Overview

URL https://www.st-omer.org/5/SMS.php?REF=93827498234=09823479823498=93287498234545
IP77.68.64.20
ASNIONOS SE
Location United Kingdom
Report completed2022-07-06 22:47:50 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Added / Verified Severity Host Comment
2022-07-06 2 www.st-omer.org/5/SMS.php?REF=93827498234=09823479823498=93287498234545 Emirates Post
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-06 2 www.st-omer.org/5/APP/jquery.3.3.1.min.js Phishing
2022-07-06 2 www.st-omer.org/5/APP/parsley.js Phishing
2022-07-06 2 www.st-omer.org/js/jquery.qtip.min.js Phishing
2022-07-06 2 www.st-omer.org/5/SMS.php?REF=93827498234=09823479823498=93287498234545 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (25)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.35
[Mnemonic Passive DNS] maxcdn.bootstrapcdn.com (4) 724 2017-01-30 05:00:47 UTC 2021-03-05 11:52:46 UTC 104.18.11.207
[Mnemonic Passive DNS] fonts.googleapis.com (1) 8877 2017-01-30 04:59:43 UTC 2019-10-16 05:12:41 UTC 142.250.74.10
[Mnemonic Passive DNS] h.online-metrix.net (7) 3460 2012-05-22 20:47:40 UTC 2022-04-25 10:10:03 UTC 91.235.132.130
[Mnemonic Passive DNS] lygdph9h2k4qv7wihllsvwaqy532fcgbem3glbamfb310024af52a735am1.e.aa.online-metrix.net (1) 0 No data No data 91.235.134.131 Domain (online-metrix.net) ranked at: 1982
[Mnemonic Passive DNS] lygdph9h2k4qv7wihllsvwaqy532fcgbem3glbam514e757cefbbd3a1am1.e.aa.online-metrix.net (1) 0 No data No data 91.235.134.131 Domain (online-metrix.net) ranked at: 1982
[Mnemonic Passive DNS] www.st-omer.org (10) 0 2019-06-28 04:32:21 UTC 2019-06-28 04:32:21 UTC 77.68.64.20 Unknown ranking
[Mnemonic Passive DNS] ocsp.securetrust.com (5) 18792 2019-12-23 03:05:54 UTC 2022-07-06 06:54:44 UTC 23.36.79.25
[Mnemonic Passive DNS] stats.g.doubleclick.net (1) 96 2017-01-30 04:59:59 UTC 2022-07-06 04:42:45 UTC 173.194.222.155
[Mnemonic Passive DNS] ocsp.sca1b.amazontrust.com (1) 1015 No data No data 54.230.245.100
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-07-06 17:02:11 UTC 34.120.237.76
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-06 04:55:23 UTC 54.230.111.7
[Mnemonic Passive DNS] ocsp.digicert.com (2) 86 2012-11-29 12:49:49 UTC 2022-07-06 19:05:02 UTC 93.184.220.29
[Mnemonic Passive DNS] js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-07-06 05:22:36 UTC 151.101.86.137
[Mnemonic Passive DNS] ssl.kaptcha.com (6) 9483 2021-04-12 23:24:38 UTC 2022-07-06 13:04:07 UTC 35.81.31.24
[Mnemonic Passive DNS] lygdph9h2k4qv7wihllsvwaqy532fcgbem3glbambc9a8d3e944f2744am1.e.aa.online-metrix.net (1) 0 No data No data 91.235.134.131 Domain (online-metrix.net) ranked at: 1982
[Mnemonic Passive DNS] lygdph9h2k4qv7wihllsvwaqy532fcgbem3glbam2d725cf19310e56eam1.e.aa.online-metrix.net (1) 0 No data No data 91.235.134.131 Domain (online-metrix.net) ranked at: 1982
[Mnemonic Passive DNS] demoaws.limelightcrm.com (1) 0 2017-04-27 11:20:45 UTC 2022-07-06 11:06:56 UTC 52.200.11.6 Domain (limelightcrm.com) ranked at: 393164
[Mnemonic Passive DNS] r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-07-06 04:41:34 UTC 23.36.77.32
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] bam.nr-data.net (6) 630 2022-05-18 16:30:58 UTC 2022-07-06 04:45:35 UTC 162.247.241.14
[Mnemonic Passive DNS] ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-07-06 04:42:12 UTC 142.250.74.3
[Mnemonic Passive DNS] fonts.gstatic.com (1) 0 2017-01-30 04:59:51 UTC 2022-07-06 04:41:59 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS] www.google-analytics.com (2) 40 2017-01-30 05:00:06 UTC 2022-07-06 06:00:56 UTC 142.250.74.174
[Mnemonic Passive DNS] lygdph9h2k4qv7wihllsvwaqy532fcgbem3glbama849d2f6f401bdb4am1.e.aa.online-metrix.net (1) 0 No data No data 91.235.134.131 Domain (online-metrix.net) ranked at: 1982


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 77.68.64.20

Date UQ / IDS / BL URL IP
2022-08-12 07:06:45 +0000
0 - 0 - 2 adoss.co.uk/wp-content/uploads/2015/08 77.68.64.20
2022-07-07 02:58:20 +0000
0 - 0 - 5 https://www.st-omer.org/5/SMSExpire.php?REF=9 (...) 77.68.64.20
2022-07-07 02:57:52 +0000
0 - 0 - 3 https://www.st-omer.org/5/SMS.php?REF=9382749 (...) 77.68.64.20
2022-07-07 02:57:22 +0000
0 - 0 - 4 www.st-omer.org/5/Payment.php 77.68.64.20
2022-07-06 22:48:20 +0000
0 - 0 - 2 https://www.st-omer.org/5/SMSExpire.php?REF=9 (...) 77.68.64.20
2022-07-06 22:47:23 +0000
0 - 0 - 6 www.st-omer.org/5/Payment.php 77.68.64.20
2022-07-06 11:07:07 +0000
0 - 0 - 2 https://st-omer.org/5/ 77.68.64.20
2022-07-06 11:05:34 +0000
0 - 0 - 6 https://st-omer.org/5 77.68.64.20
2022-07-06 05:34:26 +0000
0 - 0 - 2 https://st-omer.org/5/ 77.68.64.20
2022-07-06 05:32:59 +0000
0 - 0 - 4 https://st-omer.org/5 77.68.64.20

