r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8f33f56c329fe0b1570d2ee3e000ce4e
b11fcecd7cc1210d3f3b4e1426a37d3cd138119e
ebcb744a032452533c000c0a9f193fd2566b2389729c41b6c5ed69b9e4cd42d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBCB744A032452533C000C0A9F193FD2566B2389729C41B6C5ED69B9E4CD42D4"
Last-Modified: Tue, 07 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10535
Expires: Thu, 09 Mar 2023 05:49:48 GMT
Date: Thu, 09 Mar 2023 02:54:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7989fc4a69327c765a7e4e68f46c169b
1f3e8e6e9e640c3d99ec52dc947b68fa9c1d335b
b15c98c58fae6a49e831bc0db617bedf8538bbfa011a84553debdcbe461433d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B15C98C58FAE6A49E831BC0DB617BEDF8538BBFA011A84553DEBDCBE461433D0"
Last-Modified: Tue, 07 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2570
Expires: Thu, 09 Mar 2023 03:37:03 GMT
Date: Thu, 09 Mar 2023 02:54:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Type, Retry-After, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Mar 2023 02:13:41 GMT
content-type: application/json
age: 2432
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d096b44c5db01960a5d03dbb2a238c0
8e818de0e82041f2d9edeb14ddaf3916983b3729
8c69b4883e45e3e993ffdf24922c6ff7f0131f1eece0c3d0016137ca29f48d04
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C69B4883E45E3E993FFDF24922C6FF7F0131F1EECE0C3D0016137CA29F48D04"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2521
Expires: Thu, 09 Mar 2023 03:36:14 GMT
Date: Thu, 09 Mar 2023 02:54:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sE4w0Fm0spRS8+LViRU8n3LvxDWLzmNpJbTfHyux2cf7fjdspWo8Jkja0qG62qmjAEEHHerEAHY=
x-amz-request-id: E3QT3259B7CYPCVV
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Mar 2023 02:18:13 GMT
age: 2160
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 02:54:13 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
en.firstgooal.com/7901/binance-us-agrees-to-buy-voyagers-digital-assets
188.114.97.1200 OK 5.1 kB URL HTTP/1.1 en.firstgooal.com/7901/binance-us-agrees-to-buy-voyagers-digital-assets
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1178)
Hash 36c82bafa3f83ad52f95c38f974f8751
61734a367a9cd67c4bd80c20e18d196c1b523e83
ed264d769d7716f65ea53361ded7914dba2eb1802a9858befde414b8808b127f
Analyzer Verdict Alert fortinet Malware
GET /7901/binance-us-agrees-to-buy-voyagers-digital-assets HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 02:54:13 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=d1bb4867fd09d810e189f0a45c6945ad; path=/
qa_key=l3uvjblqmop3xhwwa0e1vqr0yiupse9o; expires=Sat, 11-Mar-2023 02:54:13 GMT; Max-Age=172800; path=/; HttpOnly
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afHTuf00aWGZ8GQi%2FHcyOXXWQgJIrsO6yWU5v8pIPngxRaJQpwIWn6i7eq6qoYESgFirVxlXTnnZYRCSjHRaQdC5TxcfRANGLiC88SHqBQO68zh4ZRo2s2R%2FvUsOdmv7fYgvSA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a500833286cb529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9f963ad6104c08b0403759ec22008ace
7e2bf8de614c2b589093f5d90366d0b85ad989e4
a01488f649fa48674fc21cc847f180dbb70631c1338c8daf93b4e564fd868830
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 02:54:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-62733008-15
142.250.74.72200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-62733008-15
IP 142.250.74.72:0
File type ASCII text, with very long lines (2206)
Hash 16afe20c90871f10ab482100ae6dc7f0
ffe322fa866e9b9694f6ab4d81d183578d313f16
197ecaac2e1b418e0dac04f0267166cd301626c70a83e4e10df6e3a65aa1fd7a
GET /gtag/js?id=UA-62733008-15 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.firstgooal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Mar 2023 02:54:13 GMT
expires: Thu, 09 Mar 2023 02:54:13 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 Mar 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44816
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Cache-Control, Alert, Expires, ETag, Pragma, Content-Length, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Mar 2023 02:03:42 GMT
age: 3031
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9f963ad6104c08b0403759ec22008ace
7e2bf8de614c2b589093f5d90366d0b85ad989e4
a01488f649fa48674fc21cc847f180dbb70631c1338c8daf93b4e564fd868830
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 02:54:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc9a86b8d3035b57b58750f8896202e8
1485042fff689cadbf0c7a540f430993f23d45e3
