firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 12:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zoKnKZJzvggdy2X8goyuPcbXD6PPXsFCmx6RjRdQgd5VmZFIWicpPw==
Age: 2580
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2598
Expires: Tue, 04 Oct 2022 14:13:22 GMT
Date: Tue, 04 Oct 2022 13:30:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: A8eEShk9PJfzCKyd3EotXqjQXozenOTp5vdN19i1wi9WvrCz7wvT3g==
age: 28897
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 13:30:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
208.109.12.76/
208.109.12.76200 OK 7.3 kB IP 208.109.12.76:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (18807)
Hash d95f2b3b1e90ae1c17bba233a234cdce
ac7ac4fee5d4c2f9b2e4e1edb3207f335f115ab3
05b894966ca05f28e39e66bd9c161b09b0e0de6e38c4fb81af60f1db42f49a57
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: 208.109.12.76
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:30:04 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Host,Accept-Encoding
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IlYrdlFXSkJlRi9HVHJLRkFJc0lDVHc9PSIsInZhbHVlIjoiVGgyTmFObFMybjRQVmR2Wlc1ZXN1MlpIVWZ6Tnh1UGkzNUJoWEswY2VMdVJnMkNYUDlWTDhRdVhJZFBxN0h1TSIsIm1hYyI6ImY0ZWVmZTVjMmNiMWYzMWRhOTMwYmI3NTMzMzZiOWIwZTgwOTEzYmRmYWVlMDdiMjI2ZjE0NWNmNTJkYTZkYzUifQ%3D%3D; expires=Tue, 04-Oct-2022 15:30:04 GMT; Max-Age=7200; path=/; samesite=lax
newtrends_international_corporation_session=eyJpdiI6Ik5YMHEvMUQyUWUvV1p4U0h5YUxwQ1E9PSIsInZhbHVlIjoiMVhDNTB4VmNMcVA4RFowZERUWVhPV3NvcHVVT01PVHNFL1dmMTJoVzZ1UUgzdFBTV0piWUUyaUZpbzVCU3pwKyIsIm1hYyI6ImVlOWYwOWIzYWFmYmQyMTZlNzliMjMzMmZlZTQwNzgzN2QxMWQ4OTFlYzY0ZTFiZmIyNzQ0YjExNzE3ZDc4Y2MifQ%3D%3D; expires=Tue, 04-Oct-2022 15:30:04 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Content-Encoding: gzip
Content-Length: 7312
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
208.109.12.76/lib/font-awesome/css/font-awesome.css
208.109.12.76200 OK 7.4 kB URL HTTP/1.1 208.109.12.76/lib/font-awesome/css/font-awesome.css
IP 208.109.12.76:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash 57a8ee32de25312ab303210ef3c556a9
388f783ee7c84801442370bf8d3812213a1198f5
8bdd62fda01c7b19a4d2ee31cfb4d2fc6123a958cb23bf902c9fead7fc6a9c0d
GET /lib/font-awesome/css/font-awesome.css HTTP/1.1
Host: 208.109.12.76
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://208.109.12.76/
Cookie: XSRF-TOKEN=eyJpdiI6IlYrdlFXSkJlRi9HVHJLRkFJc0lDVHc9PSIsInZhbHVlIjoiVGgyTmFObFMybjRQVmR2Wlc1ZXN1MlpIVWZ6Tnh1UGkzNUJoWEswY2VMdVJnMkNYUDlWTDhRdVhJZFBxN0h1TSIsIm1hYyI6ImY0ZWVmZTVjMmNiMWYzMWRhOTMwYmI3NTMzMzZiOWIwZTgwOTEzYmRmYWVlMDdiMjI2ZjE0NWNmNTJkYTZkYzUifQ%3D%3D; newtrends_international_corporation_session=eyJpdiI6Ik5YMHEvMUQyUWUvV1p4U0h5YUxwQ1E9PSIsInZhbHVlIjoiMVhDNTB4VmNMcVA4RFowZERUWVhPV3NvcHVVT01PVHNFL1dmMTJoVzZ1UUgzdFBTV0piWUUyaUZpbzVCU3pwKyIsIm1hYyI6ImVlOWYwOWIzYWFmYmQyMTZlNzliMjMzMmZlZTQwNzgzN2QxMWQ4OTFlYzY0ZTFiZmIyNzQ0YjExNzE3ZDc4Y2MifQ%3D%3D
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:30:04 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Host,Accept-Encoding
