r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 234b80a5a27f3d377e322e680413479d
3da8ba535ec19898f5b83ece48cd4038ac2bf557
370104df5dd8f739601a4be42ae41bb92f365dcf585823a3c14733f7c394e926
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "370104DF5DD8F739601A4BE42AE41BB92F365DCF585823A3C14733F7C394E926"
Last-Modified: Sun, 12 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6232
Expires: Mon, 13 Mar 2023 10:13:39 GMT
Date: Mon, 13 Mar 2023 08:29:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 405abd45d42535567c1ecb518f4bdb04
0505c27fe2921bfa89657173fb77ca7280f04772
bdef4e5edfe0bf3fefb4dc5625e41f3faeb23a0afd24c4e6255f40f757568c35
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDEF4E5EDFE0BF3FEFB4DC5625E41F3FAEB23A0AFD24C4E6255F40F757568C35"
Last-Modified: Sun, 12 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11642
Expires: Mon, 13 Mar 2023 11:43:49 GMT
Date: Mon, 13 Mar 2023 08:29:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ae4d7bec26e013433e638f87260aa632
62384e39bc90d0b2ab92895220f0383e678669f4
b704031d560770485c9552dcf56b911b7b5ad45d8a3f73acd17dbbbeeff294f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B704031D560770485C9552DCF56B911B7B5AD45D8A3F73ACD17DBBBEEFF294F4"
Last-Modified: Sun, 12 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7867
Expires: Mon, 13 Mar 2023 10:40:54 GMT
Date: Mon, 13 Mar 2023 08:29:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 13 Mar 2023 08:09:19 GMT
content-type: application/json
age: 1228
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: p3RTKkv9Hwq+Cl13mD/QvQSgl8c8qpBNdrzbUWLiSWwZ8fWLENhTI+iLcjjssD4zsr0lQ4zxysc=
x-amz-request-id: 91KND50YAC26YW72
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 13 Mar 2023 08:20:02 GMT
age: 585
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 13 Mar 2023 08:29:47 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
5a083.rf.wy5532.com/
172.93.103.102200 OK 480 B IP 172.93.103.102:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (480), with no line terminators
Hash e4caf1a552c94e17d644a8f8b09bc724
a0d55b9bc4d4a85fb79e249127d4d5de9f420a87
c67d4254f50ffd93beaa009bbb50300c0d80b9b3b912bb2c7166ee9bcefda1f9
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: 5a083.rf.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 480
content-type: text/html; charset=utf-8
date: Mon, 13 Mar 2023 08:29:47 GMT
server: nginx
set-cookie: sid=37094d02-c179-11ed-9835-dcd92c5a9f81; path=/; domain=.wy5532.com; expires=Sat, 31 Mar 2091 11:43:54 GMT; max-age=2147483647; HttpOnly
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, ETag, Backoff, Expires, Alert, Pragma, Cache-Control, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 13 Mar 2023 08:12:32 GMT
age: 1035
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash db27ecc2f481e8871b2e99584e751660
e671ecb839d53e296f4ec303208ddb713c72aecc
5c910268b5c4f0244540c5570056673f8cbe4a0979f301363cb56dc359c147df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C910268B5C4F0244540C5570056673F8CBE4A0979F301363CB56DC359C147DF"
Last-Modified: Sun, 12 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9022
Expires: Mon, 13 Mar 2023 11:00:10 GMT
Date: Mon, 13 Mar 2023 08:29:48 GMT
Connection: keep-alive
5a083.rf.wy5532.com/favicon.ico
172.93.103.102404 Not Found 9 B URL HTTP/1.1 5a083.rf.wy5532.com/favicon.ico
IP 172.93.103.102:0
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: 5a083.rf.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://5a083.rf.wy5532.com/
Cookie: sid=37094d02-c179-11ed-9835-dcd92c5a9f81
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Mon, 13 Mar 2023 08:29:47 GMT
server: nginx
5a083.rf.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3ODcwMzM4NywiaWF0IjoxNjc4Njk2MTg3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDV1cWlmMTlxcXVoajhjNTg0NTBqczEiLCJuYmYiOjE2Nzg2OTYxODcsInRzIjoxNjc4Njk2MTg3Njk0MDQ0fQ.BLlUiWbTa4rPJOr7FHF36CV7-apCoPIfDfzkPSwsvFM&sid=37094d02-c179-11ed-9835-dcd92c5a9f81
