urlquery - report: 95.211.16.242//mips.mips

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
r3.o.lencr.org (7)	344	2020-12-02 08:52:13 UTC	2022-10-04 04:17:22 UTC	23.36.77.32
content-signature-2.cdn.mozilla.net (5)	1152	2020-11-03 12:26:46 UTC	2022-10-04 04:29:41 UTC	143.204.55.25
firefox.settings.services.mozilla.com (15)	867	2020-05-27 20:08:30 UTC	2022-10-04 15:06:58 UTC	143.204.55.27
shavar.services.mozilla.com (1)	3602	2017-01-30 05:00:58 UTC	2022-10-04 05:04:37 UTC	52.88.11.165
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-10-04 04:45:06 UTC	34.208.31.97
detectportal.firefox.com (3)	1601	2017-01-30 00:03:31 UTC	2022-10-04 04:16:52 UTC	34.107.221.82
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-10-04 04:16:51 UTC	34.117.237.239
getpocket.cdn.mozilla.net (1)	1369	2017-08-31 07:41:15 UTC	2022-10-04 12:33:38 UTC	34.120.5.221
ocsp.digicert.com (2)	86	2012-05-21 07:02:23 UTC	2022-10-04 15:17:25 UTC	93.184.220.29
firefox-settings-attachments.cdn.mozilla.net (1)	11509	2019-11-30 09:32:57 UTC	2022-10-04 07:00:27 UTC	54.230.111.80
r3.o.lencr.org (7)	344	2020-12-02 08:52:13 UTC	2022-10-04 04:17:22 UTC	23.36.76.226
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-10-04 04:18:32 UTC	34.120.237.76
95.211.16.242 (1)	0	No data	No data	95.211.16.242	Unknown ranking

Scan Date	Severity	Indicator	Comment
2022-10-04	2	95.211.16.242//mips.mips	Malware

Date	UQ / IDS / BL	URL	IP
2023-03-17 14:26:43 +0000	0 - 2 - 2	95.211.16.242/mips.mips	95.211.16.242
2023-03-17 14:26:35 +0000	0 - 2 - 2	95.211.16.242//mips.mips	95.211.16.242
2023-03-17 04:06:39 +0000	0 - 2 - 2	95.211.16.242/mips.mips	95.211.16.242
2023-03-17 04:06:37 +0000	0 - 2 - 2	95.211.16.242//mips.mips	95.211.16.242
2023-03-17 00:42:58 +0000	0 - 2 - 2	95.211.16.242/mips.mips	95.211.16.242

Date	UQ / IDS / BL	URL	IP
2023-03-24 00:15:53 +0000	0 - 0 - 1	torrntvz.com/ping.php?partner=<html><head><ti (...)	212.32.237.101
2023-03-23 22:49:37 +0000	0 - 1 - 0	132007e51017.giselin.com/get2.php?c=XYWXBVWG& (...)	212.32.237.90
2023-03-23 22:13:05 +0000	0 - 6 - 3	o93iwn9woqlkwisv.appsync-api.eu-west-1.avsvmc (...)	62.212.82.215
2023-03-23 21:59:39 +0000	0 - 1 - 0	box.ladyjulina.com/	91.184.62.183
2023-03-23 21:56:22 +0000	0 - 1 - 0	zimbra.ladyjulina.com/	91.184.62.183

Date	UQ / IDS / BL	URL	IP
2022-10-21 19:04:59 +0000	0 - 0 - 1	95.211.16.242/mips.mips	95.211.16.242
2022-10-21 19:04:27 +0000	0 - 0 - 1	95.211.16.242//mips.mips	95.211.16.242
2022-10-16 02:36:28 +0000	0 - 0 - 1	95.211.16.242/mips.mips	95.211.16.242
2022-10-16 02:35:57 +0000	0 - 0 - 1	95.211.16.242//mips.mips	95.211.16.242
2022-10-14 06:44:37 +0000	0 - 0 - 1	95.211.16.242/mips.mips	95.211.16.242

Date	UQ / IDS / BL	URL	IP
2023-03-24 00:37:23 +0000	0 - 1 - 0	www.esprit-netzwerk.ch/NetOp_Fernzugriff.exe? (...)	149.126.4.108
2023-03-24 00:36:55 +0000	0 - 1 - 0	pkg-store.dl.mail.ru/packages/shop/0_2014012d (...)	188.93.63.73
2023-03-24 00:36:43 +0000	0 - 1 - 0	pkg-store.dl.mail.ru/packages/shop/0_2014012d (...)	188.93.63.73
2023-03-24 00:36:32 +0000	0 - 1 - 0	pkg-store.dl.mail.ru/packages/shop/0_2014012d (...)	188.93.63.73
2023-03-24 00:35:55 +0000	0 - 2 - 0	dl4.vessoft.com/files3/t/teleportpro_windows/ (...)	78.159.118.16

