r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7e300ca7d2d586dd1ca0c185ef6b0da5
3914cfd3b7aa6e1d1117bf509319479e489ed2a4
91c8810ad137faf4393f7d15f9c619c06d124a7aaebfa21290dca614db2c7757
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91C8810AD137FAF4393F7D15F9C619C06D124A7AAEBFA21290DCA614DB2C7757"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14902
Expires: Sat, 24 Dec 2022 15:10:28 GMT
Date: Sat, 24 Dec 2022 11:02:06 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d6a971d765338f107fe9d2c67fa4bbdf
a72bdf191446a37fa0420cc9d7c087aaff757cd6
dc5291c136b0b81621a02679a31f6b7c852e2803429d54c2a9afcc8edf031328
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC5291C136B0B81621A02679A31F6B7C852E2803429D54C2A9AFCC8EDF031328"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2767
Expires: Sat, 24 Dec 2022 11:48:13 GMT
Date: Sat, 24 Dec 2022 11:02:06 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7f0ad5c2841a345f98197c2f1e86f4d
84cbfd91934a8715baba4a2da46451f35597c99c
be30540f2e06a3565c9b38bdbb9691f707d692b196bdcef5d671708aa9609795
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE30540F2E06A3565C9B38BDBB9691F707D692B196BDCEF5D671708AA9609795"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6045
Expires: Sat, 24 Dec 2022 12:42:51 GMT
Date: Sat, 24 Dec 2022 11:02:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 24 Dec 2022 10:46:14 GMT
content-type: application/json
age: 952
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: H7q7su++wMaJXQyfK2JJ10AUh3j2F0a10DzP8JChi/Q1mnFAcBIV7dFXCvHxBzL6RpIMUFTpTnQ=
x-amz-request-id: 09PYKRAKST5QGZQA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 24 Dec 2022 10:56:34 GMT
age: 332
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.discover.point-blank-impression.com/bb/VF1cIFRZY1pkMWhaX1VWY15WY1YfVGBeICInJCohICUqJCooJx4jISkjJCkeIiEpKSEoHickKCUmHiEeISA9Ul9VWl9YNF1aVFwgXVJfVVpfWFRdWlRcLiIdZ1ZjWldqWl9lLiEdZGZTW1ZUZV9mXlNWYy4lKR1VUmVWLiIjIyIjIx1UUl5hUlpYX1pVLiUqJCooJx1UY1ZSZVpnVlpVLickKCUmHVVSZVJdWmRlWlUuIickKiYiHVZfZVplalRgVVYuISIoIFJUXF9gaF1WVVhWXlZfZR9kWVpXZVpfWFpeYWNWZGRaYF9kH19WZQ==
302 Found 307 B URL HTTP/1.1 www.discover.point-blank-impression.com/bb/VF1cIFRZY1pkMWhaX1VWY15WY1YfVGBeICInJCohICUqJCooJx4jISkjJCkeIiEpKSEoHickKCUmHiEeISA9Ul9VWl9YNF1aVFwgXVJfVVpfWFRdWlRcLiIdZ1ZjWldqWl9lLiEdZGZTW1ZUZV9mXlNWYy4lKR1VUmVWLiIjIyIjIx1UUl5hUlpYX1pVLiUqJCooJx1UY1ZSZVpnVlpVLickKCUmHVVSZVJdWmRlWlUuIickKiYiHVZfZVplalRgVVYuISIoIFJUXF9gaF1WVVhWXlZfZR9kWVpXZVpfWFpeYWNWZGRaYF9kH19WZQ==
IP
ASN #209945 Viasat Cloud SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c136848ccf0068291405cec860a7dcfc
e8bd52b5bd62379f2b9a111b832d59e8a4300a9e
50bf38927a1b3cb14a434ac52ed6bb5c1148f758b7800f417fe4c02c6eaacc78
Analyzer Verdict Alert fortinet Phishing
GET /bb/VF1cIFRZY1pkMWhaX1VWY15WY1YfVGBeICInJCohICUqJCooJx4jISkjJCkeIiEpKSEoHickKCUmHiEeISA9Ul9VWl9YNF1aVFwgXVJfVVpfWFRdWlRcLiIdZ1ZjWldqWl9lLiEdZGZTW1ZUZV9mXlNWYy4lKR1VUmVWLiIjIyIjIx1UUl5hUlpYX1pVLiUqJCooJx1UY1ZSZVpnVlpVLickKCUmHVVSZVJdWmRlWlUuIickKiYiHVZfZVplalRgVVYuISIoIFJUXF9gaF1WVVhWXlZfZR9kWVpXZVpfWFpeYWNWZGRaYF9kH19WZQ== HTTP/1.1
Host: www.discover.point-blank-impression.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 24 Dec 2022 11:02:05 GMT
Server: Microsoft-IIS/10.0
