kabab.ga/
185.143.234.120301 Moved Permanently 0 B IP 185.143.234.120:0
ASN #202468 Noyan Abr Arvan Co. ( Private Joint Stock)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: kabab.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ArvanCloud
Date: Tue, 22 Nov 2022 03:53:56 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=65
Location: https://kabab.ga/
X-XSS-Protection: 1; mode=block
AR-SID: 5180
AR-ATIME: 0.006
AR-Request-ID: 7ac24fb9d1e31b562f0f42938d5cc6a2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7173
Expires: Tue, 22 Nov 2022 05:53:29 GMT
Date: Tue, 22 Nov 2022 03:53:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4843de3bf95411e6aa89834def44bb86
1f1882351ac63fba73a22014382f69df5e02ec96
1e6ed1df02f8fa6c89ddca66f7c9981f8a06127d7ec90b503703137e823bb4b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5121
Cache-Control: max-age=115362
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 03:53:56 GMT
Etag: "637b5375-1d7"
Expires: Wed, 23 Nov 2022 11:56:38 GMT
Last-Modified: Mon, 21 Nov 2022 10:31:17 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 22 Nov 2022 03:09:19 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2677
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3135
Expires: Tue, 22 Nov 2022 04:46:11 GMT
Date: Tue, 22 Nov 2022 03:53:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WHIBGr8nn93xeI6vO7g28xTpNN0f49/gXc/cpeFv2wiz1Avbvy7orU+dscLmPdgDvBfka8uoO2w=
x-amz-request-id: 8WCM27Q93HSJABSG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 22 Nov 2022 03:39:24 GMT
age: 872
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 03:53:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 22 Nov 2022 03:08:53 GMT
cache-control: public,max-age=3600
age: 2704
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac0bccda15309533813317b988bab88f
1c69cbc7714fde1c13f924341aa4e469bf241c86
dcfb579760e488fa5ec2f553af29ba9d6a0d6ff453ae20dfc3d0995fb218a7d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DCFB579760E488FA5EC2F553AF29BA9D6A0D6FF453AE20DFC3D0995FB218A7D9"
Last-Modified: Sun, 20 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21560
Expires: Tue, 22 Nov 2022 09:53:17 GMT
Date: Tue, 22 Nov 2022 03:53:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2db0ebb9efcf3be3c92f23b61de5c065
dd830565723f18a7944c26d24b0fb142d06a71a5
8615316184c4d1d64db923a5364363bbb3d25e146a042c5fbd5bf0cfcec8effb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3017
Cache-Control: max-age=108194
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 03:53:57 GMT
Etag: "637b3fae-1d7"
Expires: Wed, 23 Nov 2022 09:57:11 GMT
Last-Modified: Mon, 21 Nov 2022 09:06:54 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.240.57.100101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.57.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dcjN6kMchQCRSP5u+86fhQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: e8UfLV8o14Q6Alx/O+nEm7+NsVI=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4151
Expires: Tue, 22 Nov 2022 05:03:09 GMT
Date: Tue, 22 Nov 2022 03:53:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4151
Expires: Tue, 22 Nov 2022 05:03:09 GMT
Date: Tue, 22 Nov 2022 03:53:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4151
Expires: Tue, 22 Nov 2022 05:03:09 GMT
Date: Tue, 22 Nov 2022 03:53:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed6b76d15fc8d6295acdb6fb47461d3
b8c928f93a8d82b48491448d811a95ad99dc6aef
de326836a9de677438b9ae724198e94348b0900c62817ff10de3677ce93fdae0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8685
x-amzn-requestid: 66455cc7-83d7-4570-99f9-5fa838da947f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrAHwKoAMFUHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee46-354d65e9609bc05647556a5a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -9tZPsMl7i5hr0N1rwJdQBLiOImuEO12RDL0pcPNjf6t-LkRbPaN2A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:58:29 GMT
age: 21329
etag: "b8c928f93a8d82b48491448d811a95ad99dc6aef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b919084-f564-465a-ac1a-59e00596bb76.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b919084-f564-465a-ac1a-59e00596bb76.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10f54d1625147d074c29bdff1897ef8f
d1359b0dcf6974d685b5c55c5789810863cce7cd
6431d25310697b4455f3e9487a11415f082d05e02d33b29cad3c8862ece28322
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b919084-f564-465a-ac1a-59e00596bb76.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8405
x-amzn-requestid: b93c951e-7aa0-468d-92b9-4079f7bfc9ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1jFbGoWIAMFZ7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63787eef-14f7c7985f46ffde1b7e3ed6;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 06:59:59 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: igI_KH6b82XL2t9qV_D6OPyhgMS3VOq1i6sRbZ6vgx6Ub0utS3JE_g==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:47:01 GMT
age: 22017
etag: "d1359b0dcf6974d685b5c55c5789810863cce7cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: s1153EpshSWYGLcN7Zzzs4PgXl9cddZ20gTwh5bK2HOBu4e_PSNCpQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 05:19:29 GMT
