atvsantoriniexperience.com/iit/qakbot.zip
172.105.89.22301 Moved Permanently 707 B URL HTTP/1.1 atvsantoriniexperience.com/iit/qakbot.zip
IP 172.105.89.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /iit/qakbot.zip HTTP/1.1
Host: atvsantoriniexperience.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 05 Nov 2022 00:54:28 GMT
server: LiteSpeed
location: https://atvsantoriniexperience.com/iit/qakbot.zip
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b7be8442ec1e518ccc80739495f6d047
7a9d24b9d4046262c7753c49afaf9c19f4840626
b93410a9d62da3f219796d753b61a0f730cc272c13596724aa9d20efba298b44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B93410A9D62DA3F219796D753B61A0F730CC272C13596724AA9D20EFBA298B44"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3667
Expires: Sat, 05 Nov 2022 01:55:36 GMT
Date: Sat, 05 Nov 2022 00:54:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cd02b32dbc8416dcb10b468af2166c33
503a9c4cabdb19dfde769f5e2d3ef919c818c364
46ca638514d9d4cf252762fdac37a5e7b1da550fcc9911070b0b26a6aa6150a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3184
Cache-Control: max-age=120580
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 00:54:29 GMT
Etag: "6364dbd9-1d7"
Expires: Sun, 06 Nov 2022 10:24:09 GMT
Last-Modified: Fri, 04 Nov 2022 09:31:05 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9f3527f898221f8ba6b5015f6decc100
ead93baa0e9d3a6297be3377dc3a624e5a3f509a
73a068f907cc50dd60af18d545b4264dd44bc4b9f40bf9adfceea157fdc33099
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3675
Expires: Sat, 05 Nov 2022 01:55:44 GMT
Date: Sat, 05 Nov 2022 00:54:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Xz+w8k0gUkZPe7OKUVISKmctOpcxZRK+7yBm8Kr30RWg3zHFvDWk+4c8G4fONIOL7fFQd+OBB20=
x-amz-request-id: EB2D4BGKRVZ36P05
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 05 Nov 2022 00:09:47 GMT
age: 2682
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 00:54:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 42a0adacced30df52cf7cad3e200036d
f7b4114defc61f806dbb74fd228bca155d52362a
e4928481739a2a75dce86c03b355c6dff507426e8d851cba5ca8537b1be87c20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3746
Cache-Control: max-age=116084
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 00:54:29 GMT
Etag: "6364c817-1d7"
Expires: Sun, 06 Nov 2022 09:09:13 GMT
Last-Modified: Fri, 04 Nov 2022 08:06:47 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
atvsantoriniexperience.com/iit/qakbot.zip
172.105.89.22404 Not Found 19 kB URL HTTP/2 atvsantoriniexperience.com/iit/qakbot.zip
IP 172.105.89.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (37959), with CRLF, LF line terminators
Hash 6e538ff3834e2675fb5c82c24f40b8d0
f37c64efd11b2d1ef37094304d85e8341e4424ac
c0a15456a651f6dad110e407afa940a4183661e901d05fa18a715a052e856b19
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /iit/qakbot.zip HTTP/1.1
Host: atvsantoriniexperience.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.32
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://atvsantoriniexperience.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Sat, 05 Nov 2022 00:54:29 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a2f6c296003d839bdee766ef4082e376
013ae64b10cb1355ae9b6ba38dcfa79f71a9b505
703d6582ab3344d6e4a0d5b7e0c9983b8f7e8179d73dd6584c37bbccc8c84308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 00:54:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dedeskoscon.gr/2022/wp-content/uploads/2022/01/logo_atvtour_white.webp
172.105.89.22404 Not Found 1.2 kB URL HTTP/2 dedeskoscon.gr/2022/wp-content/uploads/2022/01/logo_atvtour_white.webp
IP 172.105.89.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /2022/wp-content/uploads/2022/01/logo_atvtour_white.webp HTTP/1.1
Host: dedeskoscon.gr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://atvsantoriniexperience.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sat, 05 Nov 2022 00:54:29 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a2f6c296003d839bdee766ef4082e376
013ae64b10cb1355ae9b6ba38dcfa79f71a9b505
703d6582ab3344d6e4a0d5b7e0c9983b8f7e8179d73dd6584c37bbccc8c84308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 00:54:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 41a3827ad01511623dd0797b57f2ccba
e4fb120f1ff8c3be653e7cdfcbb54e762203e3c0
