www.takeover.live/
104.21.8.74301 Moved Permanently 0 B IP 104.21.8.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.takeover.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 12 Nov 2022 22:58:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 12 Nov 2022 23:58:33 GMT
Location: https://www.takeover.live/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hjo2x4j5aTbVPa3Tv0vlyMF%2FG8xebG%2BTEV6PthLQ07cjdaSzDy4L1AyZBLS3fff7aTAdvT%2FwV7C5EW4EPG5KkJCipfXgg1a%2Bcvd70EnPiTKE3nybNTDOCeKICjeTfa4XQhHb2g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7692df7f59d20b39-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10871
Expires: Sun, 13 Nov 2022 01:59:44 GMT
Date: Sat, 12 Nov 2022 22:58:33 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de470c6bab46e7c4b7cc69f392900fe7
189e4dcc4c2b8bf1f050e06bd68bce8a99618918
86f57134ddebd23a25615dc4d59c4b1ca8919e3e0495e1f006cbe7c0f39aa27e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6281
Cache-Control: max-age=134243
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:33 GMT
Etag: "636f75f3-1d7"
Expires: Mon, 14 Nov 2022 12:15:56 GMT
Last-Modified: Sat, 12 Nov 2022 10:31:15 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 22:44:16 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 857
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8391107bfc5e4673e8a706f90f63768
5295ed0b1cb8bad4d3e851049acc7f0270937d12
ed5c27510100ffc4481be474ebcb020d147c645beb110604d5284eeeb8b97c02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED5C27510100FFC4481BE474EBCB020D147C645BEB110604D5284EEEB8B97C02"
Last-Modified: Fri, 11 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6741
Expires: Sun, 13 Nov 2022 00:50:54 GMT
Date: Sat, 12 Nov 2022 22:58:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8G3Kb3jhBHgE+VvZFVJ6CMInj34MHgDxdIvnANqRXh8uKv1XRbMCrwxtbt8YZ6wINVH7eeI+g60=
x-amz-request-id: AV6XABG35JNBBGJB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 22:13:10 GMT
age: 2723
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 22:58:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 944b00ebda3a5ba3f41b0de3ee0d9cb8
1ef0c83a9d353c0aaf9503e720465d0be939eaa9
85542b9bef66d3cb39a036ee7985e6702e9b9b0e6db3390a0356263b53990097
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "85542B9BEF66D3CB39A036EE7985E6702E9B9B0E6DB3390A0356263B53990097"
Last-Modified: Fri, 11 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 13 Nov 2022 04:58:33 GMT
Date: Sat, 12 Nov 2022 22:58:33 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 944b00ebda3a5ba3f41b0de3ee0d9cb8
1ef0c83a9d353c0aaf9503e720465d0be939eaa9
85542b9bef66d3cb39a036ee7985e6702e9b9b0e6db3390a0356263b53990097
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "85542B9BEF66D3CB39A036EE7985E6702E9B9B0E6DB3390A0356263B53990097"
Last-Modified: Fri, 11 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Sun, 13 Nov 2022 04:58:33 GMT
Date: Sat, 12 Nov 2022 22:58:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 22:44:48 GMT
cache-control: public,max-age=3600
age: 826
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae51f1958554de4457c22a7d5a9ba8b6
173e90a8c6ee36b7ec569dbea47436a90d7e7c76
dc43a04e1e26243f63a8e628f2ebcb23a9527fd4bc40dc6d1d61879b0f95bb21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6301
Cache-Control: max-age=129199
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:34 GMT
Etag: "636f622c-1d7"
Expires: Mon, 14 Nov 2022 10:51:53 GMT
Last-Modified: Sat, 12 Nov 2022 09:06:52 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.217.237.91101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.217.237.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /SsIJWcJhM4YoNFc1Ae4eg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YpspCXFkjN09GsqyPT2VUYr5Rl8=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21259
Expires: Sun, 13 Nov 2022 04:52:54 GMT
Date: Sat, 12 Nov 2022 22:58:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21259
Expires: Sun, 13 Nov 2022 04:52:54 GMT
Date: Sat, 12 Nov 2022 22:58:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21259
Expires: Sun, 13 Nov 2022 04:52:54 GMT
Date: Sat, 12 Nov 2022 22:58:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21259
Expires: Sun, 13 Nov 2022 04:52:54 GMT
Date: Sat, 12 Nov 2022 22:58:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a9d38fc-0dee-4412-bfef-620ec5ad637d.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a9d38fc-0dee-4412-bfef-620ec5ad637d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0077b7342ec253df4859e37e6bd05e80
48fa15cd9d04448bcfde91d3fdef1ff3ff16d8a4
9af831fc83059c499c0d45aed0fc6f30154caa972d29ce63a71bbfc6b9e26e88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a9d38fc-0dee-4412-bfef-620ec5ad637d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8699
x-amzn-requestid: b8c0d987-2ca4-4fb5-b2a2-6f262ac3e9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bHbGiEBMIAMFxzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63660bc3-0a4863164f8313e1310700c6;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 07:07:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fhGr0dGIo-khJAPKA0t5WUzrrjziu4cfG1qAcLdR2QQGAfvsDoeCBw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 03:21:55 GMT
age: 70600
etag: "48fa15cd9d04448bcfde91d3fdef1ff3ff16d8a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcda76b4a-e2cf-4a4f-903b-a939ac862b71.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcda76b4a-e2cf-4a4f-903b-a939ac862b71.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3fd9f2cf5d5cbda75b55b310034f8294
58ebbd459c47d5f773da1da77f370286e006ae30
6b04a734b7e10e329df43e107462906f1690c95783cad69d56a412955b88d66e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcda76b4a-e2cf-4a4f-903b-a939ac862b71.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11388
