Overview

URLdicemberie.web.app/
IP 199.36.158.100 (United States)
ASN#54113 FASTLY
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-07 13:56:54 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (17)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
dicemberie.web.app (2) 0 2022-12-06 15:33:53 UTC 2022-12-06 17:09:41 UTC 199.36.158.100 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2022-12-06 17:12:34 UTC 35.241.9.150
ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-12-06 17:12:20 UTC 104.18.21.226
ns.cdn-services.com (2) 0 2022-06-10 23:00:19 UTC 2022-12-07 00:44:44 UTC 188.114.97.1 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-12-06 17:19:43 UTC 44.242.3.166
fonts.googleapis.com (1) 8877 2012-05-23 12:41:44 UTC 2022-12-06 23:11:27 UTC 142.250.74.106
r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-12-06 17:12:17 UTC 23.36.77.32
ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2022-12-06 21:45:35 UTC 93.184.220.29
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-06 17:13:17 UTC 34.117.237.239
cdnjs.cloudflare.com (1) 235 2012-05-23 12:49:49 UTC 2022-12-06 18:26:00 UTC 104.17.25.14
cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-12-07 00:59:28 UTC 151.101.193.229
ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-12-06 21:32:26 UTC 172.64.155.188
www.credit-agricole.fr (2) 236699 2013-09-24 06:48:08 UTC 2022-12-07 00:45:04 UTC 158.191.172.47
ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-12-06 17:12:08 UTC 142.250.74.131
fonts.gstatic.com (1) 0 2014-04-02 10:51:04 UTC 2022-12-06 21:54:56 UTC 142.250.74.35 Domain (gstatic.com) ranked at: 540
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-12-06 17:17:39 UTC 34.160.144.191
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-12-06 17:31:54 UTC 34.120.237.76

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-12-06 2 dicemberie.web.app/ Credit Agricole S.A.
2022-12-06 2 dicemberie.web.app/ Credit Agricole S.A.

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.36.158.100
Date UQ / IDS / BL URL IP
2023-02-02 02:02:54 +0000 3 - 0 - 4 required-form.firebaseapp.com/next/posts/1005 (...) 199.36.158.100
2023-02-02 01:54:56 +0000 3 - 0 - 3 zikoooooo3.firebaseapp.com/ 199.36.158.100
2023-02-02 01:54:36 +0000 3 - 0 - 3 zikoooooo3.web.app/ 199.36.158.100
2023-02-02 01:53:33 +0000 3 - 0 - 3 zikooooo2-7ae2d.firebaseapp.com/ 199.36.158.100
2023-02-02 01:52:43 +0000 2 - 0 - 3 review-appeal-status-100298742.firebaseapp.com/ 199.36.158.100


Last 5 reports on ASN: FASTLY
Date UQ / IDS / BL URL IP
2023-02-02 02:04:19 +0000 0 - 0 - 6 sneha8898.github.io/fbclone/ 185.199.108.153
2023-02-02 02:02:54 +0000 3 - 0 - 4 required-form.firebaseapp.com/next/posts/1005 (...) 199.36.158.100
2023-02-02 02:01:17 +0000 0 - 0 - 2 meghabhatt0529.github.io/NetflixClone/ 185.199.110.153
2023-02-02 01:54:56 +0000 3 - 0 - 3 zikoooooo3.firebaseapp.com/ 199.36.158.100
2023-02-02 01:54:36 +0000 3 - 0 - 3 zikoooooo3.web.app/ 199.36.158.100


Last 2 reports on domain: dicemberie.web.app
Date UQ / IDS / BL URL IP
2022-12-07 13:56:54 +0000 0 - 0 - 2 dicemberie.web.app/ 199.36.158.100
2022-12-07 06:34:25 +0000 0 - 0 - 2 dicemberie.web.app/ 199.36.158.100


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-01 12:26:55 +0000 0 - 0 - 3 simplesite-2de4e.web.app/ 199.36.158.100
2023-02-01 09:39:54 +0000 0 - 0 - 3 simplesite-2de4e.web.app/ 199.36.158.100
2023-02-01 03:06:12 +0000 0 - 0 - 2 simplesite-2de4e.web.app/ 199.36.158.100
2023-01-31 16:25:06 +0000 0 - 0 - 8 smespacnbit-infofr.web.app/ 199.36.158.100
2023-01-31 16:17:51 +0000 0 - 0 - 4 reginalcaissgr-info.web.app/ 199.36.158.100

