Overview

URL swappauto.staging.lcsolutions.it/ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51...
IP128.199.38.52
ASNDIGITALOCEAN-ASN
Location Netherlands
Report completed2022-10-03 01:26:14 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-03 2 swappauto.staging.lcsolutions.it/login Phishing
2022-10-03 2 swappauto.staging.lcsolutions.it/assets/js/app.min.js Malware
2022-10-03 2 swappauto.staging.lcsolutions.it/assets/js/custom.js Malware
2022-10-03 2 swappauto.staging.lcsolutions.it/assets/js/vendor.min.js Malware
2022-10-03 2 swappauto.staging.lcsolutions.it/images/auth-bg.jpg?4e8d1bcb8749fb163af9de0 (...) Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (14)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-02 22:37:38 UTC 18.164.68.6
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-10-02 11:33:30 UTC 104.18.21.226
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-02 11:24:29 UTC 34.120.237.76
mnemonic passive DNS swappauto.staging.lcsolutions.it (13) 0 2020-03-31 11:10:22 UTC 2022-10-02 11:40:11 UTC 128.199.38.52 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-10-02 05:33:45 UTC 23.36.76.226
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-10-02 11:24:27 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-02 05:00:42 UTC 108.156.28.102
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-02 04:45:21 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-02 15:44:45 UTC 93.184.220.29
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-10-02 11:33:30 UTC 151.101.85.229
mnemonic passive DNS cdnjs.cloudflare.com (5) 235 2020-10-20 10:17:36 UTC 2022-10-02 19:12:39 UTC 104.17.25.14
mnemonic passive DNS ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-10-02 05:01:45 UTC 142.250.74.3
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-02 23:25:00 UTC 142.250.74.10
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-02 10:20:02 UTC 52.40.161.235


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 128.199.38.52

Date UQ / IDS / BL URL IP
2022-11-12 08:44:16 +0000
0 - 0 - 5 swappauto.staging.lcsolutions.it/ndcs.pni/log (...) 128.199.38.52
2022-10-12 08:09:41 +0000
0 - 0 - 4 swappauto.staging.lcsolutions.it/ndcs.pni/log (...) 128.199.38.52
2022-10-11 07:55:59 +0000
0 - 0 - 5 swappauto.staging.lcsolutions.it/ndcs.pni/log (...) 128.199.38.52
2022-10-10 07:15:20 +0000
0 - 0 - 4 swappauto.staging.lcsolutions.it/ndcs.pni/log (...) 128.199.38.52
2022-10-08 15:12:30 +0000
0 - 0 - 5 swappauto.staging.lcsolutions.it/ndcs.pni/log (...) 128.199.38.52

Last 5 reports on ASN: DIGITALOCEAN-ASN

Date UQ / IDS / BL URL IP
2022-11-27 17:56:00 +0000
0 - 0 - 2 tr.fastsupports.live/index.php/campaigns/hb82 (...) 64.227.64.97
2022-11-27 17:49:40 +0000
2 - 0 - 3 przvgke.biz/hmplup 167.99.35.88
2022-11-27 17:40:24 +0000
0 - 0 - 2 cradeposit.tempurl.host/verify/etransfer/depo (...) 138.197.141.118
2022-11-27 17:40:01 +0000
0 - 0 - 2 cradeposit.tempurl.host/verify/etransfer/depo (...) 138.197.141.118
2022-11-27 17:37:06 +0000
2 - 0 - 2 167.99.35.88/eclh 167.99.35.88

Last 5 reports on domain: lcsolutions.it

Date UQ / IDS / BL URL IP
2022-11-12 08:44:16 +0000
0 - 0 - 5 swappauto.staging.lcsolutions.it/ndcs.pni/log (...) 128.199.38.52
2022-10-12 08:09:41 +0000
0 - 0 - 4 swappauto.staging.lcsolutions.it/ndcs.pni/log (...) 128.199.38.52
2022-10-11 07:55:59 +0000
0 - 0 - 5 swappauto.staging.lcsolutions.it/ndcs.pni/log (...) 128.199.38.52
2022-10-10 07:15:20 +0000
0 - 0 - 4 swappauto.staging.lcsolutions.it/ndcs.pni/log (...) 128.199.38.52
2022-10-08 15:12:30 +0000
0 - 0 - 5 swappauto.staging.lcsolutions.it/ndcs.pni/log (...) 128.199.38.52

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-12 08:44:16 +0000
0 - 0 - 5 swappauto.staging.lcsolutions.it/ndcs.pni/log (...) 128.199.38.52
2022-10-12 08:09:41 +0000
0 - 0 - 4 swappauto.staging.lcsolutions.it/ndcs.pni/log (...) 128.199.38.52
2022-10-11 07:55:59 +0000
0 - 0 - 5 swappauto.staging.lcsolutions.it/ndcs.pni/log (...) 128.199.38.52
2022-10-10 07:15:20 +0000
0 - 0 - 4 swappauto.staging.lcsolutions.it/ndcs.pni/log (...) 128.199.38.52
2022-10-08 15:12:30 +0000
0 - 0 - 5 swappauto.staging.lcsolutions.it/ndcs.pni/log (...) 128.199.38.52


JavaScript

Executed Scripts (8)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (46)