5d3027468039a89579a30fe3b67f30dae42e0115587e45161609801cff7e19d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=140441
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 00:54:30 GMT
Etag: "636535df-118"
Expires: Sun, 06 Nov 2022 15:55:11 GMT
Last-Modified: Fri, 04 Nov 2022 15:55:11 GMT
Server: nginx
Content-Length: 280
push.services.mozilla.com/
34.213.92.18101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.92.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mUdtQQtKo4/mOCjnzUpYIw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TX7oFlYmltJi/dkv8795f1/oQ38=
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash ec04e356bb8f47c62ef7f719c00ac77b
14fa9286b0b0a4661c4f64d218c849b2d5fa1251
3f2ddae2ead862f18ea20375ffeac480e0da307c309276906a2355d58ea9308e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98219
Date: Sat, 05 Nov 2022 00:54:30 GMT
Etag: "6364832c-1d7"
Expires: Sun, 06 Nov 2022 04:11:29 GMT
Last-Modified: Fri, 04 Nov 2022 03:12:44 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vAaSqo_m0kwLn4-FhcNS-CkBm0tKT4CsOUlS6FhHNC88qE3iOx36yQ==
Age: 3525
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 41a3827ad01511623dd0797b57f2ccba
e4fb120f1ff8c3be653e7cdfcbb54e762203e3c0
5d3027468039a89579a30fe3b67f30dae42e0115587e45161609801cff7e19d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2
Cache-Control: max-age=140441
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 00:54:31 GMT
Etag: "636535df-118"
Expires: Sun, 06 Nov 2022 15:55:12 GMT
Last-Modified: Fri, 04 Nov 2022 15:55:11 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
fh-kit.com/buttons/v2/?blue=f4534d
104.21.2.128200 OK 21 kB URL HTTP/2 fh-kit.com/buttons/v2/?blue=f4534d
IP 104.21.2.128:0
File type ASCII text, with very long lines (65458)
Hash ada42393a65ae10f9d026cc4faff4d9c
ae1d5c104094d22ce6cf1233b5b14444624d6583
aa744d23019a43dce50b40cb0e2b59fd4003198c476b90ed2ac2ef2c78b38598
GET /buttons/v2/?blue=f4534d HTTP/1.1
Host: fh-kit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://atvsantoriniexperience.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 00:54:31 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
x-scss-cache: true
etag: W/"dc273a6cb0f9bdc38cc6dd1f67d053fdac1a00f1c3aad4e9cd7b9a2a416d8e95"
last-modified: Wed, 02 Nov 2022 22:11:01 GMT
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBHD%2BCPxiZrAjjS4VXeDO2%2Fs5GN7rOa9NDywwjyOj87IrWuux8S8XXg%2FXlvU3U8WctuyzK%2FKaInBX5rQATm11Qo9v47Z%2FiiBpT1d0qGTlCSdkb%2B21dXhY%2BLcD0fT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76519e5659e1b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 00:54:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 00:54:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 00:54:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.99200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://atvsantoriniexperience.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 192023
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.99200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://atvsantoriniexperience.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 192023
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.99200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://atvsantoriniexperience.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 16:40:18 GMT
expires: Fri, 03 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 116053
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 00:54:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7551
Expires: Sat, 05 Nov 2022 03:00:22 GMT
Date: Sat, 05 Nov 2022 00:54:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7551
Expires: Sat, 05 Nov 2022 03:00:22 GMT
Date: Sat, 05 Nov 2022 00:54:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff202f1f7-a6da-431c-9f04-b00a53780a8c.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff202f1f7-a6da-431c-9f04-b00a53780a8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 683264508686ad18ae519baac54d3b05
1897c9fcad301764736ab867491beb18526af153
e8beb5d336ca424e36725ab87b98b4dedcf32a5b01c43b9c06363a7be25522fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff202f1f7-a6da-431c-9f04-b00a53780a8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5754
