ms888.sk/KOdqn_ep-JfVtu/bsM/Attachments/2019-02
67.202.92.13200 OK 4.6 kB URL HTTP/1.1 ms888.sk/KOdqn_ep-JfVtu/bsM/Attachments/2019-02
IP 67.202.92.13:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1746), with CRLF, LF line terminators
Hash 984608ac7b4de269af811791d08f46b2
d3f0836f208b7b6865a29664ed6a68b6701a505d
223c81f023b51226b209571346d5a44e3a1afffede363c5de6a94cdc390a98a8
Analyzer Verdict Alert fortinet Malware
GET /KOdqn_ep-JfVtu/bsM/Attachments/2019-02 HTTP/1.1
Host: ms888.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
last-modified: Mon, 23 Jan 2023 03:35:33 GMT
expires: Mon, 23 Jan 2023 04:35:33 GMT
pragma: public
cache-control: max-age=3600, public
etag: "984608ac7b4de269af811791d08f46b2"
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
content-length: 4646
content-encoding: gzip
date: Mon, 23 Jan 2023 03:35:33 GMT
server: LiteSpeed
wpx: 1
referrer-policy:
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f416977a8d6dfaafb2dbfd0e68b871f8
dfa97bd829b03162de91c80133f2fde69b58a8d2
2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11863
Expires: Mon, 23 Jan 2023 06:53:16 GMT
Date: Mon, 23 Jan 2023 03:35:33 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0be6cec5607bb65c06dbadd33456aec1
9d13129e936eb5fc82e403931884cdc8c6e6ab92
cb028034340b709ece65e45e8fc1a26a64dd85926beaa542f308d3f1d5ee2c84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB028034340B709ECE65E45E8FC1A26A64DD85926BEAA542F308D3F1D5EE2C84"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5452
Expires: Mon, 23 Jan 2023 05:06:25 GMT
Date: Mon, 23 Jan 2023 03:35:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 23 Jan 2023 03:34:58 GMT
content-type: application/json
age: 36
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19943
Expires: Mon, 23 Jan 2023 09:07:57 GMT
Date: Mon, 23 Jan 2023 03:35:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: D/KWECSfrmwRWE6gsZsqNxUusv7GGnGrTwR/BGGMOJ6I6dFVcgyEHCkmrEzFBNA6ZTajcdPY+dIIBC2Y3TzBtw==
x-amz-request-id: 10HCGHT514T127GF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 23 Jan 2023 02:47:32 GMT
age: 2882
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:35:34 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lora%3A400%2C400italic%2C700%2C700italic%7CMontserrat%3A400%2C700%7CMaven+Pro%3A400%2C700&ver=5.0.13
142.250.74.106200 OK 801 B URL HTTP/1.1 fonts.googleapis.com/css?family=Lora%3A400%2C400italic%2C700%2C700italic%7CMontserrat%3A400%2C700%7CMaven+Pro%3A400%2C700&ver=5.0.13
IP 142.250.74.106:0
Hash 83788b21d44b6609cc68d564cd912c03
605d21c45235b7161b6c8180d515df3a17a28895
2b6c6862b1c3ac9a0cba9705a93720d934ebb515d8be02e82cad992e357b9c65
GET /css?family=Lora%3A400%2C400italic%2C700%2C700italic%7CMontserrat%3A400%2C700%7CMaven+Pro%3A400%2C700&ver=5.0.13 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ms888.sk/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 23 Jan 2023 03:35:34 GMT
Date: Mon, 23 Jan 2023 03:35:34 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ms888.sk/wp-includes/css/dist/block-library/style.min.css?ver=5.0.13
67.202.92.13200 OK 4.3 kB URL HTTP/1.1 ms888.sk/wp-includes/css/dist/block-library/style.min.css?ver=5.0.13
IP 67.202.92.13:0
File type ASCII text, with very long lines (25658), with no line terminators
Hash 9fb1d05de92071499d8b590d6463f4d7
7e0d6c8141d2dd6567807bf0821f7a56125f7d20
c1c9918adfcb1ef263b239f484730426a79b7d8efd54830fa8781651d6cbeaf7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.0.13 HTTP/1.1
Host: ms888.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ms888.sk/KOdqn_ep-JfVtu/bsM/Attachments/2019-02
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Tue, 23 Jan 2024 03:35:34 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 06 Feb 2019 17:31:17 GMT