Last 10 reports on ASN: IONOS SE

Date UQ / IDS / BL URL IP
2022-08-13 00:14:20 +0000
0 - 0 - 5 fotograf.david-anton.com/ 82.165.101.27
2022-08-13 00:12:15 +0000
2 - 0 - 0 puertoalto.com/ 82.223.24.189
2022-08-12 23:40:22 +0000
0 - 0 - 1 omeucorreo.com/ 87.106.5.104
2022-08-12 22:28:55 +0000
0 - 0 - 49 buyzinga.co.uk/ 77.68.87.187
2022-08-12 22:14:23 +0000
9 - 0 - 2 horizonshemato.com/AutoDHL/DHL/index.php 217.160.0.242
2022-08-12 22:07:31 +0000
0 - 0 - 45 modulo.es/ 82.223.234.253
2022-08-12 21:57:43 +0000
0 - 0 - 3 d7pru.funcionando.net/ 82.223.19.44
2022-08-12 21:43:22 +0000
0 - 0 - 3 marquesvogt.com/back/main_hXKtlXjN118.bin 217.160.0.227
2022-08-12 21:43:15 +0000
0 - 0 - 3 marquesvogt.com/main/main_hXKtlXjN118.bin 217.160.0.227
2022-08-12 21:07:48 +0000
0 - 0 - 14 ptepeyac.com/ 74.208.253.230

No other reports on domain: st-omer.org



JavaScript

Executed Scripts (14)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (72)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 06 Jul 2022 21:56:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hLuRw189wIblGKSiIJj51J_D79kmbDg6j_pZHZ6fnMoOSEF0UlNueQ==
Age: 3082


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "78A5DCFAF2D93D9C87CFB6DBC56100E9F22965D4500554BA65F71CB7D84DD666"
Last-Modified: Wed, 06 Jul 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17873
Expires: Thu, 07 Jul 2022 03:45:30 GMT
Date: Wed, 06 Jul 2022 22:47:37 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 06 Jul 2022 03:26:46 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BCkl5yP00vuNnn67PA8bvnQyfMcn__9SC9HQMQoe-aeSJK82eBVcNg==
age: 69652
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Wed, 06 Jul 2022 22:47:37 GMT
Server: ECS (amb/6BC0)
Content-Length: 471

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 22:47:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /5/APP/jquery.qtip.min.css HTTP/1.1 
Host: www.st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/5/SMS.php?REF=93827498234=09823479823498=93287498234545
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 200 OK
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 22:47:37 GMT
content-type: text/css
content-length: 2160
last-modified: Mon, 20 Jun 2022 15:43:52 GMT
etag: "2316-5e1e2f894eaf7-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8982), with no line terminators
Size:   2160
Md5:    2d8a6b97fde839c53d72d02165dc1a6b
Sha1:   5f732d7686417fedf06d7a9184e75c798599770e
Sha256: 6d1576c69f8641b4395e875a4b73f67dc814f15d332ac7ce7af8bc3c48ee991b
                                        
                                            GET /5/APP/custom.css HTTP/1.1 
Host: www.st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/5/SMS.php?REF=93827498234=09823479823498=93287498234545
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 200 OK
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 22:47:37 GMT
content-type: text/css
content-length: 3717
last-modified: Mon, 20 Jun 2022 15:43:52 GMT
etag: "3af4-5e1e2f894e70f-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   3717
Md5:    e7ed3d74fedfafa0db44096d6bf561b4
Sha1:   bd474ea31ec2b83c9596a40ee589f3d0e2a9d6de
Sha256: 93e427ee55ebd3ba913a3f84b605b71ab86b74d92636002e23ece5859f5caadc
                                        
                                            GET /5/APP/jquery.3.3.1.min.js HTTP/1.1 
Host: www.st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/5/SMS.php?REF=93827498234=09823479823498=93287498234545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 200 OK
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 22:47:37 GMT
content-type: application/javascript
content-length: 30309
last-modified: Mon, 20 Jun 2022 15:43:52 GMT
etag: "1538f-5e1e2f894eaf7-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65450), with CRLF line terminators
Size:   30309
Md5:    5bac3d6b0ebd039c8c9385e98ffe8bfc
Sha1:   1b3644a5879e544bc637c194d6854570e3d0c48d
Sha256: 0eb895612d37395ecc393ca024cf4590fcfc5c150746a297fc3e0a7c68c7a225

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /5/APP/parsley.js HTTP/1.1 
Host: www.st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/5/SMS.php?REF=93827498234=09823479823498=93287498234545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 200 OK
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 22:47:37 GMT
content-type: application/javascript
content-length: 12373
last-modified: Mon, 20 Jun 2022 15:43:52 GMT
etag: "a85e-5e1e2f894f2c7-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32005), with CRLF line terminators
Size:   12373
Md5:    41ef212ddc1142710b4663ee8154fb33
Sha1:   4f6f39e2c64652d41bf4dfab1999f312a13db028
Sha256: e003deb8b3619dd0838cf124b0497e75dc3c322e53cfc1d17fde5713340592ea

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /nr-1071.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.137
HTTP/2 200 OK
                                        
x-amz-id-2: X4OmIxHECzh1nuls85gMw9R9M0YziqqQ3gTF1TSthkm6bJOvqq1T6qw3baP7FLqgPwwdum4c3ow=
x-amz-request-id: 44AJY2P3Q90DJKHP
last-modified: Wed, 28 Feb 2018 23:33:31 GMT
etag: "a1a545c95f313a230157b47dca555c25"
x-amz-version-id: null
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 06 Jul 2022 22:47:37 GMT
via: 1.1 varnish
x-served-by: cache-bma1666-BMA
x-cache: HIT
x-cache-hits: 15
x-timer: S1657147658.539959,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 9086
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (23651), with no line terminators
Size:   9086
Md5:    ea7d98da6b8048d3c3905a1c8c7413f1
Sha1:   222c966ad76450aefe8c8e8575678dd7733696bc
Sha256: 1ea4b27f6a8e25490b451cd0f484bb5f7ccf7031175f28f74ee14024461eef6a
                                        
