pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html
104.18.2.35200 OK 148 B URL User Request GET HTTP/1.1 pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html
IP 104.18.2.35:443
Certificate IssuerLet's Encrypt
Subject*.r2.dev
Fingerprint91:F0:8B:D3:AA:FC:86:18:F9:F2:29:EB:98:8C:D8:5A:3A:76:5C:CF
ValidityWed, 11 Oct 2023 17:13:53 GMT - Tue, 09 Jan 2024 17:13:52 GMT
File type HTML document, ASCII text, with no line terminators
Hash e8a95b57a0bcced11b3c4065bfe396e4
fcabc9120bca2226abe84732009d1dfd8ec2af6d
3625fc292647ac05e6262445a77dab441b3709944f74812c187c6251e4be3798
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /uwa7.html HTTP/1.1
Host: pub-14c31667a05343c19ddf64766402b12f.r2.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:50:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"e8a95b57a0bcced11b3c4065bfe396e4"
Last-Modified: Thu, 30 Nov 2023 06:39:40 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 82ed83c848455694-OSL
Content-Encoding: gzip
pub-14c31667a05343c19ddf64766402b12f.r2.dev/Outlook%20Web%20App_files/lgnexlogo.gif
104.18.2.35404 Not Found 6.5 kB URL GET HTTP/1.1 pub-14c31667a05343c19ddf64766402b12f.r2.dev/Outlook%20Web%20App_files/lgnexlogo.gif
IP 104.18.2.35:443
Requested by https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html
Certificate IssuerLet's Encrypt
Subject*.r2.dev
Fingerprint91:F0:8B:D3:AA:FC:86:18:F9:F2:29:EB:98:8C:D8:5A:3A:76:5C:CF
ValidityWed, 11 Oct 2023 17:13:53 GMT - Tue, 09 Jan 2024 17:13:52 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (611)
Hash df3d48946e8d3f5a83608308edbb4b86
47b9c40c97abf2658df96b1c06109324e15e1a00
570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /Outlook%20Web%20App_files/lgnexlogo.gif HTTP/1.1
Host: pub-14c31667a05343c19ddf64766402b12f.r2.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 01 Dec 2023 18:50:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 82ed83cec9c65694-OSL
Content-Encoding: gzip
pub-14c31667a05343c19ddf64766402b12f.r2.dev/Outlook%20Web%20App_files/lgnbotr.gif
104.18.2.35404 Not Found 6.5 kB URL GET HTTP/1.1 pub-14c31667a05343c19ddf64766402b12f.r2.dev/Outlook%20Web%20App_files/lgnbotr.gif
IP 104.18.2.35:443
Requested by https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html
Certificate IssuerLet's Encrypt
Subject*.r2.dev
Fingerprint91:F0:8B:D3:AA:FC:86:18:F9:F2:29:EB:98:8C:D8:5A:3A:76:5C:CF
ValidityWed, 11 Oct 2023 17:13:53 GMT - Tue, 09 Jan 2024 17:13:52 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (611)
Hash df3d48946e8d3f5a83608308edbb4b86
47b9c40c97abf2658df96b1c06109324e15e1a00
570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /Outlook%20Web%20App_files/lgnbotr.gif HTTP/1.1
Host: pub-14c31667a05343c19ddf64766402b12f.r2.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 01 Dec 2023 18:50:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 82ed83ceed8f56af-OSL
Content-Encoding: gzip
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.170200 OK 31 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.170:443
Requested by https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 12:36:04 GMT
expires: Fri, 29 Nov 2024 12:36:04 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 108852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=undefined&sz=64
142.250.74.164301 Moved Permanently 329 B URL GET HTTP/2 www.google.com/s2/favicons?domain=undefined&sz=64
IP 142.250.74.164:443
Requested by https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash de1463eb71f54383349bc3fb9a800328
5628dff146ba943e4482c24f26d70266558b7c6e
096e4d5fa52a429dea2a183a79e33513872d6aee14d51e4c3af5896a99ab20b3
GET /s2/favicons?domain=undefined&sz=64 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://undefined&size=64
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 18:50:16 GMT
expires: Fri, 01 Dec 2023 19:20:16 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 329
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://undefined&size=64
142.250.74.164 726 B URL t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://undefined&size=64
IP 142.250.74.164:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://undefined&size=64 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 18:50:17 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
webmail.bourbon-online.com/owa/14.3.513.0/themes/resources/favicon.ico
40.68.95.2200 OK 1.4 kB URL GET HTTP/1.1 webmail.bourbon-online.com/owa/14.3.513.0/themes/resources/favicon.ico
IP 40.68.95.2:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html
Certificate IssuerGlobalSign nv-sa
Subject*.bourbon-online.com
FingerprintDD:05:12:FD:78:C8:65:A1:61:70:99:C5:2F:3D:1B:D5:88:13:22:6E