x-amzn-requestid: df2c5b88-0444-44b1-81ef-04e565d25b36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bAS--GiUoAMFTjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636331f9-0ec90f4d5f0c6fcf2d6e4a8b;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 03:14:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7CdkFTu--etXnoftDB8IYx3G6NIDBbKNiomZXVQQpr8et2Qh9yUGoQ==
via: 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 03:37:09 GMT
age: 76642
etag: "1897c9fcad301764736ab867491beb18526af153"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ee7867-cfc1-4e91-8bfe-c86e9e0369d8.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ee7867-cfc1-4e91-8bfe-c86e9e0369d8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1799c94891598120fab550073379516
ed51b7d2c443aec199c1605b5ebe2e1e25f287a3
5f3f2ffdc992d917d8d3b5890c0ad9810b9699c38e932c0d4d32625346eb87a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ee7867-cfc1-4e91-8bfe-c86e9e0369d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6228
x-amzn-requestid: 788a9f03-5b3f-446c-a02c-844fe2f07221
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ameKPFJAoAMFy1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358dd74-15bffc073dae60355b484cbb;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 07:10:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YN9fqqZ0ZqpXcYQZbi5MXAL2e_jd5aW3qdbsqLUGR7Rhj5-QvP1VxA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:20:14 GMT
age: 9257
etag: "ed51b7d2c443aec199c1605b5ebe2e1e25f287a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F621f6bc7-a17b-4b8f-95ef-65d27abd5513.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F621f6bc7-a17b-4b8f-95ef-65d27abd5513.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1fc9b492d6cc0a516998cec9fa5dc2a0
1082e5e96362a4960929c59ff1d4d995cb28f40d
3dc82302d8615c615526cc9a828844d291d775d05ff7174f8d6b82b7172b2908
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F621f6bc7-a17b-4b8f-95ef-65d27abd5513.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9006
x-amzn-requestid: 1a0ea36b-a610-485c-be62-b6950288afbc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGIVGGG7oAMFXJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63658753-2fc408853092bf61646b7584;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:42:43 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xdg0glkctHhh3-kmb8HhwEnYjcxchpOLF4DrDIkICI7fSiHpIRPKIw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:20:07 GMT
age: 9264
etag: "1082e5e96362a4960929c59ff1d4d995cb28f40d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ba524bd-ef85-4f86-8f19-39ca866c6ef3.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ba524bd-ef85-4f86-8f19-39ca866c6ef3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6627701fe981336792076df0c21937b
39da4f78058b565bfcaad4ced6f1b59a2bf6a421
aad9c8d5dbf34cbfc79bd5a69eb84e83880991f6765b955195b8ab515cab076b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ba524bd-ef85-4f86-8f19-39ca866c6ef3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3898
x-amzn-requestid: aa30ce03-5fea-431d-a8ba-f1f1f6a7313d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a5se8GMjIAMFgxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63608df9-5f607dee71fc5ea4688e10ad;Sampled=0
x-amzn-remapped-date: Tue, 01 Nov 2022 03:09:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: M117Djj2kKvQjSBxg_-Wjy9wr6gS-B8nZg-DW6-mduh-Py4fpw_0hg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 23:55:48 GMT
age: 3523
etag: "39da4f78058b565bfcaad4ced6f1b59a2bf6a421"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ae2b8d827fb2c8bef64febcd36f1645
f7705fcd2d91ce90c58e79324cce1e3abba6c1c8
2dc55e97ef3a85fccb104b80161a8bac16b12d37527c336563677432584c7ad5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11421
x-amzn-requestid: 80f2a46c-6682-4160-b896-eeaa366dbab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKNF4SoAMFn5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-5a5517d005ec7a7d1507b58e;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gdqoswTMqjrfyzzY-103agxLH8ak-rFsCId29eoLOF6WHgFmd04K7g==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 08:24:41 GMT
age: 59390
etag: "f7705fcd2d91ce90c58e79324cce1e3abba6c1c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a3b1551512640bb8f5e7deb80c32272
75805b9f03aef14cfad025259936ae5f217d25ca
5baa90853202e78cf9b59e9ab597e16ccfbf143d7e124583e64dc1ad1ee2c2df
