r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 96367f956a4177aec7e7e80221539d58
8dcad10fde96c139d1ef212388cb6755fe3fe077
f4f9bdb5180359dfd734cef1e6f1b54bc9d8f72cae557366eb74f22100b94dc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4F9BDB5180359DFD734CEF1E6F1B54BC9D8F72CAE557366EB74F22100B94DC4"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17311
Expires: Sat, 17 Dec 2022 07:45:08 GMT
Date: Sat, 17 Dec 2022 02:56:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae86164fd9297dfdc05d67d69284d70e
5e5f27e3fd492f715baa6820f05c0fafde4040b3
be20f6ae6a51d20611cb4d350b52a5d0a339af6722fe9b2482ef58826c1e9de0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE20F6AE6A51D20611CB4D350B52A5D0A339AF6722FE9B2482EF58826C1E9DE0"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7644
Expires: Sat, 17 Dec 2022 05:04:01 GMT
Date: Sat, 17 Dec 2022 02:56:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 555fc6e99ad3bf077d1c4b9b805e428d
4e800fc8e809a950288df0e94992084647762561
fac00cada519279717e2a13528cb202d292fc92ed5eb42782c41f8e7b9509eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC00CADA519279717E2A13528CB202D292FC92ED5EB42782C41F8E7B9509EAF"
Last-Modified: Fri, 16 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2976
Expires: Sat, 17 Dec 2022 03:46:13 GMT
Date: Sat, 17 Dec 2022 02:56:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 17 Dec 2022 02:45:15 GMT
content-type: application/json
age: 682
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EMQJfs8XIsgGMurz6xSg9BySdYbXwbmPU7iayCNdq0JcHgtwJBQnK5GjmIDwIoY9QJKS9oMD3Ko=
x-amz-request-id: DSZ1ANWWYQ162RTM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 17 Dec 2022 02:51:36 GMT
age: 301
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
71b5c2.qgrmbnfrfxjp.com/
143.204.55.63307 Temporary Redirect 7.5 kB IP 143.204.55.63:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (473)
Hash daec2c79fb70f6187e758df488c4cbd5
b9e2be994ab721894b253dd0ee73a415728cb36f
ca5f5416a656ad7b336a633ea476b0d97dedc82c0dd8b8f6e349e36f6b5a6413
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: 71b5c2.qgrmbnfrfxjp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 307 Temporary Redirect
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 17 Dec 2022 02:56:37 GMT
Server: nginx
X-Status: OK
X-UID: Root=1-639d2fe5-4123d73e61b5cef1678388e0
Location: https://pr.couches-sofas-58657.com?backfill=0&KW1=Sofa&KW2=Sofas&KW3=G%C3%BCnstige+Sofas&KW4=Sofa+Kaufen&KW5=Chesterfield+Sofa&KW6=Sofa+Grau&domainname=0&searchbox=0&subid1=9e6faab29e93985f35ea5c0bebe7311980dcba51e01f03b1268fcce994cee421&track_id=9e6faab29e93985f35ea5c0bebe7311980dcba51e01f03b1268fcce994cee421&kcoptimize=1&theme=DoriPlus&vertical=Home&offer=Couches+%26+Sofas+PR
Referrer-Policy: unsafe-url
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _a4TdUZdqvyIzEhwMYHk9lKfByA5vRCcUxHkr8BnK0STyp9m_VTP3A==
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Dec 2022 02:56:37 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 17 Dec 2022 02:08:00 GMT
age: 2917
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 87362f0233975746b7dede7a5e5ac702
b189107abf55d4707acf564dfbfc06fb79f84134
f76a4ce26fafecc663ab2058f28f72d5228b8b5f3448870aa77c521131e47382
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F76A4CE26FAFECC663AB2058F28F72D5228B8B5F3448870AA77C521131E47382"
Last-Modified: Thu, 15 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1316
Expires: Sat, 17 Dec 2022 03:18:33 GMT
Date: Sat, 17 Dec 2022 02:56:37 GMT
Connection: keep-alive