b06e4961e184d51008f4adb9c8fe571f08b21b4728e5eac0bb4795861e03aa2f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B06E4961E184D51008F4ADB9C8FE571F08B21B4728E5EAC0BB4795861E03AA2F"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2933
Expires: Thu, 09 Mar 2023 03:43:06 GMT
Date: Thu, 09 Mar 2023 02:54:13 GMT
Connection: keep-alive
en.firstgooal.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
188.114.97.1200 OK 1.0 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash 08fe3c23ce2f1e9e2d66d4fa90b036f8
0c9b700eed1061a99facb883ec10bc02bfd2994d
ac23166279860ec7ad5ce9e7960b2d7ca057cc03a192693587d045d75d5bf669
Analyzer Verdict Alert fortinet Malware
GET /qa-theme/SnowFlat/js/snow-core.js?1.8.6 HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/7901/binance-us-agrees-to-buy-voyagers-digital-assets
Cookie: PHPSESSID=d1bb4867fd09d810e189f0a45c6945ad; qa_key=l3uvjblqmop3xhwwa0e1vqr0yiupse9o
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 02:54:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbF937Uv23T4AkERlIY1aADhgv3LyYLMmb1o7xY2gu9tqJYvoVUe4p0x5fL%2FtTMuI7tiCdjOS477xuOhjYxW6%2FoS3V4CfB2eLDmu%2FIEuuO9vHHZbylAUC7G3v4%2B8GdB0yn5X8g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a5008365db9b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-content/qa-global.js?1.8.6
188.114.97.1200 OK 5.1 kB URL HTTP/1.1 en.firstgooal.com/qa-content/qa-global.js?1.8.6
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash e1e4743f1b69b56fe6a4b9d82b617933
ae383643ea7f8c89084665d0ea7e4aad038495c3
f597be97130244f45174373ee364d6b33aba7c0d9dc41e32d4fe06c099ca69f9
GET /qa-content/qa-global.js?1.8.6 HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/7901/binance-us-agrees-to-buy-voyagers-digital-assets
Cookie: PHPSESSID=d1bb4867fd09d810e189f0a45c6945ad; qa_key=l3uvjblqmop3xhwwa0e1vqr0yiupse9o
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 02:54:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKhHwLVqAaF41sw2XO7zM5hT8dYbTMYC5oUjvV1SVEiTq8J%2F1i6%2FtlG3HvEp8Lnw4vmHhMcSAAIVKoIfQd5%2BQ8f7avg7DaFOiRdM8eEP2KY0oQ%2F2DCoKoaD7sRUVjs%2FgGzjTIg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a5008365953b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-content/jquery-3.5.1.min.js
188.114.97.1200 OK 31 kB URL HTTP/1.1 en.firstgooal.com/qa-content/jquery-3.5.1.min.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 8b01c5ba6173865527caa5a96b8025c7
7931265ea4d257f5fd5f1bcebc73a03fcdd772be
8296102d6f6ea7f891b884e47c6b49cc29ab9755049527bd45bfd70435819782
Analyzer Verdict Alert fortinet Malware
GET /qa-content/jquery-3.5.1.min.js HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/7901/binance-us-agrees-to-buy-voyagers-digital-assets
Cookie: PHPSESSID=d1bb4867fd09d810e189f0a45c6945ad; qa_key=l3uvjblqmop3xhwwa0e1vqr0yiupse9o
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 02:54:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t06iRg4h%2F2QMM%2BOhzOk41D5o5m4ilhINw7geCgKh8kcibspuxw6MKe3OioI3bwoJ6euqERR%2B2aiKHXiJJ%2BS4gU%2FJzo7sSsP%2BMeNJJHTHb3kSybICHC125JZM3di4%2BZDfrT1fYg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a500836593e0b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
188.114.97.1200 OK 12 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash 40e651fa088684d4bf19ab0ee8a0f90f
f962b6f01b58ad088704e682879d989b1963a65c
d2a050dc76aee935d35e1ca91415448e5881622e1c14a04b3b3ad4d322d7f910
Analyzer Verdict Alert fortinet Malware
GET /qa-theme/SnowFlat/qa-styles.css?1.8.6 HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/7901/binance-us-agrees-to-buy-voyagers-digital-assets
Cookie: PHPSESSID=d1bb4867fd09d810e189f0a45c6945ad; qa_key=l3uvjblqmop3xhwwa0e1vqr0yiupse9o
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 02:54:13 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFC5k4BuvnwzE6WeZ6TriGMtCwsqTARl3C06tSZvLF8Q1QJLTY%2B2vheiDRfsFeiwCyaY5l7QRin2YieQl%2BFHNUszqJ%2BuhNoMB8G2vSbSDdcpWJxNqXaFKamxAaQzwTGL8SiqGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a5008365990b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
52.88.218.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.218.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NRefjasraVqBEPwIze+Ntw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SyaI6o505hHuofB9V2KJaFtz+o0=
en.firstgooal.com/qa-theme/SnowFlat/images/vote-buttons-3.png
188.114.97.1200 OK 1.5 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/images/vote-buttons-3.png
IP 188.114.97.1:0
File type PNG image data, 56 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b0b5b30b475bfc16e428a2b5afb343d
b98a582faac44ca1edc3aeed5579fb9c812bc668
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
