Mar-2024 14:42:42 GMT; path=/; secure; SameSite=None
SRCHUSR=DOB=20230227; domain=.bing.com; expires=Sat, 23-Mar-2024 14:42:42 GMT; path=/; secure; SameSite=None
SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Sat, 23-Mar-2024 14:42:42 GMT; path=/; secure; SameSite=None
_SS=SID=3EF297DA7E3366EE121C851F7FA967DD; domain=.bing.com; path=/; secure; SameSite=None
ULC=; domain=.bing.com; expires=Sun, 26-Feb-2023 14:42:42 GMT; path=/; secure; SameSite=None
_HPVN=CS=eyJQbiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiUCJ9LCJTYyI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiSCJ9LCJReiI6eyJDbiI6MSwiU3QiOjAsIlFzIjowLCJQcm9kIjoiVCJ9LCJBcCI6dHJ1ZSwiTXV0ZSI6dHJ1ZSwiTGFkIjoiMjAyMy0wMi0yN1QwMDowMDowMFoiLCJJb3RkIjowLCJHd2IiOjAsIkRmdCI6bnVsbCwiTXZzIjowLCJGbHQiOjAsIkltcCI6MX0=; domain=.bing.com; expires=Sat, 23-Mar-2024 14:42:42 GMT; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.bd0a655f.1677508962.5595698
X-Firefox-Spdy: h2
184.170.146.10
20.190.159.19
95.101.10.192
40.126.32.132
0.0.0.0