                                            GET /5/APP/icon.png HTTP/1.1 
Host: www.st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/5/SMS.php?REF=93827498234=09823479823498=93287498234545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 200 OK
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 22:47:37 GMT
content-type: image/png
content-length: 2232
last-modified: Mon, 20 Jun 2022 15:43:52 GMT
etag: "8b8-5e1e2f894e70f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 200, 8-bit colormap, non-interlaced\012- data
Size:   2232
Md5:    05bc83bc8ff57ebb9439155a331a5b2c
Sha1:   6536f4ea087db4ee51822223e94f9bda7178d74b
Sha256: 3e2cbcbd5379fc3de3637925558821f74176ebfb08bf5f0ca29e10e47884c00e
                                        
                                            GET /5/N2/APP.png HTTP/1.1 
Host: www.st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/5/SMS.php?REF=93827498234=09823479823498=93287498234545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 200 OK
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 22:47:37 GMT
content-type: image/png
content-length: 28507
last-modified: Mon, 20 Jun 2022 15:43:52 GMT
etag: "6f5b-5e1e2f89521a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 700x335, components 3\012- data
Size:   28507
Md5:    3fcea3088f2d44f06d4f20ecddc1b176
Sha1:   61f08e144e9c30954214f6e66696981d22bbda05
Sha256: 0805c16214a65bcb27ad685f74534bca97e5728e4a4f5f8529129a013ee0ae2b
                                        
                                            GET /1/d4db62af92?a=8665447&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=32918&ref=http://localhost/Australia-Post/SMS.php&be=14420&fe=32885&dc=24889&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1609529187727,%22n%22:0,%22u%22:28,%22ue%22:28,%22f%22:5,%22dn%22:5,%22dne%22:5,%22c%22:5,%22ce%22:5,%22rq%22:12,%22rp%22:14,%22rpe%22:20,%22dl%22:53,%22di%22:24887,%22ds%22:24887,%22de%22:24890,%22dc%22:32883,%22l%22:32883,%22le%22:32892%7D,%22navigation%22:%7B%22ty%22:1%7D%7D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Wed, 06 Jul 2022 22:47:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 726be21b5bbeb4f7-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=32eb501b74460814; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   72
Md5:    107d93e382e2c9b00fbf9fb0edc65d86
Sha1:   77e750e3ebf9706f4f6dd253785602d70be17c6c
Sha256: a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
                                        
                                            GET /1/d4db62af92?a=8665447&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=11200&ref=http://localhost/Chronopost/SMS.php&be=2123&fe=11165&dc=7030&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1607804008141,%22n%22:0,%22u%22:62,%22ue%22:62,%22f%22:7,%22dn%22:7,%22dne%22:7,%22c%22:7,%22ce%22:7,%22rq%22:42,%22rp%22:47,%22rpe%22:53,%22dl%22:81,%22di%22:6947,%22ds%22:6947,%22de%22:7085,%22dc%22:11156,%22l%22:11156,%22le%22:11174%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Wed, 06 Jul 2022 22:47:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 726be21b880bb50f-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=c1fc476c15acdb0c; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   77
Md5:    f1442f5831dbbe0210da2d7a4180d6b8
Sha1:   2ade23c6c7a001c66f0c0a9a101ec152747b434e
Sha256: c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
                                        
                                            GET /1/d4db62af92?a=8665447&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=2596&ref=http://localhost/Chronopost/Payer.php&be=788&fe=2569&dc=1604&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1604769189379,%22n%22:0,%22u%22:52,%22ue%22:52,%22f%22:7,%22dn%22:7,%22dne%22:7,%22c%22:7,%22ce%22:7,%22rq%22:23,%22rp%22:28,%22rpe%22:36,%22dl%22:67,%22di%22:1598,%22ds%22:1598,%22de%22:1604,%22dc%22:2568,%22l%22:2568,%22le%22:2576%7D,%22navigation%22:%7B%22ty%22:1%7D%7D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Wed, 06 Jul 2022 22:47:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 726be21b98a6b4ee-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=cdabd556fe350977; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   77
Md5:    f1442f5831dbbe0210da2d7a4180d6b8
Sha1:   2ade23c6c7a001c66f0c0a9a101ec152747b434e
Sha256: c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
                                        
                                            GET /1/d4db62af92?a=8665447&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=8910&ref=https://101player.com/fr/gateway.html&be=6281&fe=8884&dc=7583&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1604768846968,%22n%22:0,%22f%22:3478,%22dn%22:3478,%22dne%22:3478,%22c%22:3478,%22ce%22:3478,%22rq%22:3482,%22rp%22:3687,%22rpe%22:3723,%22dl%22:4198,%22di%22:7581,%22ds%22:7582,%22de%22:7582,%22dc%22:8883,%22l%22:8883,%22le%22:8895%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Wed, 06 Jul 2022 22:47:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 726be21b991cb4fa-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=f3bc5587b3564623; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   72
Md5:    107d93e382e2c9b00fbf9fb0edc65d86
Sha1:   77e750e3ebf9706f4f6dd253785602d70be17c6c
Sha256: a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:47:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/jquery.qtip.min.js HTTP/1.1 
Host: www.st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/5/SMS.php?REF=93827498234=09823479823498=93287498234545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 404 Not Found
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 22:47:37 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   660
Md5:    d2d525763c983447c60cc63393562046
Sha1:   5f57eec08ced28eb2b66c651129a04fecf48ceba
Sha256: 8a1baa916de2fd82359ad0efc6d4c4a7e82c56970ade65672842d86bbdd8bdcf