etag: "643a-5c5b19e5-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4297
date: Mon, 23 Jan 2023 03:35:34 GMT
server: LiteSpeed
wpx: 1
referrer-policy:
pragma: public
ms888.sk/wp-content/plugins/kiwi-social-share/assets/vendors/icomoon/style.css?ver=2.0.14
67.202.92.13200 OK 808 B URL HTTP/1.1 ms888.sk/wp-content/plugins/kiwi-social-share/assets/vendors/icomoon/style.css?ver=2.0.14
IP 67.202.92.13:0
Hash 98ad6a8b9fb4a418c9612021c22088fa
0daf406988cd8e0012a9a525204bb7311d807d49
180dd5f5ebbb29d4d619d8371b872bf3e2b83b5fe77aaa05d661fc0f0c1fa865
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/kiwi-social-share/assets/vendors/icomoon/style.css?ver=2.0.14 HTTP/1.1
Host: ms888.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ms888.sk/KOdqn_ep-JfVtu/bsM/Attachments/2019-02
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Tue, 23 Jan 2024 03:35:34 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 06 Feb 2019 17:32:20 GMT
etag: "bdb-5c5b1a24-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 808
date: Mon, 23 Jan 2023 03:35:34 GMT
server: LiteSpeed
wpx: 1
referrer-policy:
pragma: public
ms888.sk/wp-content/themes/activello/assets/css/font-awesome.min.css?ver=5.0.13
67.202.92.13200 OK 6.6 kB URL HTTP/1.1 ms888.sk/wp-content/themes/activello/assets/css/font-awesome.min.css?ver=5.0.13
IP 67.202.92.13:0
File type ASCII text, with very long lines (28900)
Hash b5626e6e5f523f027278130f32395e11
5f6a8617d95611e3203b0c0e960249e1e83e6fa3
db3ecf3caf2ed89b3165f635f82812863ef1a3fe70b4069dce2a7148264610fc
GET /wp-content/themes/activello/assets/css/font-awesome.min.css?ver=5.0.13 HTTP/1.1
Host: ms888.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ms888.sk/KOdqn_ep-JfVtu/bsM/Attachments/2019-02
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Tue, 23 Jan 2024 03:35:34 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 06 Feb 2019 17:34:03 GMT
etag: "7187-5c5b1a8b-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 6602
date: Mon, 23 Jan 2023 03:35:34 GMT
server: LiteSpeed
wpx: 1
referrer-policy:
pragma: public
ms888.sk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
67.202.92.13200 OK 4.0 kB URL HTTP/1.1 ms888.sk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 67.202.92.13:0
File type ASCII text, with very long lines (9959)
Hash 2f89b08855471c7476435ce0bec33ba7
970533f152623df03b5fc6fb793b21889e4e0349
d200586b6dd1ff779b6c30947361ff736e076d8c7d502505ab3174ca33455ea0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: ms888.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ms888.sk/KOdqn_ep-JfVtu/bsM/Attachments/2019-02
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Tue, 23 Jan 2024 03:35:34 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Wed, 06 Feb 2019 17:31:17 GMT
etag: "2748-5c5b19e5-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4034
date: Mon, 23 Jan 2023 03:35:34 GMT
server: LiteSpeed
wpx: 1
referrer-policy:
pragma: public
ms888.sk/wp-content/themes/activello/assets/js/vendor/bootstrap.min.js?ver=5.0.13
67.202.92.13200 OK 9.9 kB URL HTTP/1.1 ms888.sk/wp-content/themes/activello/assets/js/vendor/bootstrap.min.js?ver=5.0.13
IP 67.202.92.13:0
File type ASCII text, with very long lines (32033)
Hash e66d1cadef9709b7e1177fa2bad57689
803a0026f5687b488fd80e99268a8ec6aebbd487
7ee290583814a684905461e9338a94be5b0ef39de9cf4cddd995e5d3b3805fc9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/activello/assets/js/vendor/bootstrap.min.js?ver=5.0.13 HTTP/1.1
Host: ms888.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ms888.sk/KOdqn_ep-JfVtu/bsM/Attachments/2019-02
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Tue, 23 Jan 2024 03:35:34 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Wed, 06 Feb 2019 17:34:03 GMT