172.93.103.102302 Found 11 B URL HTTP/1.1 5a083.rf.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3ODcwMzM4NywiaWF0IjoxNjc4Njk2MTg3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDV1cWlmMTlxcXVoajhjNTg0NTBqczEiLCJuYmYiOjE2Nzg2OTYxODcsInRzIjoxNjc4Njk2MTg3Njk0MDQ0fQ.BLlUiWbTa4rPJOr7FHF36CV7-apCoPIfDfzkPSwsvFM&sid=37094d02-c179-11ed-9835-dcd92c5a9f81
IP 172.93.103.102:0
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3ODcwMzM4NywiaWF0IjoxNjc4Njk2MTg3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDV1cWlmMTlxcXVoajhjNTg0NTBqczEiLCJuYmYiOjE2Nzg2OTYxODcsInRzIjoxNjc4Njk2MTg3Njk0MDQ0fQ.BLlUiWbTa4rPJOr7FHF36CV7-apCoPIfDfzkPSwsvFM&sid=37094d02-c179-11ed-9835-dcd92c5a9f81 HTTP/1.1
Host: 5a083.rf.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://5a083.rf.wy5532.com/
Cookie: sid=37094d02-c179-11ed-9835-dcd92c5a9f81
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 13 Mar 2023 08:29:48 GMT
location: http://cynes-gwf.com/zcvisitor/372aaa64-c179-11ed-b6dd-123cef80c62d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=373a3ace-c179-11ed-b6dd-123cef80c62d
server: nginx
set-cookie: sid=37094d02-c179-11ed-9835-dcd92c5a9f81; path=/; domain=.wy5532.com; expires=Sat, 31 Mar 2091 11:43:55 GMT; max-age=2147483647; HttpOnly
push.services.mozilla.com/
35.164.47.95101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.47.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZQOOGW8u31leak9hUiNSGw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6aQxD4umeE5dd4cEeeXT5xu9bCo=
cynes-gwf.com/zcvisitor/372aaa64-c179-11ed-b6dd-123cef80c62d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=373a3ace-c179-11ed-b6dd-123cef80c62d
3.231.116.86200 1.1 kB URL HTTP/1.1 cynes-gwf.com/zcvisitor/372aaa64-c179-11ed-b6dd-123cef80c62d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=373a3ace-c179-11ed-b6dd-123cef80c62d
IP 3.231.116.86:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c17030d5bb549deaea7ba3721ccb137e
fe43a00077439356674e9aeca76c7f82c9aa56a9
3ddbe292f5dd4ad21df6c968aa2168c7d1eb7d46afa5b9fe34cbf4408f3e6ccb
GET /zcvisitor/372aaa64-c179-11ed-b6dd-123cef80c62d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=373a3ace-c179-11ed-b6dd-123cef80c62d HTTP/1.1
Host: cynes-gwf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://5a083.rf.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Mon, 13 Mar 2023 08:29:48 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: sijwddsZ
cynes-gwf.com/zcredirect?visitid=372aaa64-c179-11ed-b6dd-123cef80c62d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
3.231.116.86200 346 B URL HTTP/1.1 cynes-gwf.com/zcredirect?visitid=372aaa64-c179-11ed-b6dd-123cef80c62d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 3.231.116.86:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d67607b84e1b4b34f2b875438513549d
2efecb5f171b13773fcaf2a0aa3e2f2c61e8dbf0
8f214e25096258401b31905d07219bc604e0cbc24a73abbf031aa95accd0f5c9
GET /zcredirect?visitid=372aaa64-c179-11ed-b6dd-123cef80c62d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: cynes-gwf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynes-gwf.com/zcvisitor/372aaa64-c179-11ed-b6dd-123cef80c62d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=373a3ace-c179-11ed-b6dd-123cef80c62d
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Mon, 13 Mar 2023 08:29:48 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: VfkonvKW
cynes-gwf.com/favicon.ico
3.231.116.86404 653 B URL HTTP/1.1 cynes-gwf.com/favicon.ico
IP 3.231.116.86:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: cynes-gwf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynes-gwf.com/zcredirect?visitid=372aaa64-c179-11ed-b6dd-123cef80c62d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Mon, 13 Mar 2023 08:29:49 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: Yjvngcon
sameradar-1.online/api/v1/px?xmlid=KqAvFQTtiZaecsqu0uRyyC6jZU9vktHXm2g0Seqc
15.197.224.234200 OK 89 kB URL HTTP/1.1 sameradar-1.online/api/v1/px?xmlid=KqAvFQTtiZaecsqu0uRyyC6jZU9vktHXm2g0Seqc
IP 15.197.224.234:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (653)
Hash 11269e24589de561b62fe4720b88d352
fc83d05365005da0d826529701cd80b7de769fe4
14307ebad0c2311afa9fdf774920f9046d86c4740353ed9f6a4c19236d049532
