r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8244
Expires: Sat, 25 Mar 2023 13:58:38 GMT
Date: Sat, 25 Mar 2023 11:41:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10014
Expires: Sat, 25 Mar 2023 14:28:08 GMT
Date: Sat, 25 Mar 2023 11:41:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 11:15:24 GMT
content-type: application/json
age: 1550
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9bb70197d53617b5e6889b890dd2ae26
f3e9b8a743de494529baf2d078a622539f965307
a094a13905b7f1cd89475f9c83f9245580d4c3c7228d51d5c16622aec3c6aa45
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A094A13905B7F1CD89475F9C83F9245580D4C3C7228D51D5C16622AEC3C6AA45"
Last-Modified: Sat, 25 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8726
Expires: Sat, 25 Mar 2023 14:06:40 GMT
Date: Sat, 25 Mar 2023 11:41:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hxkKDDA2WvhuhRppqT5jtcVhTFaED6ruQbZMo/xoVWVUJAxpm3UF5q7mvd6ONluFhKm0yCxoORI=
x-amz-request-id: B11DJRDRJ1MFYF0B
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 10:54:53 GMT
age: 2781
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 11:41:14 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 11:17:24 GMT
age: 1430
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
authentcallyamerican.us/
45.33.23.183200 OK 22 kB IP 45.33.23.183:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (57175)
Hash c30687ffca130937347ac19f76fe9033
3c6caf7907468843e10dd0d1c6b18689a1196dfd
697ce34d9ab2acda4d185d593b7996642bab9c684aefd27b84dec161e98dc143
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: authentcallyamerican.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sat, 25 Mar 2023 11:41:14 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 70300b32357c46f3448d567189b64cb3
6ba66a5cf63cdbfeaec59b936151cc812bac56df
5a2b4f9fc5ebaa8062058bf68eae75fc28e06c6ef6a0e79c3c761c1d92f81cb9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A2B4F9FC5EBAA8062058BF68EAE75FC28E06C6EF6A0E79C3C761C1D92F81CB9"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8366
Expires: Sat, 25 Mar 2023 14:00:40 GMT
Date: Sat, 25 Mar 2023 11:41:14 GMT
Connection: keep-alive
push.services.mozilla.com/
54.186.71.207101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.71.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eKjXinda3AVpalienGcy/w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: w6YJt8TbQJjyebo1hlfgJIALaPw=
authentcallyamerican.us/?gp=1&js=1&uuid=1679744474.0027937175&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9
45.33.23.183302 Found 0 B URL HTTP/1.1 authentcallyamerican.us/?gp=1&js=1&uuid=1679744474.0027937175&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9
IP 45.33.23.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?gp=1&js=1&uuid=1679744474.0027937175&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9 HTTP/1.1
