laucing-rebannah.icu/b3834989-d5ab-456e-afc0-5b7861c54db6
18.184.38.55302 0 B URL HTTP/1.1 laucing-rebannah.icu/b3834989-d5ab-456e-afc0-5b7861c54db6
IP 18.184.38.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /b3834989-d5ab-456e-afc0-5b7861c54db6 HTTP/1.1
Host: laucing-rebannah.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Sat, 10 Dec 2022 16:13:05 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://tcsuperoffers.com/survey/ni/tigo/cash/?cep=5kXOO4MFQPiG4-nx64Yoh2So9CkSvRBX0j-z6CrrThPTOJXnqutSKwiU5ZOoUZYk0nWRhyas5sf0FnTUBPiP9BSin7qx8rY_Wm5c_D50ITSDDE9o7mwpvIOZiY_kKLSNwNkRvKQ9Z6VPxfqswdcliYUdE2Jlg1s_tW3aKQgYx7OiFE3ATpQUSYnidfwZ-_2hwvQUqo5EwphQ-RHES3aWk89wKYPUUiPkgQ4Nv8MIUdl55X-4MrQ1djsQsMP6zLHwGOADf1vkM2Vu-LmXNrqWXh2OadeSFB4pGKbwBVHGszMeybQM-PjVybiQ-qYytALukpP0jjXpspQZM9JBpvQ0wgPb_sk77g_133KDG1ByQ8g&lptoken=16d07076693c05c385d4
Pragma: no-cache
Set-Cookie: b3834989-d5ab-456e-afc0-5b7861c54db6-v4=PuC8QvQvhD8prM38q_DnpR7lXhWExAmcaP_pzEJYx1g; Max-Age=86400; Expires=Sun, 11-Dec-2022 16:13:05 GMT; Domain=laucing-rebannah.icu; Path=/; HttpOnly
cep-v4=UASeESYKxjxdGGFbBvmMCnHyEuxXTJXUL9YtkbJWSO1kTjGBMrE9e6u0i1tYVF0QdAUbj8T0T3sMp1K1FcsX-dnz9cgxSSTFROuHxrp2MTLCSgSU3qbM7iKdvbHekHVjUln-VX4UZHhUjSk0UUeBLG859iTF_Qi2KrnD9eUf9pYJ5QOLrMG4neRwRb2NXMNgHxgsa1bSgieqztOQU7CACTmvXeQ1EsIbhvqqaAsmwm36ninI8UI8yVfq0aI1IUOrcD_SyHg_OI3bErTv_ATupyO089A4YgNz1ijxoQ9uM0dLio6Aho6N4GLPYXlvnKIaTJPVv7PZzZl5aL4J5q8iRWb3NT4O4mXr_Vd19_4VOw0; Max-Age=86400; Expires=Sun, 11-Dec-2022 16:13:05 GMT; Domain=laucing-rebannah.icu; Path=/; HttpOnly
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8228
Expires: Sat, 10 Dec 2022 18:30:13 GMT
Date: Sat, 10 Dec 2022 16:13:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14423
Expires: Sat, 10 Dec 2022 20:13:28 GMT
Date: Sat, 10 Dec 2022 16:13:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8188
Expires: Sat, 10 Dec 2022 18:29:33 GMT
Date: Sat, 10 Dec 2022 16:13:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 10 Dec 2022 16:08:24 GMT
content-type: application/json
age: 281
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FbwSk6srbHKClAgW7CSQdEXceRNnkmvtfzSYGrPcRpLcypdTH6setkgnkHIQWMwTTk/4hYxu1dL+TzRmrF1mkA==
x-amz-request-id: 9R5M398T1HAGSR83
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 10 Dec 2022 15:50:44 GMT
age: 1341
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 16:13:05 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1a9bd2d9b17e65a2a10ef4b511d2b2a
ea0ff52c2971300b680cf8a90a2392adb2272d26
3abc7c7b122dd3b0ec67056f85c12c1cabb0479704550d2f99c375c5bac98924
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3ABC7C7B122DD3B0EC67056F85C12C1CABB0479704550D2F99C375C5BAC98924"
Last-Modified: Sat, 10 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13259
Expires: Sat, 10 Dec 2022 19:54:04 GMT
Date: Sat, 10 Dec 2022 16:13:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 10 Dec 2022 16:07:55 GMT
age: 310