ValidityThu, 30 Mar 2023 13:38:32 GMT - Tue, 30 Apr 2024 13:38:31 GMT
File type MS Windows icon resource - 1 icon, 16x16\012- data
Hash 87b56a9674f5479f749f4f2f5dd4e80d
a4db42c95d77dc2ef14861da3dd2983d2f9bd634
1e364b08a7d3f51e1046cf8d84bce2eb1731272287dab854c728896f474769b1
GET /owa/14.3.513.0/themes/resources/favicon.ico HTTP/1.1
Host: webmail.bourbon-online.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Length: 1406
Content-Type: image/x-icon
Last-Modified: Thu, 10 Nov 2011 17:24:52 GMT
Accept-Ranges: bytes
x-ms-proxy-app-id: 2fae948a-2e1b-443c-a062-e3f3eec07536
x-ms-proxy-group-id: cf763f30-62e8-43e4-b3aa-abc5f7c8224a
x-ms-proxy-subscription-id: d30c28fe-0ba2-40bd-b498-76d8fa33a04d
x-ms-proxy-transaction-id: c4abd6a3-5c45-4868-8751-16a3b184aebe
x-ms-proxy-service-name: proxy-appproxy-WEUR-AMS02P-2
x-ms-proxy-data-center: WEUR
x-ms-proxy-connector-id: a705a5e9-bb98-4974-9868-bc8c215b2a5f
Etag: "08ad8a7cd9fcc1:0"
Set-Cookie: OutlookSession=05d687d255a1443184cbb71ff65922b4; path=/; secure; HttpOnly
AzureAppProxyAnalyticCookie_2fae948a-2e1b-443c-a062-e3f3eec07536_https_1.3=4|hF8cSgdJGD1EJsMGZzgM6C/E2/TO7ZCo1m+asdjs/gEz8cBZDyW2f3ofwh9LSmxcZGLfBoPUfC4A06B7ta9Jmj07MKfqaSLz66t7e/Le66tMPKb807aqVAEuJOll+JK553X1QiqtHdDjBeyNBQoKXA==; path=/; Secure; SameSite=None
X-Powered-By: ASP.NET
X-Server: EXC-02
Nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.2,"failure_fraction":1.0}
Report-To: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://ffde.nelreports.net/api/report?cat=proxy-appproxy-WEUR-AMS02P-2"}]}
Date: Fri, 01 Dec 2023 18:50:16 GMT
eu.starton-ipfs.com/ipfs/bafybeicwxropsprytiijj2s6ck44psctz4wl3czeiedcmhcckttym6z7g4
0.0.0.0 0 B URL GET eu.starton-ipfs.com/ipfs/bafybeicwxropsprytiijj2s6ck44psctz4wl3czeiedcmhcckttym6z7g4
IP 0.0.0.0:0
Requested by https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html
Certificate IssuerGoogle Trust Services LLC
Subjectstarton-ipfs.com
Fingerprint07:7E:C7:A6:30:D0:30:2C:14:C0:2C:3B:D0:02:0E:B3:14:0D:0F:E3
ValidityTue, 21 Nov 2023 13:20:13 GMT - Mon, 19 Feb 2024 13:20:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ipfs/bafybeicwxropsprytiijj2s6ck44psctz4wl3czeiedcmhcckttym6z7g4 HTTP/1.1
Host: eu.starton-ipfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 01 Dec 2023 18:50:16 GMT
content-type: text/plain; charset=utf-8
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeicwxropsprytiijj2s6ck44psctz4wl3czeiedcmhcckttym6z7g4"
x-ipfs-path: /ipfs/bafybeicwxropsprytiijj2s6ck44psctz4wl3czeiedcmhcckttym6z7g4
x-ipfs-roots: bafybeicwxropsprytiijj2s6ck44psctz4wl3czeiedcmhcckttym6z7g4
x-kong-upstream-latency: 9
x-kong-proxy-latency: 0
via: kong/3.2.2.1-enterprise-edition
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwUqAxStiXIGxOXtFhWT2eZMK3ohVLQlGf84Be9OBtyb1h5zgVr0Um43l5T2AUkJOzZrBvDPIzyQBe3xf7mK7NDE9VWb18nmkp%2FXfXvu3ku92Fquf59MmrSz9nK09Mtuz6IW3Dk2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ed83cc7f03b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
image.thum.io/get/65490-1671030344805-37a36e07674665dbe1105f1044aab44d/width/1200/https://undefined
54.91.120.55200 OK 23 kB URL GET HTTP/2 image.thum.io/get/65490-1671030344805-37a36e07674665dbe1105f1044aab44d/width/1200/https://undefined
IP 54.91.120.55:443
Requested by https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html
Certificate IssuerAmazon
Subject*.thum.io
Fingerprint07:A3:2D:21:8F:4E:98:41:CF:71:06:8A:8A:92:CF:EA:7F:05:ED:03
ValiditySun, 24 Sep 2023 00:00:00 GMT - Tue, 22 Oct 2024 23:59:59 GMT
File type PNG image data, 1200 x 1200, 8-bit/color RGB, non-interlaced\012- data
Hash 7774382410a95e5866c80f5fab7c2829
bd8fc7f10732861a35fb5dc9f62f859eaed67c22
b6951484dc910eaeb1d65744b0e44c43575fe09fde37a355638b283b75a298df
GET /get/65490-1671030344805-37a36e07674665dbe1105f1044aab44d/width/1200/https://undefined HTTP/1.1
Host: image.thum.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 01 Dec 2023 18:50:17 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 02 Dec 2023 18:50:17 GMT
thum_status_code: 0
content-disposition: inline; filename= "undefined.png"
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://undefined&size=64
142.250.74.164404 Not Found 726 B URL GET HTTP/3 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://undefined&size=64
IP 142.250.74.164:443
Requested by https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/uwa7.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://undefined&size=64 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pub-14c31667a05343c19ddf64766402b12f.r2.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 18:50:17 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000