Host: authentcallyamerican.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://authentcallyamerican.us/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Sat, 25 Mar 2023 11:41:16 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://track.vcdc.com/proceed.php?domain=authentcallyamerican.us&hash=8cf3981048a68c8a68509719a0605260&u=eyJkb21haW4iOiJhdXRoZW50Y2FsbHlhbWVyaWNhbi51cyIsImRvbWFpbl9pZCI6IjIzODcyMDU3IiwiZm9sZGVyX2lkIjpudWxsLCJtaWQiOiIyMjQiLCJmaWx0ZXJfaWQiOm51bGwsImFkdmVydGlzZXJfaWQiOiIyNCIsInRhcmdldCI6Imh0dHA6XC9cL2J0cG5hdi5jb21cL2NsaWNrP2RhdGE9UmsxWWNTMVpVbXRWVVV0VGNFUTRYM1p2VUhGNWNuSTJaV05oYjFsdU56aEROV2xzUTNKMFZHZFVORkZsVUZvMU5GOXhZMEphU2xkSlYyOHljVFZMWm00NFRYVTNjVFZ4VjNnNGJGRkJOa3B2Wm5SVGVVYzRWemxsVUVKblEwSjVNelp4TFhGQ1NITnNPRXRVTkcxQlMycDNZbGxOWjBkemFWcGlRMU5MUTFWSWJrRnZSVEJMYWpaSVZIVmFPVlpSUlhsMVZVVjRSMk5FWDA1WFUyOTBjbGxsY1djelZXSm9SbTF2TVEyJmlkPTdhNGY2MjZlLTNiMmMtNDdjNy1iOTFmLWQyOGFiMDgyZTBmNyIsImlwX2FkZHJlc3MiOiI5MS45MC40Mi4xNTQiLCJ0eXBlIjoiamF2YV9yZWRpcmVjdCIsImJpZCI6MC4wMDAxMjQ5OTE5OTk5OTk5OTk5OX0=
referrer-policy: no-referrer
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=""; expires=Sat, 25-Mar-2023 12:41:16 GMT; Max-Age=3600; Path=/
connection: close
globessl.ocsp.sectigo.com/
104.18.32.68200 OK 471 B URL HTTP/1.1 globessl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 1fe956bec2619fc4e16d2d53a47b6ccb
b4eb6d9434c42fe6a2c88afb9a103274e56eabb1
51d5ba3462c6c228841e3119824ca6c8babb6335da736bbeeaa1d27aecda22ad
POST / HTTP/1.1
Host: globessl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 11:41:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 08:13:42 GMT
Expires: Fri, 31 Mar 2023 08:13:41 GMT
Etag: "b4eb6d9434c42fe6a2c88afb9a103274e56eabb1"
Cache-Control: max-age=505344,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad6e2413a6e0b61-OSL
track.vcdc.com/proceed.php?domain=authentcallyamerican.us&hash=8cf3981048a68c8a68509719a0605260&u=eyJkb21haW4iOiJhdXRoZW50Y2FsbHlhbWVyaWNhbi51cyIsImRvbWFpbl9pZCI6IjIzODcyMDU3IiwiZm9sZGVyX2lkIjpudWxsLCJtaWQiOiIyMjQiLCJmaWx0ZXJfaWQiOm51bGwsImFkdmVydGlzZXJfaWQiOiIyNCIsInRhcmdldCI6Imh0dHA6XC9cL2J0cG5hdi5jb21cL2NsaWNrP2RhdGE9UmsxWWNTMVpVbXRWVVV0VGNFUTRYM1p2VUhGNWNuSTJaV05oYjFsdU56aEROV2xzUTNKMFZHZFVORkZsVUZvMU5GOXhZMEphU2xkSlYyOHljVFZMWm00NFRYVTNjVFZ4VjNnNGJGRkJOa3B2Wm5SVGVVYzRWemxsVUVKblEwSjVNelp4TFhGQ1NITnNPRXRVTkcxQlMycDNZbGxOWjBkemFWcGlRMU5MUTFWSWJrRnZSVEJMYWpaSVZIVmFPVlpSUlhsMVZVVjRSMk5FWDA1WFUyOTBjbGxsY1djelZXSm9SbTF2TVEyJmlkPTdhNGY2MjZlLTNiMmMtNDdjNy1iOTFmLWQyOGFiMDgyZTBmNyIsImlwX2FkZHJlc3MiOiI5MS45MC40Mi4xNTQiLCJ0eXBlIjoiamF2YV9yZWRpcmVjdCIsImJpZCI6MC4wMDAxMjQ5OTE5OTk5OTk5OTk5OX0=
167.233.8.197200 OK 855 B URL HTTP/2 track.vcdc.com/proceed.php?domain=authentcallyamerican.us&hash=8cf3981048a68c8a68509719a0605260&u=eyJkb21haW4iOiJhdXRoZW50Y2FsbHlhbWVyaWNhbi51cyIsImRvbWFpbl9pZCI6IjIzODcyMDU3IiwiZm9sZGVyX2lkIjpudWxsLCJtaWQiOiIyMjQiLCJmaWx0ZXJfaWQiOm51bGwsImFkdmVydGlzZXJfaWQiOiIyNCIsInRhcmdldCI6Imh0dHA6XC9cL2J0cG5hdi5jb21cL2NsaWNrP2RhdGE9UmsxWWNTMVpVbXRWVVV0VGNFUTRYM1p2VUhGNWNuSTJaV05oYjFsdU56aEROV2xzUTNKMFZHZFVORkZsVUZvMU5GOXhZMEphU2xkSlYyOHljVFZMWm00NFRYVTNjVFZ4VjNnNGJGRkJOa3B2Wm5SVGVVYzRWemxsVUVKblEwSjVNelp4TFhGQ1NITnNPRXRVTkcxQlMycDNZbGxOWjBkemFWcGlRMU5MUTFWSWJrRnZSVEJMYWpaSVZIVmFPVlpSUlhsMVZVVjRSMk5FWDA1WFUyOTBjbGxsY1djelZXSm9SbTF2TVEyJmlkPTdhNGY2MjZlLTNiMmMtNDdjNy1iOTFmLWQyOGFiMDgyZTBmNyIsImlwX2FkZHJlc3MiOiI5MS45MC40Mi4xNTQiLCJ0eXBlIjoiamF2YV9yZWRpcmVjdCIsImJpZCI6MC4wMDAxMjQ5OTE5OTk5OTk5OTk5OX0=
