detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 28 Mar 2023 15:32:19 GMT
Age: 78851
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
rl-garage.cfd/auth
64.225.91.73200 OK 336 B IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 43dfbffaa35b6cc4a467cc85e6b20535
df9d048367875b50c74f3ef25c49f0217cff97a7
a1560d3433a476438c5accf1561ce25754f9cbd239e86689b2fbc1acd9fae5c0
GET /auth HTTP/1.1
Host: rl-garage.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 29 Mar 2023 13:26:31 GMT
content-type: text/html
last-modified: Wed, 22 Feb 2023 21:25:52 GMT
etag: W/"63f68860-251"
content-encoding: gzip
transfer-encoding: chunked
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13091
Expires: Wed, 29 Mar 2023 17:04:42 GMT
Date: Wed, 29 Mar 2023 13:26:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 710a535aaa1450fafb8bdd6b36beb8b6
b8e939b2be6c874de3930bf80bfe9dc2dbb58c59
1f56eee1c433abbe6b5a60dc91cbf0340a2e5ef13c59352683df3e828919d8ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F56EEE1C433ABBE6B5A60DC91CBF0340A2E5EF13C59352683DF3E828919D8CE"
Last-Modified: Tue, 28 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9347
Expires: Wed, 29 Mar 2023 16:02:18 GMT
Date: Wed, 29 Mar 2023 13:26:31 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 45 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash af865fda52080ee03852a037f4697840
4fda541547b570a81adb6e547b0ee178dfa8d0ef
7a1c2364ac5bdb8296e0950b33b9298e2aac2b8a54c0e6c211a66b777a0de25f
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: W1gsd5492C7sv52YDNe_X5-IxFvICXxEwLPIfbeRHEEzOUZUFV_ONA==
content-encoding: gzip
via: 1.1 57bd3a2d9e0e4cbf89d9eb3d7dfb916e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 13:17:57 GMT
content-type: application/json
vary: Accept-Encoding
content-length: 44755
age: 514
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c0d9353dc46e88bf564ed464b0b073c7
0b5ce170e7db24267a3ba5b79a48548b1acd2e5b
7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7574
Expires: Wed, 29 Mar 2023 15:32:45 GMT
Date: Wed, 29 Mar 2023 13:26:31 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:26:31 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uR6hfIkplHWiOJ7ASfOtJpKPefp/fjpLSYj+m6Az7IwKiETgrP0GMQg9DERMCs7W74mjaWA9aY8=
x-amz-request-id: ZT822DA6V3M5BK0T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 12:33:26 GMT
age: 3185
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8114
Expires: Wed, 29 Mar 2023 15:41:45 GMT
Date: Wed, 29 Mar 2023 13:26:31 GMT
Connection: keep-alive
domaincntrol.com/?orighost=http://rl-garage.cfd/auth
104.18.26.45200 OK 34 B URL HTTP/2 domaincntrol.com/?orighost=http://rl-garage.cfd/auth
IP 104.18.26.45:0
File type ASCII text, with no line terminators
Hash 3557916f6a1fdcc36ff04c9bf8857f83
23052034645fad8dcdcfa187e63e93b9b4802dbc
d253788d228d28b2a4ecfc9fd579bdf0dc2b2f98641eb67dd8ba2e4a46bc613c
GET /?orighost=http://rl-garage.cfd/auth HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rl-garage.cfd/
Origin: http://rl-garage.cfd
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:26:31 GMT
content-type: text/plain;charset=UTF-8
content-length: 34
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af871ee1c45b50c-OSL
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Retry-After, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 13:15:56 GMT
content-type: application/json
age: 635
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 28 Mar 2023 15:32:19 GMT
Age: 78852
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
rl-garage.cfd/favicon.ico
64.225.91.73200 OK 336 B URL HTTP/1.1 rl-garage.cfd/favicon.ico
IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 43dfbffaa35b6cc4a467cc85e6b20535
df9d048367875b50c74f3ef25c49f0217cff97a7
a1560d3433a476438c5accf1561ce25754f9cbd239e86689b2fbc1acd9fae5c0
GET /favicon.ico HTTP/1.1
Host: rl-garage.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rl-garage.cfd/auth
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 29 Mar 2023 13:26:31 GMT
content-type: text/html
last-modified: Wed, 22 Feb 2023 21:25:52 GMT
etag: W/"63f68860-251"
content-encoding: gzip
transfer-encoding: chunked
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a740252e7b24892a3e34f6dfed6e3bde
d44d21abb95edd1ccc775632254f11ee94fb585e
e289995a2b4b340364dd7dfa32c79c7722ece6cc4b893b38fc68bbce680d2f94
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E289995A2B4B340364DD7DFA32C79C7722ECE6CC4B893B38FC68BBCE680D2F94"
Last-Modified: Mon, 27 Mar 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5594
Expires: Wed, 29 Mar 2023 14:59:45 GMT
Date: Wed, 29 Mar 2023 13:26:31 GMT
Connection: keep-alive
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9Mk7V3JJLdLvm9YB9voC1A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aNrqdW1kMIaVk7FukWMs9CWempU=
Date: Wed, 29 Mar 2023 13:26:31 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Retry-After, ETag, Content-Length, Content-Type, Backoff, Pragma, Expires, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 29 Mar 2023 13:17:26 GMT
age: 545
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 62e1cfbac54e32c7335cb1b32771af73
a166212bc83c04d496d03f03f8f2e8ebb9526c5b
de90af33c79fb2e6ed05080835dad5d351816c1d21d96260c7f7998fe2ec66fb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 388
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 13:26:32 GMT
Last-Modified: Wed, 29 Mar 2023 13:20:04 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221680080233583%22
35.241.9.150200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221680080233583%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (22067), with no line terminators
Hash e049bceffc450caf0dd9bffc79e9bda8
7e0e59c50ce13927f80fa76c025c90fa2ec7da3c
d0a98863f1f0c6b6ef60c3e98c9a44889d0203e55624b8f701fdfe360d16bae5
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221680080233583%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 22067
via: 1.1 google
date: Wed, 29 Mar 2023 13:01:55 GMT
age: 1477
last-modified: Wed, 29 Mar 2023 08:57:13 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1680028648110&_since=%221666204638208%22
35.241.9.150200 OK 40 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1680028648110&_since=%221666204638208%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (40281), with no line terminators
Hash d44792ae3ff2bee72cd88837b1d30d00
3e599758152abb07c785cb964fc0baee4fb4f446
1b9e59d165a60f7406de62e0817f0d4994a9f64ac7c4f0582ff43016fc05b229
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1680028648110&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 40281
via: 1.1 google
date: Wed, 29 Mar 2023 12:58:50 GMT
age: 1662
last-modified: Tue, 28 Mar 2023 18:37:28 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: KL+tfILz58XWgkWBFeW66nAMRXRdEcIH5qLkWvJ7WeulqdprWMg8s98u/AwcWhtC5seUKfA8qJw=
x-amz-request-id: KFG8KA3KTF13PAQA
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 13:02:30 GMT
age: 1442
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ed282214b024a7895d90e229e92bb1cc
1f447aa59287ce2b45860a1a909d005a41305f77
a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 12:28:09 GMT
content-type: application/json
age: 3503
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
44.241.53.229200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 44.241.53.229:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Wed, 29 Mar 2023 13:26:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 67066d4d6dcd9e995083fc1fed508034
b7c3165a3fbbcad47603e8711186d261a4666aeb
1fc21875e471cc95167611656b2a0e9c578f21defe34ce5ea1388d274df5b5b7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1FC21875E471CC95167611656B2A0E9C578F21DEFE34CE5EA1388D274DF5B5B7"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13874
Expires: Wed, 29 Mar 2023 17:17:46 GMT
Date: Wed, 29 Mar 2023 13:26:32 GMT
Connection: keep-alive
domaincntrol.com/?orighost=http://rl-garage.cfd/auth
104.18.26.45200 OK 34 B URL HTTP/2 domaincntrol.com/?orighost=http://rl-garage.cfd/auth
IP 104.18.26.45:0
File type ASCII text, with no line terminators
Hash 3557916f6a1fdcc36ff04c9bf8857f83
23052034645fad8dcdcfa187e63e93b9b4802dbc
d253788d228d28b2a4ecfc9fd579bdf0dc2b2f98641eb67dd8ba2e4a46bc613c