Last-Modified: Tue, 01 Sep 2020 04:48:55 GMT
ETag: "9226-5ae393c83c48c-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 7439
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 13:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 04 Oct 2022 14:17:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: S_Ug1unVzpSBLK7N1GPKEOnUD_78Qq62-ncfZkc6_0mayoORoKWjUQ==
Age: 31
208.109.12.76/css/style.css
208.109.12.76200 OK 13 kB URL HTTP/1.1 208.109.12.76/css/style.css
IP 208.109.12.76:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (324)
Hash 7a726f13622e77b3fb15b5d9ebe1b59b
30427e9461c0857cfe661586752d345a021e8e77
0058e8e2189bfe4992a824f54a98a0547f4972e1d5f4fd0d53ef2aa68c8d4476
GET /css/style.css HTTP/1.1
Host: 208.109.12.76
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://208.109.12.76/
Cookie: XSRF-TOKEN=eyJpdiI6IlYrdlFXSkJlRi9HVHJLRkFJc0lDVHc9PSIsInZhbHVlIjoiVGgyTmFObFMybjRQVmR2Wlc1ZXN1MlpIVWZ6Tnh1UGkzNUJoWEswY2VMdVJnMkNYUDlWTDhRdVhJZFBxN0h1TSIsIm1hYyI6ImY0ZWVmZTVjMmNiMWYzMWRhOTMwYmI3NTMzMzZiOWIwZTgwOTEzYmRmYWVlMDdiMjI2ZjE0NWNmNTJkYTZkYzUifQ%3D%3D; newtrends_international_corporation_session=eyJpdiI6Ik5YMHEvMUQyUWUvV1p4U0h5YUxwQ1E9PSIsInZhbHVlIjoiMVhDNTB4VmNMcVA4RFowZERUWVhPV3NvcHVVT01PVHNFL1dmMTJoVzZ1UUgzdFBTV0piWUUyaUZpbzVCU3pwKyIsIm1hYyI6ImVlOWYwOWIzYWFmYmQyMTZlNzliMjMzMmZlZTQwNzgzN2QxMWQ4OTFlYzY0ZTFiZmIyNzQ0YjExNzE3ZDc4Y2MifQ%3D%3D
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:30:04 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Host,Accept-Encoding
Last-Modified: Tue, 01 Sep 2020 04:48:55 GMT
ETag: "f0f0-5ae393c82e9cc-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 12830
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3874
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 13:30:05 GMT
Last-Modified: Tue, 04 Oct 2022 12:25:31 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
208.109.12.76/lib/bootstrap/css/bootstrap.min.css
208.109.12.76200 OK 20 kB URL HTTP/1.1 208.109.12.76/lib/bootstrap/css/bootstrap.min.css
IP 208.109.12.76:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65371)
Hash f6fd8790f1d560aab890a85a78b6d67d
98adac8aece45e55b10c8d0d645038a990b0ee00
ceae5c3fdd35600e1de72b94f59efb2fc3b51163640a180431c8d59b95e2ef0f
GET /lib/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: 208.109.12.76
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://208.109.12.76/
Cookie: XSRF-TOKEN=eyJpdiI6IlYrdlFXSkJlRi9HVHJLRkFJc0lDVHc9PSIsInZhbHVlIjoiVGgyTmFObFMybjRQVmR2Wlc1ZXN1MlpIVWZ6Tnh1UGkzNUJoWEswY2VMdVJnMkNYUDlWTDhRdVhJZFBxN0h1TSIsIm1hYyI6ImY0ZWVmZTVjMmNiMWYzMWRhOTMwYmI3NTMzMzZiOWIwZTgwOTEzYmRmYWVlMDdiMjI2ZjE0NWNmNTJkYTZkYzUifQ%3D%3D; newtrends_international_corporation_session=eyJpdiI6Ik5YMHEvMUQyUWUvV1p4U0h5YUxwQ1E9PSIsInZhbHVlIjoiMVhDNTB4VmNMcVA4RFowZERUWVhPV3NvcHVVT01PVHNFL1dmMTJoVzZ1UUgzdFBTV0piWUUyaUZpbzVCU3pwKyIsIm1hYyI6ImVlOWYwOWIzYWFmYmQyMTZlNzliMjMzMmZlZTQwNzgzN2QxMWQ4OTFlYzY0ZTFiZmIyNzQ0YjExNzE3ZDc4Y2MifQ%3D%3D
