panslingcudirerot.tk/
172.67.162.213302 Found 0 B IP 172.67.162.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: panslingcudirerot.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 08 Dec 2022 04:24:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://oly4youbaby.info/?s1=fhy1&s6=HVyut3
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HN775xrQy1627Zmk3azmasQo9yfS2ya9iEtH9HIwt6FUMkgBRDM0Pc60jrgtGXZ6GQ7FEBGYNB9AlOcwaTpPyqGBj3GGVeon7p1cV01F18RGX73mCkX2roOiwszb5zMjmMUVuEervw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7762bab2febbb506-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21201
Expires: Thu, 08 Dec 2022 10:17:25 GMT
Date: Thu, 08 Dec 2022 04:24:04 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2353
Expires: Thu, 08 Dec 2022 05:03:17 GMT
Date: Thu, 08 Dec 2022 04:24:04 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3540
Expires: Thu, 08 Dec 2022 05:23:04 GMT
Date: Thu, 08 Dec 2022 04:24:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 04:08:08 GMT
content-type: application/json
age: 956
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: r6qh9TGMd3iN+Lh4DPY3CZXhTaKUW4Ae16yz3pRTxmt0zQQcMIwndIN7faLb6Gnv4Np+ct+JSMQ=
x-amz-request-id: WNXJH81JJ8ANSTMY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 03:49:37 GMT
age: 2067
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 04:24:04 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
oly4youbaby.info/?s1=fhy1&s6=HVyut3
172.67.207.104200 OK 1.3 kB URL HTTP/1.1 oly4youbaby.info/?s1=fhy1&s6=HVyut3
IP 172.67.207.104:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ecef365f7c702ca473305a8c647d7736
b1ba75b2f8064c2efc45eb2d3a4ae1c54fcd4a4a
f91e76c554fe0341ecc353dcf0cbe527f329c6c78ea546eef609ffe7e9e49be3
GET /?s1=fhy1&s6=HVyut3 HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 04:24:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IktBbWxoSFgyR0o0KysyaW5ZR1lQSFE9PSIsInZhbHVlIjoicms1MEdrWG1lNWl4bGtBSGpzaGRMcUNrNXR3WVJVNSt5aWd4eStQUGdsRnNVbnVtOFVwbDVqZFlQNlowelg0ciIsIm1hYyI6ImU1YTRkNTAyMDM5ZjMzY2JhNTNkYjU2NGIxZTFkNzFlMTk1MjYzODI3YzAyNmQwZGY4NDYxYmRlMTZkNTI0NmUifQ%3D%3D; expires=Thu, 08-Dec-2022 06:24:04 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IjlCc1R4cHFjRnN2clVrT2JpMGFUaVE9PSIsInZhbHVlIjoiVi9SNUloRmRpWnpZZ3BDYmVjeG94S3BJYXlWdmJJNUVVZENVb1ZUZ3Z5ME9vZ1g3dkJXblpqU1YwcjBxQm81QSIsIm1hYyI6IjhlOGY5YWFjYzU3ZmRjODY5NzRhYmM5ZjExYzc5YTNiOGFhYjNiNzg1OWY4MGRiODdiNTVmZGVlZDYwODRjMjAifQ%3D%3D; expires=Thu, 08-Dec-2022 06:24:04 GMT; Max-Age=7200; path=/; httponly; samesite=lax
SRVNAME=w2; path=/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BIEkU1Np1OLjdyLFWomJf7aefBw4Ms4h6B62VC6hPR2txunLXQvh%2FI92vT7QkIND9zMB7JmJ5R7uyAVh5W5L3toQL2ugBnlnAqG1T35FPTO6IHNFbHftJIEbAqMtetD4SzU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7762bab499c4b51b-OSL
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 04:07:58 GMT
age: 966
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ced45e6bffb1c92f7f767222aba791ac
547c1d5c0f1f9325de43a20bc2272531fcea0e71