GET /?orighost=http://rl-garage.cfd/auth HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rl-garage.cfd/
Origin: http://rl-garage.cfd
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:26:32 GMT
content-type: text/plain;charset=UTF-8
content-length: 34
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af871f48e59b50c-OSL
X-Firefox-Spdy: h2
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
34.111.73.144200 OK 807 kB URL HTTP/2 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
IP 34.111.73.144:0
Size 807 kB (807180 bytes)
Hash 914be443bdfbe8a1c3ded61e1c114bd6
4fe7c5ff83f6a29e6699f4cebc17550891504661
41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857
GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 59G7qTJQiLuRHxxSkAS7i5JoVkPmSxvoUFSiSuMU5NDxXetcSPNyHZPUwj7u+afDVOleH+O6SLE=
x-amz-request-id: RWFC6R5QJM79BGGV
x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7
accept-ranges: bytes
server: AmazonS3
content-length: 807180
via: 1.1 google
date: Thu, 23 Mar 2023 11:49:19 GMT
age: 524233
last-modified: Tue, 10 Jan 2023 12:38:46 GMT
etag: "914be443bdfbe8a1c3ded61e1c114bd6"
content-type: application/octet-stream
cache-control: public,max-age=604800
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1680018554787&_since=%221643818378440%22
35.241.9.150200 OK 10 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1680018554787&_since=%221643818378440%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (10096), with no line terminators
Hash ceb5afa740b44e3ce7f4227d4b439113
c61643d28463d062f8ffee3b8ea1cd89cb7b5a6c
0a2f9b659d2e0c816d958925eba9ce4e1387ef3571542036b5c9641f0f364c26
GET /v1/buckets/blocklists/collections/gfx/changeset?_expected=1680018554787&_since=%221643818378440%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 10096
via: 1.1 google
date: Wed, 29 Mar 2023 12:54:50 GMT
age: 1902
last-modified: Tue, 28 Mar 2023 15:49:14 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1680048066000&_since=%221666483264567%22
35.241.9.150200 OK 94 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1680048066000&_since=%221666483264567%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash f4572adefd3ecea7598420c956ee846a
730c7e0818c2be35cceaf3ec67ddd2556678510d
fbefcc3fc55ca43a43fca916443ddab8c96f406c3ea1a79dd862f3d71dadb4ec
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1680048066000&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Retry-After, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 94145
via: 1.1 google
date: Wed, 29 Mar 2023 12:24:20 GMT
age: 3732
last-modified: Wed, 29 Mar 2023 00:01:06 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22
35.241.9.150200 OK 7.0 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (6983), with no line terminators
Hash 43e4ae012aa36f9b6a3297174b84121b
114a70a8f2dbe4fa305435ffd386d0bf93009b2e
414f92b77ac1003e257269744bc94665e94eb8932460df4d6b0b80ba8a9ddce1
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 6983
via: 1.1 google
date: Wed, 29 Mar 2023 13:05:42 GMT
age: 1250
last-modified: Tue, 28 Mar 2023 16:36:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22
35.241.9.150200 OK 1.6 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1646), with no line terminators
Hash 0530a1e9082b795cd4fd4c2b8bd25d70
3f0229439b1d96f80fcb6ab6b77a25feaa8775e9
84fac3b241036cfdcf0f5ded9e9a46d2b49eba4344b3db83755f7268ee21f553
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1646
via: 1.1 google
date: Wed, 29 Mar 2023 13:06:58 GMT
age: 1174
last-modified: Tue, 28 Mar 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1679956624429&_since=%221666279968541%22
35.241.9.150200 OK 71 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1679956624429&_since=%221666279968541%22
IP 35.241.9.150:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2adf233b581f2d7d3054238110e9c192
7205a1337a2e2fef30da495d33d812c4df8399c2
e2afe8cc7154cee09c4491f629f7f06cc85017664c578ef87e57a895da2eade4
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1679956624429&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Retry-After, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 71024
via: 1.1 google
date: Wed, 29 Mar 2023 12:58:51 GMT
age: 1661
last-modified: Mon, 27 Mar 2023 22:37:04 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
35.241.9.150200 OK 682 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Hash 1e047b83920b53efa84372fbf1a81bee
e2404b9c4d03d1c58e71884919a54c2f9a3dedfd
7e9d0acd7bc581de92f53a81423bd582b348c3c871a02cd7b26229313d5e6013
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Pragma, Last-Modified, Retry-After, Expires, Cache-Control, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 682
via: 1.1 google
date: Wed, 29 Mar 2023 13:16:06 GMT
age: 626
last-modified: Sat, 25 Mar 2023 16:36:56 GMT
etag: "1679762216708"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
35.241.9.150200 OK 1.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1251), with no line terminators
Hash 544e218878f656b4373563a094716a70
ae8f7f0929f1f4cf0b28eb0a2b5943e148ca61a9
532f508ccf0e693debde8f684a0fd170c3296dfad6f1bb27c672c37af6c3e7a7
GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1251
via: 1.1 google
date: Wed, 29 Mar 2023 12:46:24 GMT
age: 2408
last-modified: Sat, 25 Mar 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
35.241.9.150200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1742), with no line terminators
Hash c6ffeaa329fe3d4b15ca88fc8d960a12
f3f1fbe76d66e7d72122d56efa5d47a660c758b3
0f4df13e808c9a2caa24aa9c2419b0b14f9a79514f32bedf2addb947dd285608
GET /v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1742
via: 1.1 google
date: Wed, 29 Mar 2023 12:47:27 GMT
age: 2346
last-modified: Sat, 25 Mar 2023 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
35.241.9.150200 OK 2.4 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (2387), with no line terminators
Hash 377da5cb5955db6a3bbed6eaf61e789a
64f5e967b2d903ad2934ab11a8c567dbf282b025
60fe6df1f2d1e2e1727f1b8d44c1102f86558928b4df9cd7a92569d04f8724cf
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Retry-After, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2387
via: 1.1 google
date: Wed, 29 Mar 2023 12:46:33 GMT
age: 2400
last-modified: Fri, 24 Mar 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22
35.241.9.150200 OK 772 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (772), with no line terminators
Hash 1150fc438e642be5635e3234834367d9
a421eab9d39f0fefd6a1f2ecda9fc11ceddb646c
2b980c60a311dafdf93d9983c4ed8ac7dea9f7ff61329ffb1e1a24d0909f3d15
GET /v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 772
via: 1.1 google
date: Wed, 29 Mar 2023 12:36:52 GMT
age: 2981
last-modified: Thu, 23 Mar 2023 19:33:52 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
35.241.9.150200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1506), with no line terminators
Hash 318c328ba16a767b6d94b0cbfc1a8b4d
40dfca34d6034f7bdeb27801f3b485e001699c38
6293349b31e326d2e8e4001e780554226b24584f981cc1325d70e48fbfa69ed0
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1506
via: 1.1 google
date: Wed, 29 Mar 2023 12:33:18 GMT
age: 3195
last-modified: Thu, 23 Mar 2023 16:36:48 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
35.241.9.150200 OK 935 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (935), with no line terminators
Hash 9122f99473d982e0cf08d156d80fa431
0c58a6dc78b365762e6cce14075639d4b5e12b15
5a12e97c12a31b264b4ff70f17bf92ed19aff7cd04029d71d913a37593e3d600
GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 935
via: 1.1 google
date: Wed, 29 Mar 2023 13:10:26 GMT
age: 967
last-modified: Thu, 23 Mar 2023 16:36:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22
35.241.9.150200 OK 25 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (25354), with no line terminators
Hash 92ef0b8c859dbf1a8eb36743ed5d280a
a1524882fcfc9db519841b42276d34e9f6f7dfb1
915ba6d82d28de9d983a184d875d1ba56955dbefb1bbde72e867b334634e56be
GET /v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 25354
via: 1.1 google
date: Wed, 29 Mar 2023 13:00:13 GMT
age: 1580
last-modified: Thu, 23 Mar 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
domaincntrol.com/?orighost=http://rl-garage.cfd/auth