GET /qa-theme/SnowFlat/images/vote-buttons-3.png HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Cookie: PHPSESSID=d1bb4867fd09d810e189f0a45c6945ad; qa_key=l3uvjblqmop3xhwwa0e1vqr0yiupse9o
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 02:54:14 GMT
Content-Type: image/png
Content-Length: 1457
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaIp11LhXeqLSRMlSp21Y3w0qogNgThzinerwyqN6a5nC6KtAL%2BClZHmumzvJnYs4JvGAmBdZUCMnzaG4vs0Dtwc8PGDGDxdQJMwjaHC8vb1H2bc1dVB6oRZ5zoD6afSmJTJgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a5008399a110b41-OSL
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-theme/SnowFlat/images/icons/answer-white.png
188.114.97.1200 OK 2.9 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/images/icons/answer-white.png
IP 188.114.97.1:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b16081a388e805bf149956d4a370e065
67863d0ea8aea5cb1ba0b6bbe95f6b7305fe3190
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
GET /qa-theme/SnowFlat/images/icons/answer-white.png HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Cookie: PHPSESSID=d1bb4867fd09d810e189f0a45c6945ad; qa_key=l3uvjblqmop3xhwwa0e1vqr0yiupse9o
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 02:54:14 GMT
Content-Type: image/png
Content-Length: 2867
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJMmHZvslXBScKQ86BHjIbjMTqMBqCZIPAsliZBUZu7fueVaxtlIHr6HR6E95gOEkWZNHq1wk3MA0VutzfwdsrElg2z5%2BK%2F2p4DZClVU1ykvgeUCwhdq3VWhxOLXctEOdd3F9w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a5008399a6bb50c-OSL
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-theme/SnowFlat/images/answer-select.png
188.114.97.1200 OK 1.8 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/images/answer-select.png
IP 188.114.97.1:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, interlaced\012- data
Hash 5797f2d7f4d3222105c28ffdfdcacd65
b59898b825c693f71828661a867bca711696821b
824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db
GET /qa-theme/SnowFlat/images/answer-select.png HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Cookie: PHPSESSID=d1bb4867fd09d810e189f0a45c6945ad; qa_key=l3uvjblqmop3xhwwa0e1vqr0yiupse9o
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 02:54:14 GMT
Content-Type: image/png
Content-Length: 1831
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmSSsTpza%2B6lmAit1mpZfRxRXfaUcb0sTzVhl43IhfR4s0td%2B06gb5eyIx%2BcCIhLrB9x%2BGqa1%2Ft9%2BcGFsbk7U%2F8flwu4z%2FYnIQTwbOY6hmrCratwHX90q2Ixw3QR4%2BvyAwUkvA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a5008399f13b4f9-OSL
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-theme/SnowFlat/images/icons/link-white.png
188.114.97.1200 OK 3.0 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/images/icons/link-white.png
IP 188.114.97.1:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 32b0cfc9698f8d73d65b30a33ef49115
d0018f65b9626b0686987d4e8f1d633fb17af607
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
GET /qa-theme/SnowFlat/images/icons/link-white.png HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Cookie: PHPSESSID=d1bb4867fd09d810e189f0a45c6945ad; qa_key=l3uvjblqmop3xhwwa0e1vqr0yiupse9o
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 02:54:14 GMT
Content-Type: image/png
Content-Length: 3026
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azXTdBv1QVqeng9Bl1TzyEr5hMMe7QnOUtuAe4vSbTU0fFTHS0MBE0T%2FEBJh2eWokNstp%2BFzVGDmYeo1Mz2WR67kpmZa1nxgdq6W%2FDpbAmAdlzDumM7pSNVFbfomtW5W%2BzWY6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a5008399acbb529-OSL
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-theme/SnowFlat/images/search-icon-white.png
188.114.97.1200 OK 1.4 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/images/search-icon-white.png
IP 188.114.97.1:0
File type PNG image data, 36 x 36, 8-bit/color RGBA, interlaced\012- data
Hash d7bb9c767a3d489bb312bf0edec2bd62
74d64044c075c6f1055b87bfbadb6311e5d702b7
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
GET /qa-theme/SnowFlat/images/search-icon-white.png HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Cookie: PHPSESSID=d1bb4867fd09d810e189f0a45c6945ad; qa_key=l3uvjblqmop3xhwwa0e1vqr0yiupse9o
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 02:54:14 GMT
Content-Type: image/png
Content-Length: 1412
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZjz1884ah37YnJjSOsfdYFO8v5BqUsv%2BMnucn%2FN2xd%2BtDsE2gLFQIRI4pZ64d12HoV8bakVokSaUskBJmG0cS31PhCiiHpMXArAYQJ%2Fr4gckKwgzsTPUnrlMeoj7r5iloRa7g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a500839aac9b51b-OSL
