Overview

URLwww1.madeon.com/?tm=1&subid4=1664740056.0445530000&kw=fan+merchandise&KW1=Official%20Merchandise%20Online%20Store&KW2=Premium%20Hoodies&KW3=Premium%20T-shirts&KW4=Caps%20and%20Hats%20Custom%20Printed&KW5=Plush%20Toys&KW6=Custom%20Personalized%20Mugs&searchbox=0&domainname=0&backfill=0
IP 13.248.148.254 (United States)
ASN#16509 AMAZON-02
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-10-02 19:48:06 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (14)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-10-02 05:33:45 UTC 23.36.77.32
d38psrni17bvxu.cloudfront.net (4) 0 2022-09-22 16:48:38 UTC 2022-10-02 17:42:54 UTC 13.224.227.228 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-10-02 16:25:36 UTC 13.224.222.54
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-02 10:20:02 UTC 44.238.3.246
partner.googleadservices.com (1) 798 2012-10-03 01:04:21 UTC 2022-10-02 11:24:28 UTC 172.217.21.162
www1.madeon.com (5) 0 2022-10-02 09:25:57 UTC 2022-10-02 09:25:57 UTC 76.223.26.96 Unknown ranking
c.parkingcrew.net (1) 70582 2017-01-29 19:17:16 UTC 2022-10-02 13:52:50 UTC 185.53.178.30
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-02 15:44:45 UTC 93.184.220.29
ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-10-02 05:01:45 UTC 142.250.74.3
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-02 11:24:29 UTC 34.120.237.76
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-02 05:00:42 UTC 13.224.222.43
www.google.com (3) 7 2016-08-04 12:36:31 UTC 2022-10-02 17:15:51 UTC 142.250.74.164
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-02 04:45:21 UTC 34.117.237.239
afs.googleusercontent.com (2) 12123 2013-05-07 00:37:08 UTC 2022-10-02 11:24:28 UTC 142.250.74.33

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-02 2 www1.madeon.com/ls.php Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 13.248.148.254
Date UQ / IDS / BL URL IP
2023-03-25 23:33:03 +0000 0 - 0 - 2 ww38.best-targeted-traffic.com/install.php?un (...) 13.248.148.254
2023-03-25 23:32:57 +0000 0 - 0 - 2 ww38.best-targeted-traffic.com/install.php?un (...) 13.248.148.254
2023-03-25 22:38:21 +0000 0 - 0 - 1 ww38.anusgame.com/ 13.248.148.254
2023-03-25 22:22:21 +0000 0 - 0 - 1 ww38.ncz.au/ 13.248.148.254
2023-03-25 21:25:20 +0000 0 - 0 - 1 ww62.javdb0005.com/ 13.248.148.254


Last 5 reports on ASN: AMAZON-02
Date UQ / IDS / BL URL IP
2023-03-25 23:43:12 +0000 0 - 0 - 4 zokwbe.paiatialdates.net/?utm_source=da57dc55 (...) 63.32.216.166
2023-03-25 23:40:16 +0000 0 - 2 - 0 d1j95lrhmg9yue.cloudfront.net/1rNqwFzYX/3.0.8 (...) 54.230.245.39
2023-03-25 23:39:14 +0000 0 - 2 - 0 s3.amazonaws.com/hn62xeffkz4xd8g3qnq8/softwar (...) 52.217.111.126
2023-03-25 23:38:09 +0000 0 - 2 - 0 ldcdn.ldmnq.com/download/ldad/LDPlayer9.exe?n (...) 54.230.111.5
2023-03-25 23:34:42 +0000 0 - 0 - 147 user-sign-in-d96596.netlify.app/ 35.156.224.161


Last 1 reports on domain: madeon.com
Date UQ / IDS / BL URL IP
2022-10-02 19:48:06 +0000 0 - 0 - 1 www1.madeon.com/?tm=1&subid4=1664740056.04455 (...) 13.248.148.254