Request Response
                                        
                                            GET /ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51... HTTP/1.1 
Host: swappauto.staging.lcsolutions.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         128.199.38.52
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Mon, 03 Oct 2022 01:26:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Location: https://swappauto.staging.lcsolutions.it/ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51...
Content-Length: 296
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   296
Md5:    c74a5e0a10bd9f5802fabc2bba9b7915
Sha1:   0929537f37b55f9ef8cc2719de6a931acb2a5b7e
Sha256: 08aba42801b1fbc7d954b2f0a694450ad581bf6b48d3afb6ff80409a7943f3e1
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.6
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 01:03:22 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d7a09e17a9797d15006b403215eeebe6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: 4gaYTr25VRe0wrGSb6zzT72MBWid_d8XTXpygch5FpqcoDuwfbKltw==
Age: 1361


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5827
Expires: Mon, 03 Oct 2022 03:03:10 GMT
Date: Mon, 03 Oct 2022 01:26:03 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         108.156.28.102
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 2fe8f7f5aca4ab098dc7bad8e97a06dc.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: U0jTNKHmIhA-hnwHB3FHHG6jZEHoexWl2HyrZ7FbkNNdKDjf2ZNWXA==
age: 78767
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 03 Oct 2022 01:26:03 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D7347D0E9B63D2328C3096E07C5F63471290F6664F1A3F27ACEA6F4788B58C25"
Last-Modified: Sun, 02 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 03 Oct 2022 07:26:03 GMT
Date: Mon, 03 Oct 2022 01:26:03 GMT
Connection: keep-alive

                                        
                                            GET /ndcs.pni/login.php?session_id=rTRRZ7xWQyvu51... HTTP/1.1 
Host: swappauto.staging.lcsolutions.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         128.199.38.52
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 03 Oct 2022 01:26:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
X-Powered-By: PHP/7.4.20
Cache-Control: no-cache, private
Location: https://swappauto.staging.lcsolutions.it/login
Set-Cookie: XSRF-TOKEN=eyJpdiI6Ii9DWldodDhvSFdJcEhoL1hVei9qRkE9PSIsInZhbHVlIjoiMmhoaVljRUZFcG5ySUtFQjVGNnk1dGtvMFBwb3hyK01YeGV3M3BjSGFaUE1hMUpXVGFXS3VoNDVCbXBWR3ZnVCIsIm1hYyI6IjE5ZDgyOGFhZjdjZjU5MTMzMDQzMWUwMWE2N2FlNDExY2U1YWUxODM2NmI4MDI5ZjQxNzk0ZWM5MzI0NzNmZTQifQ%3D%3D; expires=Tue, 11-Oct-2022 09:26:03 GMT; Max-Age=720000; path=/; samesite=lax swappauto_session=eyJpdiI6ImZzS0E3QkQ3M25Ma0loNy9IUUgydmc9PSIsInZhbHVlIjoiWVVmQ2FxNFBJYzdPa1A1TU8xRkI1QzkvWFdXR1cxWG1uWE9tRnROa2RtOTVTTzEyblVuN3dzeWpPRlVYcE1VVCIsIm1hYyI6IjAwZGNmMDhjZTFhNmY0Yjk4NGM5YmUzYjdlODNhZmJlNGI5MDJmNDUzMzNhN2JlY2NiYTc2MmYyY2RhM2NlMGEifQ%3D%3D; expires=Tue, 11-Oct-2022 09:26:03 GMT; Max-Age=720000; path=/; httponly; samesite=lax
Content-Length: 430
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   430
Md5:    8ecf23bf15844662855c55791c0d90f3
Sha1:   c99052f1f2bd2964269b4f3d244d909944212635
Sha256: 0905f5a9af6791b0dcc79f4704119fb12898448664f53367feca92399675e534
                                        