104.18.26.45200 OK 34 B URL HTTP/2 domaincntrol.com/?orighost=http://rl-garage.cfd/auth
IP 104.18.26.45:0
File type ASCII text, with no line terminators
Hash 3557916f6a1fdcc36ff04c9bf8857f83
23052034645fad8dcdcfa187e63e93b9b4802dbc
d253788d228d28b2a4ecfc9fd579bdf0dc2b2f98641eb67dd8ba2e4a46bc613c
GET /?orighost=http://rl-garage.cfd/auth HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rl-garage.cfd/
Origin: http://rl-garage.cfd
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:26:33 GMT
content-type: text/plain;charset=UTF-8
content-length: 34
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af871fae88bb50c-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14815
Expires: Wed, 29 Mar 2023 17:33:28 GMT
Date: Wed, 29 Mar 2023 13:26:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14815
Expires: Wed, 29 Mar 2023 17:33:28 GMT
Date: Wed, 29 Mar 2023 13:26:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14815
Expires: Wed, 29 Mar 2023 17:33:28 GMT
Date: Wed, 29 Mar 2023 13:26:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14815
Expires: Wed, 29 Mar 2023 17:33:28 GMT
Date: Wed, 29 Mar 2023 13:26:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8afbc872d18847aaed67054dbfc2d31b
6eb894c4aa4fa53d9a3d4b948b5e65b7e9a76d5b
65c2b5fe2a3df654cfed7e7721b2d8f08665a72bb358b4d6e30e7cba853336e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5414
x-amzn-requestid: b6795b2f-1460-4516-bac0-9148e9868fa1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguaYF5jIAMFmiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ddb-42762e4f0aa5e6050f82d138;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:27 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 2uZtp6TgGSem59CZMyKKtawyKTmNiLyj5wu7RXTGq04n2tN_gefzsw==
via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:43:08 GMT
age: 56605
etag: "6eb894c4aa4fa53d9a3d4b948b5e65b7e9a76d5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 253f48aa7cbf667d52cb37fda10cdb1f
e29478b866f90402b48d2b516d01d60a863c9cf9
b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CgvBFFMGIAMFhCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: bXiCIy2ZqOyLvougeQikdsmaIJ9BfMPpOO4oU-3nEGY33FQGCm0ZoQ==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:44:35 GMT
age: 56518
etag: "e29478b866f90402b48d2b516d01d60a863c9cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fd1bc71c7e9eed7c086d752ea8b4b992
02a74cf88501d65b3dfcceb5adc79fd93ce785ed
a9a423d347533322d4d3ba90ee5fca5ca32f8d540f744ea2621deeda46df89f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7605
x-amzn-requestid: b7628073-4eb3-4ef6-b7d0-0224e0a75601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GFPoAMFebQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-445041c74356c54053f772a1;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: npXnMYBUM1bcf7FQIJEHng73EkILWwM0Jvey0QDUvmln0kAJUG_Rpw==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:43:57 GMT
age: 56556
etag: "02a74cf88501d65b3dfcceb5adc79fd93ce785ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: LAAUFZcFBIpdMUkaDQXGW1sdwLK9c_uhQQHLiJHGF7dEvfJ0KX7MaA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:37:00 GMT
age: 56973
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b185c2d-7167-4369-8cd8-7c5017834382.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b185c2d-7167-4369-8cd8-7c5017834382.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 088ee9246dd360ff8df1cfd861295d39
6e224650d4c0315d8218e2522fc9a0f1ca81799f
48ae55b65f6bb6f15580d28adc558b96086fb293fef375e7ab57944bf4301ae1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b185c2d-7167-4369-8cd8-7c5017834382.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7466
x-amzn-requestid: 229ed535-832e-4328-bafd-0cf2dec18fbe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbqLF8-IAMFzcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220ca7-61d293a52a1a02130d0ffa53;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:43 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: boxTGMCQWjzE0Wzi5UyI3Pk6GDUvOO3TZg-Fiw6lZtOuRY9_gFtQ0A==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 23:09:21 GMT
age: 51432
etag: "6e224650d4c0315d8218e2522fc9a0f1ca81799f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5d955ec5d3a9f655e4ca0523acfd039
e8b2cd28a02a2cee1b4e57c57570f2598721ff57
e7753ef91d6f04dce00f83cb1ba3ea4f1abb52140993fbee375e506597cee529
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6970
x-amzn-requestid: 9f7a82d7-dbba-4c67-a330-6a7f2b68177d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cdn3zGn7oAMFwNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64222031-1d97c16f7a9c163c02fe72ac;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 23:01:05 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: T5nLGmFBbMqFh96iZ2ZCNSFoaxYtPzUxVwxIl3zJLxCskK23cGGxBQ==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 02:00:14 GMT
age: 41179
etag: "e8b2cd28a02a2cee1b4e57c57570f2598721ff57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
domaincntrol.com/?orighost=http://rl-garage.cfd/auth
104.18.26.45200 OK 34 B URL HTTP/2 domaincntrol.com/?orighost=http://rl-garage.cfd/auth
IP 104.18.26.45:0
File type ASCII text, with no line terminators
Hash 3557916f6a1fdcc36ff04c9bf8857f83
23052034645fad8dcdcfa187e63e93b9b4802dbc
d253788d228d28b2a4ecfc9fd579bdf0dc2b2f98641eb67dd8ba2e4a46bc613c
GET /?orighost=http://rl-garage.cfd/auth HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rl-garage.cfd/
Origin: http://rl-garage.cfd
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:26:34 GMT
content-type: text/plain;charset=UTF-8
content-length: 34
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af872013a79b50c-OSL
X-Firefox-Spdy: h2
s.skimresources.com/js/211080X1691294.skimlinks.js
151.139.128.10200 OK 19 kB URL HTTP/2 s.skimresources.com/js/211080X1691294.skimlinks.js
IP 151.139.128.10:0
File type ASCII text, with very long lines (588)
Hash 2ae9823c93af0a2eefc2369d51821a79
814b34444a41b2c775ffcd686c479988b8a7d8e1
b31db014061df23c2f5430550ff8f93be2c45e62668ebdbdd3ddd7e02870e860
GET /js/211080X1691294.skimlinks.js HTTP/1.1
Host: s.skimresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:26:36 GMT
cache-control: max-age=3600
content-encoding: gzip
content-length: 18852
content-type: application/octet-stream
last-modified: Mon, 21 Mar 2022 22:25:57 GMT
accept-ranges: bytes
x-amz-id-2: LRYz2bMRE6Qp0O6yDxHGE1wKw3dhAeqZkByWn4zYcv00m4VEZXbbgBqxC0ySJb9mjhG7SvfTM68=
x-amz-request-id: 9PNVX8Q2GGWRF8SP
etag: "9d405446240b0f3f4fa6410f0e06e6e0"
server: AmazonS3
x-hw: 1680096396.cds210.sk1.hn,1680096396.cds209.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.8 kB IP 142.250.74.131:0
Hash 04ac2f96d0fddef4c6ef4b784424a8cf
2e00c7bd881373abe862aa047ed9047dfe259868
038c524b97b774c1d9ec37f9eec81e13b00639586734a0ccaac75936755c7268
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 13:26:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
suggestive.com/halloween-costume-ideas-pets/
188.114.96.1200 OK 34 kB URL HTTP/2 suggestive.com/halloween-costume-ideas-pets/
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash a9e7a40a50e34aa44c2f829a75f17bd9
e72e013d9f4ad850d8df9d208afa7e40fa7c96fd
da2fb7328a1803c470b259e915e476e1d2f4f6cc9d3b9e1c87e4b9b09f852aa8
GET /halloween-costume-ideas-pets/ HTTP/1.1
Host: suggestive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:26:36 GMT
content-type: text/html; charset=UTF-8
cf-ray: 7af8720d1a6cb529-OSL
age: 2388265
cache-control: max-age=14400
last-modified: Wed, 01 Mar 2023 22:01:52 GMT
link: <https://suggestive.com/wp-json/>; rel="https://api.w.org/", <https://suggestive.com/wp-json/wp/v2/posts/9190>; rel="alternate"; type="application/json", <https://suggestive.com/?p=9190>; rel=shortlink
vary: Accept-Encoding
cf-cache-status: HIT
cf-apo-via: tcache
cf-edge-cache: cache,platform=wordpress
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKAwvEnTJdIdTsqD5Apm2xBRDsXDegsYpdqvuxU85nykFxY3hQf9w8IY%2BlJfddWnyJzOonJ9tVCuN8kY1GuwHDbK%2FslIoulfl4XOcuo6AHX5TWViaePLp5qjGAAlA%2BAr6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nojs.domaincntrol.com/
104.18.26.45301 Moved Permanently 45 kB IP 104.18.26.45:0
Hash 5431d740e716f8ce3f43f63ac74a6c7c