etag: "90b5-5c5b1a8b-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 9860
date: Mon, 23 Jan 2023 03:35:34 GMT
server: LiteSpeed
wpx: 1
referrer-policy:
pragma: public
ms888.sk/wp-content/themes/activello/assets/js/vendor/modernizr.min.js?ver=5.0.13
67.202.92.13200 OK 6.3 kB URL HTTP/1.1 ms888.sk/wp-content/themes/activello/assets/js/vendor/modernizr.min.js?ver=5.0.13
IP 67.202.92.13:0
File type HTML document, ASCII text, with very long lines (14852)
Hash 534d59ec1f0ba86a36d2009c95ea1e74
730d56361437f7016f521ada039372871ef8f333
04491c3383ae39a94d6c3baa75fc674f33fde72f0c2c77f5471a752ea91dea4a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/activello/assets/js/vendor/modernizr.min.js?ver=5.0.13 HTTP/1.1
Host: ms888.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ms888.sk/KOdqn_ep-JfVtu/bsM/Attachments/2019-02
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Tue, 23 Jan 2024 03:35:34 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Wed, 06 Feb 2019 17:34:03 GMT
etag: "3c92-5c5b1a8b-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 6320
date: Mon, 23 Jan 2023 03:35:34 GMT
server: LiteSpeed
wpx: 1
referrer-policy:
pragma: public
ms888.sk/wp-content/themes/activello/assets/css/bootstrap.min.css?ver=5.0.13
67.202.92.13200 OK 20 kB URL HTTP/1.1 ms888.sk/wp-content/themes/activello/assets/css/bootstrap.min.css?ver=5.0.13
IP 67.202.92.13:0
File type ASCII text, with very long lines (65371)
Hash 572faaf4a4e3d7cdb0812939c3dcd68b
251156396b9886492b1a57d47fb2ae26652ab79e
65cfe7aa5c2a749e4a0c6d8a6dbc950a78f6cf73ff55a980c608e63c5bd726fe
GET /wp-content/themes/activello/assets/css/bootstrap.min.css?ver=5.0.13 HTTP/1.1
Host: ms888.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ms888.sk/KOdqn_ep-JfVtu/bsM/Attachments/2019-02
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Tue, 23 Jan 2024 03:35:34 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 06 Feb 2019 17:34:03 GMT
etag: "1d970-5c5b1a8b-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 19714
date: Mon, 23 Jan 2023 03:35:34 GMT
server: LiteSpeed
wpx: 1
referrer-policy:
pragma: public
ms888.sk/wp-content/themes/activello/assets/js/functions.min.js?ver=5.0.13
67.202.92.13200 OK 746 B URL HTTP/1.1 ms888.sk/wp-content/themes/activello/assets/js/functions.min.js?ver=5.0.13
IP 67.202.92.13:0
File type ASCII text, with very long lines (1747)
Hash 11270d6a7a4c6d542f4196ecdf05c029
7acee610e511c424c8a11fe75f5484b9e988f923
1091c2f3362b11b0d9994e4b68647c4b9fc122266e85c6d2cbf876f43549385a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/activello/assets/js/functions.min.js?ver=5.0.13 HTTP/1.1
Host: ms888.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ms888.sk/KOdqn_ep-JfVtu/bsM/Attachments/2019-02
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Tue, 23 Jan 2024 03:35:34 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Wed, 06 Feb 2019 17:34:03 GMT
etag: "6eb-5c5b1a8b-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 746
date: Mon, 23 Jan 2023 03:35:34 GMT
server: LiteSpeed
wpx: 1
referrer-policy:
pragma: public
ms888.sk/wp-content/themes/activello/assets/js/skip-link-focus-fix.js?ver=20140222
67.202.92.13200 OK 473 B URL HTTP/1.1 ms888.sk/wp-content/themes/activello/assets/js/skip-link-focus-fix.js?ver=20140222
IP 67.202.92.13:0
Hash 96b60f3cd651c5f7bddbc1cf6c25f7b6
bb28c6a0ee92011c3ebe3c49dc3040191b35d060
c67c5767899e3ed80de2ee90a4708a7d9a209d3ba241f865b8bc6d0883289b37
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/activello/assets/js/skip-link-focus-fix.js?ver=20140222 HTTP/1.1
Host: ms888.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ms888.sk/KOdqn_ep-JfVtu/bsM/Attachments/2019-02