Request	Response
GET /success.txt?ipv4 HTTP/1.1 Host: detectportal.firefox.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: detectportal.firefox.com/success.txt?ipv4 FQDN: detectportal.firefox.com IP: 34.107.221.82 HASH: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5 34.107.221.82 HTTP/1.1 200 OK Content-Type: text/plain Server: nginx Content-Length: 8 Via: 1.1 google Date: Mon, 03 Oct 2022 18:54:28 GMT Age: 76359 Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600 --- Additional Info --- Magic: ASCII text Size: 8 Md5: ae780585f49b94ce1444eb7d28906123 Sha1: 7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86 Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET //mips.mips HTTP/1.1 Host: 95.211.16.242 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: 95.211.16.242//mips.mips FQDN: 95.211.16.242 IP: 95.211.16.242 HASH: 0976bb47a92c6f5b94789bdd2e915c665a73af7863b500d3b1b6da43d6155790 95.211.16.242 HTTP/1.1 200 OK Date: Tue, 04 Oct 2022 16:07:08 GMT Server: Apache/2.4.6 (CentOS) Last-Modified: Wed, 23 Feb 2022 11:45:28 GMT ETag: "11a80-5d8ae00874101" Accept-Ranges: bytes Content-Length: 72320 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive --- Additional Info --- Magic: ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV)\012- data Size: 72320 Md5: b25f33f3232fa349267cf20ad2d5d96c Sha1: 2190aca3005fee54692bc8d736163fb66c2e8ddf Sha256: 0976bb47a92c6f5b94789bdd2e915c665a73af7863b500d3b1b6da43d6155790 Alerts: Blocklists: - fortinet: Malware File Analyzers: - virustotal: 35/59
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6" Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3513 Expires: Tue, 04 Oct 2022 17:05:41 GMT Date: Tue, 04 Oct 2022 16:07:08 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9955bda9c9ef64bc5700a14af0bae25e Sha1: 8de7b7469e905af0374bdfcc3006bbb844f13e94 Sha256: 1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: d9230dfb0380145b6c68f4563395ea446a06dacd7effa999464d1075e462aaf3 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D9230DFB0380145B6C68F4563395EA446A06DACD7EFFA999464D1075E462AAF3" Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4823 Expires: Tue, 04 Oct 2022 17:27:32 GMT Date: Tue, 04 Oct 2022 16:07:09 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 08f810efc156198a6b11d2fc29f3085a Sha1: c938f92fc3173e5cb3725602f187f4b26cdba86d Sha256: d9230dfb0380145b6c68f4563395ea446a06dacd7effa999464d1075e462aaf3
GET /success.txt?ipv4 HTTP/1.1 Host: detectportal.firefox.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: detectportal.firefox.com/success.txt?ipv4 FQDN: detectportal.firefox.com IP: 34.107.221.82 HASH: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5 34.107.221.82 HTTP/1.1 200 OK Content-Type: text/plain Server: nginx Content-Length: 8 Via: 1.1 google Date: Mon, 03 Oct 2022 18:54:28 GMT Age: 76361 Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600 --- Additional Info --- Magic: ASCII text Size: 8 Md5: ae780585f49b94ce1444eb7d28906123 Sha1: 7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86 Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.25 HASH: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd 143.204.55.25 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Wed, 11 May 2022 19:51:39 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Tue, 04 Oct 2022 04:09:09 GMT etag: "48ca0beea419a9039591cf1aee5179e0" x-cache: Hit from cloudfront via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: n_31_5L3okRnjECwUiefzSaBc_uaqxXAy77pTy7JjXjYLioVwuBptg== age: 45768 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0 Sha1: 9e92629f505fcc07aab51221e8fe62197a23e307 Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 04 Oct 2022 16:07:09 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1 Host: getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: getpocket.cdn.mozilla.net/v3/firefox/global-recs?versio (...) FQDN: getpocket.cdn.mozilla.net IP: 34.120.5.221 HASH: ef47b91a5e45cf75b5cb715089734f736c77b05a3fe2ca4556dcab3e1fac3312 34.120.5.221 HTTP/2 200 OK content-type: application/json server: nginx vary: Accept-Encoding content-location: global-recs.php tcn: choice x-frame-options: SAMEORIGIN status: 200 OK x-source: Pocket pragma: cache p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE" x-cache: Hit from cloudfront x-amz-cf-pop: SEA19-C1 x-amz-cf-id: omZWCUxatnENgMEm7lhks41LNknqXunVe2iVTesOdLpwXVdLyef7tg== content-encoding: gzip via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google date: Tue, 04 Oct 2022 16:06:40 GMT age: 714 content-length: 46526 cache-control: s-maxage=900,public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (65536), with no line terminators Size: 46526 Md5: 2660cbf8ecce5390680b19ea121e1389 Sha1: 85a7ab77f8171b051d2262badc7fe890eccfd7c4 Sha256: ef47b91a5e45cf75b5cb715089734f736c77b05a3fe2ca4556dcab3e1fac3312