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:47:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /1/d4db62af92?a=8665447&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=7620&ref=http://localhost/Chronopost/SMS.php&be=1444&fe=7593&dc=3869&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1607804720710,%22n%22:0,%22f%22:9,%22dn%22:9,%22dne%22:9,%22c%22:9,%22ce%22:9,%22rq%22:73,%22rp%22:75,%22rpe%22:80,%22dl%22:86,%22di%22:3728,%22ds%22:3728,%22de%22:3936,%22dc%22:7586,%22l%22:7586,%22le%22:7601%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Wed, 06 Jul 2022 22:47:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 726be21b9da2fac8-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=4cffe5b2dcbfc739; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   72
Md5:    107d93e382e2c9b00fbf9fb0edc65d86
Sha1:   77e750e3ebf9706f4f6dd253785602d70be17c6c
Sha256: a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 06 Jul 2022 22:34:56 GMT
Cache-Control: max-age=3600
Expires: Wed, 06 Jul 2022 23:05:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CN7kqX6l0U5Zi8NVldk5BCM6VmaVC26XBpdX30T_RBxBb0A7PH4xfQ==
Age: 762


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /collect/sdk?m=201509 HTTP/1.1 
Host: ssl.kaptcha.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.81.31.24
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0
P3p: CP=CAO PSA OUR
Pragma: no-cache
Set-Cookie: k=1a80aa1bf7c24754bc44942ef12bdced; Path=/; Expires=Tue, 04 Oct 2022 22:47:38 GMT; HttpOnly; Secure; SameSite=None
X-Correlation-Id: 930b81fc-65f0-48ab-924c-969e8fc9c0f6
Date: Wed, 06 Jul 2022 22:47:38 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (2275)
Size:   2456
Md5:    eb48f3a7665fa2bc1215b6d170cd65e0
Sha1:   28c9c56ae646078c0482e4bb921836e23edbcca1
Sha256: 510a2b7eb381a7afab9d9843a872183583fb690335fad8a33776f38f416d9ad3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2076
Cache-Control: 'max-age=158059'
Date: Wed, 06 Jul 2022 22:47:38 GMT
Last-Modified: Wed, 06 Jul 2022 22:13:02 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:47:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /5/SMS.php?REF=93827498234=09823479823498=93287498234545 HTTP/1.1 
Host: www.st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         77.68.64.20
HTTP/2 200 OK
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 22:47:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
cache-bypass-reason: DefaultSkip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   39587
Md5:    c92af00f21fba114bbee377091cab9fe
Sha1:   cbcbf5e17d34a3c6a7a98c6eab3b892f07b5b325
Sha256: 94ec64765a48272259008f2313a8c353078d78012b4bd12af447e7a3de0a018a

Alerts:
  Blocklists:
    - openphish: Emirates Post
    - fortinet: Phishing
                                        
                                            GET /font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.st-omer.org
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.11.207
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 22:47:38 GMT
content-type: font/woff2
content-length: 64464
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 06/09/2022 10:24:04
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 3636f0cf06f0ab7e11e1d45b56036865
cdn-cache: HIT
cf-cache-status: HIT
age: 27
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 726be2211e870b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data
Size:   64464
Md5:    4b5a84aaf1c9485e060c503a0ff8cadb
Sha1:   574ea2698c03ae9477db2ea3baf460ee32f1a7ea
Sha256: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
                                        
                                            GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.st-omer.org
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.11.207
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 22:47:37 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 07/05/2022 23:47:55
cdn-edgestorageid: 860
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 5865fd1fddaabe7fa915e37352c94be9
cdn-cache: HIT
cf-cache-status: HIT
age: 27
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 726be21b5a6a0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65371)
Size:   36414
Md5:    196c3d7df1ff9c414a7c7d9299f1afb2
Sha1:   cff0f9f319ec94f7a6691c7725608c4c54830936
Sha256: 6e05f8be4d86d0fb0fd822a96e3931328c179f24109eae1d5287f6552a865f0a
                                        
                                            GET /font-awesome/4.4.0/css/font-awesome.min.css HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.11.207
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 22:47:37 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 12/13/2021 21:25:06
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 632
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 8ac87b10825a6871d9cd076fc3a23e4f
cdn-cache: HIT
cf-cache-status: HIT
age: 2594409
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 726be21b5be9fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26548)
Size:   6488
Md5:    df1206764ba659774703f319b0623a80
Sha1:   43119b8dbaff21a0a91322a85787929026b49f86
Sha256: 9221c44e73a4a80d4449d67474e3c434d83b85b365a69e1ef33be83b1dc4b2eb
                                        
                                            GET /s/cabin/v26/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDH7alxw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.st-omer.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15168
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Jul 2022 21:13:10 GMT
expires: Wed, 05 Jul 2023 21:13:10 GMT
cache-control: public, max-age=31536000
age: 92068
last-modified: Fri, 24 Jun 2022 18:41:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15168, version 1.0\012- data
Size:   15168
Md5:    1598ebfa232c5514a99a8af0405cc9a6
Sha1:   d81db409924496627326925cffa27d465c24de3d
Sha256: 45a8badf06824c87461905a8b1871fc3ca3eb5934cee490deadad743ebf99661
                                        
                                            GET /logo.htm?m=201509&s=fa17f26f5c0c4acfa3efcdec29db1c69 HTTP/1.1 
Host: ssl.kaptcha.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Cookie: k=1a80aa1bf7c24754bc44942ef12bdced
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         35.81.31.24
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0
Pragma: no-cache
X-Correlation-Id: 0fc53627-1622-4ad2-81b2-b7883551de4a
Date: Wed, 06 Jul 2022 22:47:38 GMT
Content-Length: 167