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-theme/SnowFlat/images/icons/comment-white.png
188.114.97.1200 OK 2.9 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/images/icons/comment-white.png
IP 188.114.97.1:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 361d948a77bf3ebca57885dd5601181a
9f3175cc1d11587285befee18dcdb1262d9b6f64
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
GET /qa-theme/SnowFlat/images/icons/comment-white.png HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Cookie: PHPSESSID=d1bb4867fd09d810e189f0a45c6945ad; qa_key=l3uvjblqmop3xhwwa0e1vqr0yiupse9o
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 02:54:14 GMT
Content-Type: image/png
Content-Length: 2906
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abLEfZ2ODgvgcJVMGdgJhHvn%2F5IAclAq437BNN6ukchgqWrrquTDoV9OCYK%2FgGudiwGebRMMST7LDygAbT8jHGxX7J955%2F2elwBhSc%2BhMkdXIOQ1gitZoa0d%2B7I3psIr2u44dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a500839990d1c12-OSL
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
188.114.97.1200 OK 7.2 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
IP 188.114.97.1:0
File type Web Open Font Format, TrueType, length 7200, version 1.0\012- data
Hash 032102e77ed40c63761279956b30f59f
b40bfc143f60a96b35a760a73f18dd3934eebc08
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
Analyzer Verdict Alert fortinet Malware
GET /qa-theme/SnowFlat/fonts/fontello.woff?70015067 HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Cookie: PHPSESSID=d1bb4867fd09d810e189f0a45c6945ad; qa_key=l3uvjblqmop3xhwwa0e1vqr0yiupse9o
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 02:54:14 GMT
Content-Type: font/woff
Content-Length: 7200
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAP3TygCPJroIrZI8N6xI%2BRBAhLy0Z3eZ86r5FzxvIvR%2FmKTHS6zU6WxxZexr5HV0gj0z0eG8Po0E5%2B2eAxDktbNletoXmAG3wocvO0g%2BQ9c6kENuEX%2FGg8yW5RK5Df5m3FIUg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a50083afb00b50c-OSL
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
188.114.97.1200 OK 7.8 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
IP 188.114.97.1:0
File type GIF image data, version 89a, 14 x 14\012- data
Hash baa90f5e1a366d64a56c6bdc20463880
a5fc4c07afc4c856ff09a4ed6cee0a26487946a9
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
GET /qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644 HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Cookie: PHPSESSID=d1bb4867fd09d810e189f0a45c6945ad; qa_key=l3uvjblqmop3xhwwa0e1vqr0yiupse9o
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 02:54:14 GMT
Content-Type: image/gif
Content-Length: 7781
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nLKRNRjR8WvEK3UVHIZ2XsMmBLAevqdJfH5%2F8CkIbM%2B%2BiIZlwYQk%2FqclJFmcn0pjE60sipk2hp2ErzeqzH6NtZFLfoYRjYUwDxAmpuMO7AUFAhWCxax5YTPx1c7C71v%2Fv4H9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a50083b2b76b51b-OSL
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-theme/SnowFlat/fonts/ubuntu-regular.woff2
188.114.97.1200 OK 22 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/fonts/ubuntu-regular.woff2
IP 188.114.97.1:0
File type Web Open Font Format (Version 2), TrueType, length 22388, version 1.0\012- data
Hash 15b31ac9865cf59ee66305ceae84eeca
a7dc7a8504e47449000ea52f24ec10b34526b60c
02e4551debbf743ff34d013ba7b0a5440fa88958b9c406105a55612721cba16c
Analyzer Verdict Alert fortinet Malware
GET /qa-theme/SnowFlat/fonts/ubuntu-regular.woff2 HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://en.firstgooal.com/7901/binance-us-agrees-to-buy-voyagers-digital-assets
Cookie: PHPSESSID=d1bb4867fd09d810e189f0a45c6945ad; qa_key=l3uvjblqmop3xhwwa0e1vqr0yiupse9o
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 02:54:14 GMT
Content-Type: font/woff2
Content-Length: 22388
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyEweR%2FUOvkZ47BUkR7gjcbofCDaUGjga1kWmp6xi6hqV74JguBvOTzkGiq4M6yIT6wtDSCaGr6j7HrFkwcFWQBezuXPJgCXvswJi6S46Q%2F3yAw5UlZL0W61HIZFv4wHxBDZwg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a50083afa730b41-OSL
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-theme/SnowFlat/fonts/ubuntu-bold.woff2
188.114.97.1200 OK 23 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/fonts/ubuntu-bold.woff2
IP 188.114.97.1:0
File type Web Open Font Format (Version 2), TrueType, length 22800, version 0.-11076\012- data
Hash 599ac1c7e3993595927b6610aced3f00
12b786d7422dbf88ad4fd730d6925782dee3027b
0c520384d05689f51e9846895c1f3572c39bc954504d2eed090432c4b08d6d3f
Analyzer Verdict Alert fortinet Malware