b8e09ff92cf2d2198be53316c085ad6d9b78b1aa0f229f14a6d9221263cf0cf7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B8E09FF92CF2D2198BE53316C085AD6D9B78B1AA0F229F14A6D9221263CF0CF7"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2460
Expires: Thu, 08 Dec 2022 05:05:05 GMT
Date: Thu, 08 Dec 2022 04:24:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4907
Cache-Control: max-age=108272
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 04:24:05 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:28:37 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
oly4youbaby.info/landings/23/fonts/vendor.css
172.67.207.104200 OK 4.6 kB URL HTTP/1.1 oly4youbaby.info/landings/23/fonts/vendor.css
IP 172.67.207.104:0
File type ASCII text, with very long lines (15978), with no line terminators
Hash 377405d3307aef534a02390c8145d0e5
017d14f663ed7d987a86b438ea86ae79a1e3728e
23807638eb7055729a660116633dcc0ce1dd0c928f2f7b7b91a628a0266aefa8
GET /landings/23/fonts/vendor.css HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IktBbWxoSFgyR0o0KysyaW5ZR1lQSFE9PSIsInZhbHVlIjoicms1MEdrWG1lNWl4bGtBSGpzaGRMcUNrNXR3WVJVNSt5aWd4eStQUGdsRnNVbnVtOFVwbDVqZFlQNlowelg0ciIsIm1hYyI6ImU1YTRkNTAyMDM5ZjMzY2JhNTNkYjU2NGIxZTFkNzFlMTk1MjYzODI3YzAyNmQwZGY4NDYxYmRlMTZkNTI0NmUifQ%3D%3D; laravel_session=eyJpdiI6IjlCc1R4cHFjRnN2clVrT2JpMGFUaVE9PSIsInZhbHVlIjoiVi9SNUloRmRpWnpZZ3BDYmVjeG94S3BJYXlWdmJJNUVVZENVb1ZUZ3Z5ME9vZ1g3dkJXblpqU1YwcjBxQm81QSIsIm1hYyI6IjhlOGY5YWFjYzU3ZmRjODY5NzRhYmM5ZjExYzc5YTNiOGFhYjNiNzg1OWY4MGRiODdiNTVmZGVlZDYwODRjMjAifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 04:24:05 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:34 GMT
etag: W/"637cb38e-3e6a"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4Z6yIyVO3Bhgm3zzTfsNSFcXiwj0rNcLvjGcke329SzNFI%2Bd99fCXn9V8mkzTykZfdAek2Z85bdP87BIt1EZJrbzw%2BTTXHi88jY6brILDFWBjFieUlYlWv7R2Vr88g7Z1XA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7762bab77b0ab51b-OSL
Content-Encoding: gzip
svntrk.com/assets/fhy1_639166e4da8ec.js
172.67.197.110200 OK 346 B URL HTTP/2 svntrk.com/assets/fhy1_639166e4da8ec.js
IP 172.67.197.110:0
Hash 2f592be6207872521b10f721c7cf1ce9
b74ea3be7ff2d6fc1c601f0785755fdbe79bd9ae
4d6f8d01c156bfe8b25e262fcf9ad837ed32795969bd7ae6ee434e2077569a17
GET /assets/fhy1_639166e4da8ec.js HTTP/1.1
Host: svntrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 04:24:05 GMT
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: BYPASS
set-cookie: svnimp=639166e565592; path=/; secure; httponly; samesite=none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqpNLfFKs2AxJFU6iTCYugY4xRf%2BZsgV%2FdSOOr5uAlGl2%2BORwTpa%2BT1IGZ4tRiWX955I4OvbIb0OOMCCbTA1klJhoY3t0gW%2FIudh3Ji3AOqge7m3zvXRwryigtuC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7762bab8ab1b0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.37.79.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.37.79.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xavGNGYhwXxpYPwzH3C/PA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ADAMe5vX5QDJHzabm0axpkjgYlQ=
oly4youbaby.info/landings/23/js/vendor.js
172.67.207.104200 OK 56 kB URL HTTP/1.1 oly4youbaby.info/landings/23/js/vendor.js
IP 172.67.207.104:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 629b09dec840209f6e2b2d6e6193b999
