| r3.o.lencr.org/ |  23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash7e05c8461bd2dc5a149f71e2c465ea29 705983959c887e243cb55a8a1796757b579ee977 4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3979
Expires: Thu, 02 Feb 2023 15:53:24 GMT
Date: Thu, 02 Feb 2023 14:47:05 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash62de35a6c8e4efd7633fc5236b5b086f 6a92912a86dfcd0330d040cef06bef36889c76ab ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5739
Expires: Thu, 02 Feb 2023 16:22:44 GMT
Date: Thu, 02 Feb 2023 14:47:05 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 14:43:31 GMT
content-type: application/json
age: 214
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash9a76feabb767086ae0fa54e0ffbf763f 3655d78994a1e9838340669462728b67c8c12e54 bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19494
Expires: Thu, 02 Feb 2023 20:11:59 GMT
Date: Thu, 02 Feb 2023 14:47:05 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: L+cpNspubrE1xHZWcJEGyWMDLkOCye8Gwbw4Xo+LYTziNvSa7/anEg7GI1XrvEj4uE7/pFaaigk=
x-amz-request-id: GMMJGVGQKPZMHJHK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 14:23:08 GMT
age: 1437
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.guesty.com/?utm_source=pdf&utm_medium=content&utm_campaign=coronavirus_industry_report | 141.193.213.10 | 301 Moved Permanently | 162 B |
URL HTTP/1.1www.guesty.com/?utm_source=pdf&utm_medium=content&utm_campaign=coronavirus_industry_report IP141.193.213.10:0 ASN#209242 Cloudflare London, LLC
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
| NIDS | Severity | Alert |
|---|
| suricata | medium | ET HUNTING Suspicious GET Request with Possible COVID-19 URI M2 |
GET /?utm_source=pdf&utm_medium=content&utm_campaign=coronavirus_industry_report HTTP/1.1
Host: www.guesty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 14:47:05 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.guesty.com/?utm_source=pdf&utm_medium=content&utm_campaign=coronavirus_industry_report
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28HY9GRhoxtyBvlZPGOAOET9da0CUOwY%2FSt82nX753Q4E6lZp4VEc5DlRzvUrGAr5T9yrjllwrokg5IoELjnB4p2rhgaA%2B1eNfqwFR%2BhBkbWulZKJVCGHrI2yBfMTUaW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7933b85238300b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 14:47:05 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash2999cdebf1085c1fdda7746272eb3982 3ff9fabe175919e3da1bffff2fdd4451fa9fcefd 03a378f64436fe94b674b23d84561631d44de33d22e80814a534c86b030e6167
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=102352
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 14:47:05 GMT
Etag: "63dab9b9-117"
Expires: Fri, 03 Feb 2023 19:12:57 GMT
Last-Modified: Wed, 01 Feb 2023 19:12:57 GMT
Server: nginx
Content-Length: 279
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 14:07:19 GMT
age: 2386
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash8913af0be619500295008bb91f506660 a7b8068ba9aa506205a295b24458c2616997a0d1 6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4204
Expires: Thu, 02 Feb 2023 15:57:10 GMT
Date: Thu, 02 Feb 2023 14:47:06 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 52.88.112.71 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.88.112.71:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EQyKXQJvRHWlCNrL7i91xQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HOP1Jjx/O8STR6DfSfV+1n/03ak=
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash2999cdebf1085c1fdda7746272eb3982 3ff9fabe175919e3da1bffff2fdd4451fa9fcefd 03a378f64436fe94b674b23d84561631d44de33d22e80814a534c86b030e6167
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2
Cache-Control: max-age=102352
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 14:47:07 GMT
Etag: "63dab9b9-117"
Expires: Fri, 03 Feb 2023 19:12:59 GMT
Last-Modified: Wed, 01 Feb 2023 19:12:57 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17628
Expires: Thu, 02 Feb 2023 19:40:55 GMT
Date: Thu, 02 Feb 2023 14:47:07 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17628
Expires: Thu, 02 Feb 2023 19:40:55 GMT
Date: Thu, 02 Feb 2023 14:47:07 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17628
Expires: Thu, 02 Feb 2023 19:40:55 GMT