pr.couches-sofas-58657.com/?backfill=0&KW1=Sofa&KW2=Sofas&KW3=G%C3%BCnstige+Sofas&KW4=Sofa+Kaufen&KW5=Chesterfield+Sofa&KW6=Sofa+Grau&domainname=0&searchbox=0&subid1=9e6faab29e93985f35ea5c0bebe7311980dcba51e01f03b1268fcce994cee421&track_id=9e6faab29e93985f35ea5c0bebe7311980dcba51e01f03b1268fcce994cee421&kcoptimize=1&theme=DoriPlus&vertical=Home&offer=Couches+%26+Sofas+PR
185.53.179.92200 OK 6.3 kB URL HTTP/1.1 pr.couches-sofas-58657.com/?backfill=0&KW1=Sofa&KW2=Sofas&KW3=G%C3%BCnstige+Sofas&KW4=Sofa+Kaufen&KW5=Chesterfield+Sofa&KW6=Sofa+Grau&domainname=0&searchbox=0&subid1=9e6faab29e93985f35ea5c0bebe7311980dcba51e01f03b1268fcce994cee421&track_id=9e6faab29e93985f35ea5c0bebe7311980dcba51e01f03b1268fcce994cee421&kcoptimize=1&theme=DoriPlus&vertical=Home&offer=Couches+%26+Sofas+PR
IP 185.53.179.92:0
ASN #61969 Team Internet AG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4350)
Hash 2dd38709108a555d7bb3be09a36d17ff
51119fca328a25f85f4404781fa31154d6e71998
bdd00d68f742ca740889ca135b5f41c80c039fa7b24a007506e09183d60526f7
GET /?backfill=0&KW1=Sofa&KW2=Sofas&KW3=G%C3%BCnstige+Sofas&KW4=Sofa+Kaufen&KW5=Chesterfield+Sofa&KW6=Sofa+Grau&domainname=0&searchbox=0&subid1=9e6faab29e93985f35ea5c0bebe7311980dcba51e01f03b1268fcce994cee421&track_id=9e6faab29e93985f35ea5c0bebe7311980dcba51e01f03b1268fcce994cee421&kcoptimize=1&theme=DoriPlus&vertical=Home&offer=Couches+%26+Sofas+PR HTTP/1.1
Host: pr.couches-sofas-58657.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-Ch-Lifetime: 30
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 17 Dec 2022 02:56:38 GMT
Server: nginx
Vary: Accept-Encoding
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_tALRqvOh679XvjVKldsCI+TMgahLi/RTKUgPCiK0cuWByKE85POv3kNdxdBYlCAWxTntZunrbzg5oNQjU1Vvdg==
X-Buckets: bucket077
X-Language: norwegian
X-Template: tpl_DoriPlus_twoclick
Transfer-Encoding: chunked
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 142400be99b933ea5e0c68ea6a6b3e89
80e94132940e5ebe69dd0a03396764127b8fda49
20e8cde3c6907a3c5d97fe9fbcf6a44035e1f7482f7e166adb2c38a30a9084ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5032
Cache-Control: max-age=113646
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 02:56:38 GMT
Etag: "639c352c-1d7"
Expires: Sun, 18 Dec 2022 10:30:44 GMT
Last-Modified: Fri, 16 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c8a49c10c60b31f85897b10f4ec4cf83
a36d1f2e9c383be9d1e8f3582e4245848c737942
96090cb245f690b7cc9a8b4cd11b6fbb1eede6e139f3a5485c8e58196024e7bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 02:56:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b56a3548738502fa3cc2d975411a7900
e6584e903da8e7e6062fd14d0c927495f6819b83
8b4ed97669a9d9a093cb9b4c92f1676681ea9c279ac47105042fa922bb32057b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 02:56:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.214.64.191101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.64.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3ysSB1jYn9Xe1MRaK2JhRg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9nHJ41vB6e4yGmGpOiOVOU/j9z8=
d1t9jheyiyj1h6.cloudfront.net/themes/doriplus_40a0ff4d/img/arrows.png
54.230.245.187200 OK 11 kB URL HTTP/2 d1t9jheyiyj1h6.cloudfront.net/themes/doriplus_40a0ff4d/img/arrows.png
IP 54.230.245.187:0
File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Hash 0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
GET /themes/doriplus_40a0ff4d/img/arrows.png HTTP/1.1
Host: d1t9jheyiyj1h6.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.couches-sofas-58657.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 11375