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-10-10 15:21:28 +0000 0 - 0 - 1 www1.vilk.com/?tm=1&subid4=1665415267.0163980 (...) 99.83.136.84
2022-10-10 05:07:07 +0000 0 - 0 - 1 www1.vilk.com/?tm=1&subid4=1665378404.0450830 (...) 99.83.136.84
2022-10-09 04:54:03 +0000 0 - 0 - 1 www1.vilk.com/?tm=1&subid4=1665255869.0373220 (...) 75.2.73.197
2022-10-05 20:01:53 +0000 0 - 0 - 3 vilk.com/mtm/direct/.ejxdyueowjamrng7efmimmvb (...) 45.33.20.235
2022-10-05 18:13:04 +0000 0 - 0 - 1 www1.vilk.com/?tm=1&subid4=1664993559.0248380 (...) 75.2.73.197

JavaScript

Executed Scripts (20)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (40)


Request Response
 
                                        
                                            GET /?tm=1&subid4=1664740056.0445530000&kw=fan+merchandise&KW1=Official%20Merchandise%20Online%20Store&KW2=Premium%20Hoodies&KW3=Premium%20T-shirts&KW4=Caps%20and%20Hats%20Custom%20Printed&KW5=Plush%20Toys&KW6=Custom%20Personalized%20Mugs&searchbox=0&domainname=0&backfill=0 HTTP/1.1 

                                        
                                            
Host: www1.madeon.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1
search 
                                         76.223.26.96

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:55 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: nginx 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Buckets: bucket102 

                                        
                                            
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Yz0T2hk+tEmTSBhHk6/Y8mqD3WbBzUCRkHgFfze0RH15G2Tf9ADtgV1U6Rxpczw084Pb9EixFuc/2tDYog7lmg== 

                                        
                                            
X-Template: tpl_CleanPeppermintBlack_twoclick 

                                        
                                            
X-Language: norwegian 

                                        
                                            
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile 

                                        
                                            
Accept-CH-Lifetime: 30 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2882)

                                                Size:   5572

                                                Md5:    c0f69ebe4a0c703820f207bcf965703b

                                                Sha1:   1184c53547bc857a5f13e2e8f862da4011880b97

                                                Sha256: 1f4a799dc40dc4d09a21dda5b1fb9067c3a33ee8ba5faed37e41802012b9eab8

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200" 

                                        
                                            
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=6522 

                                        
                                            
Expires: Sun, 02 Oct 2022 21:36:37 GMT 

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:55 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         13.224.222.54

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json 

                                        
                                    
                                        

                                        
                                            
Content-Length: 939 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Date: Sun, 02 Oct 2022 19:03:14 GMT 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 323b4a7971a31c96655a9c4fcac2b9ce.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: LHR61-C2 

                                        
                                            
X-Amz-Cf-Id: ypQz4TSNo3sQ_OdUuiZiIpydm9PPHQJEFyTK4anQLic-Rna0NQdjCw== 

                                        
                                            
Age: 2681 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    1b3053fa528e28810f8a2cc9284cc921

                                                Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a

                                                Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         13.224.222.43

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream 

                                        
                                    
                                        

                                        
                                            
content-length: 5348 

                                        
                                            
last-modified: Sat, 10 Sep 2022 18:47:45 GMT 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
date: Sun, 02 Oct 2022 03:33:17 GMT 

                                        
                                            
etag: "6113f8408c59aebe188d6af273b90743" 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 3746550ac2cf89851f01a575c7b680a6.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: LHR61-C2 

                                        
                                            
x-amz-cf-id: kzUawj9KEc1peIDzcEm0xDzME-RMjXPSY7OMa1Q4woH3sh-zsyf_SA== 

                                        
                                            
age: 58479 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    6113f8408c59aebe188d6af273b90743

                                                Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b

                                                Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /adsense/domains/caf.js HTTP/1.1 

                                        
                                            
Host: www.google.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www1.madeon.com/
search 
                                         142.250.74.164

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/javascript; charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui 

                                        
                                            
Cross-Origin-Resource-Policy: cross-origin 

                                        
                                            
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui" 

                                        
                                            
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} 

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:55 GMT 

                                        
                                            
Expires: Sun, 02 Oct 2022 19:47:55 GMT 

                                        
                                            
Cache-Control: private, max-age=3600 

                                        
                                            
ETag: "9772229277875018014" 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Server: sffe 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (1885)