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After Cache-Control: max-age=3600 Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Tue, 04 Oct 2022 15:47:04 GMT X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: cFtyQBhdA2ITOV2lCtRQUXmcS0QRaH5Jzi9PSpEFk5S12NktNvmTgA== Age: 1205 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 1b3053fa528e28810f8a2cc9284cc921 Sha1: cca9eb471d941881a6b9a1793aecb6c281908f6a Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: fae76656f84415c6c3131e8b9bf7de17bb290f629f68589df9a876b74fe8d0cf 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4286 Cache-Control: 'max-age=158059' Date: Tue, 04 Oct 2022 16:07:09 GMT Last-Modified: Tue, 04 Oct 2022 14:55:43 GMT Server: ECS (ska/F716) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: ee0c3ad84c2ff07972a79d2646b14a6c Sha1: cf666144113016cef9a674e4e7400cdb123180eb Sha256: fae76656f84415c6c3131e8b9bf7de17bb290f629f68589df9a876b74fe8d0cf
GET /success.txt?ipv4 HTTP/1.1 Host: detectportal.firefox.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: detectportal.firefox.com/success.txt?ipv4 FQDN: detectportal.firefox.com IP: 34.107.221.82 HASH: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5 34.107.221.82 HTTP/1.1 200 OK Content-Type: text/plain Server: nginx Content-Length: 8 Via: 1.1 google Date: Mon, 03 Oct 2022 18:54:28 GMT Age: 76361 Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600 --- Additional Info --- Magic: ASCII text Size: 8 Md5: ae780585f49b94ce1444eb7d28906123 Sha1: 7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86 Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Cache-Control: max-age=3600, max-age=3600 Date: Tue, 04 Oct 2022 15:29:33 GMT Expires: Tue, 04 Oct 2022 16:18:32 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: oNb3XAEDo4Q4W4WC_u4RxhWVdG8g5BRJ8q7LIabE3osfxH9BESiOKA== Age: 2257 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1 Host: shavar.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 773 Connection: close Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: none Pragma: no-cache Cache-Control: no-cache	URL: shavar.services.mozilla.com/downloads?client=Firefox&ap (...) FQDN: shavar.services.mozilla.com IP: 52.88.11.165 HASH: ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b 52.88.11.165 HTTP/1.1 200 OK Content-Type: application/octet-stream Date: Tue, 04 Oct 2022 16:07:09 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Length: 8 Connection: Close --- Additional Info --- Magic: ASCII text Size: 8 Md5: 29fc57841962e407cb50c1be60284bf7 Sha1: ce968a77e2996da5eee8925182318f171ccdce47 Sha256: ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4662 Cache-Control: 'max-age=158059' Date: Tue, 04 Oct 2022 16:07:10 GMT Last-Modified: Tue, 04 Oct 2022 14:49:28 GMT Server: ECS (ska/F716) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 16ebfb2aa621547ecf581e26fc828a7d Sha1: f78993331f6f5b8af6409a9ad2fc50b77070f68a Sha256: 0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: uiAX469gTkdJNxfwUfo4ew== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 34.208.31.97 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 34.208.31.97 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: nSEru+ZpfjiYSZS8KLAy0ANF/HI= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221664891835347%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/monito (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 88ff375c5363b977008861795669ad3daaac80f0a9ca05f7d25ed7f47cbc40b6 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Tue, 04 Oct 2022 13:57:15 GMT X-Content-Type-Options: nosniff Content-Encoding: br Date: Tue, 04 Oct 2022 16:01:55 GMT Cache-Control: max-age=3600, max-age=3600 Expires: Tue, 04 Oct 2022 16:01:56 GMT Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: GCl7YvwXZcsC_OArk8HGS6MRk4nJ5i0bp-hjLWFCqbpC8o5f51baEw== Age: 315 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (22383), with no line terminators Size: 4713 Md5: eb5f014b16239a326d6d5de64a92d0e6 Sha1: 811c7a68a1b64404385bf308312dab57992598d6 Sha256: 88ff375c5363b977008861795669ad3daaac80f0a9ca05f7d25ed7f47cbc40b6
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1664843841165&_since=%221653914271178%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/blockl (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 47c0dd6c5fc10426222d636044456fa1a459f5a2a1e368e934c0202ab0593a4d 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Tue, 04 Oct 2022 00:37:21 GMT X-Content-Type-Options: nosniff Content-Encoding: br Date: Tue, 04 Oct 2022 15:44:30 GMT Cache-Control: max-age=3600 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: mP4nmBO8WNtqrZwqPhHtxlj_MwLfTT8j7S63Wg_gwKr29XyTaRZ8Gw== Age: 1442 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (65536), with no line terminators Size: 12694 Md5: 5cf185631def1f6c6cdc07f71b5bb09b Sha1: e77a3cb34d90c0b0e3a14ecec13022ccc338bdd8 Sha256: 47c0dd6c5fc10426222d636044456fa1a459f5a2a1e368e934c0202ab0593a4d