                                            GET /login HTTP/1.1 
Host: swappauto.staging.lcsolutions.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Ii9DWldodDhvSFdJcEhoL1hVei9qRkE9PSIsInZhbHVlIjoiMmhoaVljRUZFcG5ySUtFQjVGNnk1dGtvMFBwb3hyK01YeGV3M3BjSGFaUE1hMUpXVGFXS3VoNDVCbXBWR3ZnVCIsIm1hYyI6IjE5ZDgyOGFhZjdjZjU5MTMzMDQzMWUwMWE2N2FlNDExY2U1YWUxODM2NmI4MDI5ZjQxNzk0ZWM5MzI0NzNmZTQifQ%3D%3D; swappauto_session=eyJpdiI6ImZzS0E3QkQ3M25Ma0loNy9IUUgydmc9PSIsInZhbHVlIjoiWVVmQ2FxNFBJYzdPa1A1TU8xRkI1QzkvWFdXR1cxWG1uWE9tRnROa2RtOTVTTzEyblVuN3dzeWpPRlVYcE1VVCIsIm1hYyI6IjAwZGNmMDhjZTFhNmY0Yjk4NGM5YmUzYjdlODNhZmJlNGI5MDJmNDUzMzNhN2JlY2NiYTc2MmYyY2RhM2NlMGEifQ%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         128.199.38.52
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 03 Oct 2022 01:26:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
X-Powered-By: PHP/7.4.20
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6InB1dVF2N1QzSm1MTVI0QjFxemhSUnc9PSIsInZhbHVlIjoiRzEwQ2s5VWRCLzQ4NEN6NDRyNjRxT3FISmpEYm1sMmxETkIrTm1XZ3FiY3VreUc4OFZDYmFJQ0wyeVJMMU9FZyIsIm1hYyI6IjIyZTE5ZWIxYzYwNjI1ZDM5OWI4MDdhNjc1ZjdiYzE4MWZiMjZmNTUyMmMxNmZjZGZmMmI1MmNkNTliZmUzMjUifQ%3D%3D; expires=Tue, 11-Oct-2022 09:26:03 GMT; Max-Age=720000; path=/; samesite=lax swappauto_session=eyJpdiI6IkRVeTNsMW1XMy9JT043a0hsRWZZa3c9PSIsInZhbHVlIjoiRjMxcEtWMStrSnZCQUYyREU1ZzJXMnpFSGRGYmc0MFU0TFUwR0Vyd1Q1UXN3SXVlNTgzbkE0Y0pxMUhrU1ZPbSIsIm1hYyI6IjI0NWExNWU5MjIyOGY4NjMxNWIxYjc4MGVhNDM4MDAxN2RiOTdhYTQyN2U0NjdlNTkyZjljODViZjk1NGVjZGMifQ%3D%3D; expires=Tue, 11-Oct-2022 09:26:03 GMT; Max-Age=720000; path=/; httponly; samesite=lax
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   9174
Md5:    3708aaa8d6d5a1bd45201c84c69bb9f3
Sha1:   cdd05d5cb4d0f021adf2187cf8fb120496e263fc
Sha256: 1f2432cc45a1692e28f7d2d89d1f2d25da9881b9f6d13fdc50fb70473d424aff

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.6
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Mon, 03 Oct 2022 00:55:18 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 03 Oct 2022 01:01:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 fb211c90e9ef3584bea8fd177f57995a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: 20O6-IlpDk8QfG_dIAknFVm1ZPYXYYDyYXUkMPaSy6mFhGeyiD1_bA==
Age: 3190


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Mon, 03 Oct 2022 01:26:03 GMT
content-length: 2884
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-580a"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2103283
expires: Sat, 23 Sep 2023 01:26:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EeigMewYT7s2OXRJMXSqQ5OV5HtIoQy652eRFEe1giTSkIWxZE7VJA8jthR%2BExi60ZRqSkH2R5Qin21kd%2BbS4SZCZuvkRNbgJrwGm4ZDKks6gjMhVqPshSos4XgEK5kJg%2FvHHZoz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7541e331fa1eb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (22251)
Size:   2884
Md5:    c95836475d24dd21df887fd9775bd278
Sha1:   d2bc2d6ecba53190a2a1e38cdf846894dfd07471
Sha256: ba23f357f2043203399507f85be70057566103b77f2ab757eff8cb0d86286857
                                        
                                            GET /ajax/libs/moment.js/2.8.4/moment.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 03 Oct 2022 01:26:03 GMT
content-length: 10559
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-83f7"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1566320
expires: Sat, 23 Sep 2023 01:26:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rs4jU1Z4q8RY07NsKM6yLyuzKN3O1FuGuhbGPBWIiuwVLPGMzddGOshDWReYTFp0g5Pfrj3P02NMQRUGL7JHHv7a37z%2BJ6byWN%2BJjctX8xTnyigC72aw2Vc71ENkbUoCaZAZUaEc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7541e331fa21b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32049)
Size:   10559
Md5:    59c564c62d3b9eabdb8d57df2efd1dab
Sha1:   cbe0dfa31901b825a33afa6a1cc294a098ef5118
Sha256: 70f4a330320cf383edbf4ee9ae5c5f0670ad7fefb34b298e59cd249bc9391224
                                        
                                            GET /ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 03 Oct 2022 01:26:03 GMT
content-length: 6362
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-6cf8"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10206635
expires: Sat, 23 Sep 2023 01:26:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxW8uTej7197HU4NA6lIpAyT7FKOJFBfY8kiR4ewkA%2B8XFg5WzHxfhXjdqH%2BVYYsbjdh1trlMtONv5VNaA%2FS%2FriuIn%2BP%2BbOcpUxhv2YitW6drWSEyphYQoftF1q9j%2Fm4NH15hm08"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7541e331fa22b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27605)
Size:   6362
Md5:    605ded73021977319ac6e0ec73d764c9
Sha1:   b3c3248ea835fb413836d6adb30732a762c9e87d
Sha256: bd656cd4a6496fb09dc41b1773c060564d4c521b458a4c435b7e18ce1ec97503
                                        
                                            GET /ajax/libs/select2/4.0.1/js/select2.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 03 Oct 2022 01:26:03 GMT
content-length: 15274
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fcb-fd75"
last-modified: Mon, 04 May 2020 16:16:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10047384
expires: Sat, 23 Sep 2023 01:26:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3OB80ldpW7UhDtm%2B7zbU%2ByTS82ffhI9KuTj%2Fwtpp0ehdZL1C6zOrCzVLYjXZd7JEQkYfgxaHNvU1QPHH%2FPek8PpD6Jgk2%2BOD%2FswBgfnPA08JavWsdFOD0joyd%2F5EmQbDNDBpDCd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7541e331fa23b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32082)
Size:   15274
Md5:    e1764cd1f9fdb2d05a2bf72394157137
Sha1:   d5f310b35b1793b3961358834f7f90f8bae5d1c1
Sha256: ba98e7891e8682e0af023536d5864565b59d08710c46033837f35f57a9749c3e
                                        