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
tcsuperoffers.com/survey/ni/tigo/cash/?cep=5kXOO4MFQPiG4-nx64Yoh2So9CkSvRBX0j-z6CrrThPTOJXnqutSKwiU5ZOoUZYk0nWRhyas5sf0FnTUBPiP9BSin7qx8rY_Wm5c_D50ITSDDE9o7mwpvIOZiY_kKLSNwNkRvKQ9Z6VPxfqswdcliYUdE2Jlg1s_tW3aKQgYx7OiFE3ATpQUSYnidfwZ-_2hwvQUqo5EwphQ-RHES3aWk89wKYPUUiPkgQ4Nv8MIUdl55X-4MrQ1djsQsMP6zLHwGOADf1vkM2Vu-LmXNrqWXh2OadeSFB4pGKbwBVHGszMeybQM-PjVybiQ-qYytALukpP0jjXpspQZM9JBpvQ0wgPb_sk77g_133KDG1ByQ8g&lptoken=16d07076693c05c385d4
209.94.60.101200 OK 1.8 kB URL HTTP/1.1 tcsuperoffers.com/survey/ni/tigo/cash/?cep=5kXOO4MFQPiG4-nx64Yoh2So9CkSvRBX0j-z6CrrThPTOJXnqutSKwiU5ZOoUZYk0nWRhyas5sf0FnTUBPiP9BSin7qx8rY_Wm5c_D50ITSDDE9o7mwpvIOZiY_kKLSNwNkRvKQ9Z6VPxfqswdcliYUdE2Jlg1s_tW3aKQgYx7OiFE3ATpQUSYnidfwZ-_2hwvQUqo5EwphQ-RHES3aWk89wKYPUUiPkgQ4Nv8MIUdl55X-4MrQ1djsQsMP6zLHwGOADf1vkM2Vu-LmXNrqWXh2OadeSFB4pGKbwBVHGszMeybQM-PjVybiQ-qYytALukpP0jjXpspQZM9JBpvQ0wgPb_sk77g_133KDG1ByQ8g&lptoken=16d07076693c05c385d4
IP 209.94.60.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (387)
Hash 1d1b00944665214a0e4ffc1a96ab4bf6
b23754b003f09f29a312c3f4dc5afc6c048540f3
1505e598232eed4edba733c8b12d395569255bd7c91c1de0cf53cdb1ed382c0b
GET /survey/ni/tigo/cash/?cep=5kXOO4MFQPiG4-nx64Yoh2So9CkSvRBX0j-z6CrrThPTOJXnqutSKwiU5ZOoUZYk0nWRhyas5sf0FnTUBPiP9BSin7qx8rY_Wm5c_D50ITSDDE9o7mwpvIOZiY_kKLSNwNkRvKQ9Z6VPxfqswdcliYUdE2Jlg1s_tW3aKQgYx7OiFE3ATpQUSYnidfwZ-_2hwvQUqo5EwphQ-RHES3aWk89wKYPUUiPkgQ4Nv8MIUdl55X-4MrQ1djsQsMP6zLHwGOADf1vkM2Vu-LmXNrqWXh2OadeSFB4pGKbwBVHGszMeybQM-PjVybiQ-qYytALukpP0jjXpspQZM9JBpvQ0wgPb_sk77g_133KDG1ByQ8g&lptoken=16d07076693c05c385d4 HTTP/1.1
Host: tcsuperoffers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 16:13:05 GMT
Content-Type: text/html; charset=utf-8
Last-Modified: Thu, 08 Dec 2022 13:37:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6391e87c-134b"
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 44d4574b46375a2d215ae74bc5eae610
5257ed3edeb56231a9bee921671bb2e0c566000e
923454b28e4fa10085df809768a75c2d9f58f104afa016c06ccca7a26479073b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2437
Cache-Control: max-age=149661
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 16:13:06 GMT
Etag: "63944c2a-1d7"
Expires: Mon, 12 Dec 2022 09:47:27 GMT
Last-Modified: Sat, 10 Dec 2022 09:06:50 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
tcsuperoffers.com/survey/ni/tigo/cash/css/app.css?id=2fbe2d9a9a40ca9b2489
209.94.60.101200 OK 87 B URL HTTP/1.1 tcsuperoffers.com/survey/ni/tigo/cash/css/app.css?id=2fbe2d9a9a40ca9b2489
IP 209.94.60.101:0
Hash cec18c42b1b37f854c56172f839813b0
3c086f3238cc7973fd302379ad2f3e6cb7c1ed49
0d209be74734590bb522ca2c9de62f4da0fcbac457d44ed8105be57c1e04233f
GET /survey/ni/tigo/cash/css/app.css?id=2fbe2d9a9a40ca9b2489 HTTP/1.1