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.25 HASH: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78 143.204.55.25 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Fri, 30 Sep 2022 18:50:55 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Mon, 03 Oct 2022 22:29:48 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" x-cache: Hit from cloudfront via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: uY2VDSF0eWOCfDky7AvDphF59kI8lUz-UkkQfi4bZdZ3M_jDhx1DUg== age: 63443 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 67d5a988edcda47bc3b3b3f65d32b4b6 Sha1: d4f0e0da8b3690cc7da925026d3414b68c7d954f Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After Cache-Control: max-age=3600 Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Tue, 04 Oct 2022 15:47:04 GMT X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: OZu4NR9FyjWmjqNS5m5wVBQhTv-FUzRFuKPdbvK_Vsz0TZ61CSlCdg== Age: 1206 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 1b3053fa528e28810f8a2cc9284cc921 Sha1: cca9eb471d941881a6b9a1793aecb6c281908f6a Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin HTTP/1.1 Host: firefox-settings-attachments.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox-settings-attachments.cdn.mozilla.net/staging/ad (...) FQDN: firefox-settings-attachments.cdn.mozilla.net IP: 54.230.111.80 HASH: 34f969c8e082310785ec4262e2d5b58c919d4de856ffc64b3467507f83ac9571 54.230.111.80 HTTP/1.1 200 OK Content-Type: application/octet-stream Content-Length: 795699 Connection: keep-alive Last-Modified: Mon, 27 Jun 2022 12:39:11 GMT x-amz-version-id: 9np1boOrxtHVWzMczpbX1a.N_ewQWHDF Accept-Ranges: bytes Server: AmazonS3 Date: Tue, 04 Oct 2022 04:27:39 GMT ETag: "9b95765b0e26af76116a95a966d61354" X-Cache: Hit from cloudfront Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: yJjAsilD2slpAozgGC6i5pfZxRFrtNouhMydOMS-28_t3zZLdJAlvA== Age: 54200 --- Additional Info --- Magic: data Size: 795699 Md5: 9b95765b0e26af76116a95a966d61354 Sha1: 3f7c1b40fc999b83f3696f455402e49ab484b027 Sha256: 34f969c8e082310785ec4262e2d5b58c919d4de856ffc64b3467507f83ac9571
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1664841664930&_since=%221654732864402%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 0bf40e761d9808fd1603815b08d7b797ca7a9a25cefe0a0b0ed6941c8cbf2f0d 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Tue, 04 Oct 2022 00:01:04 GMT X-Content-Type-Options: nosniff Content-Encoding: br Date: Tue, 04 Oct 2022 15:36:41 GMT Cache-Control: max-age=3600 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: _mdYnsjF0qbl4nGDO5s-xK4KwMKrGpyDYmfPpCeLX2CLRDTKAAsDIQ== Age: 3343 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (58918), with no line terminators Size: 12205 Md5: bf797f1c12f4c97b84a1db110e6c9631 Sha1: 8aaabe0750b31d2a7394c54ebfbfc9d5aa7a933c Sha256: 0bf40e761d9808fd1603815b08d7b797ca7a9a25cefe0a0b0ed6941c8cbf2f0d
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Fri, 30 Sep 2022 18:50:55 GMT If-None-Match: "67d5a988edcda47bc3b3b3f65d32b4b6" TE: trailers	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.25 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 143.204.55.25 HTTP/2 304 Not Modified last-modified: Fri, 30 Sep 2022 18:50:55 GMT content-disposition: attachment server: AmazonS3 date: Mon, 03 Oct 2022 22:29:48 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" x-cache: Hit from cloudfront via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: uBrHJ3UOeiU1FB4aJI9MLVUKC_luF0gZduTYw5Dmn9MUmQN2J6wXMA== age: 63443 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1664576981597&_since=%221654636467710%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 86f672ecf608509aa0e411d8b80f9e4bb5c1e877040957d56a53ae69897d5ecd 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 30 Sep 2022 22:29:41 GMT X-Content-Type-Options: nosniff Content-Encoding: br Date: Tue, 04 Oct 2022 16:07:10 GMT Cache-Control: max-age=3600 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: uUrdinWtR9Be0ELq-2FCD9VRlXM6HeK5THOWlZxxCAuD4c0rv4ugRg== Age: 338 --- Additional Info --- Magic: ASCII text, with very long lines (31812), with no line terminators Size: 4522 Md5: 0a8cfe2efc6b0b24150c549ab477643e Sha1: ea11b76b989c1cca396d75cb40774bbd014ef689 Sha256: 86f672ecf608509aa0e411d8b80f9e4bb5c1e877040957d56a53ae69897d5ecd
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Fri, 30 Sep 2022 18:50:55 GMT If-None-Match: "67d5a988edcda47bc3b3b3f65d32b4b6" TE: trailers	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.25 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 143.204.55.25 HTTP/2 304 Not Modified last-modified: Fri, 30 Sep 2022 18:50:55 GMT content-disposition: attachment server: AmazonS3 date: Mon, 03 Oct 2022 22:29:48 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" x-cache: Hit from cloudfront via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 95V-7FeZT2eR130up5gR1WDdlUencouM5t7EHjOw2bcZR-0Zw8y2zQ== age: 63443 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 21c252701f27eb5480fb536f519278dcde70168b69c9cb6e225a01116a171a87 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Thu, 01 Sep 2022 14:54:45 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Content-Encoding: gzip Date: Tue, 04 Oct 2022 15:36:52 GMT Cache-Control: max-age=3600 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: YYVSCHHu4p-KrLypx4aMHycjzO5Lo6-tAmq1aPLF99pYp2c8iHH8eA== Age: 1883 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (20423), with no line terminators Size: 5855 Md5: 10baf28aac846a3698df02337eaf7cee Sha1: 6b67e052ee8a728c5481a6a6b54d6a0a4833638b Sha256: 21c252701f27eb5480fb536f519278dcde70168b69c9cb6e225a01116a171a87