                                            GET /ajax/libs/select2/4.0.1/css/select2.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Mon, 03 Oct 2022 01:26:03 GMT
content-length: 1613
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fcb-3af2"
last-modified: Mon, 04 May 2020 16:16:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10204371
expires: Sat, 23 Sep 2023 01:26:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLOFvQtivPKw%2FHyyR73Nq2vGinpzSTzAoBcs5afe5FhjTuiqiifHrs91w1tZ4jKEAKU1zOFt4zswBr5L%2Bmnq3oedKaX1Y0YuJqperyGRjsoKBX2SQ%2F%2BUME728v7RKKuyDVzYScDb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7541e331fa24b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15089)
Size:   1613
Md5:    0a6ea1077e31fbe5384e2e000487d9cb
Sha1:   75955b385b3629ceb4515503483c3bd09cbf1bbb
Sha256: 1d4ba8cf978784c2b761105722f2003388b50f671bc9157ed01fa6658b2732ba
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4007
Cache-Control: 'max-age=158059'
Date: Mon, 03 Oct 2022 01:26:03 GMT
Last-Modified: Mon, 03 Oct 2022 00:19:16 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /css/custom.css HTTP/1.1 
Host: swappauto.staging.lcsolutions.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6InB1dVF2N1QzSm1MTVI0QjFxemhSUnc9PSIsInZhbHVlIjoiRzEwQ2s5VWRCLzQ4NEN6NDRyNjRxT3FISmpEYm1sMmxETkIrTm1XZ3FiY3VreUc4OFZDYmFJQ0wyeVJMMU9FZyIsIm1hYyI6IjIyZTE5ZWIxYzYwNjI1ZDM5OWI4MDdhNjc1ZjdiYzE4MWZiMjZmNTUyMmMxNmZjZGZmMmI1MmNkNTliZmUzMjUifQ%3D%3D; swappauto_session=eyJpdiI6IkRVeTNsMW1XMy9JT043a0hsRWZZa3c9PSIsInZhbHVlIjoiRjMxcEtWMStrSnZCQUYyREU1ZzJXMnpFSGRGYmc0MFU0TFUwR0Vyd1Q1UXN3SXVlNTgzbkE0Y0pxMUhrU1ZPbSIsIm1hYyI6IjI0NWExNWU5MjIyOGY4NjMxNWIxYjc4MGVhNDM4MDAxN2RiOTdhYTQyN2U0NjdlNTkyZjljODViZjk1NGVjZGMifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         128.199.38.52
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 03 Oct 2022 01:26:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "16e-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 366
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   366
Md5:    d117acedc2fca10742c496681f510311
Sha1:   aa66ba504983bcee0e63286ec703e5d539ab6ef3
Sha256: c1b4999b8d045fb59b0740046b0f514fd0a04eb797d1029c1d9b725120ae773d
                                        
                                            GET /assets/js/app.min.js HTTP/1.1 
Host: swappauto.staging.lcsolutions.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6InB1dVF2N1QzSm1MTVI0QjFxemhSUnc9PSIsInZhbHVlIjoiRzEwQ2s5VWRCLzQ4NEN6NDRyNjRxT3FISmpEYm1sMmxETkIrTm1XZ3FiY3VreUc4OFZDYmFJQ0wyeVJMMU9FZyIsIm1hYyI6IjIyZTE5ZWIxYzYwNjI1ZDM5OWI4MDdhNjc1ZjdiYzE4MWZiMjZmNTUyMmMxNmZjZGZmMmI1MmNkNTliZmUzMjUifQ%3D%3D; swappauto_session=eyJpdiI6IkRVeTNsMW1XMy9JT043a0hsRWZZa3c9PSIsInZhbHVlIjoiRjMxcEtWMStrSnZCQUYyREU1ZzJXMnpFSGRGYmc0MFU0TFUwR0Vyd1Q1UXN3SXVlNTgzbkE0Y0pxMUhrU1ZPbSIsIm1hYyI6IjI0NWExNWU5MjIyOGY4NjMxNWIxYjc4MGVhNDM4MDAxN2RiOTdhYTQyN2U0NjdlNTkyZjljODViZjk1NGVjZGMifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         128.199.38.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 03 Oct 2022 01:26:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "2314-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 8980
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   8980
Md5:    da57dd32113013c6690373f5ad6efc23
Sha1:   a2f2ed500178c6b95f390f92af63d2c53d5a2d5d
Sha256: 77c5ea962fe05d20e92f81c51ffc9e83727968b35807d08d4308915a48dc1a66

