www.inptersyndicale.online/
185.98.131.229200 OK 462 B URL HTTP/1.1 www.inptersyndicale.online/
IP 185.98.131.229:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3d28b2b3a926748c9a683f9037d554a0
9285cc3730fa2c48de91f45dc74d04f8889e19cc
18c6d032317f186ad66494d300578975dead8cd75b02271a060a91d3f10d35f4
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:51:09 GMT
Content-Type: text/html
Content-Length: 462
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 11:22:55 GMT
ETag: "2b6-5ec7b0fe64f84-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Thu, 24 Nov 2022 11:52:18 GMT
Date: Thu, 24 Nov 2022 10:51:09 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5928
Cache-Control: max-age=91135
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:51:09 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 12:10:04 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6168
Expires: Thu, 24 Nov 2022 12:33:57 GMT
Date: Thu, 24 Nov 2022 10:51:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 10:17:15 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2034
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tOvuqAx+Ku3BogoYZ34DCQmFBxx7WH46dqpqm8Nda+/2soKQEvcSmNkcu7pQHre9c7uO71GGzGM=
x-amz-request-id: JQCVHJAMSNS79NPR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 10:43:22 GMT
age: 467
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 10:51:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/ga.js
216.239.34.178200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 216.239.34.178:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.inptersyndicale.online/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Thu, 24 Nov 2022 10:32:37 GMT
Expires: Thu, 24 Nov 2022 12:32:37 GMT
Cache-Control: public, max-age=7200
Age: 1112
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
www.inptersyndicale.online/favicon.ico
185.98.131.229200 OK 198 B URL HTTP/1.1 www.inptersyndicale.online/favicon.ico
IP 185.98.131.229:0
File type MS Windows icon resource - 1 icon, 16x16, 2 colors\012- data
Hash ca2bb9889f5870b0b31006f9f09a23df
5932e6a0e4fcf1b7ecc28452494f73d4ae82acd3
17bf068c76eb2d552b4eea51a7f9c02d251c4a9c3b30c6a9aa322cc8eea70529
GET /favicon.ico HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.inptersyndicale.online/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:51:10 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 198
Connection: keep-alive
Last-Modified: Tue, 27 Mar 2018 09:11:46 GMT
ETag: "c6-5686147a927bc"
Accept-Ranges: bytes
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1107448982&utmhn=www.inptersyndicale.online&utmcs=windows-1252&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1357944539&utmr=-&utmp=%2F&utmht=1669287069779&utmac=UA-19025136-1&utmcc=__utma%3D268574761.505973826.1669287070.1669287070.1669287070.1%3B%2B__utmz%3D268574761.1669287070.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=115023655&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
216.239.34.178200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1107448982&utmhn=www.inptersyndicale.online&utmcs=windows-1252&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1357944539&utmr=-&utmp=%2F&utmht=1669287069779&utmac=UA-19025136-1&utmcc=__utma%3D268574761.505973826.1669287070.1669287070.1669287070.1%3B%2B__utmz%3D268574761.1669287070.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=115023655&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP 216.239.34.178:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1107448982&utmhn=www.inptersyndicale.online&utmcs=windows-1252&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1357944539&utmr=-&utmp=%2F&utmht=1669287069779&utmac=UA-19025136-1&utmcc=__utma%3D268574761.505973826.1669287070.1669287070.1669287070.1%3B%2B__utmz%3D268574761.1669287070.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=115023655&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.inptersyndicale.online/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Thu, 24 Nov 2022 10:51:10 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