Date: Thu, 02 Feb 2023 14:47:07 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg | 34.120.237.76 | 200 OK | 5.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7c823f1d6bf1c50d58eb263b85e6e37c a7b74d11494fb3254df907e5cc1eead070d84617 b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i697kJpdT4ZPeMLWIftWf16pWCic0-v4tL4GDKfVfTZLo-E4-3FwDQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 59129
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg | 34.120.237.76 | 200 OK | 16 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4bb3a6fba496d54cdbbccaf2b9600386 8e30002699e9fbf2047f9ac11a36d2175fc9c591 927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:16:08 GMT
age: 27059
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg | 34.120.237.76 | 200 OK | 8.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash604c573da6f79effa2a81e711c14ad9e 322a3a510ca73e124d78e31b49d676ec891a6762 8d2b897fe4251106be9183fa2a6a3b0918cd1f4dcc5f814aa88a630a77b4045c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: 774cebdf-b2bf-4a98-9d2b-e2abd4bd1a2b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BG-hoAMFTSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-234163873ca67e934d684a1d;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uBOoIV3qLgPgjOas4bG9LnzvJyW5AmcxMm7xqxI2keBg3er2G3MldA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:01:31 GMT
etag: "322a3a510ca73e124d78e31b49d676ec891a6762"
content-type: image/jpeg
age: 60336
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash395bb0f71f9eba82f5ca23548d08900f b1fada280c7ea3eb775a6fa46ce173a51eb045f5 7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ybz4mmNUwsKOkpz6GFm4nLz7iGX5gJ--EiUjqrs8G92GBLn6qaF7IQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:51 GMT
age: 60556
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg | 34.120.237.76 | 200 OK | 7.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash41c44051cc3b4c69924df66048e7566b 5c6a12595c3f6005fec4baa84b16575951e72178 72dff70bcb417c088aba013a486e1dbabe099b40fb718a283f1ba220b142b848
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: 1b3ef150-9b12-4b8b-94e6-0d6debbd24ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTDFmPoAMF-UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-0fea883b0ce1a1b933dc2be8;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qON7fRZ1XPCkl7ldiGagd0UcPynLKMzysXr8LZSRvS1ily9cN5w_wA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:22:55 GMT
age: 59052
etag: "5c6a12595c3f6005fec4baa84b16575951e72178"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg | 34.120.237.76 | 200 OK | 9.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdf4a4906103a8f409c066b1cded71384 22847e3926db3e3d5f6b529297a4abe8b377c3a6 84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 59129
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashf090ba8f2852ba28eff603f1deabcae0 b3dd89b9157a6089f473aa51d26668878416807a 35221706571f1f3a55378514c02f84951d17b4b3167bf21f06e99566d7a365ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5105
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 14:47:07 GMT
Last-Modified: Thu, 02 Feb 2023 13:22:02 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash1bec146b720cadd6be9fe9e3c550844a 9f3b4c26b07fa78dac54ef2565f62a1b4c718bab 6310b578d928224d7b6fce46a194e3864fb5e1147a0b58bf3352e38dfa421c59
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5266
Cache-Control: max-age=102595
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 14:47:07 GMT
Etag: "63daa61c-117"
Expires: Fri, 03 Feb 2023 19:17:02 GMT
Last-Modified: Wed, 01 Feb 2023 17:49:16 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash1bec146b720cadd6be9fe9e3c550844a 9f3b4c26b07fa78dac54ef2565f62a1b4c718bab 6310b578d928224d7b6fce46a194e3864fb5e1147a0b58bf3352e38dfa421c59
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5266
Cache-Control: max-age=102595
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 14:47:07 GMT
Etag: "63daa61c-117"
Expires: Fri, 03 Feb 2023 19:17:02 GMT
Last-Modified: Wed, 01 Feb 2023 17:49:16 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash1bec146b720cadd6be9fe9e3c550844a 9f3b4c26b07fa78dac54ef2565f62a1b4c718bab 6310b578d928224d7b6fce46a194e3864fb5e1147a0b58bf3352e38dfa421c59
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5052