                                                Size:   53829

                                                Md5:    3756e5114af76294d238f21f32e2ff7c

                                                Sha1:   eac4635f4120964c239f1bf90302ee2459b1b08a

                                                Sha256: d6151f3b3e0d924ce0ccc7b0a2f2dee3a926cafcc8c183c9aeb0f179385a3f14

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 02 Oct 2022 19:47:55 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /themes/assets/style.css HTTP/1.1 

                                        
                                            
Host: d38psrni17bvxu.cloudfront.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www1.madeon.com/
search 
                                         13.224.227.228

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/css 

                                        
                                    
                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 02 Oct 2022 09:14:26 GMT 

                                        
                                            
Last-Modified: Tue, 12 May 2020 14:25:52 GMT 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
ETag: W/"5ebab1f0-33d" 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 180346a9751051e3a71bd41ea7db0e00.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: LHR61-C2 

                                        
                                            
X-Amz-Cf-Id: PoShrXzSY-wd5hxEjj-ei06FS9K-ALKfAKNucWhfqB9Cd0BaDtsgoQ== 

                                        
                                            
Age: 38009 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   343

                                                Md5:    03a4a8c322fc0c99b0ee7cbbcc9eabcd

                                                Sha1:   6fc193276de2a3458cd853c474cb9269b900e00d

                                                Sha256: a535d2296792cb37a2bbad1d9d0546e3383a8a5bfac0d9edda15795c226bddf7

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /themes/cleanPeppermintBlack_657d9013/style.css HTTP/1.1 

                                        
                                            
Host: d38psrni17bvxu.cloudfront.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www1.madeon.com/
search 
                                         13.224.227.228

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/css 

                                        
                                    
                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 02 Oct 2022 09:14:36 GMT 

                                        
                                            
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
ETag: W/"62b4441b-555" 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 463c61d5be9284ffc1eec85e247d041a.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: LHR61-C2 

                                        
                                            
X-Amz-Cf-Id: 8aKRO_isH6EffbyPeYfte2zyvRC0NA0uPQk11ygEk7rZ_Dm21WhXiQ== 

                                        
                                            
Age: 37999 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   580

                                                Md5:    b9f539b0058b3916aad60a6b50a6b662

                                                Sha1:   1a28bfde5267b2ac4c6de028c3d01ff4d84dbf29

                                                Sha256: 35cc39ab61d8326d0b0105a4420b11f4106685a0d67d609454ef4ef252c48b7b

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /scripts/js3caf.js HTTP/1.1 

                                        
                                            
Host: d38psrni17bvxu.cloudfront.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www1.madeon.com/
search 
                                         13.224.227.228

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript 

                                        
                                    
                                        

                                        
                                            
Content-Length: 7000 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 02 Oct 2022 09:14:26 GMT 

                                        
                                            
Last-Modified: Thu, 14 Jan 2021 10:54:01 GMT 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
ETag: "600022c9-1b58" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 a411e1d9cf3f776cc77733eb0d71fb34.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: LHR61-C2 

                                        
                                            
X-Amz-Cf-Id: 9ObiVNe9N8odcWW89KC6nxx361uyn0cmmnpT5duTHjIPctt2BuYVdQ== 

                                        
                                            
Age: 38009 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (316)

                                                Size:   7000

                                                Md5:    cce7f943ec8e7b4ba13be4aba6b463d9

                                                Sha1:   220f3e8ca723daa91fd040cf518991a65f2bf110

                                                Sha256: ba5b7354353b0eec1637564dae072fee662a5b9862f6bf7ed5e60a5a76f2ef44

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /scripts/sale_form.js HTTP/1.1 

                                        
                                            
Host: c.parkingcrew.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www1.madeon.com/
search 
                                         185.53.178.30

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript 

                                        
                                    
                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:55 GMT 

                                        
                                            
Content-Length: 761 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Tue, 12 May 2020 14:25:52 GMT 

                                        
                                            
ETag: "5ebab1f0-2f9" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   761

                                                Md5:    64f809e06446647e192fce8d1ec34e09

                                                Sha1:   5b7ced07da42e205067afa88615317a277a4a82c

                                                Sha256: f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         13.224.222.54