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size:   167
Md5:    e63d3c07e80a1d7a4ac25888cb0cf13c
Sha1:   80bafd547328c9f0e441a30f041f62f06def7f49
Sha256: 8099167b382728057d0a149a6a1f6475d3d05f1164c7d492ce156fb066119b0a
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/5/SMS.php?REF=93827498234=09823479823498=93287498234545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 404 Not Found
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 22:47:38 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            GET /css?family=Cabin:400,500,600,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
                                        
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 06 Jul 2022 22:47:37 GMT
date: Wed, 06 Jul 2022 22:47:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   498
Md5:    03e747d92286fd5f794ae111188d5805
Sha1:   1dfe8f7072e616731cc663fb40d9e0230814a148
Sha256: f77b08f4c71db5f84c17111bc36c48834e40d6d8c457d1a47ebba34727340bf7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.securetrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 638
Date: Wed, 06 Jul 2022 22:47:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.securetrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 638
Date: Wed, 06 Jul 2022 22:47:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.securetrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 638
Date: Wed, 06 Jul 2022 22:47:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.securetrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 638
Date: Wed, 06 Jul 2022 22:47:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.securetrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 638
Date: Wed, 06 Jul 2022 22:47:38 GMT
Connection: keep-alive

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Wed, 06 Jul 2022 22:41:12 GMT
expires: Thu, 07 Jul 2022 00:41:12 GMT
cache-control: public, max-age=7200
age: 386
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            GET /fp/clear1.png;CIS3SID=F64C9B4B43A46F4B9C00B2E01EB22D87?org_id=lygdph9h&session_id=12546631604768767941499&nonce=fb310024af52a735&jf=34333426716b665f706e643f766c705d566b384e4c605d583554746533644d5126736b66576663766d3d3136383c37343839373b24736b645f767b78673f756d623a656b6c736326736b665d6b67793d31323d3b313239333036383f32633836363a6165316430303239323432303261383e3c386165336632313033303732313c303232383462356b3863363361373332386762653a63383a36306e3065613e6d336137313b313b663a3132353031603630313839313838353233333260356231636137303b3535603c3664363a3c323b36303231366437663130373a3a3233303638613c6c343039343135306334383832363b3060636b6363616e6b33316235363136373126736b6657716b65353330343c3832303037323133643635373b376a60673b6b3461626e6e63336264603635663264363132316366373f64623630313133376560603b623338663164303367313b323136383a32323532323563633b346630313b6163336e6465633e6a3767376660603466306432643330333261383939393b3d6133616334663261603931356038363b34383161267b6166703d30 HTTP/1.1 
Host: h.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.132.130
HTTP/1.1 204 204
Content-Type: image/png;charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 22:47:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100

                                        
                                            GET /fp/clear.png?org_id=lygdph9h&session_id=12546631604768767941499&nonce=fb310024af52a735&di=yes HTTP/1.1 
Host: lygdph9h2k4qv7wihllsvwaqy532fcgbem3glbamfb310024af52a735am1.e.aa.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.134.131
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 06 Jul 2022 22:47:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81


--- Additional Info ---
Magic:  PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   81
Md5:    1b6d2de2867a3e11063ba25aa1cd4209
Sha1:   bd20b0e089f31f35cba4d0fa7277e73aa74d944c
Sha256: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
                                        
                                            GET /fp/clear.png?org_id=lygdph9h&session_id=12546631604768767941499&nonce=514e757cefbbd3a1&di=yes HTTP/1.1 
Host: lygdph9h2k4qv7wihllsvwaqy532fcgbem3glbam514e757cefbbd3a1am1.e.aa.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.134.131
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 06 Jul 2022 22:47:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81


--- Additional Info ---
Magic:  PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   81
Md5:    1b6d2de2867a3e11063ba25aa1cd4209
Sha1:   bd20b0e089f31f35cba4d0fa7277e73aa74d944c
Sha256: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
                                        
                                            GET /fp/clear.png?org_id=lygdph9h&session_id=12546631604768767941499&nonce=a849d2f6f401bdb4&di=yes HTTP/1.1 
Host: lygdph9h2k4qv7wihllsvwaqy532fcgbem3glbama849d2f6f401bdb4am1.e.aa.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.134.131
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 06 Jul 2022 22:47:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81


--- Additional Info ---
Magic:  PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   81
Md5:    1b6d2de2867a3e11063ba25aa1cd4209
Sha1:   bd20b0e089f31f35cba4d0fa7277e73aa74d944c
Sha256: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
                                        
                                            GET /fp/clear1.png;CIS3SID=42A0B516340A56B653A45A90D8E4A9A7?org_id=lygdph9h&session_id=12546631604768767941499&nonce=514e757cefbbd3a1&jf=34333626716b665f706e643f766c705d6e514d6f565e3a534c535344657b4c6126736b66576663766d3d3135313037323033373024736b645f767b78673f756d623a656b6c736326736b665d6b67793d31323d3b313239333036383f32633836363a6165316430303239323432303261383e3c386165336632313033303732313c303232383437643b31346638616432343134386237646b67673431393534313c663666313736326436356433633e6332353b6236346d6963323963306031373a656360643f603b366c3964653c6a6560623363343a3234323630366b3331303a3466366d6a356632623430673035356435663d663636383263376e38393a3837316667353026736b6657716b65353330343d3832303035336332376135633135303661356a3562666a3b303134396361636567366336646b316436393333396d3e663533313433643430313835323f35643539626566383a323330303a60373166373132336c333736386434313f3e3433633431343661316564673431333b643c3138333e69316037616636366235393134306a603a666c6636643a2e736b66723f32 HTTP/1.1 
Host: h.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.132.130
HTTP/1.1 204 204
Content-Type: image/png;charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 22:47:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100

                                        
                                            GET /fp/clear.png?org_id=lygdph9h&session_id=12546631604768767941499&nonce=bc9a8d3e944f2744&di=yes HTTP/1.1 
Host: lygdph9h2k4qv7wihllsvwaqy532fcgbem3glbambc9a8d3e944f2744am1.e.aa.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.134.131
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 06 Jul 2022 22:47:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81