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:30:04 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Host,Accept-Encoding
Last-Modified: Tue, 01 Sep 2020 04:48:55 GMT
ETag: "1d970-5ae393c8395ac-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 19744
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
fonts.googleapis.com/css?family=Ruda:400,700,900
142.250.74.10200 OK 474 B URL HTTP/1.1 fonts.googleapis.com/css?family=Ruda:400,700,900
IP 142.250.74.10:0
Hash da6d9358118d0991819b41b2aa815be1
9b083c49249a238a7772609d9ba3f3b55d3ce56f
3ff390af9f6b78102a551cde48cf04583c079e978fdd3404bc644fdb2a8af7bb
GET /css?family=Ruda:400,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://208.109.12.76/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 04 Oct 2022 13:30:05 GMT
Date: Tue, 04 Oct 2022 13:30:05 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
208.109.12.76/lib/jquery.backstretch.min.js
208.109.12.76200 OK 1.7 kB URL HTTP/1.1 208.109.12.76/lib/jquery.backstretch.min.js
IP 208.109.12.76:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (3909)
Hash 427961d1a0d76f527cdccdccf9c3a907
dac9d83bd44efe4982e6cfd141d02248cff59ae4
f3cb7c1f61dbae9c24eaa44a760fc4b75cfbf9066e58066966aa8d33b237ee3a
Analyzer Verdict Alert fortinet Malware
GET /lib/jquery.backstretch.min.js HTTP/1.1
Host: 208.109.12.76
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://208.109.12.76/
Cookie: XSRF-TOKEN=eyJpdiI6IlYrdlFXSkJlRi9HVHJLRkFJc0lDVHc9PSIsInZhbHVlIjoiVGgyTmFObFMybjRQVmR2Wlc1ZXN1MlpIVWZ6Tnh1UGkzNUJoWEswY2VMdVJnMkNYUDlWTDhRdVhJZFBxN0h1TSIsIm1hYyI6ImY0ZWVmZTVjMmNiMWYzMWRhOTMwYmI3NTMzMzZiOWIwZTgwOTEzYmRmYWVlMDdiMjI2ZjE0NWNmNTJkYTZkYzUifQ%3D%3D; newtrends_international_corporation_session=eyJpdiI6Ik5YMHEvMUQyUWUvV1p4U0h5YUxwQ1E9PSIsInZhbHVlIjoiMVhDNTB4VmNMcVA4RFowZERUWVhPV3NvcHVVT01PVHNFL1dmMTJoVzZ1UUgzdFBTV0piWUUyaUZpbzVCU3pwKyIsIm1hYyI6ImVlOWYwOWIzYWFmYmQyMTZlNzliMjMzMmZlZTQwNzgzN2QxMWQ4OTFlYzY0ZTFiZmIyNzQ0YjExNzE3ZDc4Y2MifQ%3D%3D
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:30:04 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Host,Accept-Encoding
Last-Modified: Tue, 01 Sep 2020 04:48:55 GMT
ETag: "fcf-5ae393c83f36d-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 1743
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
208.109.12.76/lib/bootstrap/js/bootstrap.min.js
208.109.12.76200 OK 9.8 kB URL HTTP/1.1 208.109.12.76/lib/bootstrap/js/bootstrap.min.js
IP 208.109.12.76:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (32033)
Hash c83dab682eea0b37ac9522e2856cbb6b
db1fb35549a4ac9cc12811f09bc4b07b48c51434
a9611bc805de07c98225bb878876a24b063fa52559adaf2ba4e997566d5cf3a1
Analyzer Verdict Alert fortinet Malware
GET /lib/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: 208.109.12.76
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://208.109.12.76/