IP 167.233.8.197:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (855), with no line terminators
Hash 5a1895a1bc84052a6663443aaf2a5541
dd9d0403089cd45177fd6cc934765d37532a2609
5c52686dfd913d6f5bfc695c7de41eaa824854b5fe23813305662788578b089a
GET /proceed.php?domain=authentcallyamerican.us&hash=8cf3981048a68c8a68509719a0605260&u=eyJkb21haW4iOiJhdXRoZW50Y2FsbHlhbWVyaWNhbi51cyIsImRvbWFpbl9pZCI6IjIzODcyMDU3IiwiZm9sZGVyX2lkIjpudWxsLCJtaWQiOiIyMjQiLCJmaWx0ZXJfaWQiOm51bGwsImFkdmVydGlzZXJfaWQiOiIyNCIsInRhcmdldCI6Imh0dHA6XC9cL2J0cG5hdi5jb21cL2NsaWNrP2RhdGE9UmsxWWNTMVpVbXRWVVV0VGNFUTRYM1p2VUhGNWNuSTJaV05oYjFsdU56aEROV2xzUTNKMFZHZFVORkZsVUZvMU5GOXhZMEphU2xkSlYyOHljVFZMWm00NFRYVTNjVFZ4VjNnNGJGRkJOa3B2Wm5SVGVVYzRWemxsVUVKblEwSjVNelp4TFhGQ1NITnNPRXRVTkcxQlMycDNZbGxOWjBkemFWcGlRMU5MUTFWSWJrRnZSVEJMYWpaSVZIVmFPVlpSUlhsMVZVVjRSMk5FWDA1WFUyOTBjbGxsY1djelZXSm9SbTF2TVEyJmlkPTdhNGY2MjZlLTNiMmMtNDdjNy1iOTFmLWQyOGFiMDgyZTBmNyIsImlwX2FkZHJlc3MiOiI5MS45MC40Mi4xNTQiLCJ0eXBlIjoiamF2YV9yZWRpcmVjdCIsImJpZCI6MC4wMDAxMjQ5OTE5OTk5OTk5OTk5OX0= HTTP/1.1
Host: track.vcdc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 11:41:16 GMT
content-type: text/html; charset=utf8
content-length: 855
cache-control: no-cache, must-revalidate
content-encoding: none
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8382
Expires: Sat, 25 Mar 2023 14:00:58 GMT
Date: Sat, 25 Mar 2023 11:41:16 GMT
Connection: keep-alive
track.vcdc.com/beam.php?tcid=&target=aHR0cDovL2J0cG5hdi5jb20vY2xpY2s/ZGF0YT1SazFZY1MxWlVtdFZVVXRUY0VRNFgzWnZVSEY1Y25JMlpXTmhiMWx1TnpoRE5XbHNRM0owVkdkVU5GRmxVRm8xTkY5eFkwSmFTbGRKVjI4eWNUVkxabTQ0VFhVM2NUVnhWM2c0YkZGQk5rcHZablJUZVVjNFZ6bGxVRUpuUTBKNU16WnhMWEZDU0hOc09FdFVORzFCUzJwM1lsbE5aMGR6YVZwaVExTkxRMVZJYmtGdlJUQkxhalpJVkhWYU9WWlJSWGwxVlVWNFIyTkVYMDVYVTI5MGNsbGxjV2N6VldKb1JtMXZNUTImaWQ9N2E0ZjYyNmUtM2IyYy00N2M3LWI5MWYtZDI4YWIwODJlMGY3&hash=08c07a7fbbde7d81d1e0b9006a6cce28&m=MjI0
167.233.8.197200 OK 564 B URL HTTP/2 track.vcdc.com/beam.php?tcid=&target=aHR0cDovL2J0cG5hdi5jb20vY2xpY2s/ZGF0YT1SazFZY1MxWlVtdFZVVXRUY0VRNFgzWnZVSEY1Y25JMlpXTmhiMWx1TnpoRE5XbHNRM0owVkdkVU5GRmxVRm8xTkY5eFkwSmFTbGRKVjI4eWNUVkxabTQ0VFhVM2NUVnhWM2c0YkZGQk5rcHZablJUZVVjNFZ6bGxVRUpuUTBKNU16WnhMWEZDU0hOc09FdFVORzFCUzJwM1lsbE5aMGR6YVZwaVExTkxRMVZJYmtGdlJUQkxhalpJVkhWYU9WWlJSWGwxVlVWNFIyTkVYMDVYVTI5MGNsbGxjV2N6VldKb1JtMXZNUTImaWQ9N2E0ZjYyNmUtM2IyYy00N2M3LWI5MWYtZDI4YWIwODJlMGY3&hash=08c07a7fbbde7d81d1e0b9006a6cce28&m=MjI0
IP 167.233.8.197:0
ASN #24940 Hetzner Online GmbH
Hash 14c622508489ffb00bb8ceef07ba8b9c
c962cde916b3b02533fe2a91a190503f47878fef
92d2da07d1693540faf6a8ddd2b7b329afe7382ddb0d6588821ad2f5602e9a3c
GET /beam.php?tcid=&target=aHR0cDovL2J0cG5hdi5jb20vY2xpY2s/ZGF0YT1SazFZY1MxWlVtdFZVVXRUY0VRNFgzWnZVSEY1Y25JMlpXTmhiMWx1TnpoRE5XbHNRM0owVkdkVU5GRmxVRm8xTkY5eFkwSmFTbGRKVjI4eWNUVkxabTQ0VFhVM2NUVnhWM2c0YkZGQk5rcHZablJUZVVjNFZ6bGxVRUpuUTBKNU16WnhMWEZDU0hOc09FdFVORzFCUzJwM1lsbE5aMGR6YVZwaVExTkxRMVZJYmtGdlJUQkxhalpJVkhWYU9WWlJSWGwxVlVWNFIyTkVYMDVYVTI5MGNsbGxjV2N6VldKb1JtMXZNUTImaWQ9N2E0ZjYyNmUtM2IyYy00N2M3LWI5MWYtZDI4YWIwODJlMGY3&hash=08c07a7fbbde7d81d1e0b9006a6cce28&m=MjI0 HTTP/1.1