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Tue, 23 Jan 2024 03:35:34 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Wed, 06 Feb 2019 17:34:03 GMT
etag: "370-5c5b1a8b-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 473
date: Mon, 23 Jan 2023 03:35:34 GMT
server: LiteSpeed
wpx: 1
referrer-policy:
pragma: public
ms888.sk/wp-includes/js/wp-embed.min.js?ver=5.0.13
67.202.92.13200 OK 743 B URL HTTP/1.1 ms888.sk/wp-includes/js/wp-embed.min.js?ver=5.0.13
IP 67.202.92.13:0
File type ASCII text, with very long lines (1391), with no line terminators
Hash b146105040f6faa62806b35ad455d121
14aa49ed4f29b666221a8de3fd17f04455f12b15
05f4d51649be6878352af6843f9a5ffc14bb96ca7a02db21a35a14f6a150b004
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=5.0.13 HTTP/1.1
Host: ms888.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ms888.sk/KOdqn_ep-JfVtu/bsM/Attachments/2019-02
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Tue, 23 Jan 2024 03:35:34 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Thu, 15 Apr 2021 04:05:14 GMT
etag: "56f-6077bb7a-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 743
date: Mon, 23 Jan 2023 03:35:34 GMT
server: LiteSpeed
wpx: 1
referrer-policy:
pragma: public
ms888.sk/wp-includes/js/wp-emoji-release.min.js?ver=5.0.13
67.202.92.13200 OK 4.4 kB URL HTTP/1.1 ms888.sk/wp-includes/js/wp-emoji-release.min.js?ver=5.0.13
IP 67.202.92.13:0
File type ASCII text, with very long lines (9063)
Hash 343acd31562d3b24fb324b821b8692f8
b3d86fc6f616367277e03cfef923df06a4798466
4fd20e509d473f22cb65b5101cd9356ff678999ef37e87842a9d22c80e0b1928
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.0.13 HTTP/1.1
Host: ms888.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ms888.sk/KOdqn_ep-JfVtu/bsM/Attachments/2019-02
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Tue, 23 Jan 2024 03:35:34 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Thu, 15 Apr 2021 04:05:14 GMT
etag: "2ea7-6077bb7a-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4362
date: Mon, 23 Jan 2023 03:35:34 GMT
server: LiteSpeed
wpx: 1
referrer-policy:
pragma: public
ms888.sk/wp-content/themes/activello/style.css?ver=5.0.13
67.202.92.13200 OK 8.8 kB URL HTTP/1.1 ms888.sk/wp-content/themes/activello/style.css?ver=5.0.13
IP 67.202.92.13:0
File type ASCII text, with very long lines (639)
Hash c2531d371eae6c53eedc9560fd43ee4f
76f236e4ab3bef56bb8d68d1f17f626ecc276d1c
f17c8283da3252d5417cc8026bf007ae59076603be94df5fd1b8a5388fbc8367
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/activello/style.css?ver=5.0.13 HTTP/1.1
Host: ms888.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ms888.sk/KOdqn_ep-JfVtu/bsM/Attachments/2019-02
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Tue, 23 Jan 2024 03:35:34 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 06 Feb 2019 17:34:03 GMT
etag: "a8be-5c5b1a8b-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 8807
date: Mon, 23 Jan 2023 03:35:34 GMT
server: LiteSpeed
wpx: 1
referrer-policy:
pragma: public
ms888.sk/wp-includes/js/jquery/jquery.js?ver=1.12.4
67.202.92.13200 OK 34 kB URL HTTP/1.1 ms888.sk/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 67.202.92.13:0
File type ASCII text, with very long lines (31997)
Hash 4cb886fab8df714a83d92f10c4d29e64
489b26aec0af8ee01d073fc9bc6e75ce115fd186
78498197a2c16bdb6f0b9ca944e06eed359c5d19871563d67b8f8fdae238e7df
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: ms888.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ms888.sk/KOdqn_ep-JfVtu/bsM/Attachments/2019-02
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Tue, 23 Jan 2024 03:35:34 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Thu, 05 Sep 2019 08:03:01 GMT
etag: "17a6a-5d70c135-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 33838