age: 81269
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d5a9928-3c61-44dc-af42-7d4e3c891caa.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d5a9928-3c61-44dc-af42-7d4e3c891caa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03830e3ff377979c234bf37561c54cfd
c18884ce9370c97e6b4e12ab0f827d68a1938bfa
5ba8bfc69c7eba42de4a16bf6d1e1e3570cd3918fe15cb8b2d25950ef791ddbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d5a9928-3c61-44dc-af42-7d4e3c891caa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8365
x-amzn-requestid: e6c2ec6e-525e-4b9f-a45d-63076580df5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrpFJ3oAMF4mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee4a-576f678b6e364bca09532010;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 89jqCw8OJIxusDPoTi5-HDxWcgCfNvRrku2VFBLcQbFJwLLaZBpHGA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:44:46 GMT
age: 22152
etag: "c18884ce9370c97e6b4e12ab0f827d68a1938bfa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1372997b-0a59-409c-abfc-e43335bb3c99.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1372997b-0a59-409c-abfc-e43335bb3c99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9966de3441666a87569e1035e7849a5d
537e1122532b97637319252662d25be5edcd8009
032f9fd899993bde783fee0123a1568e65fb6dd3810666813fc878263d5b6387
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1372997b-0a59-409c-abfc-e43335bb3c99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6574
x-amzn-requestid: fd74522d-9523-48da-a94a-72ff65e6a15b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I61E_pIAMFnfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeab-6f916e413d39bea94b0e137f;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VuPgTium3lWMOuUdkZ50LFGHdpuAaiHusb2fkYQNw4FgB_MkNVO0Zw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:05:17 GMT
age: 20921
etag: "537e1122532b97637319252662d25be5edcd8009"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cb92473-220a-4ebb-b8d8-6c17618bc006.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cb92473-220a-4ebb-b8d8-6c17618bc006.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bd62f641e9d58eee10e41db0fa00b5f2
4210e5f150a49d6f6ee26cbb11ded8173ab8cf74
5858451bf7cac97b8881dde7e3197110fa8639c1d94b51934859669c51221e1a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cb92473-220a-4ebb-b8d8-6c17618bc006.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4308
x-amzn-requestid: 7db10594-4acc-448d-b724-1c4bc8ec42ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrVFtRoAMFTzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee48-0a466f6b0bd48f3532216bca;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lazmS3LWuJDe1SCEMAL2jXKrjjRr4H_hC7kAi7zx9Zx1un1zthsdxQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:48:00 GMT
etag: "4210e5f150a49d6f6ee26cbb11ded8173ab8cf74"
content-type: image/jpeg
age: 21958
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 82439d8d44c20966b002d3b7fdb7e37a
618ef2788c2dc3a5cc6032d240e41663afe5ef96
79d55c75a1e5b544915eff767fc2d4a4fcee71f4f0195979ebdf261534365455
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 22 Nov 2022 03:53:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 21 Nov 2022 20:34:05 GMT
Expires: Tue, 22 Nov 2022 20:34:05 GMT
ETag: "618ef2788c2dc3a5cc6032d240e41663afe5ef96"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
104.17.24.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32058)
Hash b51f9d778be466703e73aceee13d836d
cc5cd9dd2b48712dcf90f14a1ff19d729c43e378
f1e36d8f99614eef048fe3cb4275f3234536bff3e3b1b8f763f14a8a0cadab45
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shortener.secureserver.net
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 03:53:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 27277
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15283"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4757869
expires: Sun, 12 Nov 2023 03:53:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11XTyjz3NXsOswQwvUemxoSxvbBDZ1GjNqRtsXQ%2BpkytB1MptLYDF31j92HGAVwCOPraSmrjmEE6yu6pVuOQ%2FN%2FFokv2z%2FfiuIhjhDbrRHS6pOs4I5G35PNORPo7422kmCw3M%2BKc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76deb8a44f2c0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/babel-core/5.8.23/browser.min.js
104.17.24.14200 OK 233 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/babel-core/5.8.23/browser.min.js
IP 104.17.24.14:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (32023)
Size 233 kB (232821 bytes)
Hash 7143179dd6f1c45f36de3b722d152ad6
ddd463334a8035d4f1b1f053d6a850629683a10e
a0dcfd7e90435e212eb2049c980ea0014f7a4f2ea064d25294735fb4a8cfe5a9
GET /ajax/libs/babel-core/5.8.23/browser.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 03:53:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 232821
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d6a-14bb0e"
last-modified: Mon, 04 May 2020 16:06:02 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 14535101