Host: track.vcdc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 11:41:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8382
Expires: Sat, 25 Mar 2023 14:00:58 GMT
Date: Sat, 25 Mar 2023 11:41:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8382
Expires: Sat, 25 Mar 2023 14:00:58 GMT
Date: Sat, 25 Mar 2023 11:41:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8382
Expires: Sat, 25 Mar 2023 14:00:58 GMT
Date: Sat, 25 Mar 2023 11:41:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd191e3a122d6e31f81e6e9d434c58d6
aec88022970c93289434f8097e4a663da33e5271
1f00c901ef479637ec703d7924526a970cb13dd2635b2bbb68b285df9d98e011
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6185
x-amzn-requestid: 223de50b-9a7e-4ac7-9305-336658eec4ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiwYHoLoAMFXtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e1802-226bd8524ade75234053ff50;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:37:06 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: tMnTFkK-AtSlEsQskvoxwwCjddndz5GBLHiV5RHi3QumyL6MVC9ovg==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
age: 50448
etag: "aec88022970c93289434f8097e4a663da33e5271"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73f9697594d173d623b331b5c35eab8d
6323f751f6b7517f062a0442480f672086ea02a1
116cb71658b31e87f19c390b242c684f6505cc8edf90b7fc934ac726fc7ddd18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8635
x-amzn-requestid: fc715b03-f48f-4300-b752-ab157a684f08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTihcETyIAMFhYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17a2-68f685ec0f50dae026ea3f64;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: ogff88YPb_ia9BPyBI0afIy9cWym7eDnXHKykpTS3NVG4EY_SUENDA==
via: 1.1 ba490acb2ea716cd57876286ed686786.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
etag: "6323f751f6b7517f062a0442480f672086ea02a1"
content-type: image/jpeg
age: 50448
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98ae84b9-2e9d-44e4-abe3-82b566299062.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98ae84b9-2e9d-44e4-abe3-82b566299062.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0718f4a5b3b3a5a5b1b523a4b634163
9b5941bbfc5bdf9a541303247d4885bb4e142fe8
ec6fb85b68089d4b38d8dbf769fa5eaf12bce29463e76028d140a611e9b8fef4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98ae84b9-2e9d-44e4-abe3-82b566299062.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7384
x-amzn-requestid: 230584cf-44e6-4e53-ab88-27005fc130c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTixJHnCIAMF1kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e1807-1709645f7941345117017427;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:37:11 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 0KF-Fu5mQCRuxtBrOErQg_a_zrY1SDPL3te-6WOZs8-tJwwq-6kAqw==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