JavaScript

Executed Scripts (7)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (38)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: dicemberie.web.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         199.36.158.100
HTTP/1.1 301 Moved Permanently
                                        
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://dicemberie.web.app/
Accept-Ranges: bytes
Date: Wed, 07 Dec 2022 13:56:43 GMT
X-Served-By: cache-bma1629-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1670421403.037141,VS0,VE0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - openphish: Credit Agricole S.A.
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9216
Expires: Wed, 07 Dec 2022 16:30:19 GMT
Date: Wed, 07 Dec 2022 13:56:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5723
Cache-Control: max-age=166195
Date: Wed, 07 Dec 2022 13:56:43 GMT
Etag: "63906b73-1d7"
Expires: Fri, 09 Dec 2022 12:06:38 GMT
Last-Modified: Wed, 07 Dec 2022 10:31:15 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10417
Expires: Wed, 07 Dec 2022 16:50:20 GMT
Date: Wed, 07 Dec 2022 13:56:43 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 13:08:02 GMT
age: 2921
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: X6zNdP9hLcMGaVCYjU1ki4UPPgbmZl83o/CoLbhtKlRWiglGWwpK0JhV/Ylm2WsgP0Co5clyJl0=
x-amz-request-id: DMYGMMPEJMPXP49N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 13:47:31 GMT
age: 552
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET / HTTP/1.1 
Host: dicemberie.web.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         199.36.158.100
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
cache-control: max-age=3600
content-encoding: br
etag: "62d66776ef100d0b963c0b0a18bcfcd2dfa70e2940fa1bf216f8a2a6ec9c1c42-br"
last-modified: Mon, 05 Dec 2022 10:15:36 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Wed, 07 Dec 2022 13:56:43 GMT
x-served-by: cache-bma1655-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1670421403.326612,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 599
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1339), with no line terminators
Size:   599
Md5:    a8daba7d86bb93507883e5ca0cedc642
Sha1:   7ea8793e7bccdc4bf9abdcdf1fd86d2b1439381c
Sha256: 57d7019e731c19f92a63e83edac9fd9f7bad722bbe22ffc3f7ff105366ea931a

Alerts:
  Blocklists:
    - openphish: Credit Agricole S.A.
                                        
                                            POST /s/gts1d4int/8EklPeV1cd0 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 13:56:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 07 Dec 2022 13:56:43 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ajax/libs/adblock-detect/1.0.5/index.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dicemberie.web.app
Connection: keep-alive
Referer: https://dicemberie.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 07 Dec 2022 13:56:43 GMT
content-length: 452
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf5-425"
last-modified: Mon, 04 May 2020 16:04:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 13269472
expires: Mon, 27 Nov 2023 13:56:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67a7enEoEppxvNRBpaaXo88hji%2F2ufTVkZuliJpw4B4kr3OVe1Km2yS4SQDaOsCy8p11dRbwZ0uvEWSBw73gNPPbZENGRZtm46wsoVkaydBuuDWiT8Xvo5Io6S2F9JlAlw91Q%2FF1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775dc42bea700b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1061), with no line terminators
Size:   452
Md5:    c660dfc8d0f8ceda2de56842c100d23a
Sha1:   36e3ae4c06d0fa91ef0392c065cb97b83ffe5d64
Sha256: 8ccccd57855b34077443f3fe5ed6d212ef8f5e6029bbd1b18c827699b99eb336
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 13:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /npm/@adonisjs/framework@5.0.13/index.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dicemberie.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.193.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.0.13
x-jsd-version-type: version
etag: W/"1ae-myc90tb7oItlxVsc5EMaDyV2uOM"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 13:56:43 GMT
age: 3096729
x-served-by: cache-fra-eddf8230100-FRA, cache-bma1665-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 305
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   305
Md5:    36c8721a7ad91c2fa311684ada8dd767
Sha1:   d1d3d67d10fe2781c75faeb7fdf8ea1c0dd1543c
Sha256: 52b9e76467478ef29b0904f653393473ee55e64f48804014412541c877181196
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 13:56:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "5E3161BB4E46B8E23AA26CAB78B562B1719188D3"
Expires: Thu, 08 Dec 2022 00:00:00 GMT
Last-Modified: Wed, 07 Dec 2022 12:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3277
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775dc42c8eeeb4f4-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    9a164e710986b149adf8b5462d564cda
Sha1:   135c15b53049b599efbc42a9f9fc72c44c88e1f0
Sha256: 7eb11d7450642ef3d08b3c50c88461bdd961f11e81846bb4bfcda7fb631b8118
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 13:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 13:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dicemberie.web.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 584873
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size:   7884
Md5:    9212f6f9860f9fc6c69b02fedf6db8c3
Sha1:   ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
Sha256: 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 13:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4800
Cache-Control: max-age=86090
Date: Wed, 07 Dec 2022 13:56:43 GMT
Etag: "638f3625-117"
Expires: Thu, 08 Dec 2022 13:51:33 GMT
Last-Modified: Tue, 06 Dec 2022 12:31:33 GMT
Server: ECS (amb/6B9D)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 13:07:55 GMT
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
age: 2928
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=167680
Date: Wed, 07 Dec 2022 13:56:43 GMT
Etag: "6390879b-118"
Expires: Fri, 09 Dec 2022 12:31:23 GMT
Last-Modified: Wed, 07 Dec 2022 12:31:23 GMT
Server: nginx
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4801
Cache-Control: max-age=86090
Date: Wed, 07 Dec 2022 13:56:44 GMT
Etag: "638f3625-117"
Expires: Thu, 08 Dec 2022 13:51:34 GMT
Last-Modified: Tue, 06 Dec 2022 12:31:33 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5664
Cache-Control: max-age=161070
Date: Wed, 07 Dec 2022 13:56:44 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:41:14 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 13:56:44 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 00:40:38 GMT
Expires: Wed, 14 Dec 2022 00:40:37 GMT
Etag: "30066af9aae091805e330e11379658f899399dc4"
Cache-Control: max-age=556432,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775dc42ecc95b4f7-OSL