Cookie: XSRF-TOKEN=eyJpdiI6IlYrdlFXSkJlRi9HVHJLRkFJc0lDVHc9PSIsInZhbHVlIjoiVGgyTmFObFMybjRQVmR2Wlc1ZXN1MlpIVWZ6Tnh1UGkzNUJoWEswY2VMdVJnMkNYUDlWTDhRdVhJZFBxN0h1TSIsIm1hYyI6ImY0ZWVmZTVjMmNiMWYzMWRhOTMwYmI3NTMzMzZiOWIwZTgwOTEzYmRmYWVlMDdiMjI2ZjE0NWNmNTJkYTZkYzUifQ%3D%3D; newtrends_international_corporation_session=eyJpdiI6Ik5YMHEvMUQyUWUvV1p4U0h5YUxwQ1E9PSIsInZhbHVlIjoiMVhDNTB4VmNMcVA4RFowZERUWVhPV3NvcHVVT01PVHNFL1dmMTJoVzZ1UUgzdFBTV0piWUUyaUZpbzVCU3pwKyIsIm1hYyI6ImVlOWYwOWIzYWFmYmQyMTZlNzliMjMzMmZlZTQwNzgzN2QxMWQ4OTFlYzY0ZTFiZmIyNzQ0YjExNzE3ZDc4Y2MifQ%3D%3D
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:30:04 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Host,Accept-Encoding
Last-Modified: Tue, 01 Sep 2020 04:48:55 GMT
ETag: "90b5-5ae393c83a54c-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 9833
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
208.109.12.76/css/style-responsive.css
208.109.12.76200 OK 1.9 kB URL HTTP/1.1 208.109.12.76/css/style-responsive.css
IP 208.109.12.76:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 269258a7fb46951199a74a0fa0394a7a
cb05aad08754f15027919cb77cf5bdb9f86873c0
38159d4fe138d7ff6722a3a33222a03a49e8bdb2e968d0eb7af94d90053a1f86
GET /css/style-responsive.css HTTP/1.1
Host: 208.109.12.76
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://208.109.12.76/
Cookie: XSRF-TOKEN=eyJpdiI6IlYrdlFXSkJlRi9HVHJLRkFJc0lDVHc9PSIsInZhbHVlIjoiVGgyTmFObFMybjRQVmR2Wlc1ZXN1MlpIVWZ6Tnh1UGkzNUJoWEswY2VMdVJnMkNYUDlWTDhRdVhJZFBxN0h1TSIsIm1hYyI6ImY0ZWVmZTVjMmNiMWYzMWRhOTMwYmI3NTMzMzZiOWIwZTgwOTEzYmRmYWVlMDdiMjI2ZjE0NWNmNTJkYTZkYzUifQ%3D%3D; newtrends_international_corporation_session=eyJpdiI6Ik5YMHEvMUQyUWUvV1p4U0h5YUxwQ1E9PSIsInZhbHVlIjoiMVhDNTB4VmNMcVA4RFowZERUWVhPV3NvcHVVT01PVHNFL1dmMTJoVzZ1UUgzdFBTV0piWUUyaUZpbzVCU3pwKyIsIm1hYyI6ImVlOWYwOWIzYWFmYmQyMTZlNzliMjMzMmZlZTQwNzgzN2QxMWQ4OTFlYzY0ZTFiZmIyNzQ0YjExNzE3ZDc4Y2MifQ%3D%3D
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:30:05 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Host,Accept-Encoding
Last-Modified: Tue, 01 Sep 2020 04:48:55 GMT
ETag: "284a-5ae393c82e9cc-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 1877
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
fonts.gstatic.com/s/ruda/v23/k3kfo8YQJOpFqngdaA.woff2
216.58.207.195200 OK 22 kB URL HTTP/1.1 fonts.gstatic.com/s/ruda/v23/k3kfo8YQJOpFqngdaA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21780, version 1.0\012- data
Hash 5915e0e5b71f1c88875c21f8633745e8
732c7e011a82daf70f4388a3bc61452b68f24f67
c32f7d9a38c0ce66f16b7060118d4832cb35f971e739679c4f008ac1c7addba3
GET /s/ruda/v23/k3kfo8YQJOpFqngdaA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://208.109.12.76
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 21780
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 13:21:13 GMT
Expires: Thu, 28 Sep 2023 13:21:13 GMT
Cache-Control: public, max-age=31536000
Age: 518932
Last-Modified: Mon, 18 Jul 2022 18:42:32 GMT
Content-Type: font/woff2
push.services.mozilla.com/
35.155.157.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.155.157.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Qh18qxf0bvNADA3TzqNShg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mx21+sTf5krcDJWFlItUG5YA+rE=