--- Additional Info ---
Magic:  PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   81
Md5:    1b6d2de2867a3e11063ba25aa1cd4209
Sha1:   bd20b0e089f31f35cba4d0fa7277e73aa74d944c
Sha256: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
                                        
                                            GET /fp/clear.png?org_id=lygdph9h&session_id=12546631604768767941499&nonce=2d725cf19310e56e&di=yes HTTP/1.1 
Host: lygdph9h2k4qv7wihllsvwaqy532fcgbem3glbam2d725cf19310e56eam1.e.aa.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.134.131
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 06 Jul 2022 22:47:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81


--- Additional Info ---
Magic:  PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   81
Md5:    1b6d2de2867a3e11063ba25aa1cd4209
Sha1:   bd20b0e089f31f35cba4d0fa7277e73aa74d944c
Sha256: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
                                        
                                            GET /css/responsive.css HTTP/1.1 
Host: www.st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/5/SMS.php?REF=93827498234=09823479823498=93287498234545
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 404 Not Found
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 22:47:37 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   186
Md5:    475a45cbc41e3da339eac5aaed888b0e
Sha1:   1e899b2ba92f7438751804be705a9673b83bc660
Sha256: c4c86b26b34c4e65a16e0b883675f7fddda2fdc23cff2630bbce3ccc502b42f1
                                        
                                            GET /fp/clear1.png;CIS3SID=4050119CC6EF8C80ED43D0D262305D76?org_id=lygdph9h&session_id=12546631604768767941499&nonce=2d725cf19310e56e&jf=34333626716b665f706e643f766c705d3b4b587062444050734841636151767726736b66576663766d3d3136383c37343838373524736b645f767b78673f756d623a656b6c736326736b665d6b67793d31323d3b313239333036383f32633836363a6165316430303239323432303261383e3c386165336632313033303732313c30323238346231693c32376435316736303b653236343a6334356e3831633838316437346064333567346136376d3461606a6439613a3c383031303b37376263373132353d323032396166336d30646765303a3736623a613536606a3a633a3f633937316a6136383733376337303461603b3b6637643c3964666e6d3331366231673a386626736b6657716b65353330343d3832303037666664333b663032366d323b63396364623e6933323064633034663b383960326e6737366e3834656e3c32616533633b643560393761306a3733336b643164383a32333030603431343231366436303766323e6265636969393036313364346366396661313a3763616e633137693e3966353960673b6464663533636a6330673a653063392e736b66723f32 HTTP/1.1 
Host: h.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.132.130
HTTP/1.1 204 204
Content-Type: image/png;charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 22:47:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100

                                        
                                            GET /fp/clear1.png;CIS3SID=EC9FB59108FC7D5C2C1E3A638DDCA25E?org_id=lygdph9h&session_id=12546631604768767941499&nonce=a849d2f6f401bdb4&jf=34333626716b665f706e643f766c705d66676e6d773e6435336c3830324d777526736b66576663766d3d3135313037323033373024736b645f767b78673f756d623a656b6c736326736b665d6b67793d31323d3b313239333036383f32633836363a6165316430303239323432303261383e3c386165336632313033303732313c303232383437643b31346638616432343134386237646b67673431393534313c663666313736326436356433633e6332353b6236346d6963323963306031373a656360643f603b366c3964653c6a6560623363343a3234323630366b3331303a3466366d6a356632623430673035356435663d663636383263376e38393a3837316667353026736b6657716b65353330343d3832303130326431346438303b323a6430676c3631303a3d653735363466333261373166666d6032356d303632393c656333343b3b616167613437353b3a3666696335376a31303032303066326661663364316b3261676e3731656d3c3336316131363a3436613432356d67323a693966613e38643636646460316635623167376c6136673e3462333b2e736b66723f32 HTTP/1.1 
Host: h.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.132.130
HTTP/1.1 204 204
Content-Type: image/png;charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 22:47:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:47:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /fp/clear.png?org_id=lygdph9h&session_id=12546631604768767941499&m=1 HTTP/1.1 
Host: h.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.132.130
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Wed, 06 Jul 2022 22:47:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Set-Cookie: thx_guid=f0aaa924812c447eb75a06a5954372fb; expires=Mon 05 Jul 2027 22:47:38 GMT; path=/; HttpOnly; SameSite=None; secure
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/fp/clear.png?org_id=lygdph9h&session_id=12546631604768767941499&k=1
Content-Length: 287
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   287
Md5:    dfd78312e739019e382171c9b2bd7cdd
Sha1:   80c141eb760e495cec7b33b80173cf3b97965895
Sha256: 2e099881a45ebe7cdf9b7e90e8db34b653da38539f4682c3cd58d5607959826a
                                        
                                            POST /j/collect?v=1&_v=j96&a=137033734&t=pageview&_s=1&dl=https%3A%2F%2Fwww.st-omer.org%2F5%2FSMS.php%3FREF%3D93827498234%3D09823479823498%3D93287498234545&ul=en-us&de=UTF-8&dt=Secure%20payment&sd=24-bit&sr=1280x1024&vp=1140x921&je=0&_u=YGBACEABBAAAAC~&jid=170314594&gjid=2132721491&cid=136870544.1657147658&tid=UA-118120266-1&_gid=1344313763.1657147658&_r=1&_slc=1&cd1=invalid&z=1988879136 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.st-omer.org
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
                                        
access-control-allow-origin: https://www.st-omer.org
date: Wed, 06 Jul 2022 22:47:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    9e92e190700c1af4539b40c2171320a9
Sha1:   209bcdb79e6067b51091ce8586d4b977f25b67d8
Sha256: aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
                                        
                                            GET /fp/clear.png?org_id=lygdph9h&session_id=12546631604768767941499&m=2 HTTP/1.1 
Host: h.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.132.130
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 06 Jul 2022 22:47:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   81
Md5:    1b6d2de2867a3e11063ba25aa1cd4209
Sha1:   bd20b0e089f31f35cba4d0fa7277e73aa74d944c
Sha256: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
                                        