www.inptersyndicale.online/Inpter/
185.98.131.229200 OK 332 B URL HTTP/1.1 www.inptersyndicale.online/Inpter/
IP 185.98.131.229:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (343)
Hash 4c3e594c5dac33b79914b4188ac2ce89
9c7334126ce9b5c1e94e149e7688b5c399fc1394
ca1d57a38a4bee323e3596d4b65b86dedabfaa0f08a66d1c1bede2c3ea12d5c9
Analyzer Verdict Alert fortinet Malware
GET /Inpter/ HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __utma=268574761.505973826.1669287070.1669287070.1669287070.1; __utmb=268574761.1.10.1669287070; __utmc=268574761; __utmz=268574761.1669287070.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:51:10 GMT
Content-Type: text/html
Content-Length: 332
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 20:03:51 GMT
ETag: "217-5ec8256edf73b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
www.inptersyndicale.online/Inpter/co/module_Inpter.html
185.98.131.229200 OK 1.3 kB URL HTTP/1.1 www.inptersyndicale.online/Inpter/co/module_Inpter.html
IP 185.98.131.229:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (853)
Hash ddc3bc8576f740108c6b09e9c4ef7942
be329fff798468c0f9a2a6346ea52e94b75ae0ee
0ac8d6f1af8671a783a384f357b1a4aa4f598374d48504716aeff8b471ca149b
Analyzer Verdict Alert fortinet Malware
GET /Inpter/co/module_Inpter.html HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __utma=268574761.505973826.1669287070.1669287070.1669287070.1; __utmb=268574761.1.10.1669287070; __utmc=268574761; __utmz=268574761.1669287070.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:51:10 GMT
Content-Type: text/html
Content-Length: 1306
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 20:03:52 GMT
ETag: "bbf-5ec8256fbb2e7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
www.inptersyndicale.online/Inpter/lib-sc/scCoLib.js
185.98.131.229200 OK 1.8 kB URL HTTP/1.1 www.inptersyndicale.online/Inpter/lib-sc/scCoLib.js
IP 185.98.131.229:0
Hash d250ae0e9b7fd334d812617d08ae6c05
4cff6d819b652d80412a32b04577cf5609bf284d
149ba4de887df1d331c061f7b1adaed087c48ce481b94962c5ea9e863c48d2f3
Analyzer Verdict Alert fortinet Malware
GET /Inpter/lib-sc/scCoLib.js HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.inptersyndicale.online/Inpter/co/module_Inpter.html
Cookie: __utma=268574761.505973826.1669287070.1669287070.1669287070.1; __utmb=268574761.1.10.1669287070; __utmc=268574761; __utmz=268574761.1669287070.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:51:10 GMT
Content-Type: application/javascript
Content-Length: 1835
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 20:03:54 GMT
ETag: "1961-5ec82571a85a1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
www.inptersyndicale.online/Inpter/lib-sc/scPaLib.js
185.98.131.229200 OK 1.4 kB URL HTTP/1.1 www.inptersyndicale.online/Inpter/lib-sc/scPaLib.js
IP 185.98.131.229:0
Hash fe816c38d2b77f7e9faec9565d0b5deb
a5c160734c8bba99d6fe3f7884d2b7d31263b0a1
c1def009d073437a3a6810d33ea48bf35f48ae74ecfc62521f5b0d5052cb8990
Analyzer Verdict Alert fortinet Malware
GET /Inpter/lib-sc/scPaLib.js HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.inptersyndicale.online/Inpter/co/module_Inpter.html
Cookie: __utma=268574761.505973826.1669287070.1669287070.1669287070.1; __utmb=268574761.1.10.1669287070; __utmc=268574761; __utmz=268574761.1669287070.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:51:10 GMT
Content-Type: application/javascript
Content-Length: 1415
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 20:03:55 GMT
ETag: "13d2-5ec82571e9c84-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
www.inptersyndicale.online/Inpter/lib-md/s_assmnt.js
185.98.131.229200 OK 3.0 kB URL HTTP/1.1 www.inptersyndicale.online/Inpter/lib-md/s_assmnt.js
IP 185.98.131.229:0
File type Unicode text, UTF-8 text, with very long lines (356)
Hash 6493cda9c2c332b645942f4172603d20