a6a788a5de47d69063b7701dd2228e3e8e45f4d9
3ce557cd4c961fe0e2e49f7580d6be20200f3024df2ef708220464bc82c4ecf0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: nojs.domaincntrol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 29 Mar 2023 13:26:36 GMT
location: https://suggestive.com/halloween-costume-ideas-pets/
cf-ray: 7af8720cc8c4b503-OSL
cache-control: max-age=3600
expires: Wed, 29 Mar 2023 14:26:36 GMT
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e10c0c62a68346a599a245ad2d85fbbe
a79383efdb28292b6e2112da2344915a97eb7888
b239a83a0672895d5960617bba31f4404a4c103eec12d4e975aaf51204e1f953
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 13:26:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widgets.outbrain.com/outbrain.js
23.38.201.81200 OK 72 kB URL HTTP/2 widgets.outbrain.com/outbrain.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (1610)
Hash 5e563e203169cc971be097f35732169a
06fa302b8469cf2a08180600b3844f5467bc7f6c
e92596379e8990998a383182ef6f0f77c76397827dc313b714235d8bd073b452
GET /outbrain.js HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 72367
x-traceid: 25a473a2f5c110a50195573a53165cd0
etag: "22-xds/u85FeXhL0/I86rfAsh4qEfA"
last-modified: Tue, 28 Mar 2023 09:20:26 GMT
cache-control: max-age=14500
content-encoding: gzip
vary: Accept-Encoding
date: Wed, 29 Mar 2023 13:26:37 GMT
edge-cache-tag: widget-cheetah
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 29 Mar 2023 12:05:11 GMT
expires: Wed, 29 Mar 2023 14:05:11 GMT
cache-control: public, max-age=7200
age: 4886
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash f2ece3e5907870b283917a99cd1af151
12359d23a1436959aef66b98ada87bcb624232b6
d1611493613d9d6dd13b642f7579d831ccbb9d61015775dd635c9a0b7588a54d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5276
Cache-Control: max-age=118947
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 13:26:37 GMT
Etag: "64235594-1d7"
Expires: Thu, 30 Mar 2023 22:29:04 GMT
Last-Modified: Tue, 28 Mar 2023 21:01:08 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/all.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/all.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 0c64e8375c21fd1871637be91ca30a05
1ac58d73dc3f8581bb9f6cbe0019500440100bc1
7649d334d8a3c558ac1728cde0b9e3f339f81a3f3bdfbb5ca07ee3e144b59776
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 322d8890ad75b8522d18779bda4c18c6
etag: "9a1a0e1383b090ee901a545c97dbd7d1"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 29 Mar 2023 13:42:28 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: DGToN1wh/RhxY3vpHKMKBQ==
x-fb-debug: Wg8qt315rRA7MJUllRkRkdeLyEp9UdLk5IYB1TiejXUCFDGJQw5Q9g8PpG4LAjM9F2n0FUm2cqyf7eb9zlxfNg==
content-length: 1688
x-fb-trip-id: 1904183273
date: Wed, 29 Mar 2023 13:26:37 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
p.skimresources.com/px.gif?ch=1&rn=6.557127219549558
35.190.91.160200 OK 43 B URL HTTP/2 p.skimresources.com/px.gif?ch=1&rn=6.557127219549558
IP 35.190.91.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /px.gif?ch=1&rn=6.557127219549558 HTTP/1.1
Host: p.skimresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 43
content-type: image/gif
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
server: Skimlinks Pixel 1.0
date: Wed, 29 Mar 2023 13:26:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r.skimresources.com/api/
35.190.59.101200 OK 601 B IP 35.190.59.101:0
Hash e2de67a4820ff5953d7774397bd91bf6
083f2aed5cbb46a1c2c109b179b0a84949263ddf
c7db94d3429f78194851e93b439aece2b10e7631592aca5cb376f7c79d4c1ef9
POST /api/ HTTP/1.1
Host: r.skimresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 246
Origin: https://suggestive.com
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 29 Mar 2023 13:26:37 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://suggestive.com
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash e66d24e1c8f7f96af65030548ae06252
8e3a49306c52c3739e5ad8aed7514ab3bf4a753d
55c1243f52f99447b0fce46e8f7a9cdc2510b06015aea1f327ac649ccc97a4bb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5621
Cache-Control: max-age=115347
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 13:26:37 GMT
Etag: "6423462b-1d7"
Expires: Thu, 30 Mar 2023 21:29:04 GMT
Last-Modified: Tue, 28 Mar 2023 19:55:23 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash e66d24e1c8f7f96af65030548ae06252
8e3a49306c52c3739e5ad8aed7514ab3bf4a753d
55c1243f52f99447b0fce46e8f7a9cdc2510b06015aea1f327ac649ccc97a4bb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5364
Cache-Control: max-age=115090
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 13:26:37 GMT
Etag: "6423462b-1d7"
Expires: Thu, 30 Mar 2023 21:24:47 GMT
Last-Modified: Tue, 28 Mar 2023 19:55:23 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 471
widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
23.38.201.81200 OK 43 B URL HTTP/2 widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
IP 23.38.201.81:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /widget/detect/px.gif?ch=1 HTTP/1.1
Host: widget-pixels.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 43
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
cache-control: max-age=2592000
expires: Fri, 28 Apr 2023 13:26:37 GMT
date: Wed, 29 Mar 2023 13:26:37 GMT
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
tcheck.outbrainimg.com/tcheck/check/c3VnZ2VzdGl2ZS5jb20=
23.38.201.176200 OK 15 B URL HTTP/1.1 tcheck.outbrainimg.com/tcheck/check/c3VnZ2VzdGl2ZS5jb20=
IP 23.38.201.176:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 529cac05e2a53fd8794eb9e5699d9740
6b22e508bdcfbb35d24e176eefc89179212397a6
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
GET /tcheck/check/c3VnZ2VzdGl2ZS5jb20= HTTP/1.1
Host: tcheck.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://suggestive.com
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 15
X-TraceId: 1574610765bad2504b14e9fd9433210a
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Cache-Control: max-age=38326
Expires: Thu, 30 Mar 2023 00:05:23 GMT
Date: Wed, 29 Mar 2023 13:26:37 GMT
Connection: keep-alive
Access-Control-Max-Age: 43200
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
t.skimresources.com/api/v2/page
35.201.67.47200 OK 22 B URL HTTP/2 t.skimresources.com/api/v2/page
IP 35.201.67.47:0
File type ASCII text, with no line terminators
Hash 0af18ddd75419d12bc31a9cdcd445d2f
76efe421633b1b494f9f374a5f3a758436eee0a9
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
POST /api/v2/page HTTP/1.1
Host: t.skimresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 285
Origin: https://suggestive.com
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
access-control-allow-origin: https://suggestive.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-credentials: true
content-length: 22
date: Wed, 29 Mar 2023 13:26:37 GMT
server: Python/3.10 aiohttp/3.8.4
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rock.defybrick.com/placement_invocation?id=65349&idx=0
54.230.111.61200 OK 18 kB URL HTTP/2 rock.defybrick.com/placement_invocation?id=65349&idx=0
IP 54.230.111.61:0
File type ASCII text, with very long lines (49039), with no line terminators
Hash 449a423abeac702cfd7368c5a1ba9822
06ebb32e04680d68e383016ff6b6eb6e326a0a61
4a2f633ca7a84b09da778fcb97cb91163af9ca231efdb0cda7875398c472b040
GET /placement_invocation?id=65349&idx=0 HTTP/1.1
Host: rock.defybrick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 18460
content-encoding: gzip
server: Caddy
date: Wed, 29 Mar 2023 07:57:37 GMT
cache-control: max-age=43200
expires: Wed, 29 Mar 2023 19:57:37 GMT
etag: "bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZZZiO2eF7KYt-tvOVYrFxaWZSEFLeez5Usn2pkY2iwHrz3oBLh1RAA==
age: 19740
X-Firefox-Spdy: h2
flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=&rand=64227800229902908051156250961002021216207675951692150085288521067105&nc=0&tsf=0&tsfmi=&pv=0&cb=1680096420974&ref=&pit=1&hl=1&op=0&fs=1280x939&ss=1280x1024&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=1317291471&at=&bid=e30%3D&di=W1siZWYiLDM3NDJdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFstMSwiTGludXggeDg2XzY0%0D%0AIl0sWy0yLCI5LElMSFlMQjlCTFRhMkpxUWczRm9lZWwyd1liRTJvZ0JJS0o2Y1IwMDBNSkhRd1lU%0D%0AREdZYWh2M3V0NzFWcFhSOU84K001clZTS3Mxa1BCZS8vOTlzblZKR3BVZFBmZHp6bjNPZmMiXSxb%0D%0ALTMsIltdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiQ2xvdWRmbGFy%0D%0AZUFwcHNcIixcImRhdGFMYXllclwiLFwiX3dwZW1vamlTZXR0aW5nc1wiLFwiJFwiLFwialF1ZXJ5%0D%0AXCIsXCJPbmVTaWduYWxcIixcImFkZENvbW1lbnRcIixcIm10c19jdXN0b21zY3JpcHRcIixcInR3%0D%0AZW1vamlcIixcIndwXCIsXCJnZXRfcmVhbF9saW5rXCIsXCJfX1NLSU1fSlNfR0xPQkFMX19cIixc%0D%0AInNraW1saW5rc0FQSVwiLFwiTm90aWZ5UGFpbnRFdmVudFwiLFwiX19jZkJlYWNvblwiLFwiZ29v%0D%0AZ2xlX3RhZ19tYW5hZ2VyXCIsXCJfX29uZVNpZ25hbFNka0xvYWRDb3VudFwiLFwiX19qcDBcIixc%0D%0AImdvb2dsZV90YWdfZGF0YVwiLFwiR29vZ2xlQW5hbHl0aWNzT2JqZWN0XCIsXCJnYVwiLFwialF1%0D%0AZXJ5MzYxMDU3NTYwMjk4OTEwMzgwMjkxXCIsXCJGQlwiLFwiT0JSXCIsXCJPQl9yZWxlYXNlVmVy%0D%0AXCIsXCJPQlIkXCIsXCJPQl9QUk9YWVwiLFwib3V0YnJhaW5cIixcIm91dGJyYWluX3JhdGVyXCIs%0D%0AXCJnYXBsdWdpbnNcIixcImdhR2xvYmFsXCIsXCJnYURhdGFcIixcImlcIixcIl9fYnVmZmVyXCIs%0D%0AXCJfX2N0Y2dfNjUzNDlfMF9leGVjXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFst%0D%0AOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXX0iXSxb%0D%0ALTEyLCJcInVuc3BlY2lmaWVkXCIiXSxbLTEzLCItIl0sWy0xNCwie1wib1wiOjAuMDg4NjA3NTk0%0D%0AOTM2NzA4ODZ9Il0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlsxLDAsMCww%0D%0AXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsMTAwMiwxMjgwLDEwMjQs%0D%0AMTI4MCwxMDI0LDEyODAsOTM5LDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiMTk4NzA0Nzg5%0D%0ANy4xNjgwMDk2NDIxIl0sWy0yMSwidzMxRzB2QWgiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0y%0D%0AMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4t%0D%0AVVMsZW4iXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIsMCwyLDAsMCwyLDIsMiwy%0D%0ALDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiMiJdLFstMzMsIi0i%0D%0AXSxbLTM0LCItIl0sWy0zNSwiWzE2ODAwOTY0MjA5NTEsMF0iXSxbLTM2LCJbXCI1LzRcIixcIjUv%0D%0ANFwiXSJdLFstMzcsIi0iXSxbLTM4LCJjLC0xLC0xLDY5LDAsMSwwLDMwLDE1LDY3LDI0OCwzLCwz%0D%0AMDYsMTU5MywxNTk0Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBl%0D%0AXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxu%0D%0AdWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAw%0D%0AMTAwMDAxMDAwMDAwMDAwMTExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIi0iXSxbLTQ2%0D%0ALCIwIl0sWy00NywiVVRDLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0i%0D%0AXSxbImJuY2giLDEwOF1d&tsfu=&fst=1280x939&dep=0&cpos=%5B%7B%22x%22%3A49%2C%22y%22%3A0%2C%22w%22%3A1170%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1280%2C%22h%22%3A939%7D%5D&ver=41&cri=X1nlfuvtr7&sdd=%7B%7D&pto=1617
52.45.196.192200 OK 1.3 kB URL HTTP/2 flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=&rand=64227800229902908051156250961002021216207675951692150085288521067105&nc=0&tsf=0&tsfmi=&pv=0&cb=1680096420974&ref=&pit=1&hl=1&op=0&fs=1280x939&ss=1280x1024&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=1317291471&at=&bid=e30%3D&di=W1siZWYiLDM3NDJdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFstMSwiTGludXggeDg2XzY0%0D%0AIl0sWy0yLCI5LElMSFlMQjlCTFRhMkpxUWczRm9lZWwyd1liRTJvZ0JJS0o2Y1IwMDBNSkhRd1lU%0D%0AREdZYWh2M3V0NzFWcFhSOU84K001clZTS3Mxa1BCZS8vOTlzblZKR3BVZFBmZHp6bjNPZmMiXSxb%0D%0ALTMsIltdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiQ2xvdWRmbGFy%0D%0AZUFwcHNcIixcImRhdGFMYXllclwiLFwiX3dwZW1vamlTZXR0aW5nc1wiLFwiJFwiLFwialF1ZXJ5%0D%0AXCIsXCJPbmVTaWduYWxcIixcImFkZENvbW1lbnRcIixcIm10c19jdXN0b21zY3JpcHRcIixcInR3%0D%0AZW1vamlcIixcIndwXCIsXCJnZXRfcmVhbF9saW5rXCIsXCJfX1NLSU1fSlNfR0xPQkFMX19cIixc%0D%0AInNraW1saW5rc0FQSVwiLFwiTm90aWZ5UGFpbnRFdmVudFwiLFwiX19jZkJlYWNvblwiLFwiZ29v%0D%0AZ2xlX3RhZ19tYW5hZ2VyXCIsXCJfX29uZVNpZ25hbFNka0xvYWRDb3VudFwiLFwiX19qcDBcIixc%0D%0AImdvb2dsZV90YWdfZGF0YVwiLFwiR29vZ2xlQW5hbHl0aWNzT2JqZWN0XCIsXCJnYVwiLFwialF1%0D%0AZXJ5MzYxMDU3NTYwMjk4OTEwMzgwMjkxXCIsXCJGQlwiLFwiT0JSXCIsXCJPQl9yZWxlYXNlVmVy%0D%0AXCIsXCJPQlIkXCIsXCJPQl9QUk9YWVwiLFwib3V0YnJhaW5cIixcIm91dGJyYWluX3JhdGVyXCIs%0D%0AXCJnYXBsdWdpbnNcIixcImdhR2xvYmFsXCIsXCJnYURhdGFcIixcImlcIixcIl9fYnVmZmVyXCIs%0D%0AXCJfX2N0Y2dfNjUzNDlfMF9leGVjXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFst%0D%0AOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXX0iXSxb%0D%0ALTEyLCJcInVuc3BlY2lmaWVkXCIiXSxbLTEzLCItIl0sWy0xNCwie1wib1wiOjAuMDg4NjA3NTk0%0D%0AOTM2NzA4ODZ9Il0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlsxLDAsMCww%0D%0AXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsMTAwMiwxMjgwLDEwMjQs%0D%0AMTI4MCwxMDI0LDEyODAsOTM5LDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiMTk4NzA0Nzg5%0D%0ANy4xNjgwMDk2NDIxIl0sWy0yMSwidzMxRzB2QWgiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0y%0D%0AMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4t%0D%0AVVMsZW4iXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIsMCwyLDAsMCwyLDIsMiwy%0D%0ALDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiMiJdLFstMzMsIi0i%0D%0AXSxbLTM0LCItIl0sWy0zNSwiWzE2ODAwOTY0MjA5NTEsMF0iXSxbLTM2LCJbXCI1LzRcIixcIjUv%0D%0ANFwiXSJdLFstMzcsIi0iXSxbLTM4LCJjLC0xLC0xLDY5LDAsMSwwLDMwLDE1LDY3LDI0OCwzLCwz%0D%0AMDYsMTU5MywxNTk0Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBl%0D%0AXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxu%0D%0AdWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAw%0D%0AMTAwMDAxMDAwMDAwMDAwMTExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIi0iXSxbLTQ2%0D%0ALCIwIl0sWy00NywiVVRDLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0i%0D%0AXSxbImJuY2giLDEwOF1d&tsfu=&fst=1280x939&dep=0&cpos=%5B%7B%22x%22%3A49%2C%22y%22%3A0%2C%22w%22%3A1170%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1280%2C%22h%22%3A939%7D%5D&ver=41&cri=X1nlfuvtr7&sdd=%7B%7D&pto=1617
IP 52.45.196.192:0
File type ASCII text, with very long lines (2141), with no line terminators
Hash 2e1a89a141bb4b80c17134cdd99ff961
54a9d491e567dc1937e250763ade3dafad30215b
c410fac51151e0e89f1f41a16b18d12218ac3ad672095070010d22956bf90a7f
GET /show_pla?id=65349&url=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=&rand=64227800229902908051156250961002021216207675951692150085288521067105&nc=0&tsf=0&tsfmi=&pv=0&cb=1680096420974&ref=&pit=1&hl=1&op=0&fs=1280x939&ss=1280x1024&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=1317291471&at=&bid=e30%3D&di=W1siZWYiLDM3NDJdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFstMSwiTGludXggeDg2XzY0%0D%0AIl0sWy0yLCI5LElMSFlMQjlCTFRhMkpxUWczRm9lZWwyd1liRTJvZ0JJS0o2Y1IwMDBNSkhRd1lU%0D%0AREdZYWh2M3V0NzFWcFhSOU84K001clZTS3Mxa1BCZS8vOTlzblZKR3BVZFBmZHp6bjNPZmMiXSxb%0D%0ALTMsIltdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiQ2xvdWRmbGFy%0D%0AZUFwcHNcIixcImRhdGFMYXllclwiLFwiX3dwZW1vamlTZXR0aW5nc1wiLFwiJFwiLFwialF1ZXJ5%0D%0AXCIsXCJPbmVTaWduYWxcIixcImFkZENvbW1lbnRcIixcIm10c19jdXN0b21zY3JpcHRcIixcInR3%0D%0AZW1vamlcIixcIndwXCIsXCJnZXRfcmVhbF9saW5rXCIsXCJfX1NLSU1fSlNfR0xPQkFMX19cIixc%0D%0AInNraW1saW5rc0FQSVwiLFwiTm90aWZ5UGFpbnRFdmVudFwiLFwiX19jZkJlYWNvblwiLFwiZ29v%0D%0AZ2xlX3RhZ19tYW5hZ2VyXCIsXCJfX29uZVNpZ25hbFNka0xvYWRDb3VudFwiLFwiX19qcDBcIixc%0D%0AImdvb2dsZV90YWdfZGF0YVwiLFwiR29vZ2xlQW5hbHl0aWNzT2JqZWN0XCIsXCJnYVwiLFwialF1%0D%0AZXJ5MzYxMDU3NTYwMjk4OTEwMzgwMjkxXCIsXCJGQlwiLFwiT0JSXCIsXCJPQl9yZWxlYXNlVmVy%0D%0AXCIsXCJPQlIkXCIsXCJPQl9QUk9YWVwiLFwib3V0YnJhaW5cIixcIm91dGJyYWluX3JhdGVyXCIs%0D%0AXCJnYXBsdWdpbnNcIixcImdhR2xvYmFsXCIsXCJnYURhdGFcIixcImlcIixcIl9fYnVmZmVyXCIs%0D%0AXCJfX2N0Y2dfNjUzNDlfMF9leGVjXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFst%0D%0AOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXX0iXSxb%0D%0ALTEyLCJcInVuc3BlY2lmaWVkXCIiXSxbLTEzLCItIl0sWy0xNCwie1wib1wiOjAuMDg4NjA3NTk0%0D%0AOTM2NzA4ODZ9Il0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlsxLDAsMCww%0D%0AXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDEyODAsMTAwMiwxMjgwLDEwMjQs%0D%0AMTI4MCwxMDI0LDEyODAsOTM5LDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiMTk4NzA0Nzg5%0D%0ANy4xNjgwMDk2NDIxIl0sWy0yMSwidzMxRzB2QWgiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0y%0D%0AMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4t%0D%0AVVMsZW4iXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIsMCwyLDAsMCwyLDIsMiwy%0D%0ALDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiMiJdLFstMzMsIi0i%0D%0AXSxbLTM0LCItIl0sWy0zNSwiWzE2ODAwOTY0MjA5NTEsMF0iXSxbLTM2LCJbXCI1LzRcIixcIjUv%0D%0ANFwiXSJdLFstMzcsIi0iXSxbLTM4LCJjLC0xLC0xLDY5LDAsMSwwLDMwLDE1LDY3LDI0OCwzLCwz%0D%0AMDYsMTU5MywxNTk0Il0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBl%0D%0AXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxu%0D%0AdWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAw%0D%0AMTAwMDAxMDAwMDAwMDAwMTExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIi0iXSxbLTQ2%0D%0ALCIwIl0sWy00NywiVVRDLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0i%0D%0AXSxbImJuY2giLDEwOF1d&tsfu=&fst=1280x939&dep=0&cpos=%5B%7B%22x%22%3A49%2C%22y%22%3A0%2C%22w%22%3A1170%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1280%2C%22h%22%3A939%7D%5D&ver=41&cri=X1nlfuvtr7&sdd=%7B%7D&pto=1617 HTTP/1.1