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json 

                                        
                                    
                                        

                                        
                                            
Content-Length: 329 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Date: Sun, 02 Oct 2022 19:32:53 GMT 

                                        
                                            
Cache-Control: max-age=3600, max-age=3600 

                                        
                                            
Expires: Sun, 02 Oct 2022 19:44:56 GMT 

                                        
                                            
ETag: "1648230346554" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 9020b755bdec9fbd562cc16c0a42d6f2.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: LHR61-C2 

                                        
                                            
X-Amz-Cf-Id: B8z2BqUmfNtkCgreGVEEY9M7f5iTycHfCHlh9Lkg2qkGxy--yYyuAQ== 

                                        
                                            
Age: 903 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 5381 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:56 GMT 

                                        
                                            
Last-Modified: Sun, 02 Oct 2022 18:18:15 GMT 

                                        
                                            
Server: ECS (ska/F70D) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1 

                                        
                                            
Host: d38psrni17bvxu.cloudfront.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
search 
                                         13.224.227.228

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/png 

                                        
                                    
                                        

                                        
                                            
Content-Length: 11375 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 02 Oct 2022 09:14:41 GMT 

                                        
                                            
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
ETag: "62b4441b-2c6f" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 a411e1d9cf3f776cc77733eb0d71fb34.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: LHR61-C2 

                                        
                                            
X-Amz-Cf-Id: kfTI1oTWzVYe0Vx5t6nzYflwc2mXtoAcEzvMxbkR-Wc3nyFUT2tQtQ== 

                                        
                                            
Age: 37995 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data

                                                Size:   11375

                                                Md5:    0cb2e5165dc9324eb462199f04e1ffa9

                                                Sha1:   9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8

                                                Sha256: 67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: www1.madeon.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www1.madeon.com/?tm=1&subid4=1664740056.0445530000&kw=fan+merchandise&KW1=Official%20Merchandise%20Online%20Store&KW2=Premium%20Hoodies&KW3=Premium%20T-shirts&KW4=Caps%20and%20Hats%20Custom%20Printed&KW5=Plush%20Toys&KW6=Custom%20Personalized%20Mugs&searchbox=0&domainname=0&backfill=0
search 
                                         76.223.26.96

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/x-icon 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:56 GMT 

                                        
                                            
Content-Length: 0 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: nginx 

                                        
                                            
Last-Modified: Tue, 12 May 2020 14:25:52 GMT 

                                        
                                            
ETag: "5ebab1f0-0" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /track.php?domain=madeon.com&toggle=browserjs&uid=MTY2NDc0MDA3NS40Mjg5OmM2MzkwNDI4ZGZlYzMxY2FjYmEyODBkZmE2MWI0YTk0NmRjZTc3Zjg1OWEyZGI5NDlhNDc2ZTc3NTM3NDk2NjQ6NjMzOWVhZWI2OGI4ZA%3D%3D HTTP/1.1 

                                        
                                            
Host: www1.madeon.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www1.madeon.com/?tm=1&subid4=1664740056.0445530000&kw=fan+merchandise&KW1=Official%20Merchandise%20Online%20Store&KW2=Premium%20Hoodies&KW3=Premium%20T-shirts&KW4=Caps%20and%20Hats%20Custom%20Printed&KW5=Plush%20Toys&KW6=Custom%20Personalized%20Mugs&searchbox=0&domainname=0&backfill=0
search 
                                         76.223.26.96

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:56 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: nginx 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Custom-Track: browserjs 

                                        
                                            
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile 

                                        
                                            
Accept-CH-Lifetime: 30 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: BHqcARd0+QHF2xYiyhqRvA== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket
search 
                                         44.238.3.246

                                        
                                            HTTP/1.1 101 Switching Protocols 

                                        
                                    