expires: Sun, 12 Nov 2023 03:53:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qk3i0%2FEv%2ByiyGzCAV8m8t%2FsQLB6CxoUT2pSvJknE98%2BgUciF2VTlkMgov%2BNu1Dnra71Iq0RYukVjO5AyUQr1oPFqsNwSFZ8zx0az29H4qRmF7%2Blzg4cVLYXqclqMEIGVk3%2FGBMHH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76deb8a44bf4b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/7c4a123069c201ce75da66eda7f84144/uxcore2.min.css
23.36.79.43200 OK 24 kB URL HTTP/2 img6.wsimg.com/wrhs/7c4a123069c201ce75da66eda7f84144/uxcore2.min.css
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 3f7ef4f31b19aa8f0b8e55eae4c1464a
9828d13e8cd14a385f438915b7bb2dafc90488b3
2b76a95c1bc1f4b1adfeba440f29ada165b415597355c0cc6d251b06b0a2f1ab
GET /wrhs/7c4a123069c201ce75da66eda7f84144/uxcore2.min.css HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
content-encoding: br
etag: "5d1957ac324416a4182d601710634bfa"
last-modified: Mon, 22 Aug 2022 19:16:59 GMT
vary: Accept-Encoding
x-amz-id-2: Z8uisexJrVtlwidXodjNs/C6Re7YYSX1TelTOgmnXAtqtWHy00F1lwl0Ga41aDg+pVNac6jQums=
x-amz-request-id: XWWHW7G3EBDC0NX4
x-amz-server-side-encryption: AES256
x-amz-version-id: vE3fFVJSbLrQBYG0Ytex6GB3K9Vm4K6b
content-length: 24301
cache-control: max-age=31536000
date: Tue, 22 Nov 2022 03:53:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/fe8b24892f96760c9dd36b9e6673e085/utilityheader.min.css
23.36.79.43200 OK 11 kB URL HTTP/2 img6.wsimg.com/wrhs/fe8b24892f96760c9dd36b9e6673e085/utilityheader.min.css
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 33ae376cd6cac51840371ab224afe4d1
d56e51e6b22a75068f4bd6ba30a7b74f59aa015c
ac19e4f6f1a9f09dda62a21fdabca009aed4f8e40de9c7cbe43442ffdd5693bf
GET /wrhs/fe8b24892f96760c9dd36b9e6673e085/utilityheader.min.css HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
content-encoding: br
etag: "02fc06fbf92f87daf3dd028d66b696cd"
last-modified: Tue, 06 Sep 2022 22:23:01 GMT
vary: Accept-Encoding
x-amz-id-2: uCm9/raTyrAqhwfGSwNYWWGD4iKMcjvZcVFtzMbMfD7Tr48YWF+W3QqcCVtQvM/dZN+AGa0diuk=
x-amz-request-id: A9BNT316WYJKSFRY
x-amz-server-side-encryption: AES256
x-amz-version-id: CjoF9PIpu7KOLHemKIh3fNN2gOBU6Cb_
content-length: 10984
cache-control: max-age=31536000
date: Tue, 22 Nov 2022 03:53:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=2
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/1687c97b5e8ae39cdd00f0da2764d8a7/tcc.min.js
23.36.79.43200 OK 26 kB URL HTTP/2 img6.wsimg.com/wrhs/1687c97b5e8ae39cdd00f0da2764d8a7/tcc.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2063e6f427ff08060df2ad2249813e8c
1790c9f3747dcc8767e15e9a4a7284edef9979ff
0596e9a17ebf19c140d85876ab7a09103495c8267b8c622034128dacd28c0501
GET /wrhs/1687c97b5e8ae39cdd00f0da2764d8a7/tcc.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "1687c97b5e8ae39cdd00f0da2764d8a7"
last-modified: Sat, 19 Nov 2022 00:13:00 GMT
vary: Accept-Encoding
x-amz-id-2: ikoyxJzFDtDFNPSAwDlsvleeOcve1yyzSvMGcF44of1ItbQO47JPfdPSll3WUsfNVcS6jeawDUo=
x-amz-request-id: K2A1VJJGFRD0PZDF
x-amz-server-side-encryption: AES256
x-amz-version-id: Ys_AsvILEklLfFsXETGp0g4DutFIRJdr
content-length: 26463
cache-control: max-age=31536000
date: Tue, 22 Nov 2022 03:53:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/12263c72ff7a15ea28d22a713a26c1c9/uxcore2.min.js
23.36.79.43200 OK 31 kB URL HTTP/2 img6.wsimg.com/wrhs/12263c72ff7a15ea28d22a713a26c1c9/uxcore2.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6c62339e9f11a76e3fe72bdbd5473a47
3140594e79a94987c730ca360d99c2d37d105871
695b3adf214d360010929708eb36119531b57fbfca28f837da311a347759b2a0
GET /wrhs/12263c72ff7a15ea28d22a713a26c1c9/uxcore2.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "12263c72ff7a15ea28d22a713a26c1c9"
last-modified: Mon, 22 Aug 2022 19:22:52 GMT
vary: Accept-Encoding
x-amz-id-2: hhTtc/X+7MmhFG8Al+kMwY9Tc07L+zg2d8xO3TcjYnLBGmwUrShODnHd3zD2RxVaBLmajrR4bRg=
x-amz-request-id: BZNCXCYVCEHK6MGY
x-amz-server-side-encryption: AES256
x-amz-version-id: iDhCpgcqJp1h7KoX_4WQPUilCp.TBzKS
content-length: 30995
cache-control: max-age=31536000
date: Tue, 22 Nov 2022 03:53:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img6.wsimg.com/poly/v3/polyfill.min.js?features=Promise,Promise.prototype.finally,Intl.~locale.en-US&rum=0&unknown=polyfill&flags=gated
23.36.79.43200 OK 94 B URL HTTP/2 img6.wsimg.com/poly/v3/polyfill.min.js?features=Promise,Promise.prototype.finally,Intl.~locale.en-US&rum=0&unknown=polyfill&flags=gated
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
Hash eb8b0ba88b3acfb11ea81d5c02be9108
4b7f14cc2db25abdbe25472934b7469b2488f9d4
7237f15a97fe102c6ed13eadc0f7980da03cd06a20dfb7c7b8050e60dada617d
GET /poly/v3/polyfill.min.js?features=Promise,Promise.prototype.finally,Intl.~locale.en-US&rum=0&unknown=polyfill&flags=gated HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
accept-ranges: bytes
last-modified: Fri, 18 Nov 2022 10:54:37 GMT
content-encoding: br
useragent_normaliser: firefox/105.0.0
cache-control: public, max-age=172800, s-maxage=31536000
expires: Thu, 24 Nov 2022 03:53:59 GMT
date: Tue, 22 Nov 2022 03:53:59 GMT
content-length: 94
server-timing: cdn-cache; desc=HIT, edge; dur=2, PASS, fastly;desc="Edge time";dur=184, cache-osl6523
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/a1ec4030e9dc43d22a343bffd99b8514/vendor~uxcore2.min.js
23.36.79.43200 OK 65 kB URL HTTP/2 img6.wsimg.com/wrhs/a1ec4030e9dc43d22a343bffd99b8514/vendor~uxcore2.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65464)