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /assets/css/bootstrap.min.css HTTP/1.1 
Host: swappauto.staging.lcsolutions.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6InB1dVF2N1QzSm1MTVI0QjFxemhSUnc9PSIsInZhbHVlIjoiRzEwQ2s5VWRCLzQ4NEN6NDRyNjRxT3FISmpEYm1sMmxETkIrTm1XZ3FiY3VreUc4OFZDYmFJQ0wyeVJMMU9FZyIsIm1hYyI6IjIyZTE5ZWIxYzYwNjI1ZDM5OWI4MDdhNjc1ZjdiYzE4MWZiMjZmNTUyMmMxNmZjZGZmMmI1MmNkNTliZmUzMjUifQ%3D%3D; swappauto_session=eyJpdiI6IkRVeTNsMW1XMy9JT043a0hsRWZZa3c9PSIsInZhbHVlIjoiRjMxcEtWMStrSnZCQUYyREU1ZzJXMnpFSGRGYmc0MFU0TFUwR0Vyd1Q1UXN3SXVlNTgzbkE0Y0pxMUhrU1ZPbSIsIm1hYyI6IjI0NWExNWU5MjIyOGY4NjMxNWIxYjc4MGVhNDM4MDAxN2RiOTdhYTQyN2U0NjdlNTkyZjljODViZjk1NGVjZGMifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         128.199.38.52
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 03 Oct 2022 01:26:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "3096b-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 199019
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (566)
Size:   199019
Md5:    5933ffdc52503eddaefcd3f24149853a
Sha1:   9bfc8976a71aa423581533384448139721fc7e55
Sha256: eef7aec6e71a9cf5af9a8d4dfb1399eaba0d772e16da3d69c8703b911c906959
                                        
                                            GET /assets/css/icons.min.css HTTP/1.1 
Host: swappauto.staging.lcsolutions.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6InB1dVF2N1QzSm1MTVI0QjFxemhSUnc9PSIsInZhbHVlIjoiRzEwQ2s5VWRCLzQ4NEN6NDRyNjRxT3FISmpEYm1sMmxETkIrTm1XZ3FiY3VreUc4OFZDYmFJQ0wyeVJMMU9FZyIsIm1hYyI6IjIyZTE5ZWIxYzYwNjI1ZDM5OWI4MDdhNjc1ZjdiYzE4MWZiMjZmNTUyMmMxNmZjZGZmMmI1MmNkNTliZmUzMjUifQ%3D%3D; swappauto_session=eyJpdiI6IkRVeTNsMW1XMy9JT043a0hsRWZZa3c9PSIsInZhbHVlIjoiRjMxcEtWMStrSnZCQUYyREU1ZzJXMnpFSGRGYmc0MFU0TFUwR0Vyd1Q1UXN3SXVlNTgzbkE0Y0pxMUhrU1ZPbSIsIm1hYyI6IjI0NWExNWU5MjIyOGY4NjMxNWIxYjc4MGVhNDM4MDAxN2RiOTdhYTQyN2U0NjdlNTkyZjljODViZjk1NGVjZGMifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         128.199.38.52
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 03 Oct 2022 01:26:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "1159a-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 71066
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (391)
Size:   71066
Md5:    c6f89cd5fe6024ca889ced1dbde94d6d
Sha1:   ecdb7bf19fa109c4403de11a0b494210f2cc52ac
Sha256: 10a59236d1ed5f775c089be201525aa8ca0db9697fb95e22fb811a1daddb3ab4
                                        
                                            GET /assets/css/app.min.css HTTP/1.1 
Host: swappauto.staging.lcsolutions.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6InB1dVF2N1QzSm1MTVI0QjFxemhSUnc9PSIsInZhbHVlIjoiRzEwQ2s5VWRCLzQ4NEN6NDRyNjRxT3FISmpEYm1sMmxETkIrTm1XZ3FiY3VreUc4OFZDYmFJQ0wyeVJMMU9FZyIsIm1hYyI6IjIyZTE5ZWIxYzYwNjI1ZDM5OWI4MDdhNjc1ZjdiYzE4MWZiMjZmNTUyMmMxNmZjZGZmMmI1MmNkNTliZmUzMjUifQ%3D%3D; swappauto_session=eyJpdiI6IkRVeTNsMW1XMy9JT043a0hsRWZZa3c9PSIsInZhbHVlIjoiRjMxcEtWMStrSnZCQUYyREU1ZzJXMnpFSGRGYmc0MFU0TFUwR0Vyd1Q1UXN3SXVlNTgzbkE0Y0pxMUhrU1ZPbSIsIm1hYyI6IjI0NWExNWU5MjIyOGY4NjMxNWIxYjc4MGVhNDM4MDAxN2RiOTdhYTQyN2U0NjdlNTkyZjljODViZjk1NGVjZGMifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         128.199.38.52
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 03 Oct 2022 01:26:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "11bd2-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 72658
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   72658
Md5:    c724250f9f7717cc088e36cf63acf321
Sha1:   5104064891b890fca7cd34e52755c8a4b7daac2a
Sha256: 425f9b7a4666374341c244c677a3593ca47da84d7d11d868b88b2f783376595b
                                        