                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: 6+hpVKsvtXN1QJJSQkXB9rDp9KY= 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:56 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C000108%2Cbucket102&client=dp-teaminternet12_3ph&r=m&hl=no&terms=Official%20Merchandise%20Online%20Store%2CPremium%20Hoodies%2CPremium%20T-shirts%2CCaps%20and%20Hats%20Custom%20Printed%2CPlush%20Toys%2CCustom%20Personalized%20Mugs&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2514429714757505&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300953%2C17300956%2C17301063%2C17301066%2C17301094%2C17301097&format=r6%7Cs&nocache=4841664740076415&num=0&output=afd_ads&domain_name=www1.madeon.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1664740076416&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=797&frm=0&uio=--&cont=tc&jsid=caf&jsv=476880816&rurl=http%3A%2F%2Fwww1.madeon.com%2F%3Ftm%3D1%26subid4%3D1664740056.0445530000%26kw%3Dfan%2Bmerchandise%26KW1%3DOfficial%2520Merchandise%2520Online%2520Store%26KW2%3DPremium%2520Hoodies%26KW3%3DPremium%2520T-shirts%26KW4%3DCaps%2520and%2520Hats%2520Custom%2520Printed%26KW5%3DPlush%2520Toys%26KW6%3DCustom%2520Personalized%2520Mugs%26searchbox%3D0%26domainname%3D0%26backfill%3D0&adbw=master-1%3A530 HTTP/1.1 

                                        
                                            
Host: www.google.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www1.madeon.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         142.250.74.164

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
content-disposition: inline 

                                        
                                            
date: Sun, 02 Oct 2022 19:47:56 GMT 

                                        
                                            
expires: Sun, 02 Oct 2022 19:47:56 GMT 

                                        
                                            
cache-control: private, max-age=3600 

                                        
                                            
content-encoding: br 

                                        
                                            
server: gws 

                                        
                                            
content-length: 2406 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
set-cookie: CONSENT=PENDING+963; expires=Tue, 01-Oct-2024 19:47:56 GMT; path=/; domain=.google.com; Secure 

                                        
                                            
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7429)

                                                Size:   2406

                                                Md5:    8aefbd5240c79ec8f73ea3f64ee51024

                                                Sha1:   05f940cdf313b79c800ad9a7459be93268a77e0a

                                                Sha256: 3c1fa608d1f5865095614b923a8f216b0258d109037a54de09d2e64c0f69f093

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:56 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /gampad/cookie.js?domain=www1.madeon.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie HTTP/1.1 

                                        
                                            
Host: partner.googleadservices.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www1.madeon.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         172.217.21.162

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-disposition: attachment; filename="f.txt" 

                                        
                                            
content-encoding: gzip 

                                        
                                            
date: Sun, 02 Oct 2022 19:47:56 GMT 

                                        
                                            
server: cafe 

                                        
                                            
cache-control: private 

                                        
                                            
content-length: 182 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with no line terminators

                                                Size:   182

                                                Md5:    b3fd180c4731cff6c8b27d8bb2870aac

                                                Sha1:   ea1ad1e7d1319179fb2eb036edfb079d3c9c026d

                                                Sha256: 5ba661fe4524738003d4718f30ecce302aedfdd138a6023e204a79f146e0a283

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:56 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:56 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:56 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:56 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1 

                                        
                                            
Host: afs.googleusercontent.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://www.google.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         142.250.74.33

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml 

                                        
                                    
                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" 

                                        
                                            
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} 

                                        
                                            
content-length: 270 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Sun, 02 Oct 2022 10:01:42 GMT 

                                        
                                            
expires: Mon, 03 Oct 2022 09:01:42 GMT 

                                        
                                            
cache-control: public, max-age=82800 

                                        
                                            
last-modified: Thu, 19 Dec 2019 14:15:00 GMT 

                                        
                                            
age: 35174 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)

                                                Size:   270

                                                Md5:    5100391430a00e10ce60aa159f525b5c

                                                Sha1:   231a4492d73b225f441b1e9028dc33c89862e498

                                                Sha256: 52b1432a6e3002e41ed1d8f4c84b258fdc4c6dac863e3c0e5c06360c81be6067

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 

                                        
                                            
Host: afs.googleusercontent.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://www.google.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         142.250.74.33

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml 

                                        
                                    
                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" 

                                        
                                            
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} 

                                        
                                            
content-length: 174 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Sun, 02 Oct 2022 19:04:01 GMT 