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.25 HASH: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770 143.204.55.25 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Sat, 10 Sep 2022 18:47:45 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Tue, 04 Oct 2022 05:28:28 GMT etag: "6113f8408c59aebe188d6af273b90743" x-cache: Hit from cloudfront via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: mUTRJGqNGzlm16cQrJxmagdXxtdLYqyLhMLUvJj_b9VW0CHCEfPBOA== age: 38324 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 6113f8408c59aebe188d6af273b90743 Sha1: 7398873bf00f99944eaa77ad3ebc0d43c23dba6b Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 08e9a89b6e7d1515b92b073c37ae0f41e50d4df90247356043d03d9dbef29324 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Mon, 08 Aug 2022 02:06:49 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Content-Encoding: br Date: Tue, 04 Oct 2022 15:35:03 GMT Cache-Control: max-age=3600 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: rMhuPa32Ghkb6TXoJIrIaNFbjrYZCmx5rZ-txReMeLncTvEVeZlcMg== Age: 1932 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (1393), with no line terminators Size: 780 Md5: 7cc9023d283eac5c86c23ef7d8d53612 Sha1: 18ebd937973c42f4252969afbacab560993826e7 Sha256: 08e9a89b6e7d1515b92b073c37ae0f41e50d4df90247356043d03d9dbef29324
GET /v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: e93d587a4c0e1168b7c65a904f99bcdf262a8f0d70dcc716a95e9288c2a03e86 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Mon, 08 Aug 2022 02:07:26 GMT X-Content-Type-Options: nosniff Content-Encoding: gzip Date: Wed, 28 Sep 2022 05:56:48 GMT Cache-Control: max-age=2592000 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: l_gJrqLN31-OgYRTou1ryu-DTxEHKjCIYCGQhfU1eFjMgcQ3UA-R9w== Age: 555558 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (8682), with no line terminators Size: 3275 Md5: a3d031972a53ce7c0335f6110586ec9c Sha1: 4c32da8a240101524c01ec333cc53a07f1d2ebff Sha256: e93d587a4c0e1168b7c65a904f99bcdf262a8f0d70dcc716a95e9288c2a03e86
GET /v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 3d9c1eac8a6567be6c86a852c60704f8387d24603ea87b2b61d9d3bc6e33be0a 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Mon, 22 Aug 2022 20:25:49 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Content-Encoding: gzip Date: Tue, 04 Oct 2022 15:44:23 GMT Cache-Control: max-age=3600 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: X_Id2MFLRfHq2C9AbSRMRsisJ0Qvysg53z9jRLq1jwiPmDZfs3zpCA== Age: 1390 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (14029), with no line terminators Size: 3393 Md5: 28bf4850d0381c6e4a223d862f122b2d Sha1: aaaf470779861678a2cd105303b37cdefc93302f Sha256: 3d9c1eac8a6567be6c86a852c60704f8387d24603ea87b2b61d9d3bc6e33be0a
GET /v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: d96caf25a8a96003398ac403de9b499673bfcb56643a710f0c54433153655427 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Wed, 03 Aug 2022 17:26:35 GMT X-Content-Type-Options: nosniff Content-Encoding: br Date: Tue, 04 Oct 2022 15:28:26 GMT Cache-Control: max-age=3600 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: Q9XLs4AvVQ7a-nVAfOU3i41OfE-U5EWhBDB8EFECzPjKFiJ95rymaw== Age: 2419 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (3678), with no line terminators Size: 1411 Md5: 198ef0717b8812aadc957d1e2ff4aafb Sha1: 08061aca9c054ec44311c30eb09c67ee1e80fd47 Sha256: d96caf25a8a96003398ac403de9b499673bfcb56643a710f0c54433153655427
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 132e8f66a926b19d6a3ff32ca5bf385272b3b9be5e748cd21b9bb02a13a661e9 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 682 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Mon, 26 Sep 2022 16:36:56 GMT X-Content-Type-Options: nosniff Date: Tue, 04 Oct 2022 15:42:27 GMT Cache-Control: no-cache, no-store, max-age=3600 ETag: "1664210216116" X-Cache: Hit from cloudfront Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: 2ATeuNkgUj1Jvm-y6-KrXGdDao4qpK6bvnt4PHMcJsJZvlKVcD-aAw== Age: 1485 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (682), with no line terminators Size: 682 Md5: 4e767b65980ef55063cce1d7f423c58e Sha1: f6f9756deac632f187752ff6708a2e3a71a04ebc Sha256: 132e8f66a926b19d6a3ff32ca5bf385272b3b9be5e748cd21b9bb02a13a661e9
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 7c9d70c6fbae326155f72c8d40252871c3067597192f4d604cc2b46dfd4b2527 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Thu, 30 Jun 2022 10:44:53 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Content-Encoding: br Date: Mon, 03 Oct 2022 15:57:46 GMT Cache-Control: max-age=259200 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: 4-pcPWR9mXp0AP0VtMRn5qCI8BBxpxnNKHKV4ox5AVTo5egJavl6CQ== Age: 87013 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (1710), with no line terminators Size: 900 Md5: 7b0f15820fbc79772d69b103cb111800 Sha1: 92ccda464b19ef35736c03edd82b578661361212 Sha256: 7c9d70c6fbae326155f72c8d40252871c3067597192f4d604cc2b46dfd4b2527