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://acknowledgement.shiftingimpressions.net/international.aspx?p=YWNrbm93bGVkZ2VtZW50LnNoaWZ0aW5naW1wcmVzc2lvbnMubmV0LGNocmlzQHdpbmRlcm1lcmUuY29tLDQ5Mzk3Ni0yMDgyMzgtMTA4ODA3LTYzNzQ1LTAtMA
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 307
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 11:02:06 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 24 Dec 2022 10:33:25 GMT
age: 1722
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
acknowledgement.shiftingimpressions.net/international.aspx?p=YWNrbm93bGVkZ2VtZW50LnNoaWZ0aW5naW1wcmVzc2lvbnMubmV0LGNocmlzQHdpbmRlcm1lcmUuY29tLDQ5Mzk3Ni0yMDgyMzgtMTA4ODA3LTYzNzQ1LTAtMA
200 OK 3.1 kB URL HTTP/1.1 acknowledgement.shiftingimpressions.net/international.aspx?p=YWNrbm93bGVkZ2VtZW50LnNoaWZ0aW5naW1wcmVzc2lvbnMubmV0LGNocmlzQHdpbmRlcm1lcmUuY29tLDQ5Mzk3Ni0yMDgyMzgtMTA4ODA3LTYzNzQ1LTAtMA
IP
ASN #209945 Viasat Cloud SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, Unicode text, UTF-8 text, with very long lines (352), with CRLF line terminators
Hash d0134e555628f0cfbd691e073c53381f
6c0388bc000bef0f1007ed976ab6a2dd6c3f5be7
d2534c6055c8a36cf316e83a325a9473ac0f6a384cfdbf5313288e41ec9f9f0f
Analyzer Verdict Alert fortinet Phishing
GET /international.aspx?p=YWNrbm93bGVkZ2VtZW50LnNoaWZ0aW5naW1wcmVzc2lvbnMubmV0LGNocmlzQHdpbmRlcm1lcmUuY29tLDQ5Mzk3Ni0yMDgyMzgtMTA4ODA3LTYzNzQ1LTAtMA HTTP/1.1
Host: acknowledgement.shiftingimpressions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 11:02:06 GMT
Server: Microsoft-IIS/10.0
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 3073
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
ocsp.digicert.com/
200 OK 471 B IP
Hash d7938ab2263405a708c44813f3e16cb8
3ba9f4363ecc2834ea1211f761ce2d04e0077ab3
8a8ef4218bcd8ecb1f12ecdb74f3f453a7093be8dd3c233615577dcc9b40fa92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5335
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 11:02:07 GMT
Last-Modified: Sat, 24 Dec 2022 09:33:12 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
acknowledgement.shiftingimpressions.net/tracking/WebResource.axd?d=M0sccuGn06SxUjLI5ZV5hg0w_1Uc5hm3-sNpjbbT-qIKDM6Km1yvhQe1v1j8HI6j4QMb-7gMYXeO-b8sLeqJI4L2phWB-SDOagNYBb8iNo81&t=636403334294818574
200 OK 6.0 kB URL HTTP/1.1 acknowledgement.shiftingimpressions.net/tracking/WebResource.axd?d=M0sccuGn06SxUjLI5ZV5hg0w_1Uc5hm3-sNpjbbT-qIKDM6Km1yvhQe1v1j8HI6j4QMb-7gMYXeO-b8sLeqJI4L2phWB-SDOagNYBb8iNo81&t=636403334294818574
IP
ASN #209945 Viasat Cloud SRL
File type ASCII text, with CRLF line terminators
Hash 06fd446079195e9866f38728a31b8416
bce7935598a51703a7077dd75e1d30882533c6e1
5466d19b6349cc09de47de356c3195b2fd367a5ab8f1c55e8aaf2f296915d46d
GET /tracking/WebResource.axd?d=M0sccuGn06SxUjLI5ZV5hg0w_1Uc5hm3-sNpjbbT-qIKDM6Km1yvhQe1v1j8HI6j4QMb-7gMYXeO-b8sLeqJI4L2phWB-SDOagNYBb8iNo81&t=636403334294818574 HTTP/1.1
Host: acknowledgement.shiftingimpressions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://acknowledgement.shiftingimpressions.net/international.aspx?p=YWNrbm93bGVkZ2VtZW50LnNoaWZ0aW5naW1wcmVzc2lvbnMubmV0LGNocmlzQHdpbmRlcm1lcmUuY29tLDQ5Mzk3Ni0yMDgyMzgtMTA4ODA3LTYzNzQ1LTAtMA
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 11:02:06 GMT
Server: Microsoft-IIS/10.0
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Sun, 24 Dec 2023 09:15:39 GMT
Last-Modified: Thu, 07 Sep 2017 02:23:49 GMT
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 6007