                                        
                                            
expires: Mon, 03 Oct 2022 18:04:01 GMT 

                                        
                                            
cache-control: public, max-age=82800 

                                        
                                            
age: 2635 

                                        
                                            
last-modified: Thu, 22 Oct 2020 21:45:00 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators

                                                Size:   174

                                                Md5:    4de8b85c8915995b571bde50e231be7c

                                                Sha1:   29c226ca7b9cbe1d44e5480ce95bbb42727b2d99

                                                Sha256: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:56 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /ls.php HTTP/1.1 

                                        
                                            
Host: www1.madeon.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/x-www-form-urlencoded; charset=UTF-8 

                                        
                                            
Content-Length: 2834 

                                        
                                            
Origin: http://www1.madeon.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www1.madeon.com/?tm=1&subid4=1664740056.0445530000&kw=fan+merchandise&KW1=Official%20Merchandise%20Online%20Store&KW2=Premium%20Hoodies&KW3=Premium%20T-shirts&KW4=Caps%20and%20Hats%20Custom%20Printed&KW5=Plush%20Toys&KW6=Custom%20Personalized%20Mugs&searchbox=0&domainname=0&backfill=0 

                                        
                                            
Cookie: GoogleAdServingTest=Good
search 
                                         76.223.26.96

                                        
                                            HTTP/1.1 201 Created 

                                        
                                            
Content-Type: text/javascript;charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:56 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: nginx 

                                        
                                            
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile 

                                        
                                            
Accept-CH-Lifetime: 30 

                                        
                                            
X-Log-Success: 6339eaecf5dd0c021300425e 

                                        
                                            
Charset: utf-8 

                                        
                                            
Access-Control-Allow-Origin: http://www1.madeon.com 

                                        
                                            
Access-Control-Allow-Methods: POST, OPTIONS 

                                        
                                            
Access-Control-Max-Age: 86400 

                                        
                                            
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_UZrr7J2X3O8T4pT4dpjkT+N3MkMu17biP9IJI5g+PzfMwcYYYu154mDEmLUwVSTddMIPLucwUp8aDwci2JFJlw== 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - fortinet: Malware

                                                    
                                                
                                                
                                                

                                                
                                            
                                            
                                        

                                    
                                        
                                            GET /track.php?domain=madeon.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2NDc0MDA3NS40Mjg5OmM2MzkwNDI4ZGZlYzMxY2FjYmEyODBkZmE2MWI0YTk0NmRjZTc3Zjg1OWEyZGI5NDlhNDc2ZTc3NTM3NDk2NjQ6NjMzOWVhZWI2OGI4ZA%3D%3D HTTP/1.1 

                                        
                                            
Host: www1.madeon.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www1.madeon.com/?tm=1&subid4=1664740056.0445530000&kw=fan+merchandise&KW1=Official%20Merchandise%20Online%20Store&KW2=Premium%20Hoodies&KW3=Premium%20T-shirts&KW4=Caps%20and%20Hats%20Custom%20Printed&KW5=Plush%20Toys&KW6=Custom%20Personalized%20Mugs&searchbox=0&domainname=0&backfill=0 

                                        
                                            
Cookie: __gsas=ID=b08e6fa5908ea685:T=1664740076:S=ALNI_MZ54wPN50qtavwAiEgYf4svNeDcFg
search 
                                         76.223.26.96

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:56 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: nginx 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Custom-Track: answercheck 

                                        
                                            
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile 

                                        
                                            
Accept-CH-Lifetime: 30 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B" 

                                        
                                            
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=15265 

                                        
                                            
Expires: Mon, 03 Oct 2022 00:02:22 GMT 

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:57 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B" 

                                        
                                            
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=15265 

                                        
                                            
Expires: Mon, 03 Oct 2022 00:02:22 GMT 

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:57 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B" 

                                        
                                            
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=15265 

                                        
                                            
Expires: Mon, 03 Oct 2022 00:02:22 GMT 

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:57 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B" 

                                        
                                            
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=15265 

                                        
                                            
Expires: Mon, 03 Oct 2022 00:02:22 GMT 

                                        
                                            
Date: Sun, 02 Oct 2022 19:47:57 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 11083 

                                        
                                            
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ZWEHRFWfIAMFhlA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw== 

                                        
                                            