Hash ba86bd8e24b982eac94d0587fc32ec45
8ba79ced054aa1bb0c5a31546bf333d729441581
16f2e3b98ded7afb34d43f620b307efcbf52525446a5c9af2429df4aaf74f8e7
GET /wrhs/a1ec4030e9dc43d22a343bffd99b8514/vendor~uxcore2.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "a1ec4030e9dc43d22a343bffd99b8514"
last-modified: Mon, 22 Aug 2022 19:27:19 GMT
vary: Accept-Encoding
x-amz-id-2: R5B/pooN2M0dAFv/+RkAmjhUDs8guurRqIw8qezaBnPyjfisXcXfoWwN2ZSoMab8hOKWx20znvs=
x-amz-request-id: 9XKY7Z3FKQ9KGDWW
x-amz-server-side-encryption: AES256
x-amz-version-id: ttGpfVpj.G2mN.RDPPZI8OWmmArIEI1b
content-length: 65105
cache-control: max-age=31536000
date: Tue, 22 Nov 2022 03:53:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/ae339c79bdde0255080976dd1538b62b/utilityheader.min.js
23.36.79.43200 OK 38 kB URL HTTP/2 img6.wsimg.com/wrhs/ae339c79bdde0255080976dd1538b62b/utilityheader.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (11223)
Hash 01aa082578d43540b94e62fdb48d60c5
ef968dec0b8c3de39f712718dcea3545cd2f2d0e
d11d404e3c6974d0e065d6ab4767c94d40f93bfdef5d578861d49b41810dc9bf
GET /wrhs/ae339c79bdde0255080976dd1538b62b/utilityheader.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "ae339c79bdde0255080976dd1538b62b"
last-modified: Mon, 17 Oct 2022 18:35:46 GMT
vary: Accept-Encoding
x-amz-id-2: nf+eDyLuOECz2/dF/FoMIPq9QGWF/t2cvxImwHI0BdCmvheGsGBZzuCPsNStNacC9suGBLxv+hOIm05vRtEdkg==
x-amz-request-id: A8X7YESWMSBDVCZM
x-amz-server-side-encryption: AES256
x-amz-version-id: TbL42ZHMy31cMk8J3Sbqq3_2w464iLQR
content-length: 37604
cache-control: max-age=31536000
date: Tue, 22 Nov 2022 03:53:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/36d260a9dfd3c942120af8d91cef9acc/browser-deprecation-banner.header-chunk.min.js
23.36.79.43200 OK 6.3 kB URL HTTP/2 img6.wsimg.com/wrhs/36d260a9dfd3c942120af8d91cef9acc/browser-deprecation-banner.header-chunk.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (20437)
Hash e5784fb4d8f2992b3eb2840f9646adc6
66c38c62a3b39e83d0350521ef7217da0b6e0d1d
73923e9dc888c9de37683f64f4695374913d4631dc808ccb0661031192e3db29
GET /wrhs/36d260a9dfd3c942120af8d91cef9acc/browser-deprecation-banner.header-chunk.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "36d260a9dfd3c942120af8d91cef9acc"
last-modified: Mon, 17 Oct 2022 18:43:58 GMT
vary: Accept-Encoding
x-amz-id-2: AbjucC+YIUqaG88Oz/VQm/H/dVE/KNSNX4585VBGaXGTiX9z8t+7OaYK5AOKnkGQLZIrbsV4HBU=
x-amz-request-id: 40MQG2PEJJNXTB2Y
x-amz-server-side-encryption: AES256
x-amz-version-id: Bc22NvtG0XwT.aKXB639l456S.MHOzE1
content-length: 6265
cache-control: max-age=31536000
date: Tue, 22 Nov 2022 03:54:00 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
23.36.79.43200 OK 7.5 kB URL HTTP/2 img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (24676)
Hash b8a5a228a358454084c34dd1cf431c61
37aa5fe6e083b8147156ca66a1993a7bd74e8a61
06fae5ccf58a27a8e2ae6a0e7722f42db507c1873751f587cddd090810d94492
GET /wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "ce554d2333f3801abafb32da18213ff7"
last-modified: Mon, 17 Jan 2022 17:21:37 GMT
vary: Accept-Encoding
x-edgeconnect-midmile-rtt: 8
x-edgeconnect-origin-mex-latency: 357
x-amz-id-2: nldPfdb2FYbpxPRfMYRSd83AOL7ZmlBdZQSm5hguJELKdfn8+sza0oLEpTYjiKd2JeD3gDplFHw=
x-amz-request-id: RJ3J3PMANG6125DE
x-amz-server-side-encryption: AES256
x-amz-version-id: F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-length: 7498
x-edgeconnect-cache-status: 1
cache-control: max-age=31536000
date: Tue, 22 Nov 2022 03:54:01 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
shortener.secureserver.net/error_404
45.40.140.1404 Not Found 235 kB URL HTTP/2 shortener.secureserver.net/error_404
IP 45.40.140.1:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32947)
Size 235 kB (235324 bytes)
Hash 5af2654e56de823f671065bf65e8049c
5d4edf65ec9a215433129192afa62f72ec7af789
556bfd1fbacc924e1589d446b0624f337b4e5ef0381364a059be101b7462e39f
GET /error_404 HTTP/1.1
Host: shortener.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
server: nginx/1.20.1
date: Tue, 22 Nov 2022 03:53:59 GMT
content-type: text/html; charset=utf-8
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=gpl/main/202201190854&nocookie=1
23.38.200.249200 OK 2 B URL HTTP/2 tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=gpl/main/202201190854&nocookie=1
IP 23.38.200.249:0
File type ASCII text, with no line terminators
Hash 7bc0ee636b3b83484fc3b9348863bd22
ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
GET /utag/tiqapp/utag.v.js?a=gpl/main/202201190854&nocookie=1 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
content-length: 2
cache-control: max-age=600
expires: Tue, 22 Nov 2022 04:04:01 GMT
date: Tue, 22 Nov 2022 03:54:01 GMT
X-Firefox-Spdy: h2
events.api.secureserver.net/image.aspx?referrer=×tamp=1669089240977&corrid=337696324&vs=visible&rand=1814203335&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.request&hw=1&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&trace_id=f0a762cfc7855577a5e4af01ac3d1b7d&hit_id=12e63a63-0b7a-52e0-9233-d3c6a0782bd5&visitor_guid=c32dd14c-67e2-55a1-b8c9-b4feb1bed323&has_consent=0&cv=3.24.1&client_name=tcc