                                        
                                            GET /socket.io/?EIO=3&transport=websocket HTTP/1.1 
Host: ns.cdn-services.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://dicemberie.web.app
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aM8V1ouJ8/b4b1x1YrdaiA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         188.114.97.1
HTTP/1.1 101 Switching Protocols
                                        
Date: Wed, 07 Dec 2022 13:56:44 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mV5SYRhs/xBmObNtSXnCHnWawMY=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rr4NwX8Y%2BQgud1%2BH01IR36q0AF1WnrQPLEwXzX1U8xo2mgU0CHkq5UfihNfIKkn%2FenujoJH3iI6vOk6SvA9PgCSqV9AfHBPh2c%2BTpQD8y0ugI5She9pKzAQXzPb%2BVunq5W8Z8JEO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775dc42e8a52b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

                                        
                                            GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1 
Host: www.credit-agricole.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dicemberie.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         158.191.172.47
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Tue, 06 Dec 2022 08:49:49 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 06 Dec 2022 08:49:49 GMT
Cache-Control: max-age=2592000
Expires: Thu, 05 Jan 2023 08:49:49 GMT
vha6-origin: cats-rd14-prd
Age: 104815
X-Cache: HIT
X-Cache-Hits: 63343
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   6260
Md5:    6aad7b35286876f8eaf5bc8ca659e1b5
Sha1:   ea44f6b518e680fb5188f18b8202111aae5034a3
Sha256: 4ecc8a8abebf54ec1c40d1461770ac546fe2397c97f0e696de3879c05d6189fc
                                        