                                            GET /assets/js/custom.js HTTP/1.1 
Host: swappauto.staging.lcsolutions.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6InB1dVF2N1QzSm1MTVI0QjFxemhSUnc9PSIsInZhbHVlIjoiRzEwQ2s5VWRCLzQ4NEN6NDRyNjRxT3FISmpEYm1sMmxETkIrTm1XZ3FiY3VreUc4OFZDYmFJQ0wyeVJMMU9FZyIsIm1hYyI6IjIyZTE5ZWIxYzYwNjI1ZDM5OWI4MDdhNjc1ZjdiYzE4MWZiMjZmNTUyMmMxNmZjZGZmMmI1MmNkNTliZmUzMjUifQ%3D%3D; swappauto_session=eyJpdiI6IkRVeTNsMW1XMy9JT043a0hsRWZZa3c9PSIsInZhbHVlIjoiRjMxcEtWMStrSnZCQUYyREU1ZzJXMnpFSGRGYmc0MFU0TFUwR0Vyd1Q1UXN3SXVlNTgzbkE0Y0pxMUhrU1ZPbSIsIm1hYyI6IjI0NWExNWU5MjIyOGY4NjMxNWIxYjc4MGVhNDM4MDAxN2RiOTdhYTQyN2U0NjdlNTkyZjljODViZjk1NGVjZGMifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         128.199.38.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 03 Oct 2022 01:26:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "68f-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 1679
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   1679
Md5:    e0c4385bb7a11df134206e8b07137de0
Sha1:   9b4b7deb9c44f5e2569a7dca4626842f15a95824
Sha256: 1ec124e44f6191a2bad073f2981571a781c416850e36b2b68d189fae82a74de8

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /npm/gasparesganga-jquery-loading-overlay@2.1.7/dist/loadingoverlay.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 2.1.7
x-jsd-version-type: version
etag: W/"2f04-Hu5g/Uf/2vVT6ffvtwqdpzgYBkw"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 03 Oct 2022 01:26:03 GMT
age: 2861212
x-served-by: cache-fra19122-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3559
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11601), with CRLF line terminators
Size:   3559
Md5:    8aad0f59b2229529376bb289e7dfdab0
Sha1:   6dea75506601cff6b99b31259b9775c391229eb9
Sha256: 33b68d453241e81706e15fd418af3005a5e3d538ac65db0771fba233d733a8be
                                        
                                            GET /assets/images/logo.png HTTP/1.1 
Host: swappauto.staging.lcsolutions.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6InB1dVF2N1QzSm1MTVI0QjFxemhSUnc9PSIsInZhbHVlIjoiRzEwQ2s5VWRCLzQ4NEN6NDRyNjRxT3FISmpEYm1sMmxETkIrTm1XZ3FiY3VreUc4OFZDYmFJQ0wyeVJMMU9FZyIsIm1hYyI6IjIyZTE5ZWIxYzYwNjI1ZDM5OWI4MDdhNjc1ZjdiYzE4MWZiMjZmNTUyMmMxNmZjZGZmMmI1MmNkNTliZmUzMjUifQ%3D%3D; swappauto_session=eyJpdiI6IkRVeTNsMW1XMy9JT043a0hsRWZZa3c9PSIsInZhbHVlIjoiRjMxcEtWMStrSnZCQUYyREU1ZzJXMnpFSGRGYmc0MFU0TFUwR0Vyd1Q1UXN3SXVlNTgzbkE0Y0pxMUhrU1ZPbSIsIm1hYyI6IjI0NWExNWU5MjIyOGY4NjMxNWIxYjc4MGVhNDM4MDAxN2RiOTdhYTQyN2U0NjdlNTkyZjljODViZjk1NGVjZGMifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         128.199.38.52
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 03 Oct 2022 01:26:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "7aaf-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 31407
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 500 x 494, 8-bit/color RGBA, non-interlaced\012- data
Size:   31407
Md5:    ca8b1a3af41121f5f49c3beaeebe5982
Sha1:   d4fe07926e8b7ab76cf4ea02a4b89ced2c569edc
Sha256: ad28d53b5cc9e0d61743f4d80c6f37753cfeea10220c72ff2c82e27ca3dcd2fd
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 01:26:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "143610AD8D61482B11A8BA51232D695BD8B30F71"
Expires: Mon, 03 Oct 2022 12:00:00 GMT
Last-Modified: Mon, 03 Oct 2022 00:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1992
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7541e3330f6c0b65-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    236891f5274269486a06d17f59ab0705
Sha1:   1aa5605e04fc2c5604febc7016247751f2a4a3e3
Sha256: d7752b4925abe12053a3231c6cd462fada59a5e837c6e1f1ee846b7e69c388ef
                                        