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 16e99009a0917eedd380140055d06b29d6709bd469d694d078c013f7c104367a 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Wed, 13 Jul 2022 21:25:10 GMT X-Content-Type-Options: nosniff Content-Encoding: gzip Date: Tue, 04 Oct 2022 15:38:01 GMT Cache-Control: max-age=3600 Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: 3xOCdEuSuZP9pJhTP5F9qhuuG0sMfZFQAiBJkn0UO-TsjMTYZ2UY4Q== Age: 1790 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (2194), with no line terminators Size: 1080 Md5: 4286df03a653e5b403e88a8d28933306 Sha1: 8f974648aef7d271443707ce3a6eba8d9a117872 Sha256: 16e99009a0917eedd380140055d06b29d6709bd469d694d078c013f7c104367a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D" Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3976 Expires: Tue, 04 Oct 2022 17:13:27 GMT Date: Tue, 04 Oct 2022 16:07:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ff433c9569a3557d806b1480aeafece9 Sha1: 20bbd46383b85326837f45290ff87df708b3b310 Sha256: e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D" Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3976 Expires: Tue, 04 Oct 2022 17:13:27 GMT Date: Tue, 04 Oct 2022 16:07:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ff433c9569a3557d806b1480aeafece9 Sha1: 20bbd46383b85326837f45290ff87df708b3b310 Sha256: e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D" Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4008 Expires: Tue, 04 Oct 2022 17:13:59 GMT Date: Tue, 04 Oct 2022 16:07:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ff433c9569a3557d806b1480aeafece9 Sha1: 20bbd46383b85326837f45290ff87df708b3b310 Sha256: e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D" Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4008 Expires: Tue, 04 Oct 2022 17:13:59 GMT Date: Tue, 04 Oct 2022 16:07:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ff433c9569a3557d806b1480aeafece9 Sha1: 20bbd46383b85326837f45290ff87df708b3b310 Sha256: e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D" Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3976 Expires: Tue, 04 Oct 2022 17:13:27 GMT Date: Tue, 04 Oct 2022 16:07:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ff433c9569a3557d806b1480aeafece9 Sha1: 20bbd46383b85326837f45290ff87df708b3b310 Sha256: e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9917 x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZcpvTGEnIAMF1zg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0 x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Oct 2022 21:44:20 GMT age: 66171 etag: "22aab05208a01ae5def4d63dc145085630f57bcb" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9917 Md5: d8c08f8066cc732de8befd6ccd629a95 Sha1: 22aab05208a01ae5def4d63dc145085630f57bcb Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5adb9dd0-c21d-4cd0-8ffd-04efc8b9dc4b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: c9c0e66132efff0ba7fda3a5ff771a089d36b9566aac0cd3b1ccde3adc67b043 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 16247 x-amzn-requestid: b81ea53b-2591-4c86-b019-d0f1a330c1db x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZcpvTHR3oAMF6eQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-633b5661-43713e23070d4d935033616a;Sampled=0 x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: Gb2xTjC0o7Sbqk21hqU1_fY8u33GrJzhHtdz7a2fryYD7xFjXKGDKQ== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Oct 2022 21:44:20 GMT age: 66171 etag: "b5103d52781a6a139cb87fbcd41757d79347bc97" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 16247 Md5: d0bf28d3c594b68bdaff2db4a30c479a Sha1: b5103d52781a6a139cb87fbcd41757d79347bc97 Sha256: c9c0e66132efff0ba7fda3a5ff771a089d36b9566aac0cd3b1ccde3adc67b043
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6315 x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZWSdsHUnIAMFXtw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0 x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ== via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google date: Tue, 04 Oct 2022 04:42:51 GMT age: 41060 etag: "58ff0bf8ce7528b303d28bab01a80ad721705569" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6315 Md5: 206fb65e75dbadf119512f71e0b78402 Sha1: 58ff0bf8ce7528b303d28bab01a80ad721705569 Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5504 x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZcpHvHPvoAMF3mg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0 x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Oct 2022 21:44:33 GMT age: 66158 etag: "20ef861be49c652a938e0145e4ca3a60159367e2" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5504 Md5: 6c6882c60d7ca6f918c77104e3ad1d52 Sha1: 20ef861be49c652a938e0145e4ca3a60159367e2 Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4858 x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZcpvTEfPoAMFfeQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0 x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT x-amz-cf-pop: SFO5-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA== via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Oct 2022 21:44:20 GMT age: 66171 etag: "585e7146fd24cdc2496b05baafea04091dc541e2" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4858 Md5: 6779181f9c06975f2a662da743893939 Sha1: 585e7146fd24cdc2496b05baafea04091dc541e2 Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11955 x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Zcqb9FUtoAMF0WQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0 x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 44jC1Ww19YUJjZHw9_3cSSR5Y7nw5df412G-RxWFTcbRz1XDKaT3zQ== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Oct 2022 21:44:35 GMT age: 66156 etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11955 Md5: 54b3ef7aa50273b78b59c24511b0c1f9 Sha1: e2ea2ef6805e391c497e62e101e76a0bdecfce64 Sha256: 296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457