0ee83e3133fd452b5d09936e74b51f18cadac29d
913bb9e5f682786e5262680a0b48ac89982d16d3a21b3bdc7a8f19fc05443946
Analyzer Verdict Alert fortinet Malware
GET /Inpter/lib-md/s_assmnt.js HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.inptersyndicale.online/Inpter/co/module_Inpter.html
Cookie: __utma=268574761.505973826.1669287070.1669287070.1669287070.1; __utmb=268574761.1.10.1669287070; __utmc=268574761; __utmz=268574761.1669287070.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:51:10 GMT
Content-Type: application/javascript
Content-Length: 3028
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 20:03:56 GMT
ETag: "369c-5ec8257339b96-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
www.inptersyndicale.online/Inpter/lib-md/s_scSearch/scSearch.js
185.98.131.229200 OK 9.4 kB URL HTTP/1.1 www.inptersyndicale.online/Inpter/lib-md/s_scSearch/scSearch.js
IP 185.98.131.229:0
Hash 86addd4064af43642a40739a59e33331
0baf65e785ab753efe38e6ac155364ad50bdad00
4bde657b0d7181628dae1f7bfd772613e285c3f347382da393cd1bd44c93c552
Analyzer Verdict Alert fortinet Malware
GET /Inpter/lib-md/s_scSearch/scSearch.js HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.inptersyndicale.online/Inpter/co/module_Inpter.html
Cookie: __utma=268574761.505973826.1669287070.1669287070.1669287070.1; __utmb=268574761.1.10.1669287070; __utmc=268574761; __utmz=268574761.1669287070.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:51:10 GMT
Content-Type: application/javascript
Content-Length: 9409
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 20:04:14 GMT
ETag: "9649-5ec8258425cff-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
www.inptersyndicale.online/Inpter/skin/js/skin.js
185.98.131.229200 OK 91 B URL HTTP/1.1 www.inptersyndicale.online/Inpter/skin/js/skin.js
IP 185.98.131.229:0
Hash 5aca10949bfcafe259bd929c4cd5c010
334a1f77f905d9200e23b5c4d6cfa0079418ae69
65af9ff8d0d08dcc52708ca99dab0135459ddbaa1b62fdd3b8a5cb175096bd3b
Analyzer Verdict Alert fortinet Malware
GET /Inpter/skin/js/skin.js HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.inptersyndicale.online/Inpter/co/module_Inpter.html
Cookie: __utma=268574761.505973826.1669287070.1669287070.1669287070.1; __utmb=268574761.1.10.1669287070; __utmc=268574761; __utmz=268574761.1669287070.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:51:10 GMT
Content-Type: application/javascript
Content-Length: 91
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 20:04:08 GMT
ETag: "4e-5ec8257f19cd9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
www.inptersyndicale.online/Inpter/skin/css/main.css
185.98.131.229200 OK 14 kB URL HTTP/1.1 www.inptersyndicale.online/Inpter/skin/css/main.css
IP 185.98.131.229:0
Hash df5c99121274d89994732d02e7088edf
0c3ce9deb1f1e37d4c90d0e1e38b502848fcb8f2
acb7578de475a0e1a214369dc08a6ea488b190f9bec1324fb1b9c75e32a7a34a
GET /Inpter/skin/css/main.css HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.inptersyndicale.online/Inpter/co/module_Inpter.html
Cookie: __utma=268574761.505973826.1669287070.1669287070.1669287070.1; __utmb=268574761.1.10.1669287070; __utmc=268574761; __utmz=268574761.1669287070.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:51:10 GMT
Content-Type: text/css
Content-Length: 13726
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 20:04:05 GMT
ETag: "11113-5ec8257bd7ced-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
www.inptersyndicale.online/Inpter/skin/css/skin.css
185.98.131.229200 OK 5.9 kB URL HTTP/1.1 www.inptersyndicale.online/Inpter/skin/css/skin.css
IP 185.98.131.229:0
Hash 70ba967f121299cd86450f00a03bd66c
7b08c5fba6ce50161744ae712fd50ce0ce06a2a4
9bd15e6c3ad032074d1738e94085d8f5ad0c44f143d3a0d2d768821c4f746cae
GET /Inpter/skin/css/skin.css HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.inptersyndicale.online/Inpter/co/module_Inpter.html
Cookie: __utma=268574761.505973826.1669287070.1669287070.1669287070.1; __utmb=268574761.1.10.1669287070; __utmc=268574761; __utmz=268574761.1669287070.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:51:10 GMT