GET /qa-theme/SnowFlat/fonts/ubuntu-bold.woff2 HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://en.firstgooal.com/7901/binance-us-agrees-to-buy-voyagers-digital-assets
Cookie: PHPSESSID=d1bb4867fd09d810e189f0a45c6945ad; qa_key=l3uvjblqmop3xhwwa0e1vqr0yiupse9o
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 02:54:14 GMT
Content-Type: font/woff2
Content-Length: 22800
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObGtt3YUVDdzUhAWtyirM5cTNRv5usu7PfHZE7jCCjjTPdOeNNtmgoewxAQixK5s%2BMai8IrTmu0ltmPnsX8V9%2FqlQwBBeXAiJUetcfwXVmzLKrlCOSHOOwQNImVBjD%2BBGHRt7g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a50083b0b8cb529-OSL
alt-svc: h2=":443"; ma=60
en.firstgooal.com/qa-theme/SnowFlat/fonts/ubuntu-italic.woff2
188.114.97.1200 OK 25 kB URL HTTP/1.1 en.firstgooal.com/qa-theme/SnowFlat/fonts/ubuntu-italic.woff2
IP 188.114.97.1:0
File type Web Open Font Format (Version 2), TrueType, length 24808, version 1.0\012- data
Hash 5d7f3d1466e3a11a8b8efc09ff61cf2e
f5a1612b04cc49ebad65192db33a7cc498ef2409
1f1c7364ef5f163cddba63301931db5e1eff87ecc1cd2e9704c10c6f92417b54
Analyzer Verdict Alert fortinet Malware
GET /qa-theme/SnowFlat/fonts/ubuntu-italic.woff2 HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://en.firstgooal.com/7901/binance-us-agrees-to-buy-voyagers-digital-assets
Cookie: PHPSESSID=d1bb4867fd09d810e189f0a45c6945ad; qa_key=l3uvjblqmop3xhwwa0e1vqr0yiupse9o
HTTP/1.1 200 OK
Date: Thu, 09 Mar 2023 02:54:14 GMT
Content-Type: font/woff2
Content-Length: 24808
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:03:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhc7cge4HD97jnvVAjq84bG0aXnudQt2tg5BuhhFaOUg4WHM45Y%2FeKPmxsVmiTpo0%2BEkKkaszNh7FYbq86kKsS4kI4wc56jQJ%2BC5tTNFdY52e0pldDsVGjuZ09%2BkEOo9CsCJAg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a50083b0fa1b4f9-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7b7049a6f7f2cb41f99c789aac094e37
8cfd0d8c33a5a3d726cc68ff9008553476bc442f
f42386e4da540ef7be0e053091a1e13f8a2638cdc131d92e773dac20db651b65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 02:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.142200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.142:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.firstgooal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 09 Mar 2023 01:53:25 GMT
expires: Thu, 09 Mar 2023 03:53:25 GMT
cache-control: public, max-age=7200
age: 3649
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7b7049a6f7f2cb41f99c789aac094e37
8cfd0d8c33a5a3d726cc68ff9008553476bc442f
f42386e4da540ef7be0e053091a1e13f8a2638cdc131d92e773dac20db651b65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 02:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7b7049a6f7f2cb41f99c789aac094e37
8cfd0d8c33a5a3d726cc68ff9008553476bc442f
f42386e4da540ef7be0e053091a1e13f8a2638cdc131d92e773dac20db651b65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 02:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7b7049a6f7f2cb41f99c789aac094e37
8cfd0d8c33a5a3d726cc68ff9008553476bc442f
f42386e4da540ef7be0e053091a1e13f8a2638cdc131d92e773dac20db651b65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 02:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5119020707824427
142.250.74.66200 OK 48 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5119020707824427
IP 142.250.74.66:0
File type ASCII text, with very long lines (3649)
Hash 4847020437727f95a40d3a9d70241c43
318575e980156c79b79b064faf5366485203ed77
3fcc3885f63b7ce1fce23eb29d3060bd254f8c24e40007a7bc4606a7b41a0fa7
GET /pagead/js/adsbygoogle.js?client=ca-pub-5119020707824427 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://en.firstgooal.com
Connection: keep-alive
Referer: http://en.firstgooal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 09 Mar 2023 02:54:14 GMT
expires: Thu, 09 Mar 2023 02:54:14 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 11131169484704858111
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 48357
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7b7049a6f7f2cb41f99c789aac094e37
8cfd0d8c33a5a3d726cc68ff9008553476bc442f
f42386e4da540ef7be0e053091a1e13f8a2638cdc131d92e773dac20db651b65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 02:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/zrt_lookup.html
142.250.74.162200 OK 4.5 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/zrt_lookup.html
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3205)
Hash bad17ab9662318e8927e5009c83c2ad1
53ded630f95abe04b7b77d43076bf71b9ea71c02