                                            GET /fp/clear.png?org_id=lygdph9h&session_id=12546631604768767941499&k=1 HTTP/1.1 
Host: h.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.st-omer.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.132.130
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 06 Jul 2022 22:47:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   81
Md5:    1b6d2de2867a3e11063ba25aa1cd4209
Sha1:   bd20b0e089f31f35cba4d0fa7277e73aa74d944c
Sha256: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
                                        
                                            GET /logo.htm?m=201509&s=42965c7f13f642b78159d0eec030681b HTTP/1.1 
Host: ssl.kaptcha.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Cookie: k=1a80aa1bf7c24754bc44942ef12bdced
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         35.81.31.24
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0
Pragma: no-cache
X-Correlation-Id: e48b29af-8c50-490b-b5a4-f2506a729960
Date: Wed, 06 Jul 2022 22:47:38 GMT
Content-Length: 167


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size:   167
Md5:    e63d3c07e80a1d7a4ac25888cb0cf13c
Sha1:   80bafd547328c9f0e441a30f041f62f06def7f49
Sha256: 8099167b382728057d0a149a6a1f6475d3d05f1164c7d492ce156fb066119b0a
                                        
                                            GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.st-omer.org
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.11.207
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 22:47:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"5869c96cc8f19086aee625d670d741f9"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 05/12/2022 03:05:27
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 863
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 5721faa98f634b441fb70802b7545c13
cdn-cache: HIT
cf-cache-status: HIT
age: 27
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 726be21bead00b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32033)
Size:   10726
Md5:    d26dc9bb7dc958e3151db96318276e2f
Sha1:   da61950edb28a87ab9d64820e8809b3a18d42d61
Sha256: bbaedb5ad61c1184e041f7aaa3bcbc7ffb9a8dd5d5ad12650c38464fbcf8dd7a
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-118120266-1&cid=136870544.1657147658&jid=170314594&gjid=2132721491&_gid=1344313763.1657147658&_u=YGBACEAABAAAAC~&z=1179288706 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.st-omer.org
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         173.194.222.155
HTTP/2 200 OK
                                        
access-control-allow-origin: https://www.st-omer.org
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 06 Jul 2022 22:47:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:47:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 06 Jul 2022 22:47:38 GMT
Etag: "62c5b484-1d7"
Last-Modified: Wed, 06 Jul 2022 21:46:38 GMT
Server: ECS (dcb/7F3C)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aWlQJ8F1r1K1guprdAKgIc3ngHJpYGlhU7RYCQmLh5vvN6MqrSudRw==
Age: 3660

                                        
                                            GET /logo.htm?m=201509&s=471b0626d76b4e3fa844fb99e7a6f646 HTTP/1.1 
Host: ssl.kaptcha.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Cookie: k=1a80aa1bf7c24754bc44942ef12bdced
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         35.81.31.24
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0
Pragma: no-cache
X-Correlation-Id: 50f754d3-93c7-4dc9-af02-b5d84d18cc7b
Date: Wed, 06 Jul 2022 22:47:38 GMT
Content-Length: 167


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size:   167
Md5:    e63d3c07e80a1d7a4ac25888cb0cf13c
Sha1:   80bafd547328c9f0e441a30f041f62f06def7f49
Sha256: 8099167b382728057d0a149a6a1f6475d3d05f1164c7d492ce156fb066119b0a
                                        
                                            GET /logo.htm?m=201509&s=7788c6ad89e44ffdb51aa1f7b534cad1 HTTP/1.1 
Host: ssl.kaptcha.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Cookie: k=1a80aa1bf7c24754bc44942ef12bdced
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         35.81.31.24
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0
Pragma: no-cache
X-Correlation-Id: 3078887c-b168-4ade-a94a-28f281d81e15
Date: Wed, 06 Jul 2022 22:47:38 GMT
Content-Length: 167


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size:   167
Md5:    e63d3c07e80a1d7a4ac25888cb0cf13c
Sha1:   80bafd547328c9f0e441a30f041f62f06def7f49
Sha256: 8099167b382728057d0a149a6a1f6475d3d05f1164c7d492ce156fb066119b0a
                                        
                                            GET /logo.htm?m=201509&s=2aa09b7afc3b499290973adbcf94ac8a HTTP/1.1 
Host: ssl.kaptcha.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Cookie: k=1a80aa1bf7c24754bc44942ef12bdced
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         35.81.31.24
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0
Pragma: no-cache
X-Correlation-Id: 32b1268c-b626-4c2f-8c4b-05e009d91e10
Date: Wed, 06 Jul 2022 22:47:38 GMT
Content-Length: 167


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size:   167
Md5:    e63d3c07e80a1d7a4ac25888cb0cf13c
Sha1:   80bafd547328c9f0e441a30f041f62f06def7f49
Sha256: 8099167b382728057d0a149a6a1f6475d3d05f1164c7d492ce156fb066119b0a
                                        
                                            GET /pixel.gif HTTP/1.1 
Host: demoaws.limelightcrm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssl.kaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.200.11.6
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 22:47:39 GMT
content-type: image/gif
content-length: 49
server: Apache
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Wed, 06 Jul 2022 17:12:12 GMT
etag: "31-5e32611e47300"
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   49
Md5:    ed280a0ea3cc38f3cbbc747acfbef47d
Sha1:   6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
Sha256: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
                                        