Content-Type: text/css
Content-Length: 5946
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 20:04:08 GMT
ETag: "746e-5ec8257ef1c37-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
www.inptersyndicale.online/Inpter/skin/img/tpl/scBtn.png
185.98.131.229200 OK 862 B URL HTTP/1.1 www.inptersyndicale.online/Inpter/skin/img/tpl/scBtn.png
IP 185.98.131.229:0
File type PNG image data, 80 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash d4a00592d7561f1c36198e96672901d7
70203ee1999ae4551589f37bef5740c8543db6cf
4234e99d2fcfb6228115d714eef2a653846be7a26e182233f1efe4b7112cd60f
GET /Inpter/skin/img/tpl/scBtn.png HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.inptersyndicale.online/Inpter/co/module_Inpter.html
Cookie: __utma=268574761.505973826.1669287070.1669287070.1669287070.1; __utmb=268574761.1.10.1669287070; __utmc=268574761; __utmz=268574761.1669287070.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:51:10 GMT
Content-Type: image/png
Content-Length: 862
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 20:04:33 GMT
ETag: "35e-5ec82596f83c1"
Accept-Ranges: bytes
www.inptersyndicale.online/Inpter/skin/css/print.css
185.98.131.229200 OK 0 B URL HTTP/1.1 www.inptersyndicale.online/Inpter/skin/css/print.css
IP 185.98.131.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Inpter/skin/css/print.css HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.inptersyndicale.online/Inpter/co/module_Inpter.html
Cookie: __utma=268574761.505973826.1669287070.1669287070.1669287070.1; __utmb=268574761.1.10.1669287070; __utmc=268574761; __utmz=268574761.1669287070.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:51:10 GMT
Content-Type: text/css
Content-Length: 0
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 11:21:33 GMT
ETag: "0-5ec7b0afe118d"
Accept-Ranges: bytes
Vary: Accept-Encoding
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 10:11:11 GMT
cache-control: public,max-age=3600
age: 2399
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.inptersyndicale.online/Inpter/skin/img/skinINPtoulouse/enterModule.png
185.98.131.229200 OK 564 B URL HTTP/1.1 www.inptersyndicale.online/Inpter/skin/img/skinINPtoulouse/enterModule.png
IP 185.98.131.229:0
File type PNG image data, 29 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 5146deccfb156eb87bf2bc79914c97cf
a05c22467a5beb1e5939471362a855717b8f1964
b12796889e513c3857fe81ff74c791c388ac9570d98e7432093354d485ad3e0f
GET /Inpter/skin/img/skinINPtoulouse/enterModule.png HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.inptersyndicale.online/Inpter/skin/css/skin.css
Cookie: __utma=268574761.505973826.1669287070.1669287070.1669287070.1; __utmb=268574761.1.10.1669287070; __utmc=268574761; __utmz=268574761.1669287070.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:51:10 GMT
Content-Type: image/png
Content-Length: 564
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 20:04:23 GMT
ETag: "234-5ec8258d640dd"
Accept-Ranges: bytes
www.inptersyndicale.online/Inpter/skin/img/skinINPtoulouse/logo.png
185.98.131.229200 OK 7.4 kB URL HTTP/1.1 www.inptersyndicale.online/Inpter/skin/img/skinINPtoulouse/logo.png
IP 185.98.131.229:0
File type PNG image data, 136 x 134, 8-bit/color RGBA, non-interlaced\012- data
Hash b4e4f8f43e5e3cdd631770c2d1e1c26d
a1bd52b52808214d2bce9f8da9fec1843481f361
f79e7f9cf9689674b34077fde77beffe6c6f4673942ac532c5008b7872938441
GET /Inpter/skin/img/skinINPtoulouse/logo.png HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.inptersyndicale.online/Inpter/skin/css/skin.css
Cookie: __utma=268574761.505973826.1669287070.1669287070.1669287070.1; __utmb=268574761.1.10.1669287070; __utmc=268574761; __utmz=268574761.1669287070.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:51:10 GMT
Content-Type: image/png
Content-Length: 7351
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 20:04:24 GMT