68da39270ebfa6d17f4b765cbe004797a736611585ff0c53213d91f78f13c260
GET /pagead/html/r20230306/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4549
x-xss-protection: 0
date: Wed, 08 Mar 2023 08:30:40 GMT
expires: Wed, 22 Mar 2023 08:30:40 GMT
cache-control: public, max-age=1209600
age: 66214
etag: 2378337311435320485
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
en.firstgooal.com/favicon.ico
188.114.97.1404 Not Found 2.0 kB URL HTTP/1.1 en.firstgooal.com/favicon.ico
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 7c7d9c8d73a20f46f2f1a7fe35471d13
3eede50889edb7572994f1bc6f576337775bd4b9
71fc0d40ff6cacaabc4f4802ea69f8eeff8cc3b377bd77d4803acee42492b033
GET /favicon.ico HTTP/1.1
Host: en.firstgooal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.firstgooal.com/7901/binance-us-agrees-to-buy-voyagers-digital-assets
Cookie: PHPSESSID=d1bb4867fd09d810e189f0a45c6945ad; qa_key=l3uvjblqmop3xhwwa0e1vqr0yiupse9o
HTTP/1.1 404 Not Found
Date: Thu, 09 Mar 2023 02:54:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
CF-Cache-Status: BYPASS
Set-Cookie: qa_key=l3uvjblqmop3xhwwa0e1vqr0yiupse9o; expires=Sat, 11-Mar-2023 02:54:14 GMT; Max-Age=172800; path=/; HttpOnly
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiv0D3oA8RWrTktViebKrvT%2FD1qzDsOWKXI0%2FfNxayS1qbxwOvubJuTlyxiyb9UmsA52xW8GzvF8sC0sBxfRIFzsS2yvHAJQL%2FZGieRdaJSKibvGbnzkIyURCAXpq%2FMWwe1X6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a50083d4b270b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 77b6100fd7c601a0974fee03d490ee56
307cf745167f594822caa24e090f5bd75f42bb08
493a5609afbdf0809d648ad90dbb141f0ced37e0a75875004f5219d04ff445e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 02:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2f4b1d05923c4a89bb81dbb736b22864
c50c631807f9ad77adeb0a5213fe88c3ac759cc2
6b0144c74ac66866ac253833c768a2f797d75a0538c44b960727d432f46f4bc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 02:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=en.firstgooal.com&callback=_gfp_s_&client=ca-pub-5119020707824427
216.58.207.226200 OK 252 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=en.firstgooal.com&callback=_gfp_s_&client=ca-pub-5119020707824427
IP 216.58.207.226:0
File type ASCII text, with very long lines (395), with no line terminators
Hash e6ed0b807639e0491177b83a0c337169
5212324697ab02944e938b2f83d905d7c936c409
e065445e826aa44c49b993cf0ce66f1845c9c04344750c0881502daf5cc8db6d
GET /gampad/cookie.js?domain=en.firstgooal.com&callback=_gfp_s_&client=ca-pub-5119020707824427 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.firstgooal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 09 Mar 2023 02:54:14 GMT
server: cafe
cache-control: private
content-length: 252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fbb97b19dce42f7387d0de43d9968c85
a9f5673974c16e19afbc189ee4e0fbda8dc1a6f6
b80f1b8336e9b19f2db649e39ff988b5f05e35efff2ca53126ac6ca04f4e8bbe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 02:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=en.firstgooal.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=en.firstgooal.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=en.firstgooal.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.firstgooal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 09 Mar 2023 02:54:15 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=en.firstgooal.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=en.firstgooal.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=en.firstgooal.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.firstgooal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 09 Mar 2023 02:54:15 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 77b6100fd7c601a0974fee03d490ee56
307cf745167f594822caa24e090f5bd75f42bb08
493a5609afbdf0809d648ad90dbb141f0ced37e0a75875004f5219d04ff445e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 02:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2f4b1d05923c4a89bb81dbb736b22864
c50c631807f9ad77adeb0a5213fe88c3ac759cc2
6b0144c74ac66866ac253833c768a2f797d75a0538c44b960727d432f46f4bc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 02:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fbb97b19dce42f7387d0de43d9968c85
a9f5673974c16e19afbc189ee4e0fbda8dc1a6f6
b80f1b8336e9b19f2db649e39ff988b5f05e35efff2ca53126ac6ca04f4e8bbe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 02:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 376ce2fd696879f8eed5f47f093fbe64
2cc8105481ae1aa60c2712c43138e59e26fe5f22