Host: flint.defybrick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/javascript
date: Wed, 29 Mar 2023 13:26:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 1305
X-Firefox-Spdy: h2
www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37ed84484f14be%26domain%3Dsuggestive.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsuggestive.com%252Ff288e77b907fe28%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsuggestivedotcom&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&width=300
31.13.72.36200 OK 91 kB URL HTTP/2 www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37ed84484f14be%26domain%3Dsuggestive.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsuggestive.com%252Ff288e77b907fe28%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsuggestivedotcom&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&width=300
IP 31.13.72.36:0
File type ASCII text, with very long lines (47826)
Hash 45392dcfb6f6ea33322bccc10a6c0de1
2b4f4417401d599c2d0b0e05ea1549a56c1728bc
3b7e863fd0f8fdb2bff280abfbf319390aaa43cbe77dbd634a61962ee2b5d215
GET /plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37ed84484f14be%26domain%3Dsuggestive.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsuggestive.com%252Ff288e77b907fe28%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsuggestivedotcom&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&width=300 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://suggestive.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: CTvroOQS2u8cS+vhqZ8INGPZSUPok7MbBuYYgCT14thsqMbhOdqEEVqhwMLP6yXyKVs0gwqbGdMgj6Z+pxAZyA==
date: Wed, 29 Mar 2023 13:26:37 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e001362eec73cec4483959225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f841638426f4d99c80666eb73aae2c4ff5f0afe1ccde66ebd7f9e79ce42f85a6af77159a80b431a2cdb5149ff81e8ab20ac6d9362cc12f3507178a9b06e273d7e52952d8f9912e04673f292b127537a3bc6f17b73d0df431c2a4571070aa78f3c162445f1ac163193aaf52b8ee0496e0f6efee7b79e8a72ead4d80bb807c95a6d31cde1c9b0a43c92d5b463c4350ad2f1c1791114a1357db4825121b78ce97e9d728625c3f664b73bd6992e963d30909f20d96790dabaa7dbb9b54f2fa47db1b2fb2e0332e9d76a96b650af5703438b4f50979394cdc4fb9426c33ed7d2b48577a376783a8a753e93939d0126ddf965bc0ee0dc469070ac6c0d5953da27f24d9287a878f8df6b895cf788dfca6a82191c3bb31e045d3e114791e22ce7158182d677f4d02aa9c27e94cdb8aa2bb0fea75e2626c8c5730495f7091a5aa4a2a223f52890ee40fda37bf03af573e60c914a93f16290082da0ecd733232d234338015c5a&cb=1680096421512&cri=X1nlfuvtr7
52.45.196.192200 OK 43 B URL HTTP/2 flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e001362eec73cec4483959225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f841638426f4d99c80666eb73aae2c4ff5f0afe1ccde66ebd7f9e79ce42f85a6af77159a80b431a2cdb5149ff81e8ab20ac6d9362cc12f3507178a9b06e273d7e52952d8f9912e04673f292b127537a3bc6f17b73d0df431c2a4571070aa78f3c162445f1ac163193aaf52b8ee0496e0f6efee7b79e8a72ead4d80bb807c95a6d31cde1c9b0a43c92d5b463c4350ad2f1c1791114a1357db4825121b78ce97e9d728625c3f664b73bd6992e963d30909f20d96790dabaa7dbb9b54f2fa47db1b2fb2e0332e9d76a96b650af5703438b4f50979394cdc4fb9426c33ed7d2b48577a376783a8a753e93939d0126ddf965bc0ee0dc469070ac6c0d5953da27f24d9287a878f8df6b895cf788dfca6a82191c3bb31e045d3e114791e22ce7158182d677f4d02aa9c27e94cdb8aa2bb0fea75e2626c8c5730495f7091a5aa4a2a223f52890ee40fda37bf03af573e60c914a93f16290082da0ecd733232d234338015c5a&cb=1680096421512&cri=X1nlfuvtr7
IP 52.45.196.192:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /tracker/imp.gif?e=37dfbd8ee84e001362eec73cec4483959225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f841638426f4d99c80666eb73aae2c4ff5f0afe1ccde66ebd7f9e79ce42f85a6af77159a80b431a2cdb5149ff81e8ab20ac6d9362cc12f3507178a9b06e273d7e52952d8f9912e04673f292b127537a3bc6f17b73d0df431c2a4571070aa78f3c162445f1ac163193aaf52b8ee0496e0f6efee7b79e8a72ead4d80bb807c95a6d31cde1c9b0a43c92d5b463c4350ad2f1c1791114a1357db4825121b78ce97e9d728625c3f664b73bd6992e963d30909f20d96790dabaa7dbb9b54f2fa47db1b2fb2e0332e9d76a96b650af5703438b4f50979394cdc4fb9426c33ed7d2b48577a376783a8a753e93939d0126ddf965bc0ee0dc469070ac6c0d5953da27f24d9287a878f8df6b895cf788dfca6a82191c3bb31e045d3e114791e22ce7158182d677f4d02aa9c27e94cdb8aa2bb0fea75e2626c8c5730495f7091a5aa4a2a223f52890ee40fda37bf03af573e60c914a93f16290082da0ecd733232d234338015c5a&cb=1680096421512&cri=X1nlfuvtr7 HTTP/1.1
Host: flint.defybrick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
date: Wed, 29 Mar 2023 13:26:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
odb.outbrain.com/utils/get?url=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F&srcUrl=https%3A%2F%2Fsuggestive.com%2Ffeed%2F&idx=0&rand=26293&widgetJSId=AR_3&va=true&et=true&format=html&adblck=false&abwl=false&clid=9ca5a06b-b42a-aa99-77f8-2b3ecd2297a4&fdu=suggestive.com&px=49&py=0&vpd=0&cw=1170&activeTab=true&ab=0&wl=0&settings=true&recs=true&key=NANOWDGT01&umv=0&version=2010244&sig=w31G0vAh&apv=false&&osLang=en-US&winW=1268&winH=939&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F
151.101.246.132200 OK 3.9 kB URL HTTP/2 odb.outbrain.com/utils/get?url=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F&srcUrl=https%3A%2F%2Fsuggestive.com%2Ffeed%2F&idx=0&rand=26293&widgetJSId=AR_3&va=true&et=true&format=html&adblck=false&abwl=false&clid=9ca5a06b-b42a-aa99-77f8-2b3ecd2297a4&fdu=suggestive.com&px=49&py=0&vpd=0&cw=1170&activeTab=true&ab=0&wl=0&settings=true&recs=true&key=NANOWDGT01&umv=0&version=2010244&sig=w31G0vAh&apv=false&&osLang=en-US&winW=1268&winH=939&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F
IP 151.101.246.132:0
File type ASCII text, with very long lines (12005), with no line terminators
Hash f70aa2f5c432c16344d3d4b3e17131d9
353d55afb9a2c4a5cb89c82a377e0502d89230b1
3b2ea4b1ba3a502310ff5d19a7f8de3aa91e19d3bee42995372d7b9fe303084b
GET /utils/get?url=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F&srcUrl=https%3A%2F%2Fsuggestive.com%2Ffeed%2F&idx=0&rand=26293&widgetJSId=AR_3&va=true&et=true&format=html&adblck=false&abwl=false&clid=9ca5a06b-b42a-aa99-77f8-2b3ecd2297a4&fdu=suggestive.com&px=49&py=0&vpd=0&cw=1170&activeTab=true&ab=0&wl=0&settings=true&recs=true&key=NANOWDGT01&umv=0&version=2010244&sig=w31G0vAh&apv=false&&osLang=en-US&winW=1268&winH=939&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F HTTP/1.1
Host: odb.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-traceid: 66d4c4bcdbb9bf644472a654bff12189
content-encoding: br
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Wed, 29 Mar 2023 13:26:38 GMT
x-served-by: cache-lga21929-LGA, cache-hel1410029-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1680096398.445771,VS0,VE148
vary: Accept-Encoding, User-Agent
traffic-path: NYDC1, LGA, HEL, Europe1
content-length: 3918
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/ob_logo.svg
23.38.201.81200 OK 7.6 kB URL HTTP/2 widgets.outbrain.com/images/widgetIcons/ob_logo.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7647), with no line terminators
Hash b79638966e0374c455e78107aee59bf4
cbc23d2cca41f9f83e5e70283e6dc18ca9c26f53
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13
GET /images/widgetIcons/ob_logo.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "b79638966e0374c455e78107aee59bf4:1673369411.171576"
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
content-length: 7647
cache-control: max-age=2592000
expires: Fri, 28 Apr 2023 13:26:38 GMT
date: Wed, 29 Mar 2023 13:26:38 GMT
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/achoice.svg
23.38.201.81200 OK 990 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (990), with no line terminators