GET /api/v1/px?xmlid=KqAvFQTtiZaecsqu0uRyyC6jZU9vktHXm2g0Seqc HTTP/1.1
Host: sameradar-1.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynes-gwf.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 13 Mar 2023 08:29:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 89067
Connection: keep-alive
Access-Control-Allow-Origin: *
ETag: W/"15beb-/IPQU2UAXaDYJlKXAc2At952n+Q"
sameradar-1.online/api/v1/pxcheck?impId=KqAvFQTtiZaecsqu0uRyyC6jZU9vktHXm2g0Seqc&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjAiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cDovL3NhbWVyYWRhci0xLm9ubGluZS9hcGkvdjEvcHg/eG1saWQ9S3FBdkZRVHRpWmFlY3NxdTB1Unl5QzZqWlU5dmt0SFhtMmcwU2VxYyIsImRldmljZVNyZWVuU2l6ZSI6IjEwMDJ4MTI4MCIsImRldmljZVdpbmRvd1NpemUiOiI5Mzl4MTI4MCIsInduZDJzcmNSYXRpb0x3cjA2IjpmYWxzZSwiaXNCb3QiOiJvbiJ9
15.197.224.234204 No Content 0 B URL HTTP/1.1 sameradar-1.online/api/v1/pxcheck?impId=KqAvFQTtiZaecsqu0uRyyC6jZU9vktHXm2g0Seqc&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjAiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cDovL3NhbWVyYWRhci0xLm9ubGluZS9hcGkvdjEvcHg/eG1saWQ9S3FBdkZRVHRpWmFlY3NxdTB1Unl5QzZqWlU5dmt0SFhtMmcwU2VxYyIsImRldmljZVNyZWVuU2l6ZSI6IjEwMDJ4MTI4MCIsImRldmljZVdpbmRvd1NpemUiOiI5Mzl4MTI4MCIsInduZDJzcmNSYXRpb0x3cjA2IjpmYWxzZSwiaXNCb3QiOiJvbiJ9
IP 15.197.224.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/pxcheck?impId=KqAvFQTtiZaecsqu0uRyyC6jZU9vktHXm2g0Seqc&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjAiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cDovL3NhbWVyYWRhci0xLm9ubGluZS9hcGkvdjEvcHg/eG1saWQ9S3FBdkZRVHRpWmFlY3NxdTB1Unl5QzZqWlU5dmt0SFhtMmcwU2VxYyIsImRldmljZVNyZWVuU2l6ZSI6IjEwMDJ4MTI4MCIsImRldmljZVdpbmRvd1NpemUiOiI5Mzl4MTI4MCIsInduZDJzcmNSYXRpb0x3cjA2IjpmYWxzZSwiaXNCb3QiOiJvbiJ9 HTTP/1.1
Host: sameradar-1.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sameradar-1.online/api/v1/px?xmlid=KqAvFQTtiZaecsqu0uRyyC6jZU9vktHXm2g0Seqc
Cookie: __ssds=2
Upgrade-Insecure-Requests: 1
HTTP/1.1 204 No Content
Date: Mon, 13 Mar 2023 08:29:49 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7858
Expires: Mon, 13 Mar 2023 10:40:47 GMT
Date: Mon, 13 Mar 2023 08:29:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7858
Expires: Mon, 13 Mar 2023 10:40:47 GMT
Date: Mon, 13 Mar 2023 08:29:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7858
Expires: Mon, 13 Mar 2023 10:40:47 GMT
Date: Mon, 13 Mar 2023 08:29:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02306d2b-eeaa-457b-818c-f89161dee633.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02306d2b-eeaa-457b-818c-f89161dee633.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c020f73e193d39695b2a327b7f823044
293ecfa11699509057daa07b3c103ae57dfc600b
47d1130ec2fc517545f18557e61b4a78a45b9303dfcb9f4db8683da8160205d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02306d2b-eeaa-457b-818c-f89161dee633.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4592
x-amzn-requestid: 3925b113-7d29-4400-bbab-b64767943c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Br_jDEi9IAMF4SA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640e4613-2bbddae45dbbbe8f6a62f300;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 21:37:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gbtUv0bNfiCz-HwX-L5HGitjTWaezaRQwiukewdVA25WzSEYrpxYqA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 21:55:43 GMT
age: 38046
etag: "293ecfa11699509057daa07b3c103ae57dfc600b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F041d108b-a02d-463a-b8bc-16a820bcaec7.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F041d108b-a02d-463a-b8bc-16a820bcaec7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5f530c45a5cd68b455ef2198ed86ad3f
eb4e56764e88672f9efd7a15ffe16b50e26a0248
cc594af89a6db9aafed4451e84c68d47e4f602ca53eef170d94889aabdbd03ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F041d108b-a02d-463a-b8bc-16a820bcaec7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6311
x-amzn-requestid: 2b7244ec-0beb-4755-a295-5c925d4e5e78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Br_kfG8xIAMF5pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640e461c-6ed1bdff68e8988a141e86d9;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bC0qKmaWkNBo6MQN9tmsMSBLFaog0JowDxyASwb0v3QHSocitnbVhw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 21:55:43 GMT