Host: tcsuperoffers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tcsuperoffers.com/survey/ni/tigo/cash/?cep=5kXOO4MFQPiG4-nx64Yoh2So9CkSvRBX0j-z6CrrThPTOJXnqutSKwiU5ZOoUZYk0nWRhyas5sf0FnTUBPiP9BSin7qx8rY_Wm5c_D50ITSDDE9o7mwpvIOZiY_kKLSNwNkRvKQ9Z6VPxfqswdcliYUdE2Jlg1s_tW3aKQgYx7OiFE3ATpQUSYnidfwZ-_2hwvQUqo5EwphQ-RHES3aWk89wKYPUUiPkgQ4Nv8MIUdl55X-4MrQ1djsQsMP6zLHwGOADf1vkM2Vu-LmXNrqWXh2OadeSFB4pGKbwBVHGszMeybQM-PjVybiQ-qYytALukpP0jjXpspQZM9JBpvQ0wgPb_sk77g_133KDG1ByQ8g&lptoken=16d07076693c05c385d4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 16:13:06 GMT
Content-Type: text/css
Last-Modified: Thu, 08 Dec 2022 13:37:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6391e882-45"
Expires: Sun, 10 Dec 2023 16:13:06 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
push.services.mozilla.com/
35.164.56.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.56.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BfEZM54kAf8DbBeABYKbYQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EXBgf/82KdcEa4pW/D7OHuYQEBg=
tcsuperoffers.com/survey/ni/tigo/cash/css/landers/survey/app.css?id=b58f517ccb85236317fa
209.94.60.101200 OK 1.2 kB URL HTTP/1.1 tcsuperoffers.com/survey/ni/tigo/cash/css/landers/survey/app.css?id=b58f517ccb85236317fa
IP 209.94.60.101:0
File type ASCII text, with very long lines (3508)
Hash 97531ec03b7e740589659fc24447f87b
f3c01a9e9adf371a8b8fe263f54cbeddf79d55e8
59b09d9efa85fd29712c4ef8f7fd928bc8db6d4cfc51b0d2c1c0dfb470753ae3
GET /survey/ni/tigo/cash/css/landers/survey/app.css?id=b58f517ccb85236317fa HTTP/1.1
Host: tcsuperoffers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tcsuperoffers.com/survey/ni/tigo/cash/?cep=5kXOO4MFQPiG4-nx64Yoh2So9CkSvRBX0j-z6CrrThPTOJXnqutSKwiU5ZOoUZYk0nWRhyas5sf0FnTUBPiP9BSin7qx8rY_Wm5c_D50ITSDDE9o7mwpvIOZiY_kKLSNwNkRvKQ9Z6VPxfqswdcliYUdE2Jlg1s_tW3aKQgYx7OiFE3ATpQUSYnidfwZ-_2hwvQUqo5EwphQ-RHES3aWk89wKYPUUiPkgQ4Nv8MIUdl55X-4MrQ1djsQsMP6zLHwGOADf1vkM2Vu-LmXNrqWXh2OadeSFB4pGKbwBVHGszMeybQM-PjVybiQ-qYytALukpP0jjXpspQZM9JBpvQ0wgPb_sk77g_133KDG1ByQ8g&lptoken=16d07076693c05c385d4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 16:13:06 GMT
Content-Type: text/css
Last-Modified: Thu, 08 Dec 2022 13:37:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6391e898-dd8"
Expires: Sun, 10 Dec 2023 16:13:06 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
tcsuperoffers.com/survey/ni/tigo/cash/img/landers/survey/logo/tigo.png
209.94.60.101200 OK 8.6 kB URL HTTP/1.1 tcsuperoffers.com/survey/ni/tigo/cash/img/landers/survey/logo/tigo.png
IP 209.94.60.101:0
File type PNG image data, 163 x 119, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b0f2c31967f84b4a7a5a13cdea8680a
e60a39498e349e8e81694bca0f8bd2f1054c23ba
dd828bd21a2dc217b40a18b57120a83e56f7a34acd0ea84f98ddb890d4d7b94e
GET /survey/ni/tigo/cash/img/landers/survey/logo/tigo.png HTTP/1.1