x-amzn-requestid: 476bbb49-4bd4-408f-b82f-3dfd52dcf7ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bgfNdEYsoAMF0HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63701255-06630c41353045dc5e5d58b8;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -wI4Gprap42Eewd0DwppPQcSN4Bj5LX-PDAGk-eo-UCk8TuX_Dd9_A==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:54:29 GMT
age: 3846
etag: "58ebbd459c47d5f773da1da77f370286e006ae30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4da03871-10a1-4d64-8f01-11282f1f6f20.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4da03871-10a1-4d64-8f01-11282f1f6f20.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbfb6798f32968c8e68ba386edf23794
29d00e0276be7b87b759d78edbb3851c52e4db86
4379cce07bdfea4da27c1f158d1c16928346f8ebdf00272737fd1cf1c75f5fee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4da03871-10a1-4d64-8f01-11282f1f6f20.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13931
x-amzn-requestid: 3f6caf57-b687-4d1b-af40-a21bbebaff95
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEI_KFf2IAMFwgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364bb94-23ae7ecd18dc41521e172237;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 07:13:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CoDvVLQV5-9tqbMiKDNkb6y-U0EGO36WHPtZ3Am-eGbPdGLXd7tNYA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 03:53:05 GMT
age: 68730
etag: "29d00e0276be7b87b759d78edbb3851c52e4db86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8995ae3b-9ed6-4d82-aeda-bce16829dd81.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8995ae3b-9ed6-4d82-aeda-bce16829dd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8bb9138fde16b4052595c61c9aae69a1
eba0fcacc61aed15fe7c4aa11a951e1b681f08d2
11b98e67b1e869b2456ace0e07aa6f5019d15f43c8132f482c76e322282d8e63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8995ae3b-9ed6-4d82-aeda-bce16829dd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7018
x-amzn-requestid: 35b9ea76-0024-42a6-9561-f2f87fa09f70
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bHcAoGLUIAMFkVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63660d37-29eb6d7d6379fff612a6a593;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 07:13:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _Lgx5YJ1SaHAGB2vH0VIXW7Hu6ZIjdvyLjo3XFasEXqUNqCeKzLqJQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 04:07:30 GMT
age: 67865
etag: "eba0fcacc61aed15fe7c4aa11a951e1b681f08d2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bfc69f5-02e2-48e4-a7f8-345ee02dd656.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bfc69f5-02e2-48e4-a7f8-345ee02dd656.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f181df0e475c123b46f016d3c0bbaa5
399ce32b1fdcdef9061bddb840663f35e39b919a
ed9ba753f718903cd997c027f58b63f41e32107367b22b03f964d7eecdf9ba16
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bfc69f5-02e2-48e4-a7f8-345ee02dd656.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11187
x-amzn-requestid: 475229e1-bbb5-43a0-8733-1140a99b6b6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEIaqFFrIAMF7KA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364baaa-4261a60e57ae0c4d7a62e5e9;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 07:09:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NOu_3OBXieJtRp3_FbCykAhx3laNraMMTqFKfjXIiV6QqPTeUYsnfQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 06:02:50 GMT
age: 60945
etag: "399ce32b1fdcdef9061bddb840663f35e39b919a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd2698a2-6980-44f7-aa49-52cc55dc0647.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd2698a2-6980-44f7-aa49-52cc55dc0647.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9089a86b213cc0f8701c5ce6ed1a135a
bba046058fb4144e78ccc43e22baa873c1cd396d
9929557912911c1afa95ad55509fbda53d7755e5b0f7eb33adf4f8ee9a9f61de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd2698a2-6980-44f7-aa49-52cc55dc0647.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6327
x-amzn-requestid: 4228ad59-2113-4457-b225-fd931b5e1092
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bUquTE1KoAMFi1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636b57f4-353d91f526e7efb9088c8692;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 07:34:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: F_cpNY6oFlOj9NvJXbdyFHpGZlkn_5jzUwLpiOqNs8I_zQbEgVKN_w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:55:53 GMT
age: 3762
etag: "bba046058fb4144e78ccc43e22baa873c1cd396d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2723d5c97ce20782e81bd635bdf346e8
2312b6bb3e038916ae5ae2ce7372f7c61e74b2d1
2c2beb24062615df44939b1ab8c09df7c61405b919f91ede479e5c5708afcd27
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=96249
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:35 GMT
Etag: "636efa14-116"
Expires: Mon, 14 Nov 2022 01:42:44 GMT
Last-Modified: Sat, 12 Nov 2022 01:42:44 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2723d5c97ce20782e81bd635bdf346e8
2312b6bb3e038916ae5ae2ce7372f7c61e74b2d1
2c2beb24062615df44939b1ab8c09df7c61405b919f91ede479e5c5708afcd27
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=96249
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:35 GMT
Etag: "636efa14-116"
Expires: Mon, 14 Nov 2022 01:42:44 GMT
Last-Modified: Sat, 12 Nov 2022 01:42:44 GMT
Server: nginx
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 791 B IP 93.184.220.29:0
File type gzip compressed data, max compression\012- data
Hash 15160be6cc492374fcde1fb56bdd5065
d498fb522e4b005f38eb869f70670facdbce70f3
603c32e1782067e2cdb0667471e710e95130a38d66fc0b06acc5ef0c67e104d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=96249
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:35 GMT
Etag: "636efa14-116"
Expires: Mon, 14 Nov 2022 01:42:44 GMT
Last-Modified: Sat, 12 Nov 2022 01:42:44 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 34 kB IP 142.250.74.35:0