server: nginx
last-modified: Thu, 23 Jun 2022 10:44:43 GMT
accept-ranges: bytes
front_end_https: on
date: Fri, 16 Dec 2022 07:40:00 GMT
etag: "62b4441b-2c6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uJnG8u3Hurc7kZjmCXrR2TGe0vEE_aM0g01iYn7M8C_fNmXlIXIHyQ==
age: 69398
X-Firefox-Spdy: h2
pr.couches-sofas-58657.com/track.php?domain=couches-sofas-58657.com&toggle=browserjs&uid=MTY3MTI0NTc5OC4wMjQzOjNiZTVjNmFiYTlhODVjZTg4NWM1M2Y1ZWQ5MmZjZGM2OGYyOTEwMjI5NGEwNzgwMTU3Y2NlYzEyYWUxNDQyZTE6NjM5ZDJmZTYwNWVlMg%3D%3D
185.53.179.92200 OK 20 B URL HTTP/1.1 pr.couches-sofas-58657.com/track.php?domain=couches-sofas-58657.com&toggle=browserjs&uid=MTY3MTI0NTc5OC4wMjQzOjNiZTVjNmFiYTlhODVjZTg4NWM1M2Y1ZWQ5MmZjZGM2OGYyOTEwMjI5NGEwNzgwMTU3Y2NlYzEyYWUxNDQyZTE6NjM5ZDJmZTYwNWVlMg%3D%3D
IP 185.53.179.92:0
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=couches-sofas-58657.com&toggle=browserjs&uid=MTY3MTI0NTc5OC4wMjQzOjNiZTVjNmFiYTlhODVjZTg4NWM1M2Y1ZWQ5MmZjZGM2OGYyOTEwMjI5NGEwNzgwMTU3Y2NlYzEyYWUxNDQyZTE6NjM5ZDJmZTYwNWVlMg%3D%3D HTTP/1.1
Host: pr.couches-sofas-58657.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.couches-sofas-58657.com/?backfill=0&KW1=Sofa&KW2=Sofas&KW3=G%C3%BCnstige+Sofas&KW4=Sofa+Kaufen&KW5=Chesterfield+Sofa&KW6=Sofa+Grau&domainname=0&searchbox=0&subid1=9e6faab29e93985f35ea5c0bebe7311980dcba51e01f03b1268fcce994cee421&track_id=9e6faab29e93985f35ea5c0bebe7311980dcba51e01f03b1268fcce994cee421&kcoptimize=1&theme=DoriPlus&vertical=Home&offer=Couches+%26+Sofas+PR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-Ch-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 17 Dec 2022 02:56:38 GMT
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Content-Length: 20
pr.couches-sofas-58657.com/favicon.ico
185.53.179.92200 OK 0 B URL HTTP/1.1 pr.couches-sofas-58657.com/favicon.ico
IP 185.53.179.92:0
ASN #61969 Team Internet AG
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: pr.couches-sofas-58657.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.couches-sofas-58657.com/?backfill=0&KW1=Sofa&KW2=Sofas&KW3=G%C3%BCnstige+Sofas&KW4=Sofa+Kaufen&KW5=Chesterfield+Sofa&KW6=Sofa+Grau&domainname=0&searchbox=0&subid1=9e6faab29e93985f35ea5c0bebe7311980dcba51e01f03b1268fcce994cee421&track_id=9e6faab29e93985f35ea5c0bebe7311980dcba51e01f03b1268fcce994cee421&kcoptimize=1&theme=DoriPlus&vertical=Home&offer=Couches+%26+Sofas+PR
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 0
Content-Type: image/x-icon
Date: Sat, 17 Dec 2022 02:56:39 GMT
Etag: "5ebab1f0-0"
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Server: nginx
www.google.com/adsense/domains/caf.js
216.58.207.228200 OK 54 kB URL HTTP/2 www.google.com/adsense/domains/caf.js
IP 216.58.207.228:0
Hash b9d4db7fca2840ce93e9323010ce9b37
f617eb15fc022ec42cb97c10439396359e391781
68a31418af3b6cac511af3414b1b97dd3fa1e24b7bfd61916cd6d34506e27301
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.couches-sofas-58657.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 17 Dec 2022 02:56:38 GMT
expires: Sat, 17 Dec 2022 02:56:38 GMT
cache-control: private, max-age=3600
etag: "17818827353311541688"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=pr.couches-sofas-58657.com&client=dp-teaminternet07_3ph&product=SAS&callback=__sasCookie
216.58.207.226200 OK 249 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=pr.couches-sofas-58657.com&client=dp-teaminternet07_3ph&product=SAS&callback=__sasCookie
IP 216.58.207.226:0
File type ASCII text, with very long lines (386), with no line terminators
Hash c1c40339db346fbc7add5780c24dc370