Host: tcsuperoffers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tcsuperoffers.com/survey/ni/tigo/cash/?cep=5kXOO4MFQPiG4-nx64Yoh2So9CkSvRBX0j-z6CrrThPTOJXnqutSKwiU5ZOoUZYk0nWRhyas5sf0FnTUBPiP9BSin7qx8rY_Wm5c_D50ITSDDE9o7mwpvIOZiY_kKLSNwNkRvKQ9Z6VPxfqswdcliYUdE2Jlg1s_tW3aKQgYx7OiFE3ATpQUSYnidfwZ-_2hwvQUqo5EwphQ-RHES3aWk89wKYPUUiPkgQ4Nv8MIUdl55X-4MrQ1djsQsMP6zLHwGOADf1vkM2Vu-LmXNrqWXh2OadeSFB4pGKbwBVHGszMeybQM-PjVybiQ-qYytALukpP0jjXpspQZM9JBpvQ0wgPb_sk77g_133KDG1ByQ8g&lptoken=16d07076693c05c385d4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 16:13:06 GMT
Content-Type: image/png
Content-Length: 8637
Last-Modified: Thu, 08 Dec 2022 13:37:40 GMT
Connection: keep-alive
ETag: "6391e8a4-21bd"
Expires: Sun, 10 Dec 2023 16:13:06 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
tcsuperoffers.com/survey/ni/tigo/cash/js/app.js?id=d95b2f380a2918b995e8
209.94.60.101200 OK 7.0 kB URL HTTP/1.1 tcsuperoffers.com/survey/ni/tigo/cash/js/app.js?id=d95b2f380a2918b995e8
IP 209.94.60.101:0
File type Unicode text, UTF-8 text, with very long lines (18572)
Hash dff9bcbd4fdf368b1aa578c44b651b37
ae6ce649e4f5442155badfc8b4b69c44a98a3138
3393155e988f7863f338ee5f23dda3299a5879d9b85e2b276237e182a49233ab
GET /survey/ni/tigo/cash/js/app.js?id=d95b2f380a2918b995e8 HTTP/1.1
Host: tcsuperoffers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tcsuperoffers.com/survey/ni/tigo/cash/?cep=5kXOO4MFQPiG4-nx64Yoh2So9CkSvRBX0j-z6CrrThPTOJXnqutSKwiU5ZOoUZYk0nWRhyas5sf0FnTUBPiP9BSin7qx8rY_Wm5c_D50ITSDDE9o7mwpvIOZiY_kKLSNwNkRvKQ9Z6VPxfqswdcliYUdE2Jlg1s_tW3aKQgYx7OiFE3ATpQUSYnidfwZ-_2hwvQUqo5EwphQ-RHES3aWk89wKYPUUiPkgQ4Nv8MIUdl55X-4MrQ1djsQsMP6zLHwGOADf1vkM2Vu-LmXNrqWXh2OadeSFB4pGKbwBVHGszMeybQM-PjVybiQ-qYytALukpP0jjXpspQZM9JBpvQ0wgPb_sk77g_133KDG1ByQ8g&lptoken=16d07076693c05c385d4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 16:13:06 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 08 Dec 2022 13:37:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6391e883-48ad"
Expires: Sun, 10 Dec 2023 16:13:06 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
tcsuperoffers.com/survey/ni/tigo/cash/img/prizes/cash-500-usd/ar/default@0.25x.png
209.94.60.101200 OK 3.8 kB URL HTTP/1.1 tcsuperoffers.com/survey/ni/tigo/cash/img/prizes/cash-500-usd/ar/default@0.25x.png
IP 209.94.60.101:0
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 972aed1941a866387094819b72655594
9d60108dce12cfaa52db39a671e21ee14912bf44
c8ee857b80ab3d481951bbf5517d4bed4766228d1d937b88cc169e4427afae9c
GET /survey/ni/tigo/cash/img/prizes/cash-500-usd/ar/default@0.25x.png HTTP/1.1
Host: tcsuperoffers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tcsuperoffers.com/survey/ni/tigo/cash/?cep=5kXOO4MFQPiG4-nx64Yoh2So9CkSvRBX0j-z6CrrThPTOJXnqutSKwiU5ZOoUZYk0nWRhyas5sf0FnTUBPiP9BSin7qx8rY_Wm5c_D50ITSDDE9o7mwpvIOZiY_kKLSNwNkRvKQ9Z6VPxfqswdcliYUdE2Jlg1s_tW3aKQgYx7OiFE3ATpQUSYnidfwZ-_2hwvQUqo5EwphQ-RHES3aWk89wKYPUUiPkgQ4Nv8MIUdl55X-4MrQ1djsQsMP6zLHwGOADf1vkM2Vu-LmXNrqWXh2OadeSFB4pGKbwBVHGszMeybQM-PjVybiQ-qYytALukpP0jjXpspQZM9JBpvQ0wgPb_sk77g_133KDG1ByQ8g&lptoken=16d07076693c05c385d4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 16:13:06 GMT
Content-Type: image/png
Content-Length: 3815