age: 50448
etag: "9b5941bbfc5bdf9a541303247d4885bb4e142fe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aecd210f66f83c73c3450d047ae7448a
d68861e96e12e8a3f293dbae8b687f05b6e15afb
22b69c41c56e5538d91f824d5dc2e63ab5563f99ae8e429c9166f4b397cacd0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5296
x-amzn-requestid: 11fdf0c8-244c-4cd5-bfa7-4c77d777174f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiuzEqkIAMFXOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17f8-5c241d63598dbf595b54ead5;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:36:56 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: b1KWFmKdRQ4DU0v5JmC7AJatpv2B5FAHKVWL7pFiyh13fqYDA5qydA==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
age: 50448
etag: "d68861e96e12e8a3f293dbae8b687f05b6e15afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F575e6da3-b226-4052-a0b9-fca28ce33cdf.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F575e6da3-b226-4052-a0b9-fca28ce33cdf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4eff72cc67baab6193459fde6258b90
afda12d540eca8e8bd8ef9451c764bcf52ad26ec
d7a42e4f1940187cf3ee0ca7da042544f40b1c55997dc3a2f90bb524eaa98921
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F575e6da3-b226-4052-a0b9-fca28ce33cdf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11362
x-amzn-requestid: b22b73ca-a711-4898-a279-eab98b4597a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTjS9F_HIAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e18df-6c691516066b4b50453013f3;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:40:47 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: BCZK_EvcQGPt-tAZcqkuOSeoykvzd-1-WXkQrXh4TIraDGO-Gm4CCg==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:47 GMT
etag: "afda12d540eca8e8bd8ef9451c764bcf52ad26ec"
content-type: image/jpeg
age: 50429
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Ncagzm12kJaHQtYhhjUUhcfXVfbwMdonoNYqpK-QXEmLfyyENgFnFA==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 08:51:06 GMT
age: 10210
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
track.vcdc.com/favicon.ico
167.233.8.197200 OK 0 B URL HTTP/2 track.vcdc.com/favicon.ico
IP 167.233.8.197:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: track.vcdc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.vcdc.com/beam.php?tcid=&target=aHR0cDovL2J0cG5hdi5jb20vY2xpY2s/ZGF0YT1SazFZY1MxWlVtdFZVVXRUY0VRNFgzWnZVSEY1Y25JMlpXTmhiMWx1TnpoRE5XbHNRM0owVkdkVU5GRmxVRm8xTkY5eFkwSmFTbGRKVjI4eWNUVkxabTQ0VFhVM2NUVnhWM2c0YkZGQk5rcHZablJUZVVjNFZ6bGxVRUpuUTBKNU16WnhMWEZDU0hOc09FdFVORzFCUzJwM1lsbE5aMGR6YVZwaVExTkxRMVZJYmtGdlJUQkxhalpJVkhWYU9WWlJSWGwxVlVWNFIyTkVYMDVYVTI5MGNsbGxjV2N6VldKb1JtMXZNUTImaWQ9N2E0ZjYyNmUtM2IyYy00N2M3LWI5MWYtZDI4YWIwODJlMGY3&hash=08c07a7fbbde7d81d1e0b9006a6cce28&m=MjI0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 11:41:16 GMT
content-type: image/x-icon
content-length: 0
last-modified: Wed, 11 Sep 2013 08:44:06 GMT
etag: "52302d56-0"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2