                                        
                                            GET /success.txt?ipv4 HTTP/1.1 

                                        
                                            
Host: detectportal.firefox.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         34.107.221.82

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/plain

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 8 

                                        
                                            
Via: 1.1 google 

                                        
                                            
Date: Mon, 03 Oct 2022 18:54:28 GMT 

                                        
                                            
Age: 76359 

                                        
                                            
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   8

                                                Md5:    ae780585f49b94ce1444eb7d28906123

                                                Sha1:   7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86

                                                Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6" 

                                        
                                            
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3513 

                                        
                                            
Expires: Tue, 04 Oct 2022 17:05:41 GMT 

                                        
                                            
Date: Tue, 04 Oct 2022 16:07:08 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    9955bda9c9ef64bc5700a14af0bae25e

                                                Sha1:   8de7b7469e905af0374bdfcc3006bbb844f13e94

                                                Sha256: 1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6

                                        
                                            GET /success.txt?ipv4 HTTP/1.1 

                                        
                                            
Host: detectportal.firefox.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         34.107.221.82

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/plain

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 8 

                                        
                                            
Via: 1.1 google 

                                        
                                            
Date: Mon, 03 Oct 2022 18:54:28 GMT 

                                        
                                            
Age: 76361 

                                        
                                            
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   8

                                                Md5:    ae780585f49b94ce1444eb7d28906123

                                                Sha1:   7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86

                                                Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 04 Oct 2022 16:07:09 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 939 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Date: Tue, 04 Oct 2022 15:47:04 GMT 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: cFtyQBhdA2ITOV2lCtRQUXmcS0QRaH5Jzi9PSpEFk5S12NktNvmTgA== 

                                        
                                            
Age: 1205 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    1b3053fa528e28810f8a2cc9284cc921

                                                Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a

                                                Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

                                        
                                            GET /success.txt?ipv4 HTTP/1.1 

                                        
                                            
Host: detectportal.firefox.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         34.107.221.82

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/plain

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 8 

                                        
                                            
Via: 1.1 google 

                                        
                                            
Date: Mon, 03 Oct 2022 18:54:28 GMT 

                                        
                                            
Age: 76361 

                                        
                                            
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   8

                                                Md5:    ae780585f49b94ce1444eb7d28906123

                                                Sha1:   7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86

                                                Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

                                        
                                            POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1 

                                        
                                            
Host: shavar.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain 

                                        
                                            
Content-Length: 773 

                                        
                                            
Connection: close 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: none 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         52.88.11.165

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/octet-stream

                                        

                                        
                                            
Date: Tue, 04 Oct 2022 16:07:09 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000; includeSubDomains 

                                        
                                            
Content-Length: 8 

                                        
                                            
Connection: Close 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   8

                                                Md5:    29fc57841962e407cb50c1be60284bf7

                                                Sha1:   ce968a77e2996da5eee8925182318f171ccdce47

                                                Sha256: ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: uiAX469gTkdJNxfwUfo4ew== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         34.208.31.97

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: nSEru+ZpfjiYSZS8KLAy0ANF/HI= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1664843841165&_since=%221653914271178%22 HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Tue, 04 Oct 2022 00:37:21 GMT 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Content-Encoding: br 

                                        
                                            
Date: Tue, 04 Oct 2022 15:44:30 GMT 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: mP4nmBO8WNtqrZwqPhHtxlj_MwLfTT8j7S63Wg_gwKr29XyTaRZ8Gw== 

                                        
                                            
Age: 1442 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators

                                                Size:   12694

                                                Md5:    5cf185631def1f6c6cdc07f71b5bb09b

                                                Sha1:   e77a3cb34d90c0b0e3a14ecec13022ccc338bdd8

                                                Sha256: 47c0dd6c5fc10426222d636044456fa1a459f5a2a1e368e934c0202ab0593a4d

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 939 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Date: Tue, 04 Oct 2022 15:47:04 GMT 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: OZu4NR9FyjWmjqNS5m5wVBQhTv-FUzRFuKPdbvK_Vsz0TZ61CSlCdg== 

                                        
                                            
Age: 1206 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    1b3053fa528e28810f8a2cc9284cc921

                                                Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a

                                                Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

                                        
                                            GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1664841664930&_since=%221654732864402%22 HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Tue, 04 Oct 2022 00:01:04 GMT 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Content-Encoding: br 

                                        
                                            
Date: Tue, 04 Oct 2022 15:36:41 GMT 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: _mdYnsjF0qbl4nGDO5s-xK4KwMKrGpyDYmfPpCeLX2CLRDTKAAsDIQ== 

                                        
                                            
Age: 3343 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (58918), with no line terminators

                                                Size:   12205

                                                Md5:    bf797f1c12f4c97b84a1db110e6c9631

                                                Sha1:   8aaabe0750b31d2a7394c54ebfbfc9d5aa7a933c

                                                Sha256: 0bf40e761d9808fd1603815b08d7b797ca7a9a25cefe0a0b0ed6941c8cbf2f0d

                                        
                                            GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1664576981597&_since=%221654636467710%22 HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Fri, 30 Sep 2022 22:29:41 GMT 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Content-Encoding: br 

                                        
                                            
Date: Tue, 04 Oct 2022 16:07:10 GMT 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: uUrdinWtR9Be0ELq-2FCD9VRlXM6HeK5THOWlZxxCAuD4c0rv4ugRg== 

                                        
                                            
Age: 338 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (31812), with no line terminators

                                                Size:   4522

                                                Md5:    0a8cfe2efc6b0b24150c549ab477643e

                                                Sha1:   ea11b76b989c1cca396d75cb40774bbd014ef689

                                                Sha256: 86f672ecf608509aa0e411d8b80f9e4bb5c1e877040957d56a53ae69897d5ecd

                                        
                                            GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22 HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Thu, 01 Sep 2022 14:54:45 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Tue, 04 Oct 2022 15:36:52 GMT 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: YYVSCHHu4p-KrLypx4aMHycjzO5Lo6-tAmq1aPLF99pYp2c8iHH8eA== 

                                        
                                            
Age: 1883 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (20423), with no line terminators

                                                Size:   5855

                                                Md5:    10baf28aac846a3698df02337eaf7cee

                                                Sha1:   6b67e052ee8a728c5481a6a6b54d6a0a4833638b

                                                Sha256: 21c252701f27eb5480fb536f519278dcde70168b69c9cb6e225a01116a171a87

                                        
                                            GET /v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22 HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Mon, 08 Aug 2022 02:06:49 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Content-Encoding: br 