ETag: "1cb7-5ec8258e3ece9"
Accept-Ranges: bytes
www.inptersyndicale.online/Inpter/skin/css/Gotham-Medium.otf
185.98.131.229200 OK 160 kB URL HTTP/1.1 www.inptersyndicale.online/Inpter/skin/css/Gotham-Medium.otf
IP 185.98.131.229:0
File type OpenType font data\012- data
Size 160 kB (159852 bytes)
Hash 27a90e8757eda1edc9872eebec18ba64
254abf9e97a80f66c140aca41684919fea27bf66
bc397773a547218b8c334f9a40ea8e58f55198fab6095b103e598634fe273450
Analyzer Verdict Alert fortinet Malware
GET /Inpter/skin/css/Gotham-Medium.otf HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.inptersyndicale.online/Inpter/skin/css/skin.css
Cookie: __utma=268574761.505973826.1669287070.1669287070.1669287070.1; __utmb=268574761.1.10.1669287070; __utmc=268574761; __utmz=268574761.1669287070.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:51:10 GMT
Content-Type: font/otf
Content-Length: 159852
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 20:04:04 GMT
ETag: "2706c-5ec8257b13842"
Accept-Ranges: bytes
www.inptersyndicale.online/Inpter/skin/img/skinINPtoulouse/fondPage.png
185.98.131.229200 OK 290 kB URL HTTP/1.1 www.inptersyndicale.online/Inpter/skin/img/skinINPtoulouse/fondPage.png
IP 185.98.131.229:0
File type PNG image data, 487 x 487, 8-bit/color RGBA, non-interlaced\012- data
Size 290 kB (290005 bytes)
Hash 01da5c7606d34d438c03efe3fe21cb97
9902b6d4a55d027e83cf96f8e3ebc82cd804c679
8dd15889bc64f3038a2d4c9f94f44c69d00652932b11aaff60f24fc918264d35
GET /Inpter/skin/img/skinINPtoulouse/fondPage.png HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.inptersyndicale.online/Inpter/skin/css/skin.css
Cookie: __utma=268574761.505973826.1669287070.1669287070.1669287070.1; __utmb=268574761.1.10.1669287070; __utmc=268574761; __utmz=268574761.1669287070.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:51:10 GMT
Content-Type: image/png
Content-Length: 290005
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 20:04:27 GMT
ETag: "46cd5-5ec82591359b2"
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2796
Cache-Control: max-age=169335
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:51:10 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 09:53:25 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
www.inptersyndicale.online/Inpter/skin/img/favicon.ico
185.98.131.229404 Not Found 847 B URL HTTP/1.1 www.inptersyndicale.online/Inpter/skin/img/favicon.ico
IP 185.98.131.229:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 9b7583b3b03788f8993cfac7a60deae5
b1f25c94f4047225d7a10d2420078cf83b8594fc
6e9ec7a144b1d54a6c52c9b1c7ac2f7e9d7d650f555893d9a1955360bd1227de
GET /Inpter/skin/img/favicon.ico HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.inptersyndicale.online/Inpter/co/module_Inpter.html
Cookie: __utma=268574761.505973826.1669287070.1669287070.1669287070.1; __utmb=268574761.1.10.1669287070; __utmc=268574761; __utmz=268574761.1669287070.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 24 Nov 2022 10:51:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
www.inptersyndicale.online/Inpter/skin/css/Calibri.ttf
185.98.131.229200 OK 265 kB URL HTTP/1.1 www.inptersyndicale.online/Inpter/skin/css/Calibri.ttf
IP 185.98.131.229:0
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 45 names, Unicode, \251 2005 Microsoft Corporation. All Rights Reserved.Calibri is a modern sans serif family with \012- data
Size 265 kB (265141 bytes)
Hash 49fe16a5bbe87a70c3e2d6b8894210d5
7816b49cb79763a9e028eb39f1983cd8d9ab927c
bafb25568731a7e0b8885dd560c67bef53980ed56c74e1df2d6b98075fe8b1b5
Analyzer Verdict Alert fortinet Malware
GET /Inpter/skin/css/Calibri.ttf HTTP/1.1
Host: www.inptersyndicale.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.inptersyndicale.online/Inpter/skin/css/skin.css
Cookie: __utma=268574761.505973826.1669287070.1669287070.1669287070.1; __utmb=268574761.1.10.1669287070; __utmc=268574761; __utmz=268574761.1669287070.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 10:51:10 GMT