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RDCqxYvKKuCsJwAOBEONdw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fum5Fv6U5X6kp9cTqm7S3FJgaNs=
acknowledgement.shiftingimpressions.net/tracking/ScriptResource.axd?d=IajhcJJGm1BCENvzSITUXIrCGRFoq3St9mJAPo6NHvzvdT9qAq9mLIRUxuFMIUI4CMS_FcyqqjYdqVrjNbuqJw2qcvmky37PcDvbWV9le0JMvM1ljA5VrOTO6ElOJo4kwZPwQXE3Ci7P4041bLfs4VwjeDRzOLUcHgOSLX0chz631JSBh9xlWkoQDIpRwXMP0&t=3d6efc1f
200 OK 15 kB URL HTTP/1.1 acknowledgement.shiftingimpressions.net/tracking/ScriptResource.axd?d=IajhcJJGm1BCENvzSITUXIrCGRFoq3St9mJAPo6NHvzvdT9qAq9mLIRUxuFMIUI4CMS_FcyqqjYdqVrjNbuqJw2qcvmky37PcDvbWV9le0JMvM1ljA5VrOTO6ElOJo4kwZPwQXE3Ci7P4041bLfs4VwjeDRzOLUcHgOSLX0chz631JSBh9xlWkoQDIpRwXMP0&t=3d6efc1f
IP
ASN #209945 Viasat Cloud SRL
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 920d5a308e191f3eb45e339d4ec0c6c0
e876779528aca5dbb8176d8a0d4c6fef3bb55997
a10901b062cf38ec26dced20aa6e21ae648da3f7b2329d312213bf65410fd5eb
GET /tracking/ScriptResource.axd?d=IajhcJJGm1BCENvzSITUXIrCGRFoq3St9mJAPo6NHvzvdT9qAq9mLIRUxuFMIUI4CMS_FcyqqjYdqVrjNbuqJw2qcvmky37PcDvbWV9le0JMvM1ljA5VrOTO6ElOJo4kwZPwQXE3Ci7P4041bLfs4VwjeDRzOLUcHgOSLX0chz631JSBh9xlWkoQDIpRwXMP0&t=3d6efc1f HTTP/1.1
Host: acknowledgement.shiftingimpressions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://acknowledgement.shiftingimpressions.net/international.aspx?p=YWNrbm93bGVkZ2VtZW50LnNoaWZ0aW5naW1wcmVzc2lvbnMubmV0LGNocmlzQHdpbmRlcm1lcmUuY29tLDQ5Mzk3Ni0yMDgyMzgtMTA4ODA3LTYzNzQ1LTAtMA
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 11:02:06 GMT
Server: Microsoft-IIS/10.0
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Sun, 24 Dec 2023 11:01:02 GMT
Last-Modified: Sat, 24 Dec 2022 11:01:02 GMT
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 15430
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
acknowledgement.shiftingimpressions.net/tracking/ScriptResource.axd?d=0m_JWCYc_-RlfmQfsMH3d4TE6qOEFvk_8ZZNAmSF5pKf3t6EFsKui0cGvOpi5SKcs71CK1lEtTQz1pcamd_SZJRAmYxkOaqkK8FI61tIr2hWKMrsOQssSXT8n-1QZawrhqNgsWd_m3dVMsWcg4bvGUPSt1yVv4ZnLYDwMpX6KCtSjlty1mIA1zDZAk_63QIr0&t=3d6efc1f
200 OK 48 kB URL HTTP/1.1 acknowledgement.shiftingimpressions.net/tracking/ScriptResource.axd?d=0m_JWCYc_-RlfmQfsMH3d4TE6qOEFvk_8ZZNAmSF5pKf3t6EFsKui0cGvOpi5SKcs71CK1lEtTQz1pcamd_SZJRAmYxkOaqkK8FI61tIr2hWKMrsOQssSXT8n-1QZawrhqNgsWd_m3dVMsWcg4bvGUPSt1yVv4ZnLYDwMpX6KCtSjlty1mIA1zDZAk_63QIr0&t=3d6efc1f
IP
ASN #209945 Viasat Cloud SRL
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 65e51bb190f398cf313e227869acefa4
9c0afdcb3a5911b456552850af11533aeadaad9b
5970d86e577ebffa7cb9d9f4579c01e3258f47de0cdde8c26ed0834fe2a2fa52
GET /tracking/ScriptResource.axd?d=0m_JWCYc_-RlfmQfsMH3d4TE6qOEFvk_8ZZNAmSF5pKf3t6EFsKui0cGvOpi5SKcs71CK1lEtTQz1pcamd_SZJRAmYxkOaqkK8FI61tIr2hWKMrsOQssSXT8n-1QZawrhqNgsWd_m3dVMsWcg4bvGUPSt1yVv4ZnLYDwMpX6KCtSjlty1mIA1zDZAk_63QIr0&t=3d6efc1f HTTP/1.1
Host: acknowledgement.shiftingimpressions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://acknowledgement.shiftingimpressions.net/international.aspx?p=YWNrbm93bGVkZ2VtZW50LnNoaWZ0aW5naW1wcmVzc2lvbnMubmV0LGNocmlzQHdpbmRlcm1lcmUuY29tLDQ5Mzk3Ni0yMDgyMzgtMTA4ODA3LTYzNzQ1LTAtMA
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 11:02:06 GMT
Server: Microsoft-IIS/10.0
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Sun, 24 Dec 2023 11:01:02 GMT
Last-Modified: Sat, 24 Dec 2022 11:01:02 GMT