age: 38046
etag: "eb4e56764e88672f9efd7a15ffe16b50e26a0248"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be71491cee9b47dc3ffb23b4fdff25b3
79c7d22c8df6d305f46c5779ccb9f25169d4d111
e785896e5840fb901ddd0118bef3ccad6b59a96d8eef0e8ccd9c95a3c261ba45
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8487
x-amzn-requestid: 92381f1a-0140-47e9-a971-594a7de36c3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BkEcBGizoAMFgOA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640b1ab3-1a54b65a5d7083e62dcb85ab;Sampled=0
x-amzn-remapped-date: Fri, 10 Mar 2023 11:55:31 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Nn4eV-UeuWZ02ANOxzTUSgE4UODtaZxeIjp8UJfU8PgUny2shFaDjQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 21:42:57 GMT
age: 38812
etag: "79c7d22c8df6d305f46c5779ccb9f25169d4d111"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08428b5a-994c-4f3f-b311-ee36987a7d0a.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08428b5a-994c-4f3f-b311-ee36987a7d0a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fde9c0f2bc62f215ced01cc6b28daba1
aa4240202d28c4367e5f87eca3021f17e9cc3fcc
7bfa4962c7218e0026bdfe00ac86b24b85073a50f84a92e7d83df3ae2cbdc548
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08428b5a-994c-4f3f-b311-ee36987a7d0a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10186
x-amzn-requestid: 3da51dbd-ac7e-46e0-9a6f-7501e5b37e90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Br_VoFN0oAMF9rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640e45bd-4ad6474110a577f96c485465;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 21:35:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TalNp1x1HyTF18a4kOJKkQ_3vbBvZD_JNNGvQczEXyOKaK6Lib7yxg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 22:07:02 GMT
etag: "aa4240202d28c4367e5f87eca3021f17e9cc3fcc"
content-type: image/jpeg
age: 37367
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bf0ac20-16ad-460d-8fcb-a873994d420a.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bf0ac20-16ad-460d-8fcb-a873994d420a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbfef97312a1bc4792615717a63a48ba
1008882db3829f830b0f58c9c5b09792e844a31b
2b096364b450b4845252b7a22a9f9aadadf220e7a6a4134558647d308529d2a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bf0ac20-16ad-460d-8fcb-a873994d420a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5853
x-amzn-requestid: c8b1593f-4bd9-452d-a904-87b58194d599
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Br_WlHEwoAMFyqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640e45c3-461a986e5a5544cf574899e4;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 21:36:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C6xTwOtJHWOoB4SIZ7qDzhmjdyRpZtrJEQ4iSWw5SHWVIKSxfirSCw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 21:57:44 GMT
age: 37925
etag: "1008882db3829f830b0f58c9c5b09792e844a31b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a23db98-37c4-4464-877f-84e567d782c0.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a23db98-37c4-4464-877f-84e567d782c0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a786f27e9ef9e709e65be146e2642cd
ddba0c9cf7e27eab796068b3da048d0815c83c76
aed13ee830dc1940673a820e40dfa9948a97c57e0fcbacae6280937fa6f15f25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a23db98-37c4-4464-877f-84e567d782c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9252
x-amzn-requestid: fd61a972-3530-4c86-8ce5-8c2beb9a02fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Br_WaGIRIAMFzDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640e45c2-68cce2b50e5b88cb2b6c5494;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 21:36:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7E0kX0a54vl3ynwkAob1VIAt5L0hQnBMBAWRlY8L5VlMVm-fASS1Tw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 21:57:32 GMT
age: 37937
etag: "ddba0c9cf7e27eab796068b3da048d0815c83c76"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2