104.84.152.186200 OK 43 B URL HTTP/2 events.api.secureserver.net/image.aspx?referrer=×tamp=1669089240977&corrid=337696324&vs=visible&rand=1814203335&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.request&hw=1&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&trace_id=f0a762cfc7855577a5e4af01ac3d1b7d&hit_id=12e63a63-0b7a-52e0-9233-d3c6a0782bd5&visitor_guid=c32dd14c-67e2-55a1-b8c9-b4feb1bed323&has_consent=0&cv=3.24.1&client_name=tcc
IP 104.84.152.186:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /image.aspx?referrer=×tamp=1669089240977&corrid=337696324&vs=visible&rand=1814203335&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.request&hw=1&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&trace_id=f0a762cfc7855577a5e4af01ac3d1b7d&hit_id=12e63a63-0b7a-52e0-9233-d3c6a0782bd5&visitor_guid=c32dd14c-67e2-55a1-b8c9-b4feb1bed323&has_consent=0&cv=3.24.1&client_name=tcc HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shortener.secureserver.net
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Cookie: traffic=; _policy=%7B%22restricted_market%22:true,%22tracking_market%22:%22explicit%22%7D; pathway=c32dd14c-67e2-55a1-b8c9-b4feb1bed323; fb_sessiontraffic=S_TOUCH=&pathway=c32dd14c-67e2-55a1-b8c9-b4feb1bed323&V_DATE=&pc=0; visitor=vid=c32dd14c-67e2-55a1-b8c9-b4feb1bed323
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://shortener.secureserver.net
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Tue, 22 Nov 2022 03:54:01 GMT
set-cookie: tcc_refer=; domain=.secureserver.net; expires=Mon, 21 Nov 2022 03:54:01 GMT; path=/;
fb_sessiontraffic=S_TOUCH=11/22/2022%2003:54:01.221&pathway=c32dd14c-67e2-55a1-b8c9-b4feb1bed323&V_DATE=11/21/2022%2020:54:01.221&pc=1; max-age=1200; domain=.secureserver.net; path=/;
pathway=c32dd14c-67e2-55a1-b8c9-b4feb1bed323; max-age=1200; domain=.secureserver.net; path=/;
visitor=vid=c32dd14c-67e2-55a1-b8c9-b4feb1bed323; max-age=31536000; domain=.secureserver.net; expires=Wed, 22 Nov 2023 03:54:01 GMT; path=/;
traffic=; domain=.secureserver.net; path=/;
X-Firefox-Spdy: h2
events.api.secureserver.net/pageEvents.aspx?timestamp=1669089240981&corrid=337696324&referrer=&vs=visible&rand=135340750&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.event&usrin=market%2Cen-US%5Esplit%2C%5Euxcore%2C2%5Ecurrency%2CUSD%5Ehostname%2Cshortener.secureserver.net%5Epath%2Cundefined%5Equery%2C%7B%7D%5Ecountry%2CUnited%20States%5Elang%2CEnglish&eventdate=2022-11-22T03%3A54%3A00.981Z&eventtype=impression&e_id=uxp.hyd.int.utilityheader.shortener.impression&hit_id=85194466-7658-5983-95b8-82ba25a1cfd0&visitor_guid=c32dd14c-67e2-55a1-b8c9-b4feb1bed323&has_consent=0&cv=3.24.1&client_name=tcc&trace_id=f0a762cfc7855577a5e4af01ac3d1b7d
104.84.152.186200 OK 43 B URL HTTP/2 events.api.secureserver.net/pageEvents.aspx?timestamp=1669089240981&corrid=337696324&referrer=&vs=visible&rand=135340750&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.event&usrin=market%2Cen-US%5Esplit%2C%5Euxcore%2C2%5Ecurrency%2CUSD%5Ehostname%2Cshortener.secureserver.net%5Epath%2Cundefined%5Equery%2C%7B%7D%5Ecountry%2CUnited%20States%5Elang%2CEnglish&eventdate=2022-11-22T03%3A54%3A00.981Z&eventtype=impression&e_id=uxp.hyd.int.utilityheader.shortener.impression&hit_id=85194466-7658-5983-95b8-82ba25a1cfd0&visitor_guid=c32dd14c-67e2-55a1-b8c9-b4feb1bed323&has_consent=0&cv=3.24.1&client_name=tcc&trace_id=f0a762cfc7855577a5e4af01ac3d1b7d
IP 104.84.152.186:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pageEvents.aspx?timestamp=1669089240981&corrid=337696324&referrer=&vs=visible&rand=135340750&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.event&usrin=market%2Cen-US%5Esplit%2C%5Euxcore%2C2%5Ecurrency%2CUSD%5Ehostname%2Cshortener.secureserver.net%5Epath%2Cundefined%5Equery%2C%7B%7D%5Ecountry%2CUnited%20States%5Elang%2CEnglish&eventdate=2022-11-22T03%3A54%3A00.981Z&eventtype=impression&e_id=uxp.hyd.int.utilityheader.shortener.impression&hit_id=85194466-7658-5983-95b8-82ba25a1cfd0&visitor_guid=c32dd14c-67e2-55a1-b8c9-b4feb1bed323&has_consent=0&cv=3.24.1&client_name=tcc&trace_id=f0a762cfc7855577a5e4af01ac3d1b7d HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shortener.secureserver.net
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Cookie: traffic=; _policy=%7B%22restricted_market%22:true,%22tracking_market%22:%22explicit%22%7D; pathway=c32dd14c-67e2-55a1-b8c9-b4feb1bed323; fb_sessiontraffic=S_TOUCH=&pathway=c32dd14c-67e2-55a1-b8c9-b4feb1bed323&V_DATE=&pc=0; visitor=vid=c32dd14c-67e2-55a1-b8c9-b4feb1bed323
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://shortener.secureserver.net
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Tue, 22 Nov 2022 03:54:01 GMT
X-Firefox-Spdy: h2
events.api.secureserver.net/b.aspx?timestamp=1669089240997&corrid=337696324&referrer=&vs=visible&rand=1166798734&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.log&eventdate=2022-11-22T03%3A54%3A00.998Z&eventtype=pageperf&nav_type=hard&tccin=auto&connectEnd=1669089239131&connectStart=1669089238693&domComplete=1669089240987&domContentLoadedEventEnd=1669089240968&domContentLoadedEventStart=1669089240965&domInteractive=1669089240897&domLoading=1669089239435&domainLookupEnd=1669089238693&domainLookupStart=1669089238684&fetchStart=1669089238683&navigationStart=1669089236352&requestStart=1669089239132&responseEnd=1669089239428&responseStart=1669089239428&loadEventStart=1669089240987&loadEventEnd=0&transferSize=117611&encodedBodySize=117478&decodedBodySize=117478&navigationType=navigate&fcp=4609&hit_id=0f653a79-d3c0-5948-bdeb-d85faa8a48d8&visitor_guid=c32dd14c-67e2-55a1-b8c9-b4feb1bed323&has_consent=0&cv=3.24.1&client_name=tcc&trace_id=f0a762cfc7855577a5e4af01ac3d1b7d