Hash e192779c63694b5d08bf2f25de3c3a26
0be6b9b580ca1947c4b7069a4416d783cc70306c
f38d7ee3181dcfab1d5b0d0c49b33712d73c4949a3d6828352528a7264468dca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/almarai/v12/tsstApxBaigK_hnnQ1iFow.woff2
216.58.207.195200 OK 47 kB URL HTTP/2 fonts.gstatic.com/s/almarai/v12/tsstApxBaigK_hnnQ1iFow.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 46804, version 1.0\012- data
Hash 4abcf53e103bfce2b9c0f04bf199308d
297b069084752969677f01a519bd64458cb7a579
2a6bda3553569fc700de73f81edc96180d144db1e05a702bc9854dbe14961c5e
GET /s/almarai/v12/tsstApxBaigK_hnnQ1iFow.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.takeover.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46804
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 22:43:35 GMT
expires: Wed, 08 Nov 2023 22:43:35 GMT
cache-control: public, max-age=31536000
age: 346501
last-modified: Tue, 19 Apr 2022 18:10:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/almarai/v12/tssoApxBaigK_hnnS-agtnqWow.woff2
216.58.207.195200 OK 50 kB URL HTTP/2 fonts.gstatic.com/s/almarai/v12/tssoApxBaigK_hnnS-agtnqWow.woff2
IP 216.58.207.195:0
Hash 8b978a55bfc5ffb87f22bd697c67dc07
4a281b8d9276b89bbe2a80a65a971434579295c1
db392f7031412c1e5eb978b24371d7b8fecfc9eac5027a99cf04575e5819d4b7
GET /s/almarai/v12/tssoApxBaigK_hnnS-agtnqWow.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.takeover.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 20:05:58 GMT
expires: Tue, 07 Nov 2023 20:05:58 GMT
cache-control: public, max-age=31536000
age: 442358
last-modified: Tue, 19 Apr 2022 18:29:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3723d23fdcd3f3d34132d56faae4428b
4bf9c6e15b8de24fc7387ce145382f9b3e9cb1c8
4bc047ec725bd4d99c9dd4fa11edc91702f722d16e53b5eef0920cb5dc7e7ca8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/8zRofmzdPas
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/8zRofmzdPas
IP 142.250.74.35:0
Hash 2a8ae1d4bed2f3c4ad838d3e1aef133e
db792b511787c46892de011830196cdb8a3ca806
27eb5ca3ab95cceb979651f4acac097f03618cec49b9d9a084578692afbe4787
POST /s/gts1d4/8zRofmzdPas HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:36 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ipinfo.io/?callback=jQuery32107651314672312814_1668293915173&_=1668293915174
34.117.59.81200 OK 827 B URL HTTP/2 ipinfo.io/?callback=jQuery32107651314672312814_1668293915173&_=1668293915174
IP 34.117.59.81:0
Hash 6324ae597c10292c5e6d656556429dcf
e8eaaff5964e91635211019ea4af16d4f010cd18
a4e2523cc30ed915ce3fba1ebbd076b99a1b9ab645db6a2b001ced4282d107eb
GET /?callback=jQuery32107651314672312814_1668293915173&_=1668293915174 HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-type: text/javascript; charset=utf-8
date: Sat, 12 Nov 2022 22:58:36 GMT
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 165d870547cff877acfc5b53a27f0f7b
3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb
963c686c4b2bb6b6f3057545597e4a65d8298c0c7c4355dc77ce92948a8d015b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 22:58:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 16 Nov 2022 20:07:00 GMT
ETag: "3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb"
Last-Modified: Sat, 12 Nov 2022 20:07:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2415
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7692df94beac0b3d-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 165d870547cff877acfc5b53a27f0f7b
3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb
963c686c4b2bb6b6f3057545597e4a65d8298c0c7c4355dc77ce92948a8d015b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 22:58:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 16 Nov 2022 20:07:00 GMT
ETag: "3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb"
Last-Modified: Sat, 12 Nov 2022 20:07:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2415
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7692df94b8511c0a-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 165d870547cff877acfc5b53a27f0f7b
3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb
963c686c4b2bb6b6f3057545597e4a65d8298c0c7c4355dc77ce92948a8d015b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 22:58:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 16 Nov 2022 20:07:00 GMT
ETag: "3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb"
Last-Modified: Sat, 12 Nov 2022 20:07:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2415
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7692df94bd7d0b49-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 165d870547cff877acfc5b53a27f0f7b
3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb
963c686c4b2bb6b6f3057545597e4a65d8298c0c7c4355dc77ce92948a8d015b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 22:58:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 16 Nov 2022 20:07:00 GMT
ETag: "3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb"
Last-Modified: Sat, 12 Nov 2022 20:07:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2415
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7692df94bda30b59-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 165d870547cff877acfc5b53a27f0f7b
3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb
963c686c4b2bb6b6f3057545597e4a65d8298c0c7c4355dc77ce92948a8d015b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 22:58:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 16 Nov 2022 20:07:00 GMT
ETag: "3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb"
Last-Modified: Sat, 12 Nov 2022 20:07:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2415
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7692df94bfadb50c-OSL
cc-west-usa.oss-accelerate.aliyuncs.com/20210124/330183414810.jpg
47.254.186.254200 OK 80 kB URL HTTP/1.1 cc-west-usa.oss-accelerate.aliyuncs.com/20210124/330183414810.jpg
IP 47.254.186.254:0
ASN #45102 Alibaba US Technology Co., Ltd.