208.109.12.76/lib/jquery/jquery.min.js
208.109.12.76200 OK 34 kB URL HTTP/1.1 208.109.12.76/lib/jquery/jquery.min.js
IP 208.109.12.76:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (32077)
Hash 90af67e8fd4d5ab0d104b28b82a5f9e3
0172e38010ebd25ebcb3f0a4094be0e20f72ac48
971b268c15450ab1dded5c1e8e7875660b086b2ca6c45a31ddfa82486b1d06d3
Analyzer Verdict Alert fortinet Malware
GET /lib/jquery/jquery.min.js HTTP/1.1
Host: 208.109.12.76
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://208.109.12.76/
Cookie: XSRF-TOKEN=eyJpdiI6IlYrdlFXSkJlRi9HVHJLRkFJc0lDVHc9PSIsInZhbHVlIjoiVGgyTmFObFMybjRQVmR2Wlc1ZXN1MlpIVWZ6Tnh1UGkzNUJoWEswY2VMdVJnMkNYUDlWTDhRdVhJZFBxN0h1TSIsIm1hYyI6ImY0ZWVmZTVjMmNiMWYzMWRhOTMwYmI3NTMzMzZiOWIwZTgwOTEzYmRmYWVlMDdiMjI2ZjE0NWNmNTJkYTZkYzUifQ%3D%3D; newtrends_international_corporation_session=eyJpdiI6Ik5YMHEvMUQyUWUvV1p4U0h5YUxwQ1E9PSIsInZhbHVlIjoiMVhDNTB4VmNMcVA4RFowZERUWVhPV3NvcHVVT01PVHNFL1dmMTJoVzZ1UUgzdFBTV0piWUUyaUZpbzVCU3pwKyIsIm1hYyI6ImVlOWYwOWIzYWFmYmQyMTZlNzliMjMzMmZlZTQwNzgzN2QxMWQ4OTFlYzY0ZTFiZmIyNzQ0YjExNzE3ZDc4Y2MifQ%3D%3D
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:30:05 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Host,Accept-Encoding
Last-Modified: Tue, 01 Sep 2020 04:48:55 GMT
ETag: "17b8b-5ae393c84030d-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 33760
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
208.109.12.76/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
208.109.12.76200 OK 77 kB URL HTTP/1.1 208.109.12.76/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 208.109.12.76:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: 208.109.12.76
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://208.109.12.76/lib/font-awesome/css/font-awesome.css
Cookie: XSRF-TOKEN=eyJpdiI6IlYrdlFXSkJlRi9HVHJLRkFJc0lDVHc9PSIsInZhbHVlIjoiVGgyTmFObFMybjRQVmR2Wlc1ZXN1MlpIVWZ6Tnh1UGkzNUJoWEswY2VMdVJnMkNYUDlWTDhRdVhJZFBxN0h1TSIsIm1hYyI6ImY0ZWVmZTVjMmNiMWYzMWRhOTMwYmI3NTMzMzZiOWIwZTgwOTEzYmRmYWVlMDdiMjI2ZjE0NWNmNTJkYTZkYzUifQ%3D%3D; newtrends_international_corporation_session=eyJpdiI6Ik5YMHEvMUQyUWUvV1p4U0h5YUxwQ1E9PSIsInZhbHVlIjoiMVhDNTB4VmNMcVA4RFowZERUWVhPV3NvcHVVT01PVHNFL1dmMTJoVzZ1UUgzdFBTV0piWUUyaUZpbzVCU3pwKyIsIm1hYyI6ImVlOWYwOWIzYWFmYmQyMTZlNzliMjMzMmZlZTQwNzgzN2QxMWQ4OTFlYzY0ZTFiZmIyNzQ0YjExNzE3ZDc4Y2MifQ%3D%3D
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:30:05 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Host
Last-Modified: Tue, 01 Sep 2020 04:48:55 GMT
ETag: "12d68-5ae393c83e3cd"
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
208.109.12.76/img/favicon.png
208.109.12.76200 OK 491 B URL HTTP/1.1 208.109.12.76/img/favicon.png
IP 208.109.12.76:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash fed84e16b6ccfe88ee7ffaae5dfefd34
3c62b134071e6abcdbb48133e35c150ef184401c
8eb9ffc8b36969d4a82d36631fb758c4b7b758de4f64aa5b4889cdf723e5debb
GET /img/favicon.png HTTP/1.1
Host: 208.109.12.76
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://208.109.12.76/