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 47752
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
acknowledgement.shiftingimpressions.net/favicon.ico
404 Not Found 209 B URL HTTP/1.1 acknowledgement.shiftingimpressions.net/favicon.ico
IP
ASN #209945 Viasat Cloud SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 18ffb59b61525f781cf9251045be575d
bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
GET /favicon.ico HTTP/1.1
Host: acknowledgement.shiftingimpressions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://acknowledgement.shiftingimpressions.net/international.aspx?p=YWNrbm93bGVkZ2VtZW50LnNoaWZ0aW5naW1wcmVzc2lvbnMubmV0LGNocmlzQHdpbmRlcm1lcmUuY29tLDQ5Mzk3Ni0yMDgyMzgtMTA4ODA3LTYzNzQ1LTAtMA
HTTP/1.1 404 Not Found
Date: Sat, 24 Dec 2022 11:02:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips
Content-Length: 209
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4890
Expires: Sat, 24 Dec 2022 12:23:38 GMT
Date: Sat, 24 Dec 2022 11:02:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4890
Expires: Sat, 24 Dec 2022 12:23:38 GMT
Date: Sat, 24 Dec 2022 11:02:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4890
Expires: Sat, 24 Dec 2022 12:23:38 GMT
Date: Sat, 24 Dec 2022 11:02:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe997b20a-3d74-42bf-bc6c-e3ad42619178.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe997b20a-3d74-42bf-bc6c-e3ad42619178.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c19fd616df441433026e9dfdb823681b
1786fc55f6c7dff497bb86f146a9a88f75c999f9
6a415f5d83d013dc83546b192a54558ca1004d63d2f08ab5de15e2c83918d264
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe997b20a-3d74-42bf-bc6c-e3ad42619178.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6892
x-amzn-requestid: 77465a47-ba2e-4cb3-8ed4-87263751b6d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnQ4EqVoAMFwtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f38-0abacc4329c0e06465bb3fba;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CWrljOAjgI3YpGfDACYaDtjqditLJqCAMw0oHQNU0O_j1Gxn_UHoYw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:43:47 GMT
age: 47901
etag: "1786fc55f6c7dff497bb86f146a9a88f75c999f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e532075-b8a0-41ff-8f08-8512cbb1b3d4.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e532075-b8a0-41ff-8f08-8512cbb1b3d4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3071a834e874a992c3b14f7a3f91b30f
559014c7e6e5019097b7da8b3a820a80a1f55b6c
4f8e29303936b4168f0ad765d8a2773a7247f249396147f68f6f9639b1ad1208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e532075-b8a0-41ff-8f08-8512cbb1b3d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10356
x-amzn-requestid: 32dbf731-a18f-4150-b3cd-f30d2ab3c6a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnoi1GY2oAMFesg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a62145-55a5f14a6ea6e7dc3754a8be;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:44:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DC1Eu98-ihibH4I6ZY03Af2PxBrywSyjnoJRR2N453KiYvsa6hGefw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:49:04 GMT
age: 47584
etag: "559014c7e6e5019097b7da8b3a820a80a1f55b6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38cc82b5e5d8c2fee6f51021e156ec81
eafb4e029313caabcdbdc1002abcab95f66e91b1
b8cad011e1a98ee4e896f00263495aab7f9cab986736a7a5b4187b8e94c46493