date: Mon, 23 Jan 2023 03:35:34 GMT
server: LiteSpeed
wpx: 1
referrer-policy:
pragma: public
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 23 Jan 2023 02:48:58 GMT
age: 2796
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2
142.250.74.35200 OK 36 kB URL HTTP/1.1 fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 35660, version 1.0\012- data
Hash 0d0d3e5824e5e67a9e993960df2b67a9
328d67bb1d5899a7809df9f4385181863fd035f1
38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
GET /s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ms888.sk
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 35660
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 16 Jan 2023 18:27:25 GMT
Expires: Tue, 16 Jan 2024 18:27:25 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 15 Aug 2022 18:07:59 GMT
Content-Type: font/woff2
Age: 551289
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.35200 OK 31 kB URL HTTP/1.1 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ms888.sk
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 30928
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 17 Jan 2023 09:41:29 GMT
Expires: Wed, 17 Jan 2024 09:41:29 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 11 Jul 2022 18:57:39 GMT
Content-Type: font/woff2
Age: 496445
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3044
Cache-Control: max-age=109317
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 03:35:34 GMT
Etag: "63ccfca7-1d7"
Expires: Tue, 24 Jan 2023 09:57:31 GMT
Last-Modified: Sun, 22 Jan 2023 09:06:47 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
s.w.org/images/core/emoji/11/svg/1f642.svg
192.0.77.48200 OK 525 B URL HTTP/2 s.w.org/images/core/emoji/11/svg/1f642.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (525), with no line terminators
Hash da3651e59d6006dfa5fa07ec3102d1f3
682e14ed012f6da166aa1658921caf3482245903
943c44a0f3dc1aba84f5fbe8465baadbb90af66cd7be9f37ca07a39260357ad2
GET /images/core/emoji/11/svg/1f642.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ms888.sk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:35:34 GMT
content-type: image/svg+xml
content-length: 525
last-modified: Fri, 08 Jun 2018 13:09:42 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
ms888.sk/wp-content/themes/activello/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
67.202.92.13200 OK 72 kB URL HTTP/1.1 ms888.sk/wp-content/themes/activello/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
IP 67.202.92.13:0
File type Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Hash e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/activello/assets/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: ms888.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ms888.sk/wp-content/themes/activello/assets/css/font-awesome.min.css?ver=5.0.13
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Tue, 23 Jan 2024 03:35:34 GMT
content-type: application/font-woff2
etag: "118d8-5c5b1a8b-0;;;"
accept-ranges: bytes
content-length: 71896
date: Mon, 23 Jan 2023 03:35:34 GMT
server: LiteSpeed
vary: User-Agent
wpx: 1
referrer-policy:
pragma: public
ms888.sk/wp-content/uploads/2017/03/cropped-bigstock-Business-People-Meeting-Confer-132402962-192x192.jpg
67.202.92.13200 OK 9.0 kB URL HTTP/1.1 ms888.sk/wp-content/uploads/2017/03/cropped-bigstock-Business-People-Meeting-Confer-132402962-192x192.jpg
IP 67.202.92.13:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 192x192, components 3\012- data
Hash 583f3f4f3e98992deccb1f975b84f8ef
2ba9f4dc9ee1ab5aa0554202ad6ff6be110b4848
22032b12ceebd5b00c04fb60dddc94bccab64c976300f7b4526b46d09b3b70b0
GET /wp-content/uploads/2017/03/cropped-bigstock-Business-People-Meeting-Confer-132402962-192x192.jpg HTTP/1.1