7a71903af669d92aa92cf7d2f364b6b99a4816d6
6f226ee4a24f42864bca137beac286a0d8828c92c89965bc5c7171d39fe160ea
GET /gampad/cookie.js?domain=pr.couches-sofas-58657.com&client=dp-teaminternet07_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.couches-sofas-58657.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 17 Dec 2022 02:56:39 GMT
server: cafe
cache-control: private
content-length: 249
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 38d30195e5ac974729f24024ab3380f2
74ada6b82223011cddea668efa7397d3620fd6d0
d85cdd2f7fba1b3249bccffa017de80460f11ad2eb54e3bc1b201741924ede33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 02:56:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 38d30195e5ac974729f24024ab3380f2
74ada6b82223011cddea668efa7397d3620fd6d0
d85cdd2f7fba1b3249bccffa017de80460f11ad2eb54e3bc1b201741924ede33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 02:56:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
142.250.74.97200 OK 270 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
IP 142.250.74.97:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash 5100391430a00e10ce60aa159f525b5c
231a4492d73b225f441b1e9028dc33c89862e498
52b1432a6e3002e41ed1d8f4c84b258fdc4c6dac863e3c0e5c06360c81be6067
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 10:41:47 GMT
expires: Sat, 17 Dec 2022 09:41:47 GMT
cache-control: public, max-age=82800
age: 58492
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9bdbce312552cda92300b2738618960c
f6b4eb3131180554afee194b65f8cc40644eadc3
57198fe0107e926ce4762f57f067215d43c00b9bd68b5e8117e3709392125534
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 02:56:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
142.250.74.97200 OK 174 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP 142.250.74.97:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 10:51:45 GMT
expires: Sat, 17 Dec 2022 09:51:45 GMT
cache-control: public, max-age=82800
age: 57894
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pr.couches-sofas-58657.com/track.php?domain=couches-sofas-58657.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3MTI0NTc5OC4wMjQzOjNiZTVjNmFiYTlhODVjZTg4NWM1M2Y1ZWQ5MmZjZGM2OGYyOTEwMjI5NGEwNzgwMTU3Y2NlYzEyYWUxNDQyZTE6NjM5ZDJmZTYwNWVlMg%3D%3D
185.53.179.92200 OK 20 B URL HTTP/1.1 pr.couches-sofas-58657.com/track.php?domain=couches-sofas-58657.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3MTI0NTc5OC4wMjQzOjNiZTVjNmFiYTlhODVjZTg4NWM1M2Y1ZWQ5MmZjZGM2OGYyOTEwMjI5NGEwNzgwMTU3Y2NlYzEyYWUxNDQyZTE6NjM5ZDJmZTYwNWVlMg%3D%3D
IP 185.53.179.92:0
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=couches-sofas-58657.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3MTI0NTc5OC4wMjQzOjNiZTVjNmFiYTlhODVjZTg4NWM1M2Y1ZWQ5MmZjZGM2OGYyOTEwMjI5NGEwNzgwMTU3Y2NlYzEyYWUxNDQyZTE6NjM5ZDJmZTYwNWVlMg%3D%3D HTTP/1.1
Host: pr.couches-sofas-58657.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.couches-sofas-58657.com/?backfill=0&KW1=Sofa&KW2=Sofas&KW3=G%C3%BCnstige+Sofas&KW4=Sofa+Kaufen&KW5=Chesterfield+Sofa&KW6=Sofa+Grau&domainname=0&searchbox=0&subid1=9e6faab29e93985f35ea5c0bebe7311980dcba51e01f03b1268fcce994cee421&track_id=9e6faab29e93985f35ea5c0bebe7311980dcba51e01f03b1268fcce994cee421&kcoptimize=1&theme=DoriPlus&vertical=Home&offer=Couches+%26+Sofas+PR
Cookie: __gsas=ID=c932f155d4736e92:T=1671245799:S=ALNI_Mbp7wJQMPzo0_TvZz_RP_2u2GJMSw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-Ch-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 17 Dec 2022 02:56:39 GMT
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: answercheck
Content-Length: 20