Cache-Control: max-age=102381
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 14:47:07 GMT
Etag: "63daa61c-117"
Expires: Fri, 03 Feb 2023 19:13:28 GMT
Last-Modified: Wed, 01 Feb 2023 17:49:16 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
|
|
| no-cache.hubspot.com/cta/default/2950575/d8d59df5-d027-4548-b6f2-a5e2b044a675.png |  104.19.155.83 | 200 OK | 1.5 kB |
URL HTTP/2no-cache.hubspot.com/cta/default/2950575/d8d59df5-d027-4548-b6f2-a5e2b044a675.png IP104.19.155.83:0
File typePNG image data, 82 x 18, 8-bit/color RGBA, non-interlaced\012- data Hash46561e71b81dba39961dbcde3899f389 e0f529b24bc398add4d225adcecb3143423c1c6f 8f85ea5f49cc918a95cd53706c9d9e34cb12614d37bd3885b0c7964ca589fff4
GET /cta/default/2950575/d8d59df5-d027-4548-b6f2-a5e2b044a675.png HTTP/1.1
Host: no-cache.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guesty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 14:47:07 GMT
content-type: image/png
content-length: 1532
x-amz-id-2: +HZw6UUNweULFAXUXBoANE7+Kyq8iQGYbKJHMArEH6J7CZnfFnAb6fetebohKjSpMXO/Er9MlpE=
x-amz-request-id: M94BHME3W7G9MSGY
last-modified: Thu, 27 Jan 2022 11:36:09 GMT
etag: "46561e71b81dba39961dbcde3899f389"
x-amz-server-side-encryption: AES256
cache-control: no-cache, no-store
x-amz-version-id: null
accept-ranges: bytes
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=CIOYwZpw8zZK8lvHZcamZ4xfRHO_a.Mu3UL85SWqcKc-1675349227-0-ARmadjTB2x5IJb2YddQlxNly2b+rXTocH/xFKeugWHQE6yJ2jiThTauUiM6xI6klYOScEProeJEAJCGCH1kyuyk=; path=/; expires=Thu, 02-Feb-23 15:17:07 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwK1UNjwRnw7b%2BHMZMsw640CmU0fsb48mawVYtjpN3CpUugvVA4Ru3B3lD5izqbOMqUf%2B9KbRcZrxBjwlDbcYg4z9oTIPHJkZ27K%2FwNH7BtyNM%2B8ziBerVD3NpoQ%2B3zArrG%2BV%2FqC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7933b8621f6fb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| no-cache.hubspot.com/cta/default/2950575/e0d0babe-9b35-4d48-ade3-e17de5e38985.png | 104.19.155.83 | 200 OK | 1.5 kB |
URL HTTP/2no-cache.hubspot.com/cta/default/2950575/e0d0babe-9b35-4d48-ade3-e17de5e38985.png IP104.19.155.83:0
File typePNG image data, 82 x 18, 8-bit/color RGBA, non-interlaced\012- data Hash46561e71b81dba39961dbcde3899f389 e0f529b24bc398add4d225adcecb3143423c1c6f 8f85ea5f49cc918a95cd53706c9d9e34cb12614d37bd3885b0c7964ca589fff4
GET /cta/default/2950575/e0d0babe-9b35-4d48-ade3-e17de5e38985.png HTTP/1.1
Host: no-cache.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guesty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 14:47:07 GMT
content-type: image/png
content-length: 1532
x-amz-id-2: XJAq2eP58HS29vOnwuFRri+SwXxndgLPmBCDUQ6pA8p/wBn97l8II0soWPOqjcRRd+G47MoYcNk=
x-amz-request-id: M946YEMA4WQ2HPES
last-modified: Thu, 27 Jan 2022 11:36:12 GMT
etag: "46561e71b81dba39961dbcde3899f389"
x-amz-server-side-encryption: AES256
cache-control: no-cache, no-store
x-amz-version-id: null
accept-ranges: bytes
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=AftD571g70gmxS.iZgDfAVSHvxYsmRDfVPewi6vC7N0-1675349227-0-AarNdnyLoyF4p2yEYfMM2vT6Q7TyATME9BUBvmdzPX6beh2vYbVnyA8Xhdjib+KifUvf3to5bXcdW8AuIGvxjDE=; path=/; expires=Thu, 02-Feb-23 15:17:07 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkJxIv9LN0Z6su92aRo7LLApf%2FxhY1DtKzEbnh6I36pvrRyTgwNQ2wfL9vVIIkJFN5PGkFNwIaHwnv5oWatQFpkxRdhaIXKpzqUkJ9f8ys2eb5ucZCZfWYXCTeI8sdfuVS%2F57OjL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7933b8621f76b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| no-cache.hubspot.com/cta/default/2950575/acf2bfdd-9257-419b-9540-286a0c87acbc.png | 104.19.155.83 | 200 OK | 1.5 kB |
URL HTTP/2no-cache.hubspot.com/cta/default/2950575/acf2bfdd-9257-419b-9540-286a0c87acbc.png IP104.19.155.83:0
File typePNG image data, 82 x 18, 8-bit/color RGBA, non-interlaced\012- data Hash46561e71b81dba39961dbcde3899f389 e0f529b24bc398add4d225adcecb3143423c1c6f 8f85ea5f49cc918a95cd53706c9d9e34cb12614d37bd3885b0c7964ca589fff4
GET /cta/default/2950575/acf2bfdd-9257-419b-9540-286a0c87acbc.png HTTP/1.1
Host: no-cache.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guesty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 14:47:07 GMT
content-type: image/png
content-length: 1532
x-amz-id-2: T3rroI2KjiwVUsi1xf2ZhZyqf3GebFltANXTH5CfgVxRBajZSXi/wdYfwReml06dkmnUM5JcQUQ=
x-amz-request-id: M946JKWJPXPX95Y6