ffa26d176cb820d385dac782e756746e9051ab43
8077d0cc1fade28a85f83a6af981f2dc7ed272e75139233d0a66c799287d6db8
GET /landings/23/js/vendor.js HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IktBbWxoSFgyR0o0KysyaW5ZR1lQSFE9PSIsInZhbHVlIjoicms1MEdrWG1lNWl4bGtBSGpzaGRMcUNrNXR3WVJVNSt5aWd4eStQUGdsRnNVbnVtOFVwbDVqZFlQNlowelg0ciIsIm1hYyI6ImU1YTRkNTAyMDM5ZjMzY2JhNTNkYjU2NGIxZTFkNzFlMTk1MjYzODI3YzAyNmQwZGY4NDYxYmRlMTZkNTI0NmUifQ%3D%3D; laravel_session=eyJpdiI6IjlCc1R4cHFjRnN2clVrT2JpMGFUaVE9PSIsInZhbHVlIjoiVi9SNUloRmRpWnpZZ3BDYmVjeG94S3BJYXlWdmJJNUVVZENVb1ZUZ3Z5ME9vZ1g3dkJXblpqU1YwcjBxQm81QSIsIm1hYyI6IjhlOGY5YWFjYzU3ZmRjODY5NzRhYmM5ZjExYzc5YTNiOGFhYjNiNzg1OWY4MGRiODdiNTVmZGVlZDYwODRjMjAifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 04:24:05 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:34 GMT
etag: W/"637cb38e-2666d"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2ngEYlCWNatM2ioFOSZMkigauloA2ODrG2xfi2O7jpwvpUNn%2Bmj%2FdnqHv6ZmzI17TUKtyLL2IHqiDm1WldoSO4J7jTcLEvUvox9JxasbJKQvTdmX1aVDI0xnrNYgp9%2F7ndY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7762bab77e8eb4e8-OSL
Content-Encoding: gzip
oly4youbaby.info/landings/23/fonts/simsun.woff
172.67.207.104200 OK 5.8 MB URL HTTP/1.1 oly4youbaby.info/landings/23/fonts/simsun.woff
IP 172.67.207.104:0
File type Web Open Font Format, TrueType, length 5783760, version 0.0\012- data
Size 5.8 MB (5783760 bytes)
Hash 0fd6fd7f1fc427d5c5de001ede104866
fd3a23df43cd0e984d80b26dc3c7493c1ad65a55
3d6c42cd5081a17da6cd24d7e7b68592b493c181e13b124fed1c8b48ecdf19fe
GET /landings/23/fonts/simsun.woff HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://oly4youbaby.info/landings/23/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6IktBbWxoSFgyR0o0KysyaW5ZR1lQSFE9PSIsInZhbHVlIjoicms1MEdrWG1lNWl4bGtBSGpzaGRMcUNrNXR3WVJVNSt5aWd4eStQUGdsRnNVbnVtOFVwbDVqZFlQNlowelg0ciIsIm1hYyI6ImU1YTRkNTAyMDM5ZjMzY2JhNTNkYjU2NGIxZTFkNzFlMTk1MjYzODI3YzAyNmQwZGY4NDYxYmRlMTZkNTI0NmUifQ%3D%3D; laravel_session=eyJpdiI6IjlCc1R4cHFjRnN2clVrT2JpMGFUaVE9PSIsInZhbHVlIjoiVi9SNUloRmRpWnpZZ3BDYmVjeG94S3BJYXlWdmJJNUVVZENVb1ZUZ3Z5ME9vZ1g3dkJXblpqU1YwcjBxQm81QSIsIm1hYyI6IjhlOGY5YWFjYzU3ZmRjODY5NzRhYmM5ZjExYzc5YTNiOGFhYjNiNzg1OWY4MGRiODdiNTVmZGVlZDYwODRjMjAifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 04:24:05 GMT
Content-Type: application/font-woff
Content-Length: 5783760
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:34 GMT
etag: "637cb38e-5840d0"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8DD4ExfmjBhMrrAC1HFnWKG6oejIAQGewIie9K1CABNirtuYv0HME4aFovU3z5xU5E9J0Ajf%2B72ObhnMFDhmNBsTvhxSGYZo551w068vxv2a4ozx5U6EQUyOgFHxC6Uqfva"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7762babbbca9b51b-OSL
oly4youbaby.info/landings/23/fonts/rabusto.otf
172.67.207.104200 OK 24 kB URL HTTP/1.1 oly4youbaby.info/landings/23/fonts/rabusto.otf
IP 172.67.207.104:0
File type OpenType font data\012- data
Hash e4a635fdaaab7f7d38b4cd83488647bf
e0b0b335a46083ebe9fdd142bd36ec8754d35d83
4f7b9a8ccc28aac5227851b8d06a8bba38750a6f13259446a1781ce506fda6a0