104.84.152.186200 OK 43 B URL HTTP/2 events.api.secureserver.net/b.aspx?timestamp=1669089240997&corrid=337696324&referrer=&vs=visible&rand=1166798734&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.log&eventdate=2022-11-22T03%3A54%3A00.998Z&eventtype=pageperf&nav_type=hard&tccin=auto&connectEnd=1669089239131&connectStart=1669089238693&domComplete=1669089240987&domContentLoadedEventEnd=1669089240968&domContentLoadedEventStart=1669089240965&domInteractive=1669089240897&domLoading=1669089239435&domainLookupEnd=1669089238693&domainLookupStart=1669089238684&fetchStart=1669089238683&navigationStart=1669089236352&requestStart=1669089239132&responseEnd=1669089239428&responseStart=1669089239428&loadEventStart=1669089240987&loadEventEnd=0&transferSize=117611&encodedBodySize=117478&decodedBodySize=117478&navigationType=navigate&fcp=4609&hit_id=0f653a79-d3c0-5948-bdeb-d85faa8a48d8&visitor_guid=c32dd14c-67e2-55a1-b8c9-b4feb1bed323&has_consent=0&cv=3.24.1&client_name=tcc&trace_id=f0a762cfc7855577a5e4af01ac3d1b7d
IP 104.84.152.186:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /b.aspx?timestamp=1669089240997&corrid=337696324&referrer=&vs=visible&rand=1166798734&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.log&eventdate=2022-11-22T03%3A54%3A00.998Z&eventtype=pageperf&nav_type=hard&tccin=auto&connectEnd=1669089239131&connectStart=1669089238693&domComplete=1669089240987&domContentLoadedEventEnd=1669089240968&domContentLoadedEventStart=1669089240965&domInteractive=1669089240897&domLoading=1669089239435&domainLookupEnd=1669089238693&domainLookupStart=1669089238684&fetchStart=1669089238683&navigationStart=1669089236352&requestStart=1669089239132&responseEnd=1669089239428&responseStart=1669089239428&loadEventStart=1669089240987&loadEventEnd=0&transferSize=117611&encodedBodySize=117478&decodedBodySize=117478&navigationType=navigate&fcp=4609&hit_id=0f653a79-d3c0-5948-bdeb-d85faa8a48d8&visitor_guid=c32dd14c-67e2-55a1-b8c9-b4feb1bed323&has_consent=0&cv=3.24.1&client_name=tcc&trace_id=f0a762cfc7855577a5e4af01ac3d1b7d HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shortener.secureserver.net
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Cookie: traffic=; _policy=%7B%22restricted_market%22:true,%22tracking_market%22:%22explicit%22%7D; pathway=c32dd14c-67e2-55a1-b8c9-b4feb1bed323; fb_sessiontraffic=S_TOUCH=&pathway=c32dd14c-67e2-55a1-b8c9-b4feb1bed323&V_DATE=&pc=0; visitor=vid=c32dd14c-67e2-55a1-b8c9-b4feb1bed323
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://shortener.secureserver.net
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Tue, 22 Nov 2022 03:54:01 GMT
X-Firefox-Spdy: h2
events.api.secureserver.net/pageEvents.aspx?timestamp=1669089241119&corrid=337696324&referrer=&marketid=en-US&vs=visible&rand=1791204045&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.event&eventdate=2022-11-22T03%3A54%3A01.120Z&eventtype=impression&e_id=gtp.consent_banners.express.split_b.impression&hit_id=04ff7d38-6aef-5907-bf6f-bb02a52ee65a&visitor_guid=c32dd14c-67e2-55a1-b8c9-b4feb1bed323&has_consent=0&cv=3.24.1&client_name=tcc&trace_id=f0a762cfc7855577a5e4af01ac3d1b7d
104.84.152.186200 OK 43 B URL HTTP/2 events.api.secureserver.net/pageEvents.aspx?timestamp=1669089241119&corrid=337696324&referrer=&marketid=en-US&vs=visible&rand=1791204045&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.event&eventdate=2022-11-22T03%3A54%3A01.120Z&eventtype=impression&e_id=gtp.consent_banners.express.split_b.impression&hit_id=04ff7d38-6aef-5907-bf6f-bb02a52ee65a&visitor_guid=c32dd14c-67e2-55a1-b8c9-b4feb1bed323&has_consent=0&cv=3.24.1&client_name=tcc&trace_id=f0a762cfc7855577a5e4af01ac3d1b7d
IP 104.84.152.186:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pageEvents.aspx?timestamp=1669089241119&corrid=337696324&referrer=&marketid=en-US&vs=visible&rand=1791204045&sitename=shortener.secureserver.net&page=%2Ferror_404&location=https%3A%2F%2Fshortener.secureserver.net%2Ferror_404&agent=false&delegated=false&salessite=false&loadSource=uxpHeader&page_level_properties=loadSource&event_type=page.event&eventdate=2022-11-22T03%3A54%3A01.120Z&eventtype=impression&e_id=gtp.consent_banners.express.split_b.impression&hit_id=04ff7d38-6aef-5907-bf6f-bb02a52ee65a&visitor_guid=c32dd14c-67e2-55a1-b8c9-b4feb1bed323&has_consent=0&cv=3.24.1&client_name=tcc&trace_id=f0a762cfc7855577a5e4af01ac3d1b7d HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shortener.secureserver.net