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11939
x-amzn-requestid: a00e5ab5-ad16-4576-b046-381e36456998
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUhqE94oAMFu5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce0a-28687ad51eea1f6f3ce8cc86;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:37:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uIDvI3BVK0v68x1jkgw9GB0U1i3l2kyW81q2Kiy3ZDREqQmyUTXCnQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:38:32 GMT
age: 48216
etag: "eafb4e029313caabcdbdc1002abcab95f66e91b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49fa7cd8-f48a-4820-8943-7f876a15bfe2.webp
200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49fa7cd8-f48a-4820-8943-7f876a15bfe2.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b971f9cebfb83d4e05f58c5e0c7e2436
440e6429b1e04564052e1de277b2cfafdc3203fd
bf885ad9432b12fb3ad6c62204892d2521a4ab967e635de8af584b6a1e21bbab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49fa7cd8-f48a-4820-8943-7f876a15bfe2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4597
x-amzn-requestid: 156d6291-928f-4c2d-93f5-edf1ac1a95bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnoRuHHjoAMFZfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a620d7-7f7726b749a2dd6f3be7ac2b;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: n8El7mjtpJmBXFtB8Ye9HqTJY5AWev5qPqcp00evrd3iK2fWa3wVBQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 22:36:20 GMT
age: 44748
etag: "440e6429b1e04564052e1de277b2cfafdc3203fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d4cf077d410b94f1326e942304f9e9b
98fb13feecfada3cc8b467aa48d7cdf1ed8ab001
ec82cd83bfd4da849888b0535c9764cd4d462ef9e12c5934512858375908dfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5659
x-amzn-requestid: bc225a93-868b-42d4-aa94-c8fa16ef2c64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk33gHUqIAMFg1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a50696-7710727f0f086a791a0e7939;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:38:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Es7YaIRVfiybyKGY41ZE5UYSN0bfn6LmOUqcYZASi9QsXQqR9NSwTA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Dec 2022 07:07:36 GMT
age: 14072
etag: "98fb13feecfada3cc8b467aa48d7cdf1ed8ab001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ea23fe-7e38-4bc2-9a3c-0348db307737.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ea23fe-7e38-4bc2-9a3c-0348db307737.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7514aea8a6ecc6d2c4c4362719ec1f71
cb1cbae883c69fba75b584248c2ba79663175e66
0233fca45e85ea0fcd83083ce1c32084411067d01df99eb67ce15d00c361a16e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ea23fe-7e38-4bc2-9a3c-0348db307737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6663
x-amzn-requestid: 7a457075-fb06-4be7-be96-c9d5e176e39a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnPzGukIAMF1OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f31-59b7441372a27f0f793c73e7;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 77BRdhrG6j7XXr_v3GUHnpjCn9xtlkKavKu1dpn7NZQe7KU3z370eA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:42:36 GMT
etag: "cb1cbae883c69fba75b584248c2ba79663175e66"
content-type: image/jpeg
age: 47972
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
5.252.171.61
23.33.119.27
34.160.144.191
93.184.220.29