Host: ms888.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ms888.sk/KOdqn_ep-JfVtu/bsM/Attachments/2019-02
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Tue, 23 Jan 2024 03:35:35 GMT
content-type: image/jpeg
last-modified: Mon, 03 Apr 2017 10:36:14 GMT
etag: "2359-58e2259e-0;;;"
accept-ranges: bytes
content-length: 9049
date: Mon, 23 Jan 2023 03:35:35 GMT
server: LiteSpeed
vary: User-Agent
wpx: 1
referrer-policy:
pragma: public
ms888.sk/wp-content/uploads/2017/03/cropped-bigstock-Business-People-Meeting-Confer-132402962-32x32.jpg
67.202.92.13200 OK 1.1 kB URL HTTP/1.1 ms888.sk/wp-content/uploads/2017/03/cropped-bigstock-Business-People-Meeting-Confer-132402962-32x32.jpg
IP 67.202.92.13:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 32x32, components 3\012- data
Hash c721c2995fec0404c779ba22704b716a
0d078cea0264e968ca35d35368c1881b49398f01
28d95553548236a97bfa446b74cf03669c46633020ba8c0bed0663bbc1f9629b
GET /wp-content/uploads/2017/03/cropped-bigstock-Business-People-Meeting-Confer-132402962-32x32.jpg HTTP/1.1
Host: ms888.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ms888.sk/KOdqn_ep-JfVtu/bsM/Attachments/2019-02
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Tue, 23 Jan 2024 03:35:35 GMT
content-type: image/jpeg
last-modified: Mon, 03 Apr 2017 10:36:14 GMT
etag: "43f-58e2259e-0;;;"
accept-ranges: bytes
content-length: 1087
date: Mon, 23 Jan 2023 03:35:35 GMT
server: LiteSpeed
vary: User-Agent
wpx: 1
referrer-policy:
pragma: public
push.services.mozilla.com/
54.148.70.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.70.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MhnF7lr1FFh650a/u3oCHA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: h+yn/R860qQEVZsHSyrRuIwKDso=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4158
Expires: Mon, 23 Jan 2023 04:44:54 GMT
Date: Mon, 23 Jan 2023 03:35:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4158
Expires: Mon, 23 Jan 2023 04:44:54 GMT
Date: Mon, 23 Jan 2023 03:35:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4158
Expires: Mon, 23 Jan 2023 04:44:54 GMT
Date: Mon, 23 Jan 2023 03:35:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4158
Expires: Mon, 23 Jan 2023 04:44:54 GMT
Date: Mon, 23 Jan 2023 03:35:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4158
Expires: Mon, 23 Jan 2023 04:44:54 GMT
Date: Mon, 23 Jan 2023 03:35:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805711aaab303931f8966bbf73aeda52
2bd02a45c8b407e36a41a482b121ea3e14f7c722
66268668c1a970268d75beb1b57f66a759bedac76958a3359cb23104de40fbeb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3411
x-amzn-requestid: 62afd364-e94f-45ff-ba6c-9b589fc53e5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyCEzrIAMFb8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-203f51040f82f12d535446c4;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K73B093GBbsf85ny_o8fc9oE417nJBFlH0eEdhiifeQk3KG5Q-HHdg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 05:17:02 GMT
age: 80314
etag: "2bd02a45c8b407e36a41a482b121ea3e14f7c722"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fed503b-e1a4-456e-b9a4-57ddbb0e7ed2.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fed503b-e1a4-456e-b9a4-57ddbb0e7ed2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a92d48898835ae8afbff3e369127fe13
90491b32adf6a6b7076ac63da4f2ab571f08920c
9060b3c090adc527e575c1d95d836db00a2136eeda09cdbb11e72ee8b4fa6216
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fed503b-e1a4-456e-b9a4-57ddbb0e7ed2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4093
x-amzn-requestid: 9b314377-5aab-4d4f-9ff8-cf0dd5b0c516