GET /landings/23/fonts/rabusto.otf HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oly4youbaby.info/landings/23/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6IktBbWxoSFgyR0o0KysyaW5ZR1lQSFE9PSIsInZhbHVlIjoicms1MEdrWG1lNWl4bGtBSGpzaGRMcUNrNXR3WVJVNSt5aWd4eStQUGdsRnNVbnVtOFVwbDVqZFlQNlowelg0ciIsIm1hYyI6ImU1YTRkNTAyMDM5ZjMzY2JhNTNkYjU2NGIxZTFkNzFlMTk1MjYzODI3YzAyNmQwZGY4NDYxYmRlMTZkNTI0NmUifQ%3D%3D; laravel_session=eyJpdiI6IjlCc1R4cHFjRnN2clVrT2JpMGFUaVE9PSIsInZhbHVlIjoiVi9SNUloRmRpWnpZZ3BDYmVjeG94S3BJYXlWdmJJNUVVZENVb1ZUZ3Z5ME9vZ1g3dkJXblpqU1YwcjBxQm81QSIsIm1hYyI6IjhlOGY5YWFjYzU3ZmRjODY5NzRhYmM5ZjExYzc5YTNiOGFhYjNiNzg1OWY4MGRiODdiNTVmZGVlZDYwODRjMjAifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 04:24:06 GMT
Content-Type: application/octet-stream
Content-Length: 23464
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:34 GMT
etag: "637cb38e-5ba8"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8q8NGntbcKTvmQe4fFkufSFJK4CLh%2F1aeyYFTTAPiXwddsX47ADNpdEKVqvrFrI9iYPCpjI%2FtSxC%2FqQtSdlbvzCCEPL%2F1G%2FysKLt0%2BS6Q0hn7PkPjRSI9xKpjNYwVyvjuh2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7762babbb821b4e8-OSL
oly4youbaby.info/landings/23/img/half-bg.jpg
172.67.207.104200 OK 81 kB URL HTTP/1.1 oly4youbaby.info/landings/23/img/half-bg.jpg
IP 172.67.207.104:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 928x1039, components 3\012- data
Hash e4996d4763fdb2f3de7ce46089daa4f8
90e4f1bc0ae57ab81fd4eb30caff45268e6cf749
64ad6c1670a4ce47b4a9a2caaaca1a49240dac1ff4cd4d09cf7c8df4c921c2c1
GET /landings/23/img/half-bg.jpg HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IktBbWxoSFgyR0o0KysyaW5ZR1lQSFE9PSIsInZhbHVlIjoicms1MEdrWG1lNWl4bGtBSGpzaGRMcUNrNXR3WVJVNSt5aWd4eStQUGdsRnNVbnVtOFVwbDVqZFlQNlowelg0ciIsIm1hYyI6ImU1YTRkNTAyMDM5ZjMzY2JhNTNkYjU2NGIxZTFkNzFlMTk1MjYzODI3YzAyNmQwZGY4NDYxYmRlMTZkNTI0NmUifQ%3D%3D; laravel_session=eyJpdiI6IjlCc1R4cHFjRnN2clVrT2JpMGFUaVE9PSIsInZhbHVlIjoiVi9SNUloRmRpWnpZZ3BDYmVjeG94S3BJYXlWdmJJNUVVZENVb1ZUZ3Z5ME9vZ1g3dkJXblpqU1YwcjBxQm81QSIsIm1hYyI6IjhlOGY5YWFjYzU3ZmRjODY5NzRhYmM5ZjExYzc5YTNiOGFhYjNiNzg1OWY4MGRiODdiNTVmZGVlZDYwODRjMjAifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 04:24:06 GMT
Content-Type: image/jpeg
Content-Length: 81430
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:34 GMT
etag: "637cb38e-13e16"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nx5aUsFCti%2Bu2RoJ3rcNet4Y6Pdhh%2B9%2B93EQK9RhR6%2BZ3q5jG%2F26jre5ksj50%2FMbjIDoz52g7uwLdb367GNLSOFXXoRD4fW%2F3hK%2F2KBlYfgpX%2BQ2P%2B9%2BW6c3EP9OdSIu1Ds3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7762babb289db505-OSL
oly4youbaby.info/favicon.ico
172.67.207.104200 OK 0 B URL HTTP/1.1 oly4youbaby.info/favicon.ico
IP 172.67.207.104:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IktBbWxoSFgyR0o0KysyaW5ZR1lQSFE9PSIsInZhbHVlIjoicms1MEdrWG1lNWl4bGtBSGpzaGRMcUNrNXR3WVJVNSt5aWd4eStQUGdsRnNVbnVtOFVwbDVqZFlQNlowelg0ciIsIm1hYyI6ImU1YTRkNTAyMDM5ZjMzY2JhNTNkYjU2NGIxZTFkNzFlMTk1MjYzODI3YzAyNmQwZGY4NDYxYmRlMTZkNTI0NmUifQ%3D%3D; laravel_session=eyJpdiI6IjlCc1R4cHFjRnN2clVrT2JpMGFUaVE9PSIsInZhbHVlIjoiVi9SNUloRmRpWnpZZ3BDYmVjeG94S3BJYXlWdmJJNUVVZENVb1ZUZ3Z5ME9vZ1g3dkJXblpqU1YwcjBxQm81QSIsIm1hYyI6IjhlOGY5YWFjYzU3ZmRjODY5NzRhYmM5ZjExYzc5YTNiOGFhYjNiNzg1OWY4MGRiODdiNTVmZGVlZDYwODRjMjAifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 04:24:06 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:13 GMT