Hash 459efe2b5640474142c431814a02d5be
e491eb1a6abdd632f1042620b61892d4fb7527f4
bfc420bbc38f4e707d9df15a2db75f3c06057b5ff6a80e6fd75ec503ee88ceba
GET /20210124/330183414810.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 67557
Connection: keep-alive
x-oss-request-id: 6370251DF5968481722BEDDD
Accept-Ranges: bytes
ETag: "11F051650B51CC3E2E4894B1ACFA459F"
Last-Modified: Sun, 24 Jan 2021 01:09:18 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2173227806351685291
x-oss-storage-class: Standard
Content-MD5: EfBRZQtRzD4uSJSxrPpFnw==
x-oss-server-time: 1
cc-west-usa.oss-accelerate.aliyuncs.com/1615093780331.jpg
47.254.186.254200 OK 54 kB URL HTTP/1.1 cc-west-usa.oss-accelerate.aliyuncs.com/1615093780331.jpg
IP 47.254.186.254:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Hash 657032d3544e8766e67e7016d8cf097a
edce3432aa634a8e9d5e04415c57614c4b8056dd
3a6535b7fc24286696ff6f802be55b990cf3d78cd45b6bcb2a2d15993df294bd
GET /1615093780331.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 54239
Connection: keep-alive
x-oss-request-id: 6370251DBD4F6A957F2BEA2A
Accept-Ranges: bytes
ETag: "657032D3544E8766E67E7016D8CF097A"
Last-Modified: Sun, 07 Mar 2021 05:09:40 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9381709334874409653
x-oss-storage-class: Standard
Content-MD5: ZXAy01ROh2bmfnAW2M8Jeg==
x-oss-server-time: 26
cc-west-usa.oss-accelerate.aliyuncs.com/1612662954459.jpg
47.254.186.254200 OK 112 kB URL HTTP/1.1 cc-west-usa.oss-accelerate.aliyuncs.com/1612662954459.jpg
IP 47.254.186.254:0
ASN #45102 Alibaba US Technology Co., Ltd.
Size 112 kB (112539 bytes)
Hash 5c004b21d63f28de76516981ce190480
e74211ba2f2d85bb63b6e017c18cca1ec65a3ab1
1cc06fd982c305531a61ce3bd03fce029d7e951690d0e184d9ed8d5d46771ffc
GET /1612662954459.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 112134
Connection: keep-alive
x-oss-request-id: 6370251DBC153D8FFA32CCEE
Accept-Ranges: bytes
ETag: "F5591D612D9CF6CBE064DA4D9ADE9541"
Last-Modified: Sun, 07 Feb 2021 01:55:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6211249305732974191
x-oss-storage-class: Standard
Content-MD5: 9VkdYS2c9svgZNpNmt6VQQ==
x-oss-server-time: 37
cc-west-usa.oss-accelerate.aliyuncs.com/203207/396981552789.jpg
47.254.186.254200 OK 104 kB URL HTTP/1.1 cc-west-usa.oss-accelerate.aliyuncs.com/203207/396981552789.jpg
IP 47.254.186.254:0
ASN #45102 Alibaba US Technology Co., Ltd.
Size 104 kB (104099 bytes)
Hash c0c8cb7f18331fe1238764b476572ad5
6e4fb2f6e50629ce98e1cbc7f5996cd4716c3164
651e264657308c9ab4dd71de550dd235f54bc2c61784c52db89bc442a44f351b
GET /203207/396981552789.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 103830
Connection: keep-alive
x-oss-request-id: 6370251DBC153D8FFA32CCEB
Accept-Ranges: bytes
ETag: "640253A6B8E4CA418B9E252C8F5BDD89"
Last-Modified: Mon, 07 Dec 2020 07:29:35 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7539397868680364022
x-oss-storage-class: Standard
Content-MD5: ZAJTprjkykGLniUsj1vdiQ==
x-oss-server-time: 100
cc-west-usa.oss-accelerate.aliyuncs.com/15254784/692945411166.png
47.254.186.254200 OK 608 kB URL HTTP/1.1 cc-west-usa.oss-accelerate.aliyuncs.com/15254784/692945411166.png
IP 47.254.186.254:0
ASN #45102 Alibaba US Technology Co., Ltd.