0e85f7aef9ff822b2476f5224ea087448678ef4e99ea625b738355b8e07ddc2f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 02:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
172.217.21.161200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.firstgooal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 09 Mar 2023 02:54:15 GMT
expires: Thu, 09 Mar 2023 02:54:15 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
172.217.21.161200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Mar 2023 19:55:31 GMT
expires: Wed, 06 Mar 2024 19:55:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
vary: Accept-Encoding
age: 111524
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7c0630ecdef38ec519b770dc32deb486
105287a0c11b44879b4cbc75c96852f3161f8ed7
8b35076687a58f4a6e3f83c543b209382fcec9204fa4563b3dbd23ed8efb4841
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 02:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0ad01b9236cef16e2a27b5072869ce86
2080b5089717e80da4928358e628ec3a156889a8
8477ceae0d981e170d0d3e508fb9d4e4c73a48420faca79a6f7ee183d27603bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8477CEAE0D981E170D0D3E508FB9D4E4C73A48420FACA79A6F7EE183D27603BB"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2850
Expires: Thu, 09 Mar 2023 03:41:45 GMT
Date: Thu, 09 Mar 2023 02:54:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0ad01b9236cef16e2a27b5072869ce86
2080b5089717e80da4928358e628ec3a156889a8
8477ceae0d981e170d0d3e508fb9d4e4c73a48420faca79a6f7ee183d27603bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8477CEAE0D981E170D0D3E508FB9D4E4C73A48420FACA79A6F7EE183D27603BB"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2850
Expires: Thu, 09 Mar 2023 03:41:45 GMT
Date: Thu, 09 Mar 2023 02:54:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0ad01b9236cef16e2a27b5072869ce86
2080b5089717e80da4928358e628ec3a156889a8
8477ceae0d981e170d0d3e508fb9d4e4c73a48420faca79a6f7ee183d27603bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8477CEAE0D981E170D0D3E508FB9D4E4C73A48420FACA79A6F7EE183D27603BB"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2850
Expires: Thu, 09 Mar 2023 03:41:45 GMT
Date: Thu, 09 Mar 2023 02:54:15 GMT
Connection: keep-alive
www.google.com/recaptcha/api2/aframe
142.250.74.36200 OK 511 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 28e503806623251182608f45e095055c
01189d9d282e6efc9c9a58a1a515e2915044f583
2a6d9540a668de0d4b675ce352cb96a9da08dca15318c79563d2c186efc51ca9
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 09 Mar 2023 02:54:15 GMT
date: Thu, 09 Mar 2023 02:54:15 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-Zsc4ccxBpnKuGWcDD4nJlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F156553f5-fbe1-41f1-9a5d-cae2de9a09ac.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F156553f5-fbe1-41f1-9a5d-cae2de9a09ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 984e01082be7267759b49a8526a9316d
604d201e61bb42e95d4fb79fcd240344979b95c1
0b97085216d9c9c334347654c868c9a48f1e777331d3a01be7b873bb9213e862
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F156553f5-fbe1-41f1-9a5d-cae2de9a09ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5066
x-amzn-requestid: a1ffeac8-d422-4a2c-a4cd-75bbe53288e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BS73HGFeIAMFQKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6404402d-5c11fc361aa4ae2c32cdff33;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 07:09:33 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: fbYQ77-6WujWAYimQo8jTGPE3mZk-PSsCZEBchV_Kc4gx4zJj-9dsA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 23:25:38 GMT
age: 12517
etag: "604d201e61bb42e95d4fb79fcd240344979b95c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff126aba3-5053-41e8-9adc-5cb3d542d065.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff126aba3-5053-41e8-9adc-5cb3d542d065.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f57df98d880821f3ed2d1227ea1e29c0
ec77a342171a7b2df5b4bb4ff267eb9e7b6fdc9d
d9c8877d58e5625ffd72222372334fa857611de3e444732e4ac025571df9e333
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff126aba3-5053-41e8-9adc-5cb3d542d065.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8421
x-amzn-requestid: f161f3bb-2b66-4ec8-a2d0-460296e59d8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BezfVHwPoAMF9CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6408ff95-7fd8848f23e348491da23bc3;Sampled=0