etag: "637cb379-0"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1554
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCJkbm0LK%2FGrSdNZUnEsBffSSrrkWdr1BdgR2%2BSZa06XiyY4gZET%2FZ72gk4JudGAtaLBaMrd4HWblcRYdU5Q%2Fxgf153RqA9J8OMtRyg8pMCidudk81dbwpwctnRUDwsVuq6F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7762babf29aeb4e8-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21243
Expires: Thu, 08 Dec 2022 10:18:09 GMT
Date: Thu, 08 Dec 2022 04:24:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21243
Expires: Thu, 08 Dec 2022 10:18:09 GMT
Date: Thu, 08 Dec 2022 04:24:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21243
Expires: Thu, 08 Dec 2022 10:18:09 GMT
Date: Thu, 08 Dec 2022 04:24:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21243
Expires: Thu, 08 Dec 2022 10:18:09 GMT
Date: Thu, 08 Dec 2022 04:24:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21243
Expires: Thu, 08 Dec 2022 10:18:09 GMT
Date: Thu, 08 Dec 2022 04:24:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377ab47f-a48d-4112-a562-b49a358636f1.png
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377ab47f-a48d-4112-a562-b49a358636f1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f5ce4070e5050733be6bded399afe53
77cf1dd30e86f5568a8e64cb42f536cf2af9301c
7fe19657e1add41e913e9a326023ff484180ca17615175ddc5d2ab57217566bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377ab47f-a48d-4112-a562-b49a358636f1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4538
x-amzn-requestid: 143f359f-c0fd-4d32-8de5-cc2c2804bb39
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4gIHzXoAMFqmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391079a-27db2e3c6de7216e3c17caea;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ba2tqr7qzoTbVkNM_hFETgyCLbCLvAEQjFA2jSU83qYRz6j-uIpk6Q==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:14:58 GMT
age: 22148
etag: "77cf1dd30e86f5568a8e64cb42f536cf2af9301c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa98459-9507-4e55-9fad-ef4a6111e4fc.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa98459-9507-4e55-9fad-ef4a6111e4fc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 911f9077bb888e775390cd5f34825f93
d64877f85440c5b7ab98bd29589f273b2b003608
9ae0779879235abd98a87fd4a25b0e2c1961d7e37ae2481867393e47ac871947
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa98459-9507-4e55-9fad-ef4a6111e4fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8295
x-amzn-requestid: e13ec956-9996-44d1-b216-1138c273d557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy42XHI_oAMFfCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63910828-532765c65249a4b339abfad4;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:39:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: eDebLHlPV0psvVes0bmmBPmwqPlAA8LTNBvmMQIQhxNtM2bTqThGQg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:06:53 GMT