Size 608 kB (608097 bytes)
Hash 1e83c32c6a80e71f4ed908e7d2e3fc0d
9fffeac54770368aa1266ddd0143153a84cc39f1
764a65cbfd7f625fca32300bc85ee0e8e07d65b513ac0edcd1a9f08d87a2305c
GET /15254784/692945411166.png HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/png
Content-Length: 607747
Connection: keep-alive
x-oss-request-id: 6370251DBD4F6A957F2BEA2C
Accept-Ranges: bytes
ETag: "134867A29484B542EF01C569F0A9156C"
Last-Modified: Mon, 04 Jul 2022 18:46:18 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7111407666637485075
x-oss-storage-class: Standard
Cache-Control: max-age=31536000
Content-MD5: E0hnopSEtULvAcVp8KkVbA==
x-oss-server-time: 87
cc-west-usa.oss-accelerate.aliyuncs.com/1615772936023.jpg
47.254.186.254200 OK 88 kB URL HTTP/1.1 cc-west-usa.oss-accelerate.aliyuncs.com/1615772936023.jpg
IP 47.254.186.254:0
ASN #45102 Alibaba US Technology Co., Ltd.
Hash f7d5b6a74ef427af132948c435ee6594
ec4a07790dd2a136c8d6a6615d16037a74c68744
967b57715d55473182eb50074ac4ec8d4ac07810c116af0cf5086254d8181935
GET /1615772936023.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 86791
Connection: keep-alive
x-oss-request-id: 6370251DF5968481722BEE08
Accept-Ranges: bytes
ETag: "2DD2F0E7EA8EBAB00047393162437124"
Last-Modified: Mon, 15 Mar 2021 01:48:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 856864699436289898
x-oss-storage-class: Standard
Content-MD5: LdLw5+qOurAARzkxYkNxJA==
x-oss-server-time: 41
cc-west-usa.oss-accelerate.aliyuncs.com/20200810/650700480559.jpg
47.254.186.254200 OK 210 kB URL HTTP/1.1 cc-west-usa.oss-accelerate.aliyuncs.com/20200810/650700480559.jpg
IP 47.254.186.254:0
ASN #45102 Alibaba US Technology Co., Ltd.
Size 210 kB (210433 bytes)
Hash 35154009ebb1bd4e7503245aa17ba1ec
29dfedbacb036d93e493f086472aeafb4a9f7d01
a05e8b11047aac9872350c3613cbad258631b089241a9b82e316a6c15b551de3
GET /20200810/650700480559.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 93605
Connection: keep-alive
x-oss-request-id: 6370251DF5968481722BEE18
Accept-Ranges: bytes
ETag: "663AB8A60106037921EC6D9466D47B5D"
Last-Modified: Mon, 10 Aug 2020 02:24:43 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15074929034705863356
x-oss-storage-class: Standard
Content-MD5: Zjq4pgEGA3kh7G2UZtR7XQ==
x-oss-server-time: 56
cc-west-usa.oss-accelerate.aliyuncs.com/9a706a61-9543-4001-9817-ecd50b22d80c.jpg
47.254.186.254200 OK 102 kB URL HTTP/1.1 cc-west-usa.oss-accelerate.aliyuncs.com/9a706a61-9543-4001-9817-ecd50b22d80c.jpg
IP 47.254.186.254:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Size 102 kB (102318 bytes)
Hash e7741a7c271952354ebb058b383d8f63
77ed4d6e8282e57cb78670e2efb13158f25d5bd5
993fca18b024918e7bbb95c5f20e25b9b178abf515eb614548b2ba2c43c6c9a5
GET /9a706a61-9543-4001-9817-ecd50b22d80c.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 102318
Connection: keep-alive
x-oss-request-id: 6370251DC60405673646C7AD
Accept-Ranges: bytes
ETag: "E7741A7C271952354EBB058B383D8F63"
Last-Modified: Fri, 24 Sep 2021 05:56:24 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11395407322428584218
x-oss-storage-class: Standard
Content-MD5: 53QafCcZUjVOuwWLOD2PYw==
x-oss-server-time: 60
cc-west-usa.oss-accelerate.aliyuncs.com/20200728/1691511680953.jpg
47.254.186.254200 OK 230 kB URL HTTP/1.1 cc-west-usa.oss-accelerate.aliyuncs.com/20200728/1691511680953.jpg
IP 47.254.186.254:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 1000x1000, components 3\012- data
Size 230 kB (230138 bytes)
Hash 091c363dbaf95e38da382fb51e9ce559
64ac6c463cf22c58d3f57c285e012eefd163f18b
c8d27c7d6211c2f20277145d6f07d9a8b84dad49618ea72d14246ba65d05a5ef
GET /20200728/1691511680953.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 230138
Connection: keep-alive
x-oss-request-id: 6370251DFF9A9286A238C5F0
Accept-Ranges: bytes
ETag: "091C363DBAF95E38DA382FB51E9CE559"
Last-Modified: Tue, 28 Jul 2020 07:38:04 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12053003904920793426
x-oss-storage-class: Standard
Content-MD5: CRw2Pbr5XjjaOC+1HpzlWQ==
x-oss-server-time: 40
cc-west-usa.oss-accelerate.aliyuncs.com/1615023209257.jpg
47.254.186.254200 OK 323 kB URL HTTP/1.1 cc-west-usa.oss-accelerate.aliyuncs.com/1615023209257.jpg
IP 47.254.186.254:0
ASN #45102 Alibaba US Technology Co., Ltd.