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7783
x-amzn-requestid: c8f73eac-612d-48e3-a655-41525e97331c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apxM8H7aoAMFT3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a2f1f-5470c77a30a11b9423f56837;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:11:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FLFsF-1gAeN0HiZnS03oNMNajnwk12P-5Aro-QOcQNFtkjknh9g5FA==
via: 1.1 0c04e836dfe22246a870a0f54a2d4746.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 19:19:17 GMT
age: 20114
etag: "75805b9f03aef14cfad025259936ae5f217d25ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dp58aslhmbcib.cloudfront.net/static/cache/css/output.e89846825ae9.css
54.230.245.20200 OK 414 B URL HTTP/2 dp58aslhmbcib.cloudfront.net/static/cache/css/output.e89846825ae9.css
IP 54.230.245.20:0
File type ASCII text, with very long lines (377)
Hash 44d6767e51cf97a6b044e40adeefb98b
56901d5b4da7ae451f0420bda22bde4245943738
e53dd5e6cb5918a3e33093df8ec60c1906c4e1a06f5b953953a519b44140bca2
GET /static/cache/css/output.e89846825ae9.css HTTP/1.1
Host: dp58aslhmbcib.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fareharbor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 414
date: Sun, 04 Sep 2022 15:56:03 GMT
accept-ranges: bytes
cache-control: public
content-encoding: gzip
etag: "6311cb8b-dac"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 02 Sep 2022 09:23:23 GMT
server: nginx/1.21.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-b-3
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dvq6eciER6J6kglCmkw7_95u3pDjlAnnheInyinP4sF6bBT9XWvKQg==
age: 5302707
X-Firefox-Spdy: h2
fareharbor.com/static/jstranslation/en-us/djangojs.js
13.57.107.192200 OK 942 B URL HTTP/2 fareharbor.com/static/jstranslation/en-us/djangojs.js
IP 13.57.107.192:0
Hash fb9bd7984663e47bfbbc7aece8fd2b28
3a9441e2010d3761ddb5759408861f37ca821040
026ea5fd4880d845bd1089379415a29f2434d1d74e54779b428b76cde7c3295f
GET /static/jstranslation/en-us/djangojs.js HTTP/1.1
Host: fareharbor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fareharbor.com/embeds/cart/?u=126a5aaf-00a1-438e-a444-204ba2d15bc9&from-ssl=yes&a=yes&back=https://atvsantoriniexperience.com/iit/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 00:54:31 GMT
content-type: application/javascript
content-length: 942
accept-ranges: bytes
cache-control: public
content-encoding: gzip
etag: "6365861f-d05"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 04 Nov 2022 21:37:35 GMT
server: nginx/1.21.0
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-b-3
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
fh-sites.imgix.net/fonts/roboto/roboto-v20-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
151.101.86.208200 OK 51 kB URL HTTP/2 fh-sites.imgix.net/fonts/roboto/roboto-v20-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
IP 151.101.86.208:0
File type Web Open Font Format (Version 2), TrueType, length 51116, version 1.0\012- data
Hash 9549360090baf2eb8b25d3a9708fc19d
3229ae839d33696d39c89dc0d3e193fe985f1da4
a7bf1f115e60e0c8f3b335df66d4d77baaae4eb11d2cea2cf7c5b4693403a46f
GET /fonts/roboto/roboto-v20-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2 HTTP/1.1
Host: fh-sites.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fareharbor.com
Connection: keep-alive
Referer: https://dp58aslhmbcib.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=315360000
last-modified: Thu, 24 Sep 2020 23:44:49 GMT
server: imgix
x-imgix-id: 947dd61f84964c369a3c153b7a3b3c5995b9ec18
date: Sat, 05 Nov 2022 00:54:31 GMT
age: 44463762
accept-ranges: bytes
content-type: application/octet-stream
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10068-SJC, cache-sjc10038-SJC, cache-sjc10082-SJC, cache-sjc10078-SJC, cache-bma1669-BMA
x-cache: HIT, HIT, HIT, HIT, HIT
content-length: 51116
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 93d892427d62fa1f4ac3453c876dce0f
617bab9e4faec8ff07bf6fb9220fea3e7d52b5f4
000bac80c6d5858ec678ab468d7d85e61489035e5c082e380bbdb418f0fee034
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5929
Cache-Control: max-age=129412
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 00:54:31 GMT
Etag: "6364f3a2-117"
Expires: Sun, 06 Nov 2022 12:51:23 GMT
Last-Modified: Fri, 04 Nov 2022 11:12:34 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