                                            GET /content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg HTTP/1.1 
Host: www.credit-agricole.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dicemberie.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         158.191.172.47
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 06 Dec 2022 08:50:37 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 06 Dec 2022 08:50:37 GMT
Content-Length: 243919
Cache-Control: max-age=2592000
Expires: Thu, 05 Jan 2023 08:50:37 GMT
vha6-origin: cats-rd14-prd
Age: 104767
X-Cache: HIT
X-Cache-Hits: 6636
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=791, bps=218, PhotometricIntepretation=RGB, description=Diverse culture people using mobile smartphone outdoor - Happy friends having fun with technology trends - Youth, new generatio, manufacturer=SONY, model=ILCE-7M2, orientation=upper-left, width=1326], progressive, precision 8, 960x960, components 3\012- data
Size:   243919
Md5:    b259c4797d838add41da1047021d2480
Sha1:   13de10f5a348efa8ff3d856f2e347eeff8a33579
Sha256: c4966ab5e78e2270952b89576c4a0a386e8a7ea673c56f0f396d620abf4f81b8
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8mZ2TZBz2BSiLgCK9fNJxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         44.242.3.166
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PFyTzgHvACytv1cE4mMxyXBBLqI=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5411
Expires: Wed, 07 Dec 2022 15:26:56 GMT
Date: Wed, 07 Dec 2022 13:56:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5411
Expires: Wed, 07 Dec 2022 15:26:56 GMT
Date: Wed, 07 Dec 2022 13:56:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5411
Expires: Wed, 07 Dec 2022 15:26:56 GMT
Date: Wed, 07 Dec 2022 13:56:45 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14896
x-amzn-requestid: 58d94b15-dce0-44c0-96b1-917f1206a39e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnA4RFkeoAMFfGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4834-7c1667b53795d5c11a3bfdda;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:11:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tM0WOO_Ypgj2QxJSz9GHZZTsKjzsvyD6tjpp4G0ZpuGAIGmnEe4oqQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:29:22 GMT
age: 19643
etag: "63b6efc98cb04228d82ac28fceb97bb1cf8d82fb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14896
Md5:    4884ce2731d3033b12e4792c1bbf453e
Sha1:   63b6efc98cb04228d82ac28fceb97bb1cf8d82fb
Sha256: 8c37704d0e1fd16239e28cbdb88c5ac6a2e9cfb70f8457bfab127202f89d3788
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 06:11:41 GMT
age: 27904
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6557
Md5:    210b27f5f6310d8fad640acce3d9ae0e
Sha1:   08d241e56622cb900754d95bc5d58ed8826d9f32
Sha256: 64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ViuPsZBEVJ-aGOcsfrl3nXu244mzMUMQVhpPeNlO7W3sBrrfuUfXpA==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:32:04 GMT
age: 55481
etag: "36082b7329d473829178f280cb71a83b1531e486"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11224
Md5:    b15136d60fd0a5e0f657a4f5c75d540f
Sha1:   36082b7329d473829178f280cb71a83b1531e486
Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12293
x-amzn-requestid: 49891ceb-3f74-4e83-8064-f54fc8b30961
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyGHPOIAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-651e4e0c55257bcc553cd176;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7CSrKcHLynpqU_U0D_t1Nen9fnk5uMQYS3O8vsAzyYnnFhLyqQargA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:30:05 GMT
age: 55600
etag: "9a26884875abb0652c568c50438b65f801779f9a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12293
Md5:    53afd826523f4c18bf968764818d7ca7
Sha1:   9a26884875abb0652c568c50438b65f801779f9a
Sha256: 4f9dfeda67a040fef9c6987a7c334a91c993c84f694fa91771fcf7fd1d2e4937
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2j9gqNvWYRFM-li9Nj4nLAWe_eKWMSwagPgU3eAtk0pjcJUX4Q8XEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:55:40 GMT
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
age: 57665
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8438
Md5:    e95ebce9d79ba46cb96af9a45af1762f
Sha1:   985c6761675e6bcc0186f64d55f94cf09352f05c
Sha256: 5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5790
x-amzn-requestid: 2e409a5f-ce04-4b9b-b3a2-74e5bbd256d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSvoEoUoAMFsxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64ca-72e1bb13187b18aa26c8566f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _G0pVd5Yq-CpT0YX-Gfh0OD0oF1BdB63r2NdfgWTBkNI7u_78u7BCQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:50:13 GMT
age: 57992
etag: "1f25392db4cf3693259202b24e898f21093b8bf9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5790
Md5:    18bbcbf84b00d3bc602830478ff1bd7f
Sha1:   1f25392db4cf3693259202b24e898f21093b8bf9
Sha256: cb2b44e1f74a9bb43fab48536f6146e273c728b34e4889ff3f18a411d14d2282
                                        
                                            GET /ip HTTP/1.1 
Host: ns.cdn-services.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dicemberie.web.app/
Origin: https://dicemberie.web.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         188.114.97.1
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Wed, 07 Dec 2022 13:56:44 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
set-cookie: cook-session=eyJ1c2VySUQiOiI1OTIwMyJ9; path=/; secure; httponly cook-session.sig=h7Qdeoaa-X52PpZu-6eKFTRPnUM; path=/; secure; httponly
etag: W/"13d-+cK0ZY/3WenpUKC4WEVV6OYEvTU"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueGncLQQuvXtqTjx1JoDpGEZsGA5FaWdTk8VAxMBykoDqNpqWtWy%2FI5nlJ4e1eA1Q8joV3YnVDRidmKFvHPliVfrzKVJ063biE1CW8IUXbvjw4Aae7gMAd%2F5ika1Ju3yN9fv%2BBfC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775dc42d9bba1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Poppins:wght@400&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dicemberie.web.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 13:56:43 GMT
date: Wed, 07 Dec 2022 13:56:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---