Size 323 kB (322629 bytes)
Hash b60b0cb2769b630b14e7317c93bf8d64
25e37fae8ca4cb6c14a6b86f478c1a9d49e723a0
1e6facede5b71368f7a9a0f734c2d6450a189cc87ab93ae69bbd1b5815e944ac
GET /1615023209257.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 322140
Connection: keep-alive
x-oss-request-id: 6370251DBD4F6A957F2BEA86
Accept-Ranges: bytes
ETag: "41F420E7D241842121977B3736D2E974"
Last-Modified: Sat, 06 Mar 2021 09:33:29 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9213528408614826214
x-oss-storage-class: Standard
Content-MD5: QfQg59JBhCEhl3s3NtLpdA==
x-oss-server-time: 84
cc-west-usa.oss-accelerate.aliyuncs.com/2048/656211389217.jpg
47.254.186.254200 OK 159 kB URL HTTP/1.1 cc-west-usa.oss-accelerate.aliyuncs.com/2048/656211389217.jpg
IP 47.254.186.254:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Size 159 kB (158724 bytes)
Hash a0d9f325202daa5594cf7fd51654c821
30a706e2c8f950dc27d3e8a18169fc7d5f413c0a
e2918f021819d8a8983bf1d3a1dfca14974c06a4846cc729e8acb81395a28556
GET /2048/656211389217.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 158724
Connection: keep-alive
x-oss-request-id: 6370251DF5968481722BEE52
Accept-Ranges: bytes
ETag: "A0D9F325202DAA5594CF7FD51654C821"
Last-Modified: Wed, 16 Dec 2020 08:15:48 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 4163980679194445075
x-oss-storage-class: Standard
Content-MD5: oNnzJSAtqlWUz3/VFlTIIQ==
x-oss-server-time: 16
cc-west-usa.oss-accelerate.aliyuncs.com/2050/167193167684.jpg
47.254.186.254200 OK 122 kB URL HTTP/1.1 cc-west-usa.oss-accelerate.aliyuncs.com/2050/167193167684.jpg
IP 47.254.186.254:0
ASN #45102 Alibaba US Technology Co., Ltd.
Size 122 kB (121815 bytes)
Hash 5055bee0c53399dca3847d42d2065ce6
e632c12393d337df2d8303b4e8909e3b189c8be3
387233892eff178be0789ad057e1483b152bbd2b10802e66d45366b1f4e37bdb
GET /2050/167193167684.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 119600
Connection: keep-alive
x-oss-request-id: 6370251DBC153D8FFA32CD75
Accept-Ranges: bytes
ETag: "A20FCF54950DDFF88D32822AF675D83F"
Last-Modified: Fri, 18 Dec 2020 08:45:35 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17527069388404868936
x-oss-storage-class: Standard
Content-MD5: og/PVJUN3/iNMoIq9nXYPw==
x-oss-server-time: 38
cc-west-usa.oss-accelerate.aliyuncs.com/1617345664209.jpg
47.254.186.254200 OK 148 kB URL HTTP/1.1 cc-west-usa.oss-accelerate.aliyuncs.com/1617345664209.jpg
IP 47.254.186.254:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x1200, components 3\012- data
Size 148 kB (147614 bytes)
Hash 4fdb409ff3010e9162d923ec9a846d71
105c2aa850a9b690da1bb14ec96daceece749690
f06a3b312069a0912f600e5521a7fa0b79bbb1484bdb787d0ab95e4e5cb5f49f
GET /1617345664209.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 147614
Connection: keep-alive
x-oss-request-id: 6370251DFF9A9286A238C648
Accept-Ranges: bytes
ETag: "4FDB409FF3010E9162D923EC9A846D71"
Last-Modified: Fri, 02 Apr 2021 06:41:11 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15692121122868701754
x-oss-storage-class: Standard
Content-MD5: T9tAn/MBDpFi2SPsmoRtcQ==
x-oss-server-time: 86
www.takeover.live/ar
104.21.8.74200 OK 228 kB IP 104.21.8.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1620)
Size 228 kB (228081 bytes)
Hash c7a4dac4ebcfd06cd0cab994d0991a5d
55b1a6c9b0e51316b9ff0080e05472598487bff9
224512149ed6b21029c16d4a032559e32e7f0067175fbbd529ce629f1bd45f07
Analyzer Verdict Alert quad9 Sinkholed
GET /ar HTTP/1.1
Host: www.takeover.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: mycn_session=eyJpdiI6IlFQRm10dCtpM0cweHB1eHRuRnJzalE9PSIsInZhbHVlIjoic3QvcjZ6RXRYc3RCaU5uR1pMdW9nL1VuS2ZlTmdCVXNpTUkyRGtkdzZlaVh3WEZHdTd4dVVvcFZueWdha0lTVkxSbG9Yd2FrSmYvbUFjQksyUG9vSVpLcXpFREY3Wnk4cWZtTjR1bkI3clBFVWkyK25xb0VCRXVZQlFva2x3YnEiLCJtYWMiOiIyODg0N2QyZDVmMjk5YzFlMTA0NjkxOWVkOWZlMjU4ODIxZDU3ODk1MTJlNGYxMWMxYTU2MGFjMWUwOTNkNGVmIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:58:35 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