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Cookie: traffic=; _policy=%7B%22restricted_market%22:true,%22tracking_market%22:%22explicit%22%7D; pathway=c32dd14c-67e2-55a1-b8c9-b4feb1bed323; fb_sessiontraffic=S_TOUCH=&pathway=c32dd14c-67e2-55a1-b8c9-b4feb1bed323&V_DATE=&pc=0; visitor=vid=c32dd14c-67e2-55a1-b8c9-b4feb1bed323; market=en-US; OPTOUTMULTI=0:1%7Cc3:1%7Cc2:1%7Cc4:1; utag_main=v_id:01849d78a81800166281832222b700050002c00900918$_sn:1$_ss:1$_st:1669091041113$ses_id:1669089241113%3Bexp-session$_pn:1%3Bexp-session; expBannerSplit=B; _consentBImpression=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://shortener.secureserver.net
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Tue, 22 Nov 2022 03:54:01 GMT
X-Firefox-Spdy: h2
js-agent.newrelic.com/552.2d6a2503-1220.js
151.101.86.137200 OK 5.9 kB URL HTTP/2 js-agent.newrelic.com/552.2d6a2503-1220.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (21423)
Hash 097ef34c5f5d635a147bca3721bd605b
3b31ef3cfb1d62d9884d631ec2467b9d6b0d46e2
3e05d4e42c1e87b516b525574b20d2570dccc50d1bd1b2956d6421699aa19914
GET /552.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PnZFPtaQ6Oa8SvsR598yLCynwQMleyjLyE8+/6kXxv1ZfRit6gnSEEKUHnQ2vqYi8syHn+Nxcq4=
x-amz-request-id: XM6WHM0J4M8X38WQ
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "777ac0df4dba632ad1b2955c88dd51ac"
x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 22 Nov 2022 03:54:01 GMT
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 214
x-timer: S1669089241.439636,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5890
X-Firefox-Spdy: h2
js-agent.newrelic.com/290.2d6a2503-1220.js
151.101.86.137200 OK 3.4 kB URL HTTP/2 js-agent.newrelic.com/290.2d6a2503-1220.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (8544)
Hash b9baa2cb6a3b1a3d0fda03cd7db51631
42d37467e05182e3cab2fcb54577dc462adcf50b
31a8b4d47298cae24c66e37256a51474ae88a745fdfec79f99b2d43608e6d822
GET /290.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: w13KyJHc6nZxbdEwslB41w8/Eu8hqTxWFthe9Ce9ktH5t1CQfPDcADzeIbbM0XmVboDReCBCqwPazqB/yCHcHQ==
x-amz-request-id: ENM21W9CJ64N9SCW
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 22 Nov 2022 03:54:01 GMT
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 133
x-timer: S1669089241.460207,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3424
X-Firefox-Spdy: h2
js-agent.newrelic.com/768.2d6a2503-1220.js
151.101.86.137200 OK 2.2 kB URL HTTP/2 js-agent.newrelic.com/768.2d6a2503-1220.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (5523)
Hash 98a96a3306b7723c0b8c4bff074cdd9f
e9070da7daa34fa2d8ac2e4ec00e3c499ea37516
a6079d50fa4c72b521fd865e67be080b5b21c336a71dbf7a1800a12ad42384f7
GET /768.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: P4mBsEL/DTAFzpZmpgTrdkaNBJrByz58gWXjGItRhFpF6Y8vCPU2Lz0KL/HwWqBLBPUd/7ipab8=
x-amz-request-id: XM6J50R0X1MZPD9F
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "d6cc8b42eda6fd7734014b03b87b5787"
x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 22 Nov 2022 03:54:01 GMT
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 240
x-timer: S1669089241.463372,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2225
X-Firefox-Spdy: h2
js-agent.newrelic.com/775.2d6a2503-1220.js
151.101.86.137200 OK 632 B URL HTTP/2 js-agent.newrelic.com/775.2d6a2503-1220.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (1169)
Hash 661520fd0dfebb919d68a69b60ca426f
b85ef80a0e0d95bf4904f9ce4fad56c49ae035be
ecd489671c6255fee8370fc1f8f4e99519ef8d4c4c0ab06640b0c021642e1db7
GET /775.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 7LFMHtjJh1S3I7Y2nadjyW3qD5GSEUAPkhvRiGWUqI2yNIsj2jxS1WztietgESJCTo8b+MSjBS8=
x-amz-request-id: XM6WXR7ZNKJZ7WDR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "1dfdb74c0491489bf04c6deadb56add2"
x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 22 Nov 2022 03:54:01 GMT
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 71
x-timer: S1669089241.464986,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 632
X-Firefox-Spdy: h2
js-agent.newrelic.com/368.2d6a2503-1220.js
151.101.86.137200 OK 1.4 kB URL HTTP/2 js-agent.newrelic.com/368.2d6a2503-1220.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (3382)
Hash fa50a55750d1d0978fca32be5dbc3988
a7f447621d48b3ecf7fc0192b515d506d3d1ad18
c621038fb07e536af8a1ec6d260853dfe69055dc2fb526700919c53b3b7e5f20
GET /368.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: GUwozRedGseijuU5ypA/WbbnDIf/u5E5/2u5+kb3ugz/wj5jQhWm8oFz9CQSV79o7P1yeeJAp+M=
x-amz-request-id: K9T2FMDPRF0ZCE4Q
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "16b4f3676c3859e1378a2ccdebbad675"
x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 22 Nov 2022 03:54:01 GMT
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 211
x-timer: S1669089241.465113,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1443
X-Firefox-Spdy: h2
bam.nr-data.net/1/d89ec68706?a=74176617&v=1220.PROD&to=MldVZUJYCkoDABVeWwsdcUReWhBQDQ1ORFwKQENUXlwWFxQKBEBHX1dFQ19LOw1SVw%3D%3D&rst=5036&ck=0&s=22813b5d76d32bce&ref=https://shortener.secureserver.net/error_404&ap=151&be=3229&fe=1407&dc=1385&perf=%7B%22timing%22:%7B%22of%22:1669089236352,%22n%22:0,%22f%22:2331,%22dn%22:2332,%22dne%22:2341,%22c%22:2341,%22s%22:2487,%22ce%22:2779,%22rq%22:2780,%22rp%22:3076,%22rpe%22:3076,%22dl%22:3083,%22di%22:4545,%22ds%22:4613,%22de%22:4616,%22dc%22:4635,%22l%22:4635,%22le%22:4640%7D,%22navigation%22:%7B%7D%7D&fcp=4609&jsonp=NREUM.setToken