Content-Type: font/ttf
Content-Length: 265141
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 20:04:08 GMT
ETag: "40bb5-5ec8257e86571"
Accept-Ranges: bytes
push.services.mozilla.com/
54.149.219.22101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.219.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SH6mewWQAZ68dA66WEQUVA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3g+oWo6pwcNsFo6HiNFQ37HiN7M=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9426
Expires: Thu, 24 Nov 2022 13:28:18 GMT
Date: Thu, 24 Nov 2022 10:51:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9426
Expires: Thu, 24 Nov 2022 13:28:18 GMT
Date: Thu, 24 Nov 2022 10:51:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9426
Expires: Thu, 24 Nov 2022 13:28:18 GMT
Date: Thu, 24 Nov 2022 10:51:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9426
Expires: Thu, 24 Nov 2022 13:28:18 GMT
Date: Thu, 24 Nov 2022 10:51:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 47000
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3bafc39-a86e-44d4-9bf3-97302a57c669.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3bafc39-a86e-44d4-9bf3-97302a57c669.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b83dcf4ccde90ad94bb32da4fd35e524
ffd4d9f932aacc8ab123d1ab46c983a3f581d171
cf217cf355e7bea4410efd22e89f5a4de4d154153f587f7cad53533a3fcfe1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3bafc39-a86e-44d4-9bf3-97302a57c669.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8306
x-amzn-requestid: 9506f26d-36cc-47a1-b6ac-b3f720e35981
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b_c81GrAoAMF-4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c751e-68e3f822732b60db1875d538;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 07:07:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HVv2xtKAWEE91Tw-OxF20Sp64pUJ-aTdOU0pSk7YfanuCcM8W1naAw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:52:06 GMT
age: 10746
etag: "ffd4d9f932aacc8ab123d1ab46c983a3f581d171"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 20804
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eeac5ead5ce62f0d9e2d4bcefa946208
c2430d901f2b4e4a463e90c540294f334553a246
850a89160f840d7509806c5becd6b074a92613920474195f63d7e7a9cf18d908
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6426
x-amzn-requestid: 6f27f360-dd76-4aee-a9bc-cbd52cd80def
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvx8GtpIAMFvQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e933f-69fa8ba571cc62036406e6bf;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wm_pBVCoReupun-_glC47ejuxaRJ6ViGPKClLnWkDrmT-SewUOXexw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:06:01 GMT
age: 45911
etag: "c2430d901f2b4e4a463e90c540294f334553a246"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff189dcee-7158-4549-abef-95dc2b7f7ca4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff189dcee-7158-4549-abef-95dc2b7f7ca4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 037c0f19435a955d7ed58f65911e8f21
51a54b639617e113bb941d28b59c2571c0ca2e63
c2b15ed9257f220ed83845e1d0b343d21b7df9104c21162ea76b889609b8a404
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff189dcee-7158-4549-abef-95dc2b7f7ca4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9992
x-amzn-requestid: a16f614c-5a5b-4f8b-97cb-c248e0b50753
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvcYEa0IAMFm_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e92b5-3b65b1b17c2a20b44a31aa9f;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:37:57 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OC0uEwrEKZ6UEEg_mpvYcoVBEUSEA_qTttmyRp1xptCRD4Vi4pFbCg==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:13:55 GMT
etag: "51a54b639617e113bb941d28b59c2571c0ca2e63"
content-type: image/jpeg
age: 45437
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:10:24 GMT
age: 13248
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2