Cookie: XSRF-TOKEN=eyJpdiI6IlYrdlFXSkJlRi9HVHJLRkFJc0lDVHc9PSIsInZhbHVlIjoiVGgyTmFObFMybjRQVmR2Wlc1ZXN1MlpIVWZ6Tnh1UGkzNUJoWEswY2VMdVJnMkNYUDlWTDhRdVhJZFBxN0h1TSIsIm1hYyI6ImY0ZWVmZTVjMmNiMWYzMWRhOTMwYmI3NTMzMzZiOWIwZTgwOTEzYmRmYWVlMDdiMjI2ZjE0NWNmNTJkYTZkYzUifQ%3D%3D; newtrends_international_corporation_session=eyJpdiI6Ik5YMHEvMUQyUWUvV1p4U0h5YUxwQ1E9PSIsInZhbHVlIjoiMVhDNTB4VmNMcVA4RFowZERUWVhPV3NvcHVVT01PVHNFL1dmMTJoVzZ1UUgzdFBTV0piWUUyaUZpbzVCU3pwKyIsIm1hYyI6ImVlOWYwOWIzYWFmYmQyMTZlNzliMjMzMmZlZTQwNzgzN2QxMWQ4OTFlYzY0ZTFiZmIyNzQ0YjExNzE3ZDc4Y2MifQ%3D%3D
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:30:05 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Host
Last-Modified: Tue, 01 Sep 2020 04:48:55 GMT
ETag: "1eb-5ae393c83284c"
Accept-Ranges: bytes
Content-Length: 491
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
208.109.12.76/img/apple-touch-icon.png
208.109.12.76200 OK 1.7 kB URL HTTP/1.1 208.109.12.76/img/apple-touch-icon.png
IP 208.109.12.76:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Hash 042a7e9fdd293212aca19150aef71b0d
2a70c0370ffbaac9124d9eca97cadac47915c9d0
66e7252ff9afd2c49ca8fd05f708bc330a42beaf1af7fc2ab6998cb3dc654bda
GET /img/apple-touch-icon.png HTTP/1.1
Host: 208.109.12.76
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://208.109.12.76/
Cookie: XSRF-TOKEN=eyJpdiI6IlYrdlFXSkJlRi9HVHJLRkFJc0lDVHc9PSIsInZhbHVlIjoiVGgyTmFObFMybjRQVmR2Wlc1ZXN1MlpIVWZ6Tnh1UGkzNUJoWEswY2VMdVJnMkNYUDlWTDhRdVhJZFBxN0h1TSIsIm1hYyI6ImY0ZWVmZTVjMmNiMWYzMWRhOTMwYmI3NTMzMzZiOWIwZTgwOTEzYmRmYWVlMDdiMjI2ZjE0NWNmNTJkYTZkYzUifQ%3D%3D; newtrends_international_corporation_session=eyJpdiI6Ik5YMHEvMUQyUWUvV1p4U0h5YUxwQ1E9PSIsInZhbHVlIjoiMVhDNTB4VmNMcVA4RFowZERUWVhPV3NvcHVVT01PVHNFL1dmMTJoVzZ1UUgzdFBTV0piWUUyaUZpbzVCU3pwKyIsIm1hYyI6ImVlOWYwOWIzYWFmYmQyMTZlNzliMjMzMmZlZTQwNzgzN2QxMWQ4OTFlYzY0ZTFiZmIyNzQ0YjExNzE3ZDc4Y2MifQ%3D%3D
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:30:05 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Host
Last-Modified: Tue, 01 Sep 2020 04:48:55 GMT
ETag: "6ca-5ae393c83284c"
Accept-Ranges: bytes
Content-Length: 1738
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13401
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 13:30:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 31633
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24a4a122273ef9f772852031eb13114a
c20f1fac9020eb4bd6c84583f73872979639b991
8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7H1QKlOtoBoVz93G5lddxHSGiTjtMnHJCZX5FhwqhNPkspslaDoFQA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:57:01 GMT
age: 55985
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 56000
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 54047
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 56052
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tJwzKfs7HnQ7dVcINwnlzxTChXiEi4JPj8jrS8p5KhurRx_o3ZVOZQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
age: 55147
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2