Last-Modified: Thu, 08 Dec 2022 13:37:45 GMT
Connection: keep-alive
ETag: "6391e8a9-ee7"
Expires: Sun, 10 Dec 2023 16:13:06 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
tcsuperoffers.com/survey/ni/tigo/cash/js/landers/survey/app.js?id=6dee32786d3b6cc23886
209.94.60.101200 OK 51 kB URL HTTP/1.1 tcsuperoffers.com/survey/ni/tigo/cash/js/landers/survey/app.js?id=6dee32786d3b6cc23886
IP 209.94.60.101:0
File type Unicode text, UTF-8 text, with very long lines (65443)
Hash 6bbf47015e2a8d62bb2387cb9d9b17eb
2012f07031c00f7a381aee47565353796f9de72d
25da7e0d1ad140a4052afa9930c10a7ef80d32c72acdd65dc77e2044a273e711
GET /survey/ni/tigo/cash/js/landers/survey/app.js?id=6dee32786d3b6cc23886 HTTP/1.1
Host: tcsuperoffers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tcsuperoffers.com/survey/ni/tigo/cash/?cep=5kXOO4MFQPiG4-nx64Yoh2So9CkSvRBX0j-z6CrrThPTOJXnqutSKwiU5ZOoUZYk0nWRhyas5sf0FnTUBPiP9BSin7qx8rY_Wm5c_D50ITSDDE9o7mwpvIOZiY_kKLSNwNkRvKQ9Z6VPxfqswdcliYUdE2Jlg1s_tW3aKQgYx7OiFE3ATpQUSYnidfwZ-_2hwvQUqo5EwphQ-RHES3aWk89wKYPUUiPkgQ4Nv8MIUdl55X-4MrQ1djsQsMP6zLHwGOADf1vkM2Vu-LmXNrqWXh2OadeSFB4pGKbwBVHGszMeybQM-PjVybiQ-qYytALukpP0jjXpspQZM9JBpvQ0wgPb_sk77g_133KDG1ByQ8g&lptoken=16d07076693c05c385d4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 16:13:06 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 08 Dec 2022 13:37:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6391e899-24c39"
Expires: Sun, 10 Dec 2023 16:13:06 GMT
Pragma: public
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2449
Expires: Sat, 10 Dec 2022 16:53:56 GMT
Date: Sat, 10 Dec 2022 16:13:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2449
Expires: Sat, 10 Dec 2022 16:53:56 GMT
Date: Sat, 10 Dec 2022 16:13:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2449
Expires: Sat, 10 Dec 2022 16:53:56 GMT
Date: Sat, 10 Dec 2022 16:13:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2449
Expires: Sat, 10 Dec 2022 16:53:56 GMT
Date: Sat, 10 Dec 2022 16:13:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2449
Expires: Sat, 10 Dec 2022 16:53:56 GMT
Date: Sat, 10 Dec 2022 16:13:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0df452512aae4c4c1f4a2cd263b16dfd
68bac75574641febc463bd0819392dae2da15811
e0a9301c5be849e116f1d98b819c2eb91f73e74d836f3e099f2cd266e8f0bb36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6ed8a5f4-45cd-45bd-9820-df450f612c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4E_-IAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-31d928fc430577b463a68bd0;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: YTqJN92gTy04q3obEXe4P1gmG2h9b2IQjjSkkUXyqnfFOL67uobN4Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:58:18 GMT
age: 65689
etag: "68bac75574641febc463bd0819392dae2da15811"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8caef8f-937f-4132-9440-daa516389582.png
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8caef8f-937f-4132-9440-daa516389582.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0cb823bf2991a7047962ee388f00dc0