Hash 5ab8e16b5f46213840bcd403e349419c
f03f6dc8e2206a94119af76f9a3b3c835390cae7
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
content-length: 990
cache-control: max-age=2592000
expires: Fri, 28 Apr 2023 13:26:38 GMT
date: Wed, 29 Mar 2023 13:26:38 GMT
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/nanoWidget/2010244/module/streamFeed.js?e=1
23.38.201.81200 OK 13 kB URL HTTP/2 widgets.outbrain.com/nanoWidget/2010244/module/streamFeed.js?e=1
IP 23.38.201.81:0
File type ASCII text, with very long lines (1706)
Hash 00ac9d08ade40de0ed5e9151f494c36b
07760e4e3e2484c23bfe1133d4851581063ebd26
20532d46f6804948b7539e8b3f58987a35888d39d5e76b488721eec619b53c6d
GET /nanoWidget/2010244/module/streamFeed.js?e=1 HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "0d1fa4faf9b9977a4ff8d2d8e639b310:1679997805.813358"
last-modified: Tue, 28 Mar 2023 09:19:29 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Wed, 05 Apr 2023 13:26:38 GMT
date: Wed, 29 Mar 2023 13:26:38 GMT
content-length: 12675
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 8.4 kB IP 192.229.221.95:0
Hash 53987633f08794241824fe344a29fe7c
8443ca64f1b861cf5db62b9b7a1281205b04b81d
c2cd8f4e0c148fbf804fddf933e84dd89c506c160e8527bf1ad998920b89a3ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5526
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 13:26:38 GMT
Last-Modified: Wed, 29 Mar 2023 11:54:32 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 7a4d43618af01c83cea306661a47b61b
4f9352de771b51b08847044e137e0ee1c1a4fd9e
946eb379b5f224b2689f0d94cf6046f3c528336282726d8188f53fb25dac949a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6330
Cache-Control: max-age=137245
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 13:26:38 GMT
Etag: "642398f1-1d7"
Expires: Fri, 31 Mar 2023 03:34:03 GMT
Last-Modified: Wed, 29 Mar 2023 01:48:33 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
odb.outbrain.com/utils/get?url=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F&srcUrl=https%3A%2F%2Fsuggestive.com%2Ffeed%2F&idx=1&rand=80405&widgetJSId=AR_3&va=true&et=true&format=html&t=NDZiMWI3ZmVlNDZjNDMzNGIxOTFhY2Q5NjllYmI3Yjk=&adblck=false&abwl=false&clss=Q3X3XpcTTx2s5%2FVxFeWHQMDNcG%2BVgTc8g8wfBHU0C4OIs469D%2FRJnqPNZjjJ1R3lQjMUgcnlBQPeA9Yf&px=74&py=400&vpd=0&cw=750&activeTab=true&ab=0&wl=0&settings=true&recs=true&key=NANOWDGT01&umv=0&wdr-cosc=1&version=2010244&sig=w31G0vAh&apv=false&&osLang=en-US&winW=1268&winH=939&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F
151.101.246.132200 OK 3.2 kB URL HTTP/2 odb.outbrain.com/utils/get?url=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F&srcUrl=https%3A%2F%2Fsuggestive.com%2Ffeed%2F&idx=1&rand=80405&widgetJSId=AR_3&va=true&et=true&format=html&t=NDZiMWI3ZmVlNDZjNDMzNGIxOTFhY2Q5NjllYmI3Yjk=&adblck=false&abwl=false&clss=Q3X3XpcTTx2s5%2FVxFeWHQMDNcG%2BVgTc8g8wfBHU0C4OIs469D%2FRJnqPNZjjJ1R3lQjMUgcnlBQPeA9Yf&px=74&py=400&vpd=0&cw=750&activeTab=true&ab=0&wl=0&settings=true&recs=true&key=NANOWDGT01&umv=0&wdr-cosc=1&version=2010244&sig=w31G0vAh&apv=false&&osLang=en-US&winW=1268&winH=939&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F
IP 151.101.246.132:0
File type ASCII text, with very long lines (8914), with no line terminators
Hash 51567d6b144f06d050dd199cd99845f8
c8889823229f5892ba8980930a6e4d21065981a3
2265dc389a36b7598cec49d6805a4a0e5833ae69f0acdfa52285f5ba9a711c9f
GET /utils/get?url=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F&srcUrl=https%3A%2F%2Fsuggestive.com%2Ffeed%2F&idx=1&rand=80405&widgetJSId=AR_3&va=true&et=true&format=html&t=NDZiMWI3ZmVlNDZjNDMzNGIxOTFhY2Q5NjllYmI3Yjk=&adblck=false&abwl=false&clss=Q3X3XpcTTx2s5%2FVxFeWHQMDNcG%2BVgTc8g8wfBHU0C4OIs469D%2FRJnqPNZjjJ1R3lQjMUgcnlBQPeA9Yf&px=74&py=400&vpd=0&cw=750&activeTab=true&ab=0&wl=0&settings=true&recs=true&key=NANOWDGT01&umv=0&wdr-cosc=1&version=2010244&sig=w31G0vAh&apv=false&&osLang=en-US&winW=1268&winH=939&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F HTTP/1.1
Host: odb.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-traceid: f04bf3a1557bc44259edcb45ed8f7e13
content-encoding: br
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Wed, 29 Mar 2023 13:26:38 GMT
x-served-by: cache-lga13625-LGA, cache-hel1410029-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1680096399.667120,VS0,VE130
vary: Accept-Encoding, User-Agent
traffic-path: NYDC1, LGA, HEL, Europe1
content-length: 3211
X-Firefox-Spdy: h2
log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1680096421512&sessionId=9ca5a06b-b42a-aa99-77f8-2b3ecd2297a4&url=suggestive.com&cheqSource=1&cheqEvent=2&responseTime=757
70.42.32.63200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1680096421512&sessionId=9ca5a06b-b42a-aa99-77f8-2b3ecd2297a4&url=suggestive.com&cheqSource=1&cheqEvent=2&responseTime=757
IP 70.42.32.63:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/dwce_cheq_events?timestamp=1680096421512&sessionId=9ca5a06b-b42a-aa99-77f8-2b3ecd2297a4&url=suggestive.com&cheqSource=1&cheqEvent=2&responseTime=757 HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://suggestive.com
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:26:38 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: 232de707aa9d31b9a5521a146a9e5f4d
log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1680096421348&sessionId=9ca5a06b-b42a-aa99-77f8-2b3ecd2297a4&url=suggestive.com&cheqSource=1&cheqEvent=0&exitReason=3
70.42.32.63200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1680096421348&sessionId=9ca5a06b-b42a-aa99-77f8-2b3ecd2297a4&url=suggestive.com&cheqSource=1&cheqEvent=0&exitReason=3
IP 70.42.32.63:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/dwce_cheq_events?timestamp=1680096421348&sessionId=9ca5a06b-b42a-aa99-77f8-2b3ecd2297a4&url=suggestive.com&cheqSource=1&cheqEvent=0&exitReason=3 HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://suggestive.com
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:26:38 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: 4fb57df27f27154f6ec26a33b2a59479
mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F&widgetJSId=AR_3&version=2010244&apv=false&sig=w31G0vAh&format=html&rand=82471&osLang=en-US&seid=null&va=true&et=true&cmpStat=0&ccpaStat=0&srcUrl=https%3A%2F%2Fsuggestive.com%2Ffeed%2F&scrW=1280&scrH=1024&t=NDZiMWI3ZmVlNDZjNDMzNGIxOTFhY2Q5NjllYmI3Yjk=&winW=1268&winH=939&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=6&lastCardIdx=0&fAB=11741-81572&layeredTestInfo=11741-81572-&clss=Q3X3XpcTTx2s5%2FVxFeWHQMDNcG%2BVgTc8g8wfBHU0C4OIs469D%2FRJnqPNZjjJ1R3lQjMUgcnlBQPeA9Yf&dpr=1&cw=1170&activeTab=true&ogn=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F&settings=true&recs=true&key=NANOWDGT01&umv=0&wdr-cosc=1&chs=1
151.101.86.132200 OK 2.6 kB URL HTTP/2 mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F&widgetJSId=AR_3&version=2010244&apv=false&sig=w31G0vAh&format=html&rand=82471&osLang=en-US&seid=null&va=true&et=true&cmpStat=0&ccpaStat=0&srcUrl=https%3A%2F%2Fsuggestive.com%2Ffeed%2F&scrW=1280&scrH=1024&t=NDZiMWI3ZmVlNDZjNDMzNGIxOTFhY2Q5NjllYmI3Yjk=&winW=1268&winH=939&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=6&lastCardIdx=0&fAB=11741-81572&layeredTestInfo=11741-81572-&clss=Q3X3XpcTTx2s5%2FVxFeWHQMDNcG%2BVgTc8g8wfBHU0C4OIs469D%2FRJnqPNZjjJ1R3lQjMUgcnlBQPeA9Yf&dpr=1&cw=1170&activeTab=true&ogn=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F&settings=true&recs=true&key=NANOWDGT01&umv=0&wdr-cosc=1&chs=1
IP 151.101.86.132:0
File type ASCII text, with very long lines (14777), with no line terminators
Hash 93135af97206bd07eca08985fafbe77f
03a339cea153ea1c13bbfeb3374dddead880201c
58580759bb5ca61e723a1c0c0aa6bc6c98671f79bd52dc40d03b23269dd622cd
GET /Multivac/api/get?url=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F&widgetJSId=AR_3&version=2010244&apv=false&sig=w31G0vAh&format=html&rand=82471&osLang=en-US&seid=null&va=true&et=true&cmpStat=0&ccpaStat=0&srcUrl=https%3A%2F%2Fsuggestive.com%2Ffeed%2F&scrW=1280&scrH=1024&t=NDZiMWI3ZmVlNDZjNDMzNGIxOTFhY2Q5NjllYmI3Yjk=&winW=1268&winH=939&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=6&lastCardIdx=0&fAB=11741-81572&layeredTestInfo=11741-81572-&clss=Q3X3XpcTTx2s5%2FVxFeWHQMDNcG%2BVgTc8g8wfBHU0C4OIs469D%2FRJnqPNZjjJ1R3lQjMUgcnlBQPeA9Yf&dpr=1&cw=1170&activeTab=true&ogn=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F&settings=true&recs=true&key=NANOWDGT01&umv=0&wdr-cosc=1&chs=1 HTTP/1.1