                                            GET /assets/js/vendor.min.js HTTP/1.1 
Host: swappauto.staging.lcsolutions.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6InB1dVF2N1QzSm1MTVI0QjFxemhSUnc9PSIsInZhbHVlIjoiRzEwQ2s5VWRCLzQ4NEN6NDRyNjRxT3FISmpEYm1sMmxETkIrTm1XZ3FiY3VreUc4OFZDYmFJQ0wyeVJMMU9FZyIsIm1hYyI6IjIyZTE5ZWIxYzYwNjI1ZDM5OWI4MDdhNjc1ZjdiYzE4MWZiMjZmNTUyMmMxNmZjZGZmMmI1MmNkNTliZmUzMjUifQ%3D%3D; swappauto_session=eyJpdiI6IkRVeTNsMW1XMy9JT043a0hsRWZZa3c9PSIsInZhbHVlIjoiRjMxcEtWMStrSnZCQUYyREU1ZzJXMnpFSGRGYmc0MFU0TFUwR0Vyd1Q1UXN3SXVlNTgzbkE0Y0pxMUhrU1ZPbSIsIm1hYyI6IjI0NWExNWU5MjIyOGY4NjMxNWIxYjc4MGVhNDM4MDAxN2RiOTdhYTQyN2U0NjdlNTkyZjljODViZjk1NGVjZGMifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         128.199.38.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 03 Oct 2022 01:26:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "9135c-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 594780
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   594780
Md5:    86ac6995577bd9f7a3ac4208a29f091a
Sha1:   81c97551e11c15c0e208607d2feda909e82e568f
Sha256: 54b997ff7c38a053429e99c7aa3a6d1a88536298d892e846746049c8a1207bd7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 01:26:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Nunito+Sans:300,400,600,700,900&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 01:26:04 GMT
date: Mon, 03 Oct 2022 01:26:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1142
Md5:    e8857670647dd3860aef5711cb78eeb4
Sha1:   b3ee569b9e75d50fb42bdcd7b41135eb54c97832
Sha256: 7490b865c8139efa68b51a33ffd060c65dfda4ca2f1c9c4c8dcfc74109b26717
                                        
                                            GET /images/auth-bg.jpg?4e8d1bcb8749fb163af9de0151cc6fed HTTP/1.1 
Host: swappauto.staging.lcsolutions.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/assets/css/app.min.css
Cookie: XSRF-TOKEN=eyJpdiI6InB1dVF2N1QzSm1MTVI0QjFxemhSUnc9PSIsInZhbHVlIjoiRzEwQ2s5VWRCLzQ4NEN6NDRyNjRxT3FISmpEYm1sMmxETkIrTm1XZ3FiY3VreUc4OFZDYmFJQ0wyeVJMMU9FZyIsIm1hYyI6IjIyZTE5ZWIxYzYwNjI1ZDM5OWI4MDdhNjc1ZjdiYzE4MWZiMjZmNTUyMmMxNmZjZGZmMmI1MmNkNTliZmUzMjUifQ%3D%3D; swappauto_session=eyJpdiI6IkRVeTNsMW1XMy9JT043a0hsRWZZa3c9PSIsInZhbHVlIjoiRjMxcEtWMStrSnZCQUYyREU1ZzJXMnpFSGRGYmc0MFU0TFUwR0Vyd1Q1UXN3SXVlNTgzbkE0Y0pxMUhrU1ZPbSIsIm1hYyI6IjI0NWExNWU5MjIyOGY4NjMxNWIxYjc4MGVhNDM4MDAxN2RiOTdhYTQyN2U0NjdlNTkyZjljODViZjk1NGVjZGMifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         128.199.38.52
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Mon, 03 Oct 2022 01:26:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "38e73-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 233075
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.2.10], baseline, precision 8, 2000x3000, components 3\012- data
Size:   233075
Md5:    3a07778ed82f7d0fba5493bfc60f5af1
Sha1:   4d4f46423df7be2603288b3d37947e122dbd10a9
Sha256: 4f3a2c5ef66fb5e46bf982e0737ddeb7de330e77790e7ecffe76a3f71f433efa

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 01:26:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 01:26:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 01:26:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://swappauto.staging.lcsolutions.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16980
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:08:02 GMT
expires: Tue, 26 Sep 2023 21:08:02 GMT
cache-control: public, max-age=31536000
age: 533882
last-modified: Mon, 09 May 2022 18:33:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16980, version 1.0\012- data
Size:   16980
Md5:    8a97f720d330e75ccdbda9ae0e9f5e90
Sha1:   8e4fee916581ab48d385187705667cebc7500afe
Sha256: 97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ctqK2gsw+O3K/EkGWHvZKA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.40.161.235
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Fvww0JtKFjh6nlts+Gz7H3ujKBA=

                                        
                                            GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8-BM5tU1E.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://swappauto.staging.lcsolutions.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17364
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:25:11 GMT
expires: Tue, 26 Sep 2023 21:25:11 GMT
cache-control: public, max-age=31536000
age: 532853
last-modified: Mon, 09 May 2022 18:32:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17364, version 1.0\012- data
Size:   17364
Md5:    a8c24ee1c2db8b27eaec48b3d85b6e5a
Sha1:   ef3332a6231b4ad7777a0e6d01251f4bc32044e2
Sha256: 00dd63b0ca2fb12eb12eef7af3f543b085cb1e94d1a861b484865c973b75e93e
                                        
                                            GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://swappauto.staging.lcsolutions.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:23:18 GMT
expires: Tue, 26 Sep 2023 21:23:18 GMT
cache-control: public, max-age=31536000
age: 532966
last-modified: Mon, 09 May 2022 18:33:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\012- data
Size:   17156
Md5:    7e344afc10a492d516789f072fa6edfd
Sha1:   f38bd0b4e9d0577528f533b8ecd80801a0c6340f
Sha256: c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
                                        