4a0377cd21b6ab69f7e45392a547c9846e607464
86e8e629ffd2efe7c4c86a7e140412dae81a35376cb7f03ee511c6e1d023c788
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8caef8f-937f-4132-9440-daa516389582.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9948
x-amzn-requestid: 0b1400a6-7791-468f-a1d5-b46836e7b164
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMEGNZoAMF7ZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4d-124f9a6f03db01a67784657f;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oTKfu5W6CwOWjb8xOm9ZTu_X_w4JXU7uz4BstlwXZ9k8strPr9H4vg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:22 GMT
age: 65985
etag: "4a0377cd21b6ab69f7e45392a547c9846e607464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 05:47:56 GMT
age: 37511
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 052b61a3bd1c839e1f5ce37834cad817
1fbbf8fb328a1406904d6346004e2c89c6ba2419
96dcb266eaec98f6305071598df3b49ca93234e0e8b1c8c9801a1a99d7f5c817
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7811
x-amzn-requestid: dc97f86e-a29c-4139-887a-e775a0327280
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4EH_oAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-3a38086160ac180b3f8cf5d8;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TM_0Q_GmJDuXth6JpRvm_JAZXwT-xFZEjzuMeIzfzBu1J5jQ_Tng9A==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:15:38 GMT
etag: "1fbbf8fb328a1406904d6346004e2c89c6ba2419"
content-type: image/jpeg
age: 64649
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a164807db41edd8da259af2cec18b328
99f89631065869ff2f25762feb2f39af108b5ed8
400c635040d3d141ec35237e64380b7cd1ba02016a90e36e8376afc41a14cb0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3357
x-amzn-requestid: 860c993a-e391-474a-b306-064c0faabc67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eLwFaSoAMFwfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4b-30dcd029382c1d825f2a0791;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -MI_dPaTXZPndQzYo2R9p-UiDQNyRh76-XU2fhwjXyKiTVRLjNc3fQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:04:04 GMT
age: 65343
etag: "99f89631065869ff2f25762feb2f39af108b5ed8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e8e86712ca485e90f958dc16ec8dbff
78de6033ca9bca46953483801f19591c2ff47bbe
2984d8b533e095654d5e1c5fa826dc93cbd16ac8bdb5d974fd2d283a86f44874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9084
x-amzn-requestid: 80dfc074-73f4-4b47-95fb-57169d32cf6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNbHhYoAMF2Kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-6f54d0bf6d9246cd48d44352;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8aHbgs9DELCrVY_4QHSKpScXzzCW7bdBlNh_YEUGaas-bJTd9nsSVg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:07 GMT
age: 66000
etag: "78de6033ca9bca46953483801f19591c2ff47bbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2