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqthESYoAMF4YA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57ef-163727d625b0751f61eca87d;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LcNA7NskVOVIn_eldl9Zo4GTnOoi5eZtmwNnadOwynYKzuzYOmTFIw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 18:33:39 GMT
age: 32517
etag: "90491b32adf6a6b7076ac63da4f2ab571f08920c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ec35d753b6b816abcd14030255a7b76
a67bd0fa5beb10935442bef246bf4f52ec6e74bd
9adfddc8877a8ea9f1c3bcc0af99548cb11dc4e1d62a706bf9b2a5cc6d72e82f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 59d91715-b444-445e-bd6b-268fc630024b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKezLExAIAMFSeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdab47-1e12e8f335ea162532ce6aca;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R-9qgCHHj8iD9FEwYhzLoXAQvdrO6D6qRIWAvyQJyfB-LHDGUjvmzA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:59 GMT
age: 20857
etag: "a67bd0fa5beb10935442bef246bf4f52ec6e74bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4b994-3774-4962-a9e1-b5806a10d003.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4b994-3774-4962-a9e1-b5806a10d003.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95b95060778eca8d5323002d4afe406f
d91109d98c607bd3a0eb56784ed91fbcfc89bd5f
d549664c9a2abc859b3fe4f0144b18095d8c4b63552385224ff9d77f8b57b297
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4b994-3774-4962-a9e1-b5806a10d003.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12886
x-amzn-requestid: 60d7f7b0-742a-4485-9db9-8457791b59e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exbSWEAfoAMFVow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a5a8-528cc2b371f663ce2e11b779;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:05:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9MMu0unR0j56kK4Y-vcAXnmH-IJDgWyeLrV1Raegi914Uyqh85u-cg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 04:03:27 GMT
age: 84729
etag: "d91109d98c607bd3a0eb56784ed91fbcfc89bd5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5401628b3bdd03eeee51f68177ac4d41
bb12e1d1bc5a87d3fa05371894a8bc8eb3d1bb29
3e231ba2e44699d88ed1e28510dad0762a57e0854a11d40f752421bd41738944
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10052
x-amzn-requestid: 10422f29-dc81-41f9-b03e-76fb2b0f4f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2vnHFT9oAMFbmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c62d-780503606bec4fff6e911fc8;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:48:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NQaGhmXW_zeKd-WXUxi_z0e3Ul1YrtBgIbPEEWRfQfG7d8C0JyZdXg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:56:00 GMT
age: 20376
etag: "bb12e1d1bc5a87d3fa05371894a8bc8eb3d1bb29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2aa8ea3b-13bb-49a3-a61a-2cecc5ae20aa.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2aa8ea3b-13bb-49a3-a61a-2cecc5ae20aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2146bf738fb2120d9f167533c7ec2ab
ce546aa88e2ab0958a99c5a8240fcd95500ef1ea
54405cd0508b2dcf343c3b8563ad8bb484f01866e58b29a034aa650a415925d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2aa8ea3b-13bb-49a3-a61a-2cecc5ae20aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5250
x-amzn-requestid: 364176ba-8f3f-4e2f-8d52-8c03d91b5f02
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fnEHMsoAMFysQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c612f9-33117b2d2175e2d55cedfa1f;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: avMFeAuR4DRfk759c1EL880OtEdTXp2fnCFv9aflVuurrqOi71rE6A==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:56:00 GMT
age: 20376
etag: "ce546aa88e2ab0958a99c5a8240fcd95500ef1ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2