geoip-js.com/geoip/v2.1/country/me?referrer=https%3A%2F%2Ffareharbor.com
104.18.38.74200 OK 683 B URL HTTP/2 geoip-js.com/geoip/v2.1/country/me?referrer=https%3A%2F%2Ffareharbor.com
IP 104.18.38.74:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (609), with no line terminators
Hash b79a745eade367e64f60e8459032194d
bc7d4f9f9be73287fda29b81e4d792e6b11a914c
d22263c928e9fcaee52118e0d0b4e51c0b5f58e3bdd4aff01bda657af2a4b022
GET /geoip/v2.1/country/me?referrer=https%3A%2F%2Ffareharbor.com HTTP/1.1
Host: geoip-js.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fareharbor.com
Connection: keep-alive
Referer: https://fareharbor.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 00:54:32 GMT
content-type: application/vnd.maxmind.com-country+json; charset=UTF-8; version=2.1
content-length: 683
access-control-allow-origin: *
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76519e61ca17b51b-OSL
X-Firefox-Spdy: h2
fareharbor.com/api/v1/persistence/126a5aaf-00a1-438e-a444-204ba2d15bc9/
13.57.107.192200 OK 24 B URL HTTP/2 fareharbor.com/api/v1/persistence/126a5aaf-00a1-438e-a444-204ba2d15bc9/
IP 13.57.107.192:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 309b2178203de5a131d3de57b8833209
d303aadfd5a6a760b2fa533758dc5322806fd147
665dfdc1859f43c9f0626d980a4efe4647c5a5d42c12020ac8d136e42c1b0fb7
GET /api/v1/persistence/126a5aaf-00a1-438e-a444-204ba2d15bc9/ HTTP/1.1
Host: fareharbor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-FH-Target-Language: en-us
X-Requested-With: XMLHttpRequest
X-CSRFToken: pfeS9378cGwhcE9NgYOTk3rBhHi3RvbfSiV31O0dUJJENVMSimOUCtUk6aoIH82C
Connection: keep-alive
Referer: https://fareharbor.com/embeds/cart/?u=126a5aaf-00a1-438e-a444-204ba2d15bc9&from-ssl=yes&a=yes&back=https://atvsantoriniexperience.com/iit/qakbot.zip
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 00:54:32 GMT
content-type: application/json
content-length: 24
content-language: en-us
p3p: CP="This is not a P3P policy."
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Cookie
x-amzn-trace-id: Root=1-6365b448-52b14b376303fda37077a400
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-2
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F458d0ee9-3210-4c7f-9d9b-ef755ef58ec5.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F458d0ee9-3210-4c7f-9d9b-ef755ef58ec5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cfc934868fe4ec7140c3339b5da73faa
859d81df990593359d9c1ce1dbd04914731fd3ca
c2299d44db5ea274b8acfecec2749ee8cf447e1c78204d1a3b1b04f9392c22ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F458d0ee9-3210-4c7f-9d9b-ef755ef58ec5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5006
x-amzn-requestid: a3cbaa9c-f7fa-4fb3-ad0d-58f7f1578168
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGITRHTSoAMFnjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63658747-2a86778d642cf44e37ac1244;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:42:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aDl3zoe_9a7ZDvbtqLdoKgvh4XjmazFUgGSguyUeBvqRbpLIzhVAPA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:59:04 GMT
age: 10534
etag: "859d81df990593359d9c1ce1dbd04914731fd3ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dp58aslhmbcib.cloudfront.net/static/cache/js/output.00ec153f0d7d.js
54.230.245.20200 OK 0 B URL HTTP/2 dp58aslhmbcib.cloudfront.net/static/cache/js/output.00ec153f0d7d.js
IP 54.230.245.20:0
GET /static/cache/js/output.00ec153f0d7d.js HTTP/1.1
Host: dp58aslhmbcib.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fareharbor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 28 Oct 2022 10:59:21 GMT
accept-ranges: bytes
cache-control: public
content-encoding: gzip
etag: "635bab9d-16fd7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 28 Oct 2022 10:14:53 GMT
server: nginx/1.21.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-b-8
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 62tNm4uhIRBJSi27LdJsGyHodPq3hetd6snlDJQemKLssUnEbcmznQ==
age: 654910
X-Firefox-Spdy: h2
dp58aslhmbcib.cloudfront.net/static/cache/js/output.801e42a8d627.js
54.230.245.20200 OK 0 B URL HTTP/2 dp58aslhmbcib.cloudfront.net/static/cache/js/output.801e42a8d627.js
IP 54.230.245.20:0
GET /static/cache/js/output.801e42a8d627.js HTTP/1.1
Host: dp58aslhmbcib.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fareharbor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 04 Nov 2022 21:06:09 GMT