162.247.241.14200 OK 73 B URL HTTP/1.1 bam.nr-data.net/1/d89ec68706?a=74176617&v=1220.PROD&to=MldVZUJYCkoDABVeWwsdcUReWhBQDQ1ORFwKQENUXlwWFxQKBEBHX1dFQ19LOw1SVw%3D%3D&rst=5036&ck=0&s=22813b5d76d32bce&ref=https://shortener.secureserver.net/error_404&ap=151&be=3229&fe=1407&dc=1385&perf=%7B%22timing%22:%7B%22of%22:1669089236352,%22n%22:0,%22f%22:2331,%22dn%22:2332,%22dne%22:2341,%22c%22:2341,%22s%22:2487,%22ce%22:2779,%22rq%22:2780,%22rp%22:3076,%22rpe%22:3076,%22dl%22:3083,%22di%22:4545,%22ds%22:4613,%22de%22:4616,%22dc%22:4635,%22l%22:4635,%22le%22:4640%7D,%22navigation%22:%7B%7D%7D&fcp=4609&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 814f8120cdf5a972bdb0fd5521a92a5d
47f7b3cd340d1fe91766ff27602e319a79bcd14c
5f520e553ae6a634e84b7c8c8d36908d2efa441d716834fd98c012c402b1c3c8
GET /1/d89ec68706?a=74176617&v=1220.PROD&to=MldVZUJYCkoDABVeWwsdcUReWhBQDQ1ORFwKQENUXlwWFxQKBEBHX1dFQ19LOw1SVw%3D%3D&rst=5036&ck=0&s=22813b5d76d32bce&ref=https://shortener.secureserver.net/error_404&ap=151&be=3229&fe=1407&dc=1385&perf=%7B%22timing%22:%7B%22of%22:1669089236352,%22n%22:0,%22f%22:2331,%22dn%22:2332,%22dne%22:2341,%22c%22:2341,%22s%22:2487,%22ce%22:2779,%22rq%22:2780,%22rp%22:3076,%22rpe%22:3076,%22dl%22:3083,%22di%22:4545,%22ds%22:4613,%22de%22:4616,%22dc%22:4635,%22l%22:4635,%22le%22:4640%7D,%22navigation%22:%7B%7D%7D&fcp=4609&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 03:54:02 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 76deb8af5b5e1bfe-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4585277-93e1-4477-a3fd-7902d8def50a.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4585277-93e1-4477-a3fd-7902d8def50a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed56d033b6595fa91a4c513c0ed7cdd4
ef87cc22637f94451f116905bfe096fff3e73d86
02f79fe867a07f3fdd1ad932da67a9a2df8c07ad4172b0aad2f61ee6b67a72fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4585277-93e1-4477-a3fd-7902d8def50a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9355
x-amzn-requestid: d801efd0-da4a-405a-b1b4-ebd17a784129
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-LA6FwuoAMFRxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bf205-1d28acc046a79a4e4df8aabe;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:47:49 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IZZbByT9It-u1_v1M9O1pTF65pwOSGBeCVgCtDisb6-kZiN76R3lkg==
via: 1.1 b04d82bf2bc15ab146955a862be263f0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:59:38 GMT
etag: "ef87cc22637f94451f116905bfe096fff3e73d86"
content-type: image/jpeg
age: 21267
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
shortener.secureserver.net/css/icons.css
45.40.140.1302 Found 0 B URL HTTP/2 shortener.secureserver.net/css/icons.css
IP 45.40.140.1:0
ASN #398101 GO-DADDY-COM-LLC
GET /css/icons.css HTTP/1.1
Host: shortener.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/error_404
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Tue, 22 Nov 2022 03:54:00 GMT
content-type: text/html; charset=utf-8
location: https://shortener.secureserver.net/error_404
X-Firefox-Spdy: h2
shortener.secureserver.net/favicon.ico
45.40.140.1302 Found 0 B URL HTTP/2 shortener.secureserver.net/favicon.ico
IP 45.40.140.1:0
ASN #398101 GO-DADDY-COM-LLC
GET /favicon.ico HTTP/1.1
Host: shortener.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/error_404
Cookie: traffic=; _policy=%7B%22restricted_market%22:true,%22tracking_market%22:%22explicit%22%7D; pathway=c32dd14c-67e2-55a1-b8c9-b4feb1bed323; fb_sessiontraffic=S_TOUCH=11/22/2022%2003:54:01.221&pathway=c32dd14c-67e2-55a1-b8c9-b4feb1bed323&V_DATE=11/21/2022%2020:54:01.221&pc=1; visitor=vid=c32dd14c-67e2-55a1-b8c9-b4feb1bed323; market=en-US; OPTOUTMULTI=0:1%7Cc3:1%7Cc2:1%7Cc4:1; utag_main=v_id:01849d78a81800166281832222b700050002c00900918$_sn:1$_ss:1$_st:1669091041113$ses_id:1669089241113%3Bexp-session$_pn:1%3Bexp-session; expBannerSplit=B; _consentBImpression=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Tue, 22 Nov 2022 03:54:01 GMT
content-type: text/html; charset=utf-8
location: https://shortener.secureserver.net/error_404
X-Firefox-Spdy: h2
kabab.ga/
185.143.233.120302 Found 0 B IP 185.143.233.120:0
ASN #202468 Noyan Abr Arvan Co. ( Private Joint Stock)
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: kabab.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: ArvanCloud
date: Tue, 22 Nov 2022 03:53:58 GMT
content-type: text/html; charset=utf-8
location: https://shortener.secureserver.net/error_404
x-xss-protection: 1; mode=block
ar-sid: 5880
ar-atime: 1.454
ar-cache: BYPASS
ar-request-id: 6c8f8f8233bc2f2f9bc17cf2b72f4155
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/gpl/main/prod/utag.js
23.38.200.249200 OK 0 B URL HTTP/2 tags.tiqcdn.com/utag/gpl/main/prod/utag.js
IP 23.38.200.249:0
GET /utag/gpl/main/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shortener.secureserver.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "439c93448d07863f01b4baa0db40ee45:1642582496.491697"
last-modified: Wed, 19 Jan 2022 08:54:56 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Tue, 22 Nov 2022 03:59:01 GMT
date: Tue, 22 Nov 2022 03:54:01 GMT
X-Firefox-Spdy: h2