pr.couches-sofas-58657.com/ls.php
185.53.179.92201 Created 0 B URL HTTP/1.1 pr.couches-sofas-58657.com/ls.php
IP 185.53.179.92:0
ASN #61969 Team Internet AG
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ls.php HTTP/1.1
Host: pr.couches-sofas-58657.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 4302
Origin: https://pr.couches-sofas-58657.com
Connection: keep-alive
Referer: https://pr.couches-sofas-58657.com/?backfill=0&KW1=Sofa&KW2=Sofas&KW3=G%C3%BCnstige+Sofas&KW4=Sofa+Kaufen&KW5=Chesterfield+Sofa&KW6=Sofa+Grau&domainname=0&searchbox=0&subid1=9e6faab29e93985f35ea5c0bebe7311980dcba51e01f03b1268fcce994cee421&track_id=9e6faab29e93985f35ea5c0bebe7311980dcba51e01f03b1268fcce994cee421&kcoptimize=1&theme=DoriPlus&vertical=Home&offer=Couches+%26+Sofas+PR
Cookie: GoogleAdServingTest=Good
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 201 Created
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-Ch-Lifetime: 30
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: https://pr.couches-sofas-58657.com
Access-Control-Max-Age: 86400
Charset: utf-8
Content-Type: text/javascript;charset=UTF-8
Date: Sat, 17 Dec 2022 02:56:39 GMT
Server: nginx
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_m15wosiIAdAsI2JXGS6+k6gognchmVf5Lt1BZZG3mWW6adYYpxOr3FGXLDpy35IzUkS2IWQzWxXlHHnNsKxeYA==
X-Log-Success: 639d2fe6944c755dec0d6d40
Content-Length: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 38d30195e5ac974729f24024ab3380f2
74ada6b82223011cddea668efa7397d3620fd6d0
d85cdd2f7fba1b3249bccffa017de80460f11ad2eb54e3bc1b201741924ede33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 02:56:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pr.couches-sofas-58657.com/track.php?toggle=adloaded&uid=MTY3MTI0NTc5OC4wMjQzOjNiZTVjNmFiYTlhODVjZTg4NWM1M2Y1ZWQ5MmZjZGM2OGYyOTEwMjI5NGEwNzgwMTU3Y2NlYzEyYWUxNDQyZTE6NjM5ZDJmZTYwNWVlMg%3D%3D&domain=couches-sofas-58657.com&data=%7B%22containerName%22%3A%22tc%22%2C%22adsLoaded%22%3Atrue%2C%22callbackOptions%22%3A%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-teaminternet07_3ph%22%2C%22adult%22%3Afalse%7D%2C%22termPositions%22%3A%7B%22Chesterfield%20Sofa%22%3A2%7D%7D%2C%22terms%22%3A%22Sofa%2CSofas%2CG%C3%BCnstige%20Sofas%2CSofa%20Kaufen%2CChesterfield%20Sofa%2CSofa%20Grau%22%7D
185.53.179.92200 OK 20 B URL HTTP/1.1 pr.couches-sofas-58657.com/track.php?toggle=adloaded&uid=MTY3MTI0NTc5OC4wMjQzOjNiZTVjNmFiYTlhODVjZTg4NWM1M2Y1ZWQ5MmZjZGM2OGYyOTEwMjI5NGEwNzgwMTU3Y2NlYzEyYWUxNDQyZTE6NjM5ZDJmZTYwNWVlMg%3D%3D&domain=couches-sofas-58657.com&data=%7B%22containerName%22%3A%22tc%22%2C%22adsLoaded%22%3Atrue%2C%22callbackOptions%22%3A%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-teaminternet07_3ph%22%2C%22adult%22%3Afalse%7D%2C%22termPositions%22%3A%7B%22Chesterfield%20Sofa%22%3A2%7D%7D%2C%22terms%22%3A%22Sofa%2CSofas%2CG%C3%BCnstige%20Sofas%2CSofa%20Kaufen%2CChesterfield%20Sofa%2CSofa%20Grau%22%7D
IP 185.53.179.92:0
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?toggle=adloaded&uid=MTY3MTI0NTc5OC4wMjQzOjNiZTVjNmFiYTlhODVjZTg4NWM1M2Y1ZWQ5MmZjZGM2OGYyOTEwMjI5NGEwNzgwMTU3Y2NlYzEyYWUxNDQyZTE6NjM5ZDJmZTYwNWVlMg%3D%3D&domain=couches-sofas-58657.com&data=%7B%22containerName%22%3A%22tc%22%2C%22adsLoaded%22%3Atrue%2C%22callbackOptions%22%3A%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-teaminternet07_3ph%22%2C%22adult%22%3Afalse%7D%2C%22termPositions%22%3A%7B%22Chesterfield%20Sofa%22%3A2%7D%7D%2C%22terms%22%3A%22Sofa%2CSofas%2CG%C3%BCnstige%20Sofas%2CSofa%20Kaufen%2CChesterfield%20Sofa%2CSofa%20Grau%22%7D HTTP/1.1