accept-ranges: bytes
cache-control: public
content-encoding: gzip
etag: "63656cf9-988c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 04 Nov 2022 19:50:17 GMT
server: nginx/1.21.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-2
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: F0rYQ3X6DkmEBvq4Aj9ybM4L8uOGg608WSQOXp1q7pr0KRBPZhzw3A==
age: 13702
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese&display=swap
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://atvsantoriniexperience.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 05 Nov 2022 00:54:30 GMT
date: Sat, 05 Nov 2022 00:54:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fareharbor.com/embeds/api/v1/?autolightframe=yes
13.57.107.192200 OK 0 B URL HTTP/2 fareharbor.com/embeds/api/v1/?autolightframe=yes
IP 13.57.107.192:0
GET /embeds/api/v1/?autolightframe=yes HTTP/1.1
Host: fareharbor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://atvsantoriniexperience.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 00:54:30 GMT
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-language: en-us
content-security-policy-report-only: form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com *.optimizely.com cdn.optimizely.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://ssl.google-analytics.com https://www.google-analytics.com dp58aslhmbcib.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com dp58aslhmbcib.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https://www.gstatic.com dp58aslhmbcib.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
expires: 0
p3p: CP="This is not a P3P policy."
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Cookie
x-amzn-trace-id: Root=1-6365b446-0c60412c47cc4ab001736109
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-b-8
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
fareharbor.com/embeds/cart/?u=126a5aaf-00a1-438e-a444-204ba2d15bc9&from-ssl=yes&a=yes&back=https://atvsantoriniexperience.com/iit/qakbot.zip
13.57.107.192200 OK 0 B URL HTTP/2 fareharbor.com/embeds/cart/?u=126a5aaf-00a1-438e-a444-204ba2d15bc9&from-ssl=yes&a=yes&back=https://atvsantoriniexperience.com/iit/qakbot.zip
IP 13.57.107.192:0
GET /embeds/cart/?u=126a5aaf-00a1-438e-a444-204ba2d15bc9&from-ssl=yes&a=yes&back=https://atvsantoriniexperience.com/iit/qakbot.zip HTTP/1.1
Host: fareharbor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://atvsantoriniexperience.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 00:54:31 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
content-language: en-us
content-security-policy-report-only: form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com *.optimizely.com cdn.optimizely.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://ssl.google-analytics.com https://www.google-analytics.com dp58aslhmbcib.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com dp58aslhmbcib.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https://www.gstatic.com dp58aslhmbcib.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
p3p: CP="This is not a P3P policy."
set-cookie: csrftoken=DT6roAaY15G9OpSFBSNbOKwCAioG4Z4p6WNCgl33J8TwpGvKDgNc6aZlpLulUCVM; expires=Sat, 04 Nov 2023 00:54:31 GMT; Max-Age=31449600; Path=/; SameSite=Strict; Secure
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Cookie
x-amzn-trace-id: Root=1-6365b447-2584f56c1f7cc392724a6ff5
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-8
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
dp58aslhmbcib.cloudfront.net/static/cache/css/output.4ea4bbcbc577.css
54.230.245.20200 OK 0 B URL HTTP/2 dp58aslhmbcib.cloudfront.net/static/cache/css/output.4ea4bbcbc577.css
IP 54.230.245.20:0
GET /static/cache/css/output.4ea4bbcbc577.css HTTP/1.1
Host: dp58aslhmbcib.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fareharbor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
date: Tue, 18 Oct 2022 21:37:11 GMT
accept-ranges: bytes
cache-control: public
content-encoding: gzip
etag: "634f16ad-3762c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 18 Oct 2022 21:12:13 GMT
server: nginx/1.21.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-6
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: i3xZiVHOI8kTVvJ-WHpY6BWgLUZJUDR6Rj3pHA-VmyJAieKU0VVKPw==
age: 1480640
X-Firefox-Spdy: h2