                                            GET /assets/images/favicon.ico HTTP/1.1 
Host: swappauto.staging.lcsolutions.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://swappauto.staging.lcsolutions.it/login
Cookie: XSRF-TOKEN=eyJpdiI6InB1dVF2N1QzSm1MTVI0QjFxemhSUnc9PSIsInZhbHVlIjoiRzEwQ2s5VWRCLzQ4NEN6NDRyNjRxT3FISmpEYm1sMmxETkIrTm1XZ3FiY3VreUc4OFZDYmFJQ0wyeVJMMU9FZyIsIm1hYyI6IjIyZTE5ZWIxYzYwNjI1ZDM5OWI4MDdhNjc1ZjdiYzE4MWZiMjZmNTUyMmMxNmZjZGZmMmI1MmNkNTliZmUzMjUifQ%3D%3D; swappauto_session=eyJpdiI6IkRVeTNsMW1XMy9JT043a0hsRWZZa3c9PSIsInZhbHVlIjoiRjMxcEtWMStrSnZCQUYyREU1ZzJXMnpFSGRGYmc0MFU0TFUwR0Vyd1Q1UXN3SXVlNTgzbkE0Y0pxMUhrU1ZPbSIsIm1hYyI6IjI0NWExNWU5MjIyOGY4NjMxNWIxYjc4MGVhNDM4MDAxN2RiOTdhYTQyN2U0NjdlNTkyZjljODViZjk1NGVjZGMifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         128.199.38.52
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Date: Mon, 03 Oct 2022 01:26:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
Last-Modified: Wed, 03 Mar 2021 17:11:29 GMT
ETag: "25be-5bca4f1169240"
Accept-Ranges: bytes
Content-Length: 9662
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel\012- data
Size:   9662
Md5:    23284715084f7fee0c5ee4625ad332e1
Sha1:   3655d51cb444a5e33e1e8811ba6c516f46c40c8d
Sha256: 6930646976f63a4e5dfa27e4b57647004e0a9366523657f157486c660c24c02c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 01:26:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14094
Expires: Mon, 03 Oct 2022 05:20:59 GMT
Date: Mon, 03 Oct 2022 01:26:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14094
Expires: Mon, 03 Oct 2022 05:20:59 GMT
Date: Mon, 03 Oct 2022 01:26:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14094
Expires: Mon, 03 Oct 2022 05:20:59 GMT
Date: Mon, 03 Oct 2022 01:26:05 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pS33yyA441ZNn2dtNy6mVDnm-rmd_Vi_M0q9ZN2AKGMUT7l-nEuEvw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:58:18 GMT
age: 12467
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10839
Md5:    36debc920b17e124779c01af9101a59e
Sha1:   b105f7bf041365d644c98c7e11ffa75e4656d29d
Sha256: f518ccd094d0e187b91cfd36dfb282566c0d088ce13501157dc97c702211d938
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10490
x-amzn-requestid: a7e4d6b4-be77-41a9-94dd-83167d5b002e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5tUrE72oAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d5c1d-1ba0805b629e657b60ff1b85;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 07:11:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DZ6ZMlje50ktV6_cABRx3fr4Dke7Z2UhNhBDi1aCK00kRPTlnG691A==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 03:35:29 GMT
age: 78636
etag: "36458cca636c4ffc873df8acd254ff726b1a9544"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10490
Md5:    bed17699f6b123b33b8df416b23c4cac
Sha1:   36458cca636c4ffc873df8acd254ff726b1a9544
Sha256: 65dac85ddf2d9918696ea270a5a3d034e07e43ca5714f169747feee09fc4b897
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd83b23eb-68b3-46bd-9d4d-05e5e1be89ab.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10899
x-amzn-requestid: 90b0ec9e-a9d7-4f33-9be4-c398c94105fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZQumwH5zIAMFhyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6336915e-589bc1371a77b528417c5538;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 06:49:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 01vK76TVAQMgefWTWvlDZou5zQ4iamzmFkIQUrO5h6_ger2ErBWEpA==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 19:48:19 GMT
age: 20266
etag: "a55c26805a7c70997f0821e56e701609e43eca0e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10899
Md5:    6ab1ce00e8c17325c25f149ae89cc52d
Sha1:   a55c26805a7c70997f0821e56e701609e43eca0e
Sha256: 26c6add2b400560f46cb7637550582b55c48e600bc96994339249b19c5c642f7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8n1l3bN8ykztmC-wGNH_w7xASHFplZa2LvHs8psQ146XILdvEHLWgw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 16:41:13 GMT
age: 31492
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8277
Md5:    6a90e53b55500427aed06efa3a9baa8c
Sha1:   43a66cd291d1413d7147a29b2a7b27277a443f0b
Sha256: 2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:39 GMT
age: 74666
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf3117fe-8653-4f81-81ca-39c33b5cbd05.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6460
x-amzn-requestid: 23655e0f-f899-4f3d-bac1-070fed558fc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXQ4EnmIAMFjAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a059f-1e08b5111f56ec1163e4eb71;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:41:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xlSSCE_5COODqespy_6BaVeb5tbGJYUHSz0AD70TSC2K-87bOH7enA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 22:17:07 GMT
age: 11338
etag: "0e9bfd1a3a8f1643aa0b664706e0e45552dbbfc7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6460
Md5:    87d9e7d5b408493b820d35eff2318657
Sha1:   0e9bfd1a3a8f1643aa0b664706e0e45552dbbfc7
Sha256: 6c1d246a7f024b836b4504d2acfaafe8617cc4384ef9c4ba5095ddd6107ad7cb