                                        
                                            
Date: Tue, 04 Oct 2022 15:35:03 GMT 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: rMhuPa32Ghkb6TXoJIrIaNFbjrYZCmx5rZ-txReMeLncTvEVeZlcMg== 

                                        
                                            
Age: 1932 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (1393), with no line terminators

                                                Size:   780

                                                Md5:    7cc9023d283eac5c86c23ef7d8d53612

                                                Sha1:   18ebd937973c42f4252969afbacab560993826e7

                                                Sha256: 08e9a89b6e7d1515b92b073c37ae0f41e50d4df90247356043d03d9dbef29324

                                        
                                            GET /v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22 HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Mon, 22 Aug 2022 20:25:49 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Tue, 04 Oct 2022 15:44:23 GMT 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: X_Id2MFLRfHq2C9AbSRMRsisJ0Qvysg53z9jRLq1jwiPmDZfs3zpCA== 

                                        
                                            
Age: 1390 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (14029), with no line terminators

                                                Size:   3393

                                                Md5:    28bf4850d0381c6e4a223d862f122b2d

                                                Sha1:   aaaf470779861678a2cd105303b37cdefc93302f

                                                Sha256: 3d9c1eac8a6567be6c86a852c60704f8387d24603ea87b2b61d9d3bc6e33be0a

                                        
                                            GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 682 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Mon, 26 Sep 2022 16:36:56 GMT 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Date: Tue, 04 Oct 2022 15:42:27 GMT 

                                        
                                            
Cache-Control: no-cache, no-store, max-age=3600 

                                        
                                            
ETag: "1664210216116" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: 2ATeuNkgUj1Jvm-y6-KrXGdDao4qpK6bvnt4PHMcJsJZvlKVcD-aAw== 

                                        
                                            
Age: 1485 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (682), with no line terminators

                                                Size:   682

                                                Md5:    4e767b65980ef55063cce1d7f423c58e

                                                Sha1:   f6f9756deac632f187752ff6708a2e3a71a04ebc

                                                Sha256: 132e8f66a926b19d6a3ff32ca5bf385272b3b9be5e748cd21b9bb02a13a661e9

                                        
                                            GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22 HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Wed, 13 Jul 2022 21:25:10 GMT 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Tue, 04 Oct 2022 15:38:01 GMT 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: 3xOCdEuSuZP9pJhTP5F9qhuuG0sMfZFQAiBJkn0UO-TsjMTYZ2UY4Q== 

                                        
                                            
Age: 1790 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (2194), with no line terminators

                                                Size:   1080

                                                Md5:    4286df03a653e5b403e88a8d28933306

                                                Sha1:   8f974648aef7d271443707ce3a6eba8d9a117872

                                                Sha256: 16e99009a0917eedd380140055d06b29d6709bd469d694d078c013f7c104367a

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D" 

                                        
                                            
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3976 

                                        
                                            
Expires: Tue, 04 Oct 2022 17:13:27 GMT 

                                        
                                            
Date: Tue, 04 Oct 2022 16:07:11 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    ff433c9569a3557d806b1480aeafece9

                                                Sha1:   20bbd46383b85326837f45290ff87df708b3b310

                                                Sha256: e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D" 

                                        
                                            
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4008 

                                        
                                            
Expires: Tue, 04 Oct 2022 17:13:59 GMT 

                                        
                                            
Date: Tue, 04 Oct 2022 16:07:11 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    ff433c9569a3557d806b1480aeafece9

                                                Sha1:   20bbd46383b85326837f45290ff87df708b3b310

                                                Sha256: e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 9917 

                                        
                                            
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ZcpvTGEnIAMF1zg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ== 

                                        
                                            
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Mon, 03 Oct 2022 21:44:20 GMT 

                                        
                                            
age: 66171 

                                        
                                            
etag: "22aab05208a01ae5def4d63dc145085630f57bcb" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9917

                                                Md5:    d8c08f8066cc732de8befd6ccd629a95

                                                Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb

                                                Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6315 

                                        
                                            
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ZWSdsHUnIAMFXtw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ== 

                                        
                                            
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 04 Oct 2022 04:42:51 GMT 

                                        
                                            
age: 41060 

                                        
                                            
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6315

                                                Md5:    206fb65e75dbadf119512f71e0b78402

                                                Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569

                                                Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 4858 

                                        
                                            
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ZcpvTEfPoAMFfeQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT 

                                        
                                            
x-amz-cf-pop: SFO5-P2, SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA== 

                                        
                                            
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Mon, 03 Oct 2022 21:44:20 GMT 

                                        
                                            
age: 66171 

                                        
                                            
etag: "585e7146fd24cdc2496b05baafea04091dc541e2" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   4858

                                                Md5:    6779181f9c06975f2a662da743893939

                                                Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2

                                                Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985

URL	95.211.16.242//mips.mips
IP	95.211.16.242 (Netherlands)
ASN	#60781 LeaseWeb Netherlands B.V.
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-10-04 16:07:23 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (13)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 95.211.16.242

Last 5 reports on ASN: LeaseWeb Netherlands B.V.

Last 5 reports on domain: 95.211.16.242.

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (44)

Overview

Domain Summary (13)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 95.211.16.242

Last 5 reports on ASN: LeaseWeb Netherlands B.V.

Last 5 reports on domain: 95.211.16.242.

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (44)

Network Intrusion Detection Systems