Host: pr.couches-sofas-58657.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.couches-sofas-58657.com/?backfill=0&KW1=Sofa&KW2=Sofas&KW3=G%C3%BCnstige+Sofas&KW4=Sofa+Kaufen&KW5=Chesterfield+Sofa&KW6=Sofa+Grau&domainname=0&searchbox=0&subid1=9e6faab29e93985f35ea5c0bebe7311980dcba51e01f03b1268fcce994cee421&track_id=9e6faab29e93985f35ea5c0bebe7311980dcba51e01f03b1268fcce994cee421&kcoptimize=1&theme=DoriPlus&vertical=Home&offer=Couches+%26+Sofas+PR
Cookie: __gsas=ID=c932f155d4736e92:T=1671245799:S=ALNI_Mbp7wJQMPzo0_TvZz_RP_2u2GJMSw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-Ch-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 17 Dec 2022 02:56:39 GMT
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: adloaded
Content-Length: 20
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17722
Expires: Sat, 17 Dec 2022 07:52:01 GMT
Date: Sat, 17 Dec 2022 02:56:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17722
Expires: Sat, 17 Dec 2022 07:52:01 GMT
Date: Sat, 17 Dec 2022 02:56:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17722
Expires: Sat, 17 Dec 2022 07:52:01 GMT
Date: Sat, 17 Dec 2022 02:56:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3e4365-26b7-4a94-a43a-aa8b34ec9d30.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3e4365-26b7-4a94-a43a-aa8b34ec9d30.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b10096b589872abc03d6befdaa8d08c
3ce5ecf8b36fdf9e7f537f9d0d9010239b00c633
d8019629d58b20fdd78b1e0c2bb5e55ed9bb4f22c9b103e92958b25ef5400ac1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3e4365-26b7-4a94-a43a-aa8b34ec9d30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3054
x-amzn-requestid: 3e3096e9-c31f-497c-9c84-506cfebda1c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKbSIE0qIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a7273-5d2a9cc44c94435f340c8c47;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 01:03:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: no2kJzz9gyUN2M4jzdxQQuQub_D_7n2Rn8siUbcpVym9pC3uURfQfQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:50:26 GMT
age: 18373
etag: "3ce5ecf8b36fdf9e7f537f9d0d9010239b00c633"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dce7a87ac0852f838007018af2e83cb5
379f7844a18284958ec0250cc45f2c91ac1ddfcf
31a5191700b9d5c2e471c0e6db15d43f1804b61c6a0867340e8001c32a0dabb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: f8f1832c-4269-4c4b-83c0-4c2d8c2fdd8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjC7GLSIAMFd4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce545-4c54f9704a32da245a90ab0d;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CrmrekFQeOTjAkIBgbGSNGN66ysdrtGK1uuzJV-b6nB1WFrOrtf1OA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
age: 18980
etag: "379f7844a18284958ec0250cc45f2c91ac1ddfcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30eabd90-57de-40c1-8f98-3a7df7e6c6db.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30eabd90-57de-40c1-8f98-3a7df7e6c6db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 406a837a79921b55b79cbefe97f28baa
852e6b2fbc7cf50ed1824491293036092ca928e5
310c2d8f56b08dbcc4a6373ec8b7d4c33e531540eb8b5c446609398ee9f3448a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30eabd90-57de-40c1-8f98-3a7df7e6c6db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9027
x-amzn-requestid: 810f640d-b3dd-42fd-8317-f701a2bdb551
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjEjHRfoAMFRfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce550-666de65c79de87b06a985a83;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y34VDlEkPoUgYchKTvPk-88ObNqiDdQWc-9Z3tmuI0TUbSmhliD0iw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:29 GMT