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 01 Oct 2022 21:53:35 GMT 

                                        
                                            
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff" 

                                        
                                            
age: 78862 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   11083

                                                Md5:    edded48f558f739287a040151349ef67

                                                Sha1:   d63b6ba630736d32c364b0e6a369274b2389b7ff

                                                Sha256: 33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6315 

                                        
                                            
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ZWSdsHUnIAMFXtw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ== 

                                        
                                            
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 02 Oct 2022 04:41:39 GMT 

                                        
                                            
age: 54378 

                                        
                                            
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6315

                                                Md5:    206fb65e75dbadf119512f71e0b78402

                                                Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569

                                                Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6871 

                                        
                                            
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ZWEIOGp2IAMFxSQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT 

                                        
                                            
x-amz-cf-pop: SFO5-P2, SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw== 

                                        
                                            
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 01 Oct 2022 21:53:35 GMT 

                                        
                                            
age: 78862 

                                        
                                            
etag: "087521979efd5936416fd7f030779fa5725f0a8f" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6871

                                                Md5:    9dddb9d84a16a3004821d89836b83dc3

                                                Sha1:   087521979efd5936416fd7f030779fa5725f0a8f

                                                Sha256: a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 4987 

                                        
                                            
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ZWEHpFs4oAMFbqg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT 

                                        
                                            
x-amz-cf-pop: SFO5-P2, SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA== 

                                        
                                            
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 01 Oct 2022 21:54:45 GMT 

                                        
                                            
etag: "2e533332ee5c49143e58dad32ee3717a39179532" 

                                        
                                            
age: 78792 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   4987

                                                Md5:    463bdcfbec5426e18ecef83b1c373b71

                                                Sha1:   2e533332ee5c49143e58dad32ee3717a39179532

                                                Sha256: 2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 7314 

                                        
                                            
x-amzn-requestid: ba9e3b47-d9dd-49c1-9645-bac582351957 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ZWDpnGqOoAMFUTA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6338b30a-0604dff004a5f6364f0fe11c;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: YIlHaBRTk6SiYb8HYfirSHj_stXgWp455OC-J5mRoKH0r42pn9mNeQ== 

                                        
                                            
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 01 Oct 2022 21:53:36 GMT 

                                        
                                            
etag: "e06bd8868eff8c42f5d2e2deec9a361170c8d3ea" 

                                        
                                            
age: 78861 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   7314

                                                Md5:    ef85af3ef63e35a54bc15fbca5d7236b

                                                Sha1:   e06bd8868eff8c42f5d2e2deec9a361170c8d3ea

                                                Sha256: 0291104bb66ac4849ac5fd433fdf9cbbc7f4a2fcaa1f137aca08be2a4878f54c

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7a6e7d5-efdf-4904-b660-ffb0d8ffd4d3.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6101 

                                        
                                            
x-amzn-requestid: 0edbc5d1-324f-4b4f-a55c-b9333f2bb6a2 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ZWDpnFumIAMFoEg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6338b30a-1422f70670e89174415c1aba;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: hG5L6pTNHLcM-nBovmH6kFuFK5oXJuxVWsnaffj6L8bDlGnpFVJFKg== 

                                        
                                            
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 01 Oct 2022 21:55:55 GMT 

                                        
                                            
age: 78722 

                                        
                                            
etag: "36c8dcdfdc2c59246ba9d999ddffd5387f68155e" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6101

                                                Md5:    e711c6bf0d0808f0b5c57b80916eba4d

                                                Sha1:   36c8dcdfdc2c59246ba9d999ddffd5387f68155e

                                                Sha256: e252f3c857e18ddaea7059bfb19826ac5e47c694ce57068d85f60bd1ac5f6c25

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /adsense/domains/caf.js HTTP/1.1 

                                        
                                            
Host: www.google.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://www.google.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         142.250.74.164

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" 

                                        
                                            
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} 

                                        
                                            
date: Sun, 02 Oct 2022 19:47:56 GMT 

                                        
                                            
expires: Sun, 02 Oct 2022 19:47:56 GMT 

                                        
                                            
cache-control: private, max-age=3600 

                                        
                                            
etag: "3161634380311531268" 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---