etag: "d64877f85440c5b7ab98bd29589f273b2b003608"
content-type: image/jpeg
age: 22633
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F525e2750-67bb-410b-9408-34845ca67f18.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F525e2750-67bb-410b-9408-34845ca67f18.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1cfd2bbdab3f88f525c53c375a0e0439
b0a5af508496c98460212497f6e75a0ddfc7f2de
9fd863a6e673c348b4e5cbc3e4747d48e87b4699e9fed7ae9590e36ae72ad9c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F525e2750-67bb-410b-9408-34845ca67f18.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6746
x-amzn-requestid: 50f40893-5343-473d-96ff-e59b0c7ec77e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_pFx6oAMF1cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-79cff8fe348074d505426909;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s4Zf3VmA9ybuz7NQdvaolSHSFvGyZ0niRgZtogYnTNWEatHRouG3Sw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:01:55 GMT
age: 22931
etag: "b0a5af508496c98460212497f6e75a0ddfc7f2de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 06:11:41 GMT
age: 79945
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c408efaa98ac2ce63bb1618368d10c15
a51bbb49ebd862d04eaee465d0a35b22dcd21391
077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcHU93cetsY4-vWHpT2xXozH1T7J3_1X8n6Yjd6lOuF8HbkpTQDerg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
age: 22242
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57a992ab666f21c6da0057fefb622ff2
c36381d6744ae44360b2a37ca7586028e980714b
afe4050d9b07dcab509c95eb8d75ca410db74bd59f39561e5d190550cb61503e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13556
x-amzn-requestid: 3e79e2da-80ea-404c-8d87-939c7682dbe8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4h8EuUIAMFkIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639107a5-68318f164708882a43fb0f12;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7RZTh3iQHGp_XffXQQw13UUWqPNZQFJ_e4pIvNPgAaA1aGy_cXMueA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
etag: "c36381d6744ae44360b2a37ca7586028e980714b"
content-type: image/jpeg
age: 22242
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc231183-b100-4921-9a48-0bac91da0d2b.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc231183-b100-4921-9a48-0bac91da0d2b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 280c788841ca669f2c8556f03ee85b68
c15a4519a69eb6b5cc624344a7c3d99335a095d9
451a816aa2129c3a7712a01b96daee492ae2ab25c4940405063098f3b7ad10ae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc231183-b100-4921-9a48-0bac91da0d2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6032
x-amzn-requestid: 22b80af7-87cf-4719-8bc8-927077cc3aa1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4hoFraoAMFpVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639107a3-42927c064ee65d3b23121b36;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -6j01fDKCX0VuXQjVKCm1nPOqSRuh9_Pd-3cgxbEKWhLzlL27hs0fA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:07:32 GMT
age: 22601
etag: "c15a4519a69eb6b5cc624344a7c3d99335a095d9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2