set-cookie: mycn_session=eyJpdiI6ImpsdEdTek1lbE0vYXNlUEN2bUFYR0E9PSIsInZhbHVlIjoibGJabDRIY3JnTjBCL3Y3czNWdUpXcG1NdE96VnZRUDJuSC9xTVpKWGo1MjFEV2ozNDlJTGJXVjcrNWc2Zml5alkwTHpJWmFtUnZlRlI3Z1kyQVl6N3dhMG9iNmp5V3FSdVRlazI1Tjh1WHFaMTN1K1cxeE5JaVQxR1lHY2NuR3oiLCJtYWMiOiIyYTI5MTQ4MjI2ZGQxY2M3ZDc5NzVkOTdkMzc5MTU2MjMxMzMxMjI5YTlmMDZjNmI0NmJjZTE3MTYyYzFkZmU3IiwidGFnIjoiIn0%3D; expires=Sun, 13 Nov 2022 00:58:35 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpqufMX0xYVXRP63Hn0wo7zFXOkEhulk9YCW4mVR2%2FftqaeGvDglpJzYO7u%2F2xZX4ak78CJwh1aQEXNYVosyIzRZa0ISArThA%2FXXtbUQ1PslLBTdVViqEYZKUdzjXNqzoHaOgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7692df834b18b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15103da1-5996-4497-9ec1-6bf49292c35c.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15103da1-5996-4497-9ec1-6bf49292c35c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3ce8ed12a73c0d1cc9a5f838bff34c8
b96ef6b0060b6dd83475728986ff333faf35c4b6
12466854c0ba0cf11043d6b0ef171c8d6645e6d7f4de4211e1426d0c883a0d96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15103da1-5996-4497-9ec1-6bf49292c35c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9708
x-amzn-requestid: 08ff92c4-61ac-490e-9c5b-0c3e97abb6fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bBpBDGjPoAMFV8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6363bba0-7a0b97ea587f036e33c43e5f;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 13:01:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: B-VFR3675yhlwYVLgxGl9621BEfaTzCwdxglY0z07efK3bJ1cCzGqA==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 04:57:42 GMT
age: 64860
etag: "b96ef6b0060b6dd83475728986ff333faf35c4b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.takeover.live/
104.21.8.74302 Found 0 B IP 104.21.8.74:0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.takeover.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 12 Nov 2022 22:58:34 GMT
content-type: text/html; charset=UTF-8
location: https://www.takeover.live/ar
access-control-allow-origin: *
cache-control: no-cache, private
set-cookie: mycn_session=eyJpdiI6IlFQRm10dCtpM0cweHB1eHRuRnJzalE9PSIsInZhbHVlIjoic3QvcjZ6RXRYc3RCaU5uR1pMdW9nL1VuS2ZlTmdCVXNpTUkyRGtkdzZlaVh3WEZHdTd4dVVvcFZueWdha0lTVkxSbG9Yd2FrSmYvbUFjQksyUG9vSVpLcXpFREY3Wnk4cWZtTjR1bkI3clBFVWkyK25xb0VCRXVZQlFva2x3YnEiLCJtYWMiOiIyODg0N2QyZDVmMjk5YzFlMTA0NjkxOWVkOWZlMjU4ODIxZDU3ODk1MTJlNGYxMWMxYTU2MGFjMWUwOTNkNGVmIiwidGFnIjoiIn0%3D; expires=Sun, 13 Nov 2022 00:58:34 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjM2FtDeNI7A28bcQkuIGeK0mnCcRuoTzCpEScqNUdRWsiIDkkExEXGplY2kLIEgXa9zfOzL%2FBFMOu1VXrcB3zm6c3qEacwA0doVOX3%2FM7C6QdrZUxe2MbCgFI1KJibtfBIbnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7692df8259d7b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycn.io/Uploads/Users/store-designs/2022/09/image_16629804291992157327.png
104.26.11.103302 Found 0 B URL HTTP/2 mycn.io/Uploads/Users/store-designs/2022/09/image_16629804291992157327.png
IP 104.26.11.103:0
GET /Uploads/Users/store-designs/2022/09/image_16629804291992157327.png HTTP/1.1
Host: mycn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 12 Nov 2022 22:58:35 GMT
content-type: text/html; charset=UTF-8
location: https://mycn.io/ar/Uploads/Users/store-designs/2022/09/image_16629804291992157327.png
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
vary: Accept-Language,Accept-Encoding,User-Agent
cache-control: no-cache, private