Host: mv.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-traceid: 437aa279a956010aa918da621828cb2b
content-encoding: br
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Wed, 29 Mar 2023 13:26:38 GMT
x-served-by: cache-lga21940-LGA, cache-bma1652-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1680096399.733872,VS0,VE231
vary: Accept-Encoding, User-Agent
traffic-path: NYDC1, LGA, BMA, Europe1
content-length: 2583
X-Firefox-Spdy: h2
log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=7983c667dc0b2b61a2ebf0b6dd54b4fb&pvId=46b1b7fee46c4334b191acd969ebb7b9&sid=5579038&pid=7927&idx=1&wId=110&pad=0&org=0&tm=1325&eT=0&cnsnt=no_consent&widgetWidth=750&widgetHeight=40&widgetX=74&widgetY=453&wRV=2010244&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=113&oo=true&lo=1126&odbreq=2409&odbres=2586&to=1680096419358&umv=0&ll=0&chs=1&ab=0&wl=0
70.42.32.63200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=7983c667dc0b2b61a2ebf0b6dd54b4fb&pvId=46b1b7fee46c4334b191acd969ebb7b9&sid=5579038&pid=7927&idx=1&wId=110&pad=0&org=0&tm=1325&eT=0&cnsnt=no_consent&widgetWidth=750&widgetHeight=40&widgetX=74&widgetY=453&wRV=2010244&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=113&oo=true&lo=1126&odbreq=2409&odbres=2586&to=1680096419358&umv=0&ll=0&chs=1&ab=0&wl=0
IP 70.42.32.63:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/widgetGlobalEvent?rId=7983c667dc0b2b61a2ebf0b6dd54b4fb&pvId=46b1b7fee46c4334b191acd969ebb7b9&sid=5579038&pid=7927&idx=1&wId=110&pad=0&org=0&tm=1325&eT=0&cnsnt=no_consent&widgetWidth=750&widgetHeight=40&widgetX=74&widgetY=453&wRV=2010244&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=113&oo=true&lo=1126&odbreq=2409&odbres=2586&to=1680096419358&umv=0&ll=0&chs=1&ab=0&wl=0 HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://suggestive.com/
Origin: https://suggestive.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:26:38 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: 4529d042d9ce2c3df3a9aca747059a38
odb.outbrain.com/utils/get?url=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F&srcUrl=https%3A%2F%2Fsuggestive.com%2Ffeed%2F&idx=2&rand=80134&widgetJSId=AR_3&va=true&et=true&format=html&t=NDZiMWI3ZmVlNDZjNDMzNGIxOTFhY2Q5NjllYmI3Yjk=&adblck=false&abwl=false&clss=Q3X3XpcTTx2s5%2FVxFeWHQMDNcG%2BVgTc8g8wfBHU0C4OIs469D%2FRJnqPNZjjJ1R3lQjMUgcnlBQPeA9Yf&px=74&py=8524&vpd=7585&cw=750&activeTab=true&ab=0&wl=0&settings=true&recs=true&key=NANOWDGT01&umv=0&wdr-cosc=1&version=2010244&sig=w31G0vAh&apv=false&&osLang=en-US&winW=1268&winH=939&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F
151.101.246.132200 OK 3.2 kB URL HTTP/2 odb.outbrain.com/utils/get?url=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F&srcUrl=https%3A%2F%2Fsuggestive.com%2Ffeed%2F&idx=2&rand=80134&widgetJSId=AR_3&va=true&et=true&format=html&t=NDZiMWI3ZmVlNDZjNDMzNGIxOTFhY2Q5NjllYmI3Yjk=&adblck=false&abwl=false&clss=Q3X3XpcTTx2s5%2FVxFeWHQMDNcG%2BVgTc8g8wfBHU0C4OIs469D%2FRJnqPNZjjJ1R3lQjMUgcnlBQPeA9Yf&px=74&py=8524&vpd=7585&cw=750&activeTab=true&ab=0&wl=0&settings=true&recs=true&key=NANOWDGT01&umv=0&wdr-cosc=1&version=2010244&sig=w31G0vAh&apv=false&&osLang=en-US&winW=1268&winH=939&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F
IP 151.101.246.132:0
File type ASCII text, with very long lines (8914), with no line terminators
Hash 9a20b60c8d8d0a3a574424466653c94b
d90a926a0a1f82f5eff44458c8f7e91e0c223e6c
7e794f94cdf04625ab7810dc7286dba370d43bfcef9851f561eac1f18a70b002
GET /utils/get?url=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F&srcUrl=https%3A%2F%2Fsuggestive.com%2Ffeed%2F&idx=2&rand=80134&widgetJSId=AR_3&va=true&et=true&format=html&t=NDZiMWI3ZmVlNDZjNDMzNGIxOTFhY2Q5NjllYmI3Yjk=&adblck=false&abwl=false&clss=Q3X3XpcTTx2s5%2FVxFeWHQMDNcG%2BVgTc8g8wfBHU0C4OIs469D%2FRJnqPNZjjJ1R3lQjMUgcnlBQPeA9Yf&px=74&py=8524&vpd=7585&cw=750&activeTab=true&ab=0&wl=0&settings=true&recs=true&key=NANOWDGT01&umv=0&wdr-cosc=1&version=2010244&sig=w31G0vAh&apv=false&&osLang=en-US&winW=1268&winH=939&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fsuggestive.com%2Fhalloween-costume-ideas-pets%2F HTTP/1.1
Host: odb.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-traceid: 6ea28ce91225ee1271f695ebf9d15ad9
content-encoding: br
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Wed, 29 Mar 2023 13:26:38 GMT
x-served-by: cache-lga21955-LGA, cache-hel1410029-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1680096399.865944,VS0,VE125
vary: Accept-Encoding, User-Agent
traffic-path: NYDC1, LGA, HEL, Europe1
content-length: 3213
X-Firefox-Spdy: h2
log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=7983c667dc0b2b61a2ebf0b6dd54b4fb&pvId=46b1b7fee46c4334b191acd969ebb7b9&sid=5579038&pid=7927&idx=1&wId=110&pad=0&org=0&tm=1359&eT=3&cnsnt=no_consent&wRV=2010244&pVis=0&lsd=-1&eIdx=1&oo=true&ab=0&wl=0
70.42.32.63200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=7983c667dc0b2b61a2ebf0b6dd54b4fb&pvId=46b1b7fee46c4334b191acd969ebb7b9&sid=5579038&pid=7927&idx=1&wId=110&pad=0&org=0&tm=1359&eT=3&cnsnt=no_consent&wRV=2010244&pVis=0&lsd=-1&eIdx=1&oo=true&ab=0&wl=0
IP 70.42.32.63:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/widgetGlobalEvent?rId=7983c667dc0b2b61a2ebf0b6dd54b4fb&pvId=46b1b7fee46c4334b191acd969ebb7b9&sid=5579038&pid=7927&idx=1&wId=110&pad=0&org=0&tm=1359&eT=3&cnsnt=no_consent&wRV=2010244&pVis=0&lsd=-1&eIdx=1&oo=true&ab=0&wl=0 HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://suggestive.com/
Origin: https://suggestive.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:26:38 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: b52f2012662743ffc091c6ffd19967b3
log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=46b1b7fee46c4334b191acd969ebb7b9&pvId=46b1b7fee46c4334b191acd969ebb7b9&sid=5579038&pid=7927&idx=0&wId=110&pad=0&org=0&tm=1131&eT=0&cnsnt=no_consent&widgetWidth=1170&widgetHeight=40&widgetX=49&widgetY=0&wRV=2010244&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=402&oo=true&lo=1126&odbreq=1993&odbres=2394&to=1680096419358&umv=0&ll=0&chs=1&ab=0&wl=0
70.42.32.63200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=46b1b7fee46c4334b191acd969ebb7b9&pvId=46b1b7fee46c4334b191acd969ebb7b9&sid=5579038&pid=7927&idx=0&wId=110&pad=0&org=0&tm=1131&eT=0&cnsnt=no_consent&widgetWidth=1170&widgetHeight=40&widgetX=49&widgetY=0&wRV=2010244&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=402&oo=true&lo=1126&odbreq=1993&odbres=2394&to=1680096419358&umv=0&ll=0&chs=1&ab=0&wl=0
IP 70.42.32.63:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/widgetGlobalEvent?rId=46b1b7fee46c4334b191acd969ebb7b9&pvId=46b1b7fee46c4334b191acd969ebb7b9&sid=5579038&pid=7927&idx=0&wId=110&pad=0&org=0&tm=1131&eT=0&cnsnt=no_consent&widgetWidth=1170&widgetHeight=40&widgetX=49&widgetY=0&wRV=2010244&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=402&oo=true&lo=1126&odbreq=1993&odbres=2394&to=1680096419358&umv=0&ll=0&chs=1&ab=0&wl=0 HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://suggestive.com/
Origin: https://suggestive.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:26:38 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: de77e01ebe02d2c54b1534a03d27eefe
r.skimresources.com/api/
35.190.59.101200 OK 0 B IP 35.190.59.101:0
POST /api/ HTTP/1.1
Host: r.skimresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 232
Origin: https://suggestive.com
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 29 Mar 2023 13:26:37 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://suggestive.com
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114
104.16.57.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114
IP 104.16.57.101:0
GET /beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://suggestive.com
Connection: keep-alive
Referer: https://suggestive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:26:36 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2023.3.0
last-modified: Mon, 20 Mar 2023 17:58:49 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af8720e2a100b3d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2