x-amzn-remapped-date: Wed, 08 Mar 2023 21:35:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: UxccdNn1zcfmf6dLfofsW97SALSwT6zQ4-AxC4JW9xXmtxUCtHHFFg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 bb763d35677c62f9f5d9728bba884662.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 21:45:27 GMT
etag: "ec77a342171a7b2df5b4bb4ff267eb9e7b6fdc9d"
content-type: image/jpeg
age: 18528
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedc26d16-1c93-451f-bc00-adf9e2f92fac.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedc26d16-1c93-451f-bc00-adf9e2f92fac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f32c8032ccfea50340a5f5e8a45bd091
86cfba31fca35364a5b1642285f14665ff4c5386
d1f1cd14a388cbb02731e58cb8267b808402b8cb3a4e90be90858ae04af3c6f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedc26d16-1c93-451f-bc00-adf9e2f92fac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9081
x-amzn-requestid: 2ac239fb-ca70-41d5-8c86-fa398ac9a226
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BezeLGXFIAMF8ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6408ff8d-24722910513f5bd32e2411aa;Sampled=0
x-amzn-remapped-date: Wed, 08 Mar 2023 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: N7CdHUf92t4MRdgtsbaMlU8TVIF1NgUfD8xkZiZMSZVGJpiQzNuXew==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 6bdc2963c9ed59b475ec36c35e5932a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 21:45:27 GMT
etag: "86cfba31fca35364a5b1642285f14665ff4c5386"
content-type: image/jpeg
age: 18528
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9da3492d-91de-45e4-82a1-51dec7e4ba28.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9da3492d-91de-45e4-82a1-51dec7e4ba28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d541504b5777fedb1a4b99770ca977e0
1acb5b7a05f617c8fc7cd6fe420ab72646bfc306
34dfdf8d3d5fa6fed1a6eca3c852301dae86f3765f824d93c26980fb8ac519c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9da3492d-91de-45e4-82a1-51dec7e4ba28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4785
x-amzn-requestid: 57be76f4-6f1b-45d2-bfc1-fc573c56489a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BezeJEhZIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6408ff8d-5e469b5f2c0adfd619e0e7b4;Sampled=0
x-amzn-remapped-date: Wed, 08 Mar 2023 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: jl-Ed8eQYVXZpU-veP1wAdNiiwQe-ZlApp8BsN7vx7pLBL4FVceI8A==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 21:45:27 GMT
etag: "1acb5b7a05f617c8fc7cd6fe420ab72646bfc306"
content-type: image/jpeg
age: 18528
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea03d56b-0100-4e7f-bc07-0bcf79745625.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea03d56b-0100-4e7f-bc07-0bcf79745625.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49c2a867dd9ce40374b3f8bac3de89c5
6ea3ae91319fe33a4ed905d39ccb9ea850a83c2c
554723e647b0bfb54585a10f72938e397710688507e0223d62a6fec0df360737
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea03d56b-0100-4e7f-bc07-0bcf79745625.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6271
x-amzn-requestid: b09a2f59-1c0e-4121-b6eb-468417195031
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bez9vGGEoAMFq_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64090057-0d420f6f4e5ca3eb001d4b85;Sampled=0
x-amzn-remapped-date: Wed, 08 Mar 2023 21:38:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: rDmGm445ffWvNKcLIy6EJc-tOeB3NeI99i3n_cFVN9gBZZfbFU9mYg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 21:45:27 GMT
age: 18528
etag: "6ea3ae91319fe33a4ed905d39ccb9ea850a83c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F960ff4d1-e33e-41a5-aaa4-f54039dbc85e.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F960ff4d1-e33e-41a5-aaa4-f54039dbc85e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 67e27efd23f4d42e2f93102e05955859
3ebc9abd817182d697acfd947000f106914b9098
5d1a4a50802f50798d120468ba28f157cbe1cf8547f66ac3d6b3a138c6d25a24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F960ff4d1-e33e-41a5-aaa4-f54039dbc85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14298
x-amzn-requestid: b11be846-5ff7-442c-a0e3-7876f696d1c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BMVaDHsFoAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64019c40-6503274d0b174c1e0d7a8c6e;Sampled=0
x-amzn-remapped-date: Fri, 03 Mar 2023 07:05:36 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: HlfjvVuC_eLZJ_HYVKLxy_qwnFFQJkfVm3UKa8ajIUb6alnnZd1XqA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 16:59:13 GMT
age: 35702
etag: "3ebc9abd817182d697acfd947000f106914b9098"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2