age: 18970
etag: "852e6b2fbc7cf50ed1824491293036092ca928e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6085eb00-52ff-4a58-911a-643f83befb1a.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6085eb00-52ff-4a58-911a-643f83befb1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c1242fcfdcc0d660643fdd840381276
373f442c8f29d0516d6e8ab0b300a4831507d097
7d3b391028766dc119f096bffc1b2b36a13e9e6704bd6f3ac2b6efaa14ddb10e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6085eb00-52ff-4a58-911a-643f83befb1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12793
x-amzn-requestid: 52a830a9-13d5-4266-8f42-a37cad561422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKtB9ENxIAMF1Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a8ed9-7e98fc9e2daba0d43238b6d3;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 03:04:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GbbG0iOyV6KU9dIKNAGU5HHgTCBNOQUpG2NiInSZqHWLDi_c7PmLsg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 03:19:05 GMT
age: 85054
etag: "373f442c8f29d0516d6e8ab0b300a4831507d097"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022bbf88-70e2-4756-9af5-6baabd29e69f.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022bbf88-70e2-4756-9af5-6baabd29e69f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76d906fbb1545604aa7cf4c41a0e0a48
003a9883e0264468824059a8abe8d9c26790a710
e38ccbe67ac14396ec82135c90eab1e8ea1328b1e3b2fb4e81f2c18c832e7bf1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022bbf88-70e2-4756-9af5-6baabd29e69f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6244
x-amzn-requestid: 5aa5608e-832a-411e-b1c7-494276574e56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dBW1-F2xIAMFY9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6396d1bf-2834ab7466c5ec403d33a691;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 07:01:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3i0INjCd7JFeMeTSUE2kas8dLzoZGmoL1w71CjoZHI_lppO_CRCuNQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 14:23:04 GMT
age: 45215
etag: "003a9883e0264468824059a8abe8d9c26790a710"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fdbd1e175352e7ec7dc2a25f04a5a9d
954bdd8d6b2f3d0ec086631ecf1bbd76c6507fe2
bdba0c3d4509764e87db688c1b8086c309f4a2cbe95d1f2130ce01d184f2fa17
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9741
x-amzn-requestid: 5d9871d6-1512-4ffa-8b85-3c4c7595b723
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dEj3XGsxoAMFxIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639819c8-7a65df352cc4e71e5aa518f8;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 06:20:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _2xwG3Jz7sG9b8-JqXhu2knuIO_AyHIjOQ2luKB9Tk9NZnFNv8b8iQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 22:01:03 GMT
age: 17736
etag: "954bdd8d6b2f3d0ec086631ecf1bbd76c6507fe2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d1t9jheyiyj1h6.cloudfront.net/scripts/maincaf.js
54.230.245.187200 OK 0 B URL HTTP/2 d1t9jheyiyj1h6.cloudfront.net/scripts/maincaf.js
IP 54.230.245.187:0
GET /scripts/maincaf.js HTTP/1.1
Host: d1t9jheyiyj1h6.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.couches-sofas-58657.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Fri, 16 Dec 2022 20:16:56 GMT
last-modified: Tue, 15 Nov 2022 15:10:24 GMT
etag: W/"6373abe0-1b5e"
front_end_https: on
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1p_5hPLrhR3S-pTKyDmgNjdylehAEL626kVyUBiSq9HU45BN_iNARA==
age: 23982
X-Firefox-Spdy: h2