                                            GET /1/d4db62af92?a=8665447&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=2248&ref=https://www.st-omer.org/5/SMS.php&be=1427&fe=2235&dc=1686&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1657147656370,%22n%22:0,%22f%22:-6,%22dn%22:68,%22dne%22:71,%22c%22:71,%22s%22:97,%22ce%22:352,%22rq%22:352,%22rp%22:446,%22rpe%22:470,%22dl%22:460,%22di%22:1684,%22ds%22:1685,%22de%22:1687,%22dc%22:2234,%22l%22:2234,%22le%22:2235%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.st-omer.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Wed, 06 Jul 2022 22:47:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 726be2257868b50f-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=f2df72e3b7207371; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   77
Md5:    f1442f5831dbbe0210da2d7a4180d6b8
Sha1:   2ade23c6c7a001c66f0c0a9a101ec152747b434e
Sha256: c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3236
Expires: Wed, 06 Jul 2022 23:41:35 GMT
Date: Wed, 06 Jul 2022 22:47:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3236
Expires: Wed, 06 Jul 2022 23:41:35 GMT
Date: Wed, 06 Jul 2022 22:47:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3236
Expires: Wed, 06 Jul 2022 23:41:35 GMT
Date: Wed, 06 Jul 2022 22:47:39 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7192054c-7e5b-4546-987b-855c570bbb49.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11347
x-amzn-requestid: e2dfaacb-8d65-4c1b-b80d-4c1738f3c5af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U3UETFLBIAMFVDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c60081-2e2e91ae5b9e70783c9a881c;Sampled=0
x-amzn-remapped-date: Wed, 06 Jul 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w1n67avALa5vHsnmB9N4EQVVNmp1vdGyk7a1g8ks5MfyUS3cD0JzRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 21:54:16 GMT
age: 3203
etag: "0db9a1fc9497fd959a0d8bd5b0be9ec7d07b88dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11347
Md5:    7a683b77a0f9687b16c597f12dc251a6
Sha1:   0db9a1fc9497fd959a0d8bd5b0be9ec7d07b88dd
Sha256: 3dad493b0e56ba51a8935be9f72db63e66b5feaac7debd0c4f0052162c777f7c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff614546a-b9de-4cde-9316-e7b0a023451d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9330
x-amzn-requestid: 80ee6232-932d-45eb-b386-d569db2d2e8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Uq50IFhToAMFbQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c109b3-1edf12c22621d5e055f86092;Sampled=0
x-amzn-remapped-date: Sun, 03 Jul 2022 03:14:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Fshu_SgoCenbQjkf6NwoXYE-UekfazsBPx2Jreb0MceWwyJ-cF3Wcw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 21:56:17 GMT
age: 3082
etag: "e67c7c39294aae3367e7cae4ad024784f3126d01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9330
Md5:    d1d3a6bb81992015ed51d709ee207324
Sha1:   e67c7c39294aae3367e7cae4ad024784f3126d01
Sha256: c9eafd568b1c7d444d6455ac1753794e4683f4dfa031671dfbd81a4b4a21a51c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13136825-0301-44c6-8c81-faf21628fe4c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6737
x-amzn-requestid: 9a9c33df-daa2-49fb-ba8e-fd5a3149828e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UeP9ZG93oAMFX6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bbf9ef-248528170cf451be2662dbef;Sampled=0
x-amzn-remapped-date: Wed, 29 Jun 2022 07:06:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GZWZ5vCdHbLeGN4FdZbd8ysfjqcGd-7MsBW_steUpJ38jyLd16JNtw==
via: 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 03:53:29 GMT
age: 68050
etag: "5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6737
Md5:    44f59062cacc44be268845c493de29de
Sha1:   5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f
Sha256: c37305dfa7a241e526c7246a6eb71360dbfa2fe5d7f369f37ef7ddbfe1b97749
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac08270-54ba-4f73-b0f7-aeafa1c8f6f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8883
x-amzn-requestid: 31e215e3-ba56-4dc5-b128-6259c976cf85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UxckvH_LIAMFtNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c3a7b7-0da8c70b0fecadb06927dc0d;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 02:53:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: x4__nJNsWaQxPFPVNDRhaxCYpfIoG3-TXR_5jkDWIJ9WXynlrKIPjg==
via: 1.1 040bad3c7f7db09654c66da40c719fb0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 08:23:14 GMT
age: 51865
etag: "dedb61705eb0330ad53922d1746bd159c2957f9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8883
Md5:    ec5268bbe1cfa280827c03fc8483ddfa
Sha1:   dedb61705eb0330ad53922d1746bd159c2957f9d
Sha256: bdb3c340ae635640a610a9d702fdf904a26ce5d8c6c750e9c8a76078abe19a01
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd943cc0d-30e1-452e-95f4-26ec81ff1a39.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7332
x-amzn-requestid: d88ef028-b6d5-406a-a6e1-990bedb1f990
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UoJiUEpWIAMF--g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bfefa8-2ed17e0258ea4c674e749974;Sampled=0
x-amzn-remapped-date: Sat, 02 Jul 2022 07:11:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7zyORAgusBdRQcTPSCy0Jd2plJqbLMTsaZEqY0wCXnZWNd670dHumw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 07:57:27 GMT
age: 53412
etag: "96693a546313f1414abcf2a0e1ffb256b3091620"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7332
Md5:    0246220a213f53cd76c6af4c7779f672
Sha1:   96693a546313f1414abcf2a0e1ffb256b3091620
Sha256: 7f6d4f23d384e16e559c11abaed27bbd9104119fff74bbc7095a4221383fbeaf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94470e3-8873-4e4e-909a-df8539096335.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 12294
x-amzn-requestid: e6b35bb1-bc6b-4b98-aa16-cff64cf3e4b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ua_AwHdPIAMFSzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62baab9e-4659e88772f9e8551e06800a;Sampled=0
x-amzn-remapped-date: Tue, 28 Jun 2022 07:19:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EWsndyPnvdV629tcpvI0HUzSA6Ocbb0acwQ6v5i0VWoEeGIKaF7fcw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 21:59:49 GMT
age: 2870
etag: "7bb8eb688c64b18a63cd78ec3c59079a65e6f9b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12294
Md5:    8b57e1aba0bce88ae13af9ccf60089bd
Sha1:   7bb8eb688c64b18a63cd78ec3c59079a65e6f9b7
Sha256: 84a48013d8c91a7ae77719feb3d5996409197bdafe93a9e6deb02dbeffe0cb4b