cf-cache-status: BYPASS
set-cookie: mycn_session=eyJpdiI6IjUxeFNiWGNDYUlHN1JiaHVoR1VSVXc9PSIsInZhbHVlIjoiZGUxand5UjZ0TzQzUUFKZFRtN3QxeTlLdkRaYXNta2lYUG5aWjhtb0ViZVBibUxwY1JYR3JxWE5IaFVpMXBwcEtPbHZ2M042cTdaY05PUTRaMzErNXlBb0N6RGg4d0puSWFEbXRWZW5GUTNacWoxM3U0aitSSEFxSktvZFlnZ3UiLCJtYWMiOiJlNGQ2MzFlZmUwMTI5MTY4Zjc3YjIyODUxY2I0ZWZmYjUxZjUzNmFjNzZkOGU3M2NlMWMyNDJiZGMzNTYwMGMyIiwidGFnIjoiIn0%3D; expires=Sun, 13 Nov 2022 00:58:35 GMT; Max-Age=7200; path=/; httponly; samesite=lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TT0jAerE8dWnQUbiQywq%2B7hFZk5num3jDQGbfFdclLNM5vAi8ZoRFjzPx6Z7DBiIC68eZXAOVVPPVZZn%2BKdpx0hrO3YB9l1QworaIKXvXuTIwgxaRMnlq0w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7692df8e0ca9b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Almarai:wght@400;700&display=swap?v=0.23
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Almarai:wght@400;700&display=swap?v=0.23
IP 142.250.74.10:0
GET /css2?family=Almarai:wght@400;700&display=swap?v=0.23 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Nov 2022 22:58:35 GMT
date: Sat, 12 Nov 2022 22:58:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mycn.io/Uploads/Users/store-logo/2022/09/image_1662882811509775908.jfif
104.26.11.103302 Found 0 B URL HTTP/2 mycn.io/Uploads/Users/store-logo/2022/09/image_1662882811509775908.jfif
IP 104.26.11.103:0
GET /Uploads/Users/store-logo/2022/09/image_1662882811509775908.jfif HTTP/1.1
Host: mycn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 12 Nov 2022 22:58:35 GMT
content-type: text/html; charset=UTF-8
location: https://mycn.io/ar/Uploads/Users/store-logo/2022/09/image_1662882811509775908.jfif
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
vary: Accept-Language,Accept-Encoding,User-Agent
cache-control: no-cache, private
set-cookie: mycn_session=eyJpdiI6InVnZVd0eE9yN3M0QzVkczFJbmJSbEE9PSIsInZhbHVlIjoidGRHY0xBcm82TCtwdGJpRlBzZmhGKzY4c3U2ZGtFSGF0YWJCMDNpYlBEMDJIS0VmUXpCenRNWmNSOFRYeVgvblBLaEt2V2oxaHBLZmgvTXNDNmMrZTh2ZkdIUndvVHJMM1lNVW1oSDZJa0UyRzRJbWh5NmlWcUFhR2JRQlNxL0ciLCJtYWMiOiI3MzhlNTQ5Zjc0ZGQzNGJlNWYzZjI3NDQyOTA1MmYyZDc0YzU5YTJmNjJiZDY1NDRlNDk1YmM3YjM5ZmEzYWRiIiwidGFnIjoiIn0%3D; expires=Sun, 13 Nov 2022 00:58:35 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsfqcsdLEAJ5Xz%2BvGQmLO9KYLBYO8Yeg6B%2BVBMQkKa5fYMueiQqIXYk2Qhri0v9%2FKq%2BLnKK2clkWy6u1uWTsyjn8miEY%2BXq6Yx0kr2oWaqme525%2BBdeJ0JE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7692df8e0ca7b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycn.io/ar/Uploads/Users/store-logo/2022/09/image_1662882811509775908.jfif
104.26.11.103200 OK 0 B URL HTTP/2 mycn.io/ar/Uploads/Users/store-logo/2022/09/image_1662882811509775908.jfif
IP 104.26.11.103:0
GET /ar/Uploads/Users/store-logo/2022/09/image_1662882811509775908.jfif HTTP/1.1
Host: mycn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.takeover.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:58:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
cache-control: no-cache, private
set-cookie: mycn_session=eyJpdiI6IkoyeEQ5K1JMUlZUUXhZRTRKN2hwdkE9PSIsInZhbHVlIjoiczRpV1NLSllEZjdJU21ya0JlVWQ3RzRST0pIZWhoSWJZZU9pZXlHVy9yQXZFSFhsVGR4cDRZWDN1eVAzeGR2K29wQWFwdTIrWVF6VCtNeVQ2VytzZm4yYk4wa1k5bDNWTitLZVRmK1VaM3lTMXJSOFNjTU5BU2xPcEw1T3RPYXQiLCJtYWMiOiIxZWJjZDFkZmM1YzdkMTc0NTQ2MzU2YzFhNjMzNTljM2E2N2JmMWIxZDFjZjViMGFkOTUwNjdmNDVjYzA4ZDhiIiwidGFnIjoiIn0%3D; expires=Sun, 13 Nov 2022 00:58:36 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CG3c0zaGauGU2rOVeePXPzGFz2WMQbjJIcjWHpVZ6BYQLEzIztlyuvSz1EXAZsnjOnZlfjRCfKwHqJYiZjBRGIQzyGuQGbXxQnvgAb%2FFX2%2BJE0F0kR9QKSc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7692df8efd9eb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2