last-modified: Thu, 27 Jan 2022 11:36:11 GMT
etag: "46561e71b81dba39961dbcde3899f389"
x-amz-server-side-encryption: AES256
cache-control: no-cache, no-store
x-amz-version-id: null
accept-ranges: bytes
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=Tq587nI6fBNTMxRX1FoqPyYZCH5YEQgJdrTYiuf3LSE-1675349227-0-ASNpGnjgMMt5IkZiTNSZWVj+R6xL2XUBFdfWGgYXvvl9L7XOJsXktwaYiNoMS3w1gcAOckS7cSDzkmnowBj/AQg=; path=/; expires=Thu, 02-Feb-23 15:17:07 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hk60veKvUaYsmyF1q5xnNaCGbCFNPN0Cv1tHqhSgU%2BNvCFQfPc7WltLveiYb9kmNyRdX0xaES%2Ft0Gq8q0Fh2vLHBve4qa2dLZHyIqE3PTnXkryyhIyHU4PZrQYpwOGrWVV0WRrCU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7933b8620f59b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash1bec146b720cadd6be9fe9e3c550844a 9f3b4c26b07fa78dac54ef2565f62a1b4c718bab 6310b578d928224d7b6fce46a194e3864fb5e1147a0b58bf3352e38dfa421c59
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5267
Cache-Control: max-age=102595
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 14:47:08 GMT
Etag: "63daa61c-117"
Expires: Fri, 03 Feb 2023 19:17:03 GMT
Last-Modified: Wed, 01 Feb 2023 17:49:16 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
|
|
| cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.guesty.com%2F&pid=2950575&sv=cta-embed-js-static-1.116&utm_campaign=coronavirus_industry_report&utm_medium=content&rdy=1&df=t&pg=d8d59df5-d027-4548-b6f2-a5e2b044a675&pg=e0d0babe-9b35-4d48-ade3-e17de5e38985&pg=acf2bfdd-9257-419b-9540-286a0c87acbc | 104.19.155.83 | 200 OK | 2.3 kB |
URL HTTP/2cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.guesty.com%2F&pid=2950575&sv=cta-embed-js-static-1.116&utm_campaign=coronavirus_industry_report&utm_medium=content&rdy=1&df=t&pg=d8d59df5-d027-4548-b6f2-a5e2b044a675&pg=e0d0babe-9b35-4d48-ade3-e17de5e38985&pg=acf2bfdd-9257-419b-9540-286a0c87acbc IP104.19.155.83:0
File typeJSON data\012- , ASCII text, with very long lines (7820), with no line terminators Hash9ad1dcd06f48e8d3c8498a67db75e87d 69ea5907dcfe6f64e09a90b10d8fa8113de9e5f9 f51065dd60f80393f6ce6aea42e526bb9d54da8f2d86f43c62c8ff89a9b1a868
GET /ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.guesty.com%2F&pid=2950575&sv=cta-embed-js-static-1.116&utm_campaign=coronavirus_industry_report&utm_medium=content&rdy=1&df=t&pg=d8d59df5-d027-4548-b6f2-a5e2b044a675&pg=e0d0babe-9b35-4d48-ade3-e17de5e38985&pg=acf2bfdd-9257-419b-9540-286a0c87acbc HTTP/1.1
Host: cta-service-cms2.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.guesty.com
Connection: keep-alive
Referer: https://www.guesty.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 14:47:08 GMT
content-type: application/json;charset=utf-8
x-trace: 2B81AB7FCF5C5CFEBB87C217917922BEFAECF34494000000000000000000
cache-control: max-age=0, no-cache, no-store
x-origin-hublet: na1
vary: origin
x-hubspot-correlation-id: c42717cb-00bf-4434-b6ac-ae14c20a381b
access-control-allow-origin: https://www.guesty.com
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
access-control-allow-credentials: true
access-control-max-age: 180
x-robots-tag: noindex, follow
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=1Bz04_bGY1ZmlDrUqk431Y0MnI2FCpjwWHg0tIaYOd0-1675349228-0-AfTPHXJMsnHOANIkTTulgHSnuQWXI6SdcxjhDuYmP1T7YI583wkqmHRFxqVtBfbDyEu4GqntZIbylH5HOrXYnQE=; path=/; expires=Thu, 02-Feb-23 15:17:08 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dYJpMhPDQBnXDvVVyGEOgtD4X8Ss6Xe2AaMIC6EFLt43ix4owtuJUNYyjyljavtvbL0BoFdIZ7BBipqwgzFTUk4wloVptS8UjZUEstjDfvyStJE1O4r2f2XV9aqImIaqDI5nfYZKbmPL3SYk0s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7933b862a85db506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hash8a57afef33cd5c5e33e09d22838bb341 5b6d0271de8e460fa1bdcdc19acf83631b43fc0e 1b2e8747eb6fafedc0b414a097e8ef145c5829d58403afb18b03983112215343
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4520
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 14:47:08 GMT
Last-Modified: Thu, 02 Feb 2023 13:31:48 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
|
|
| perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1 | 104.16.88.5 | 200 OK | 35 B |
URL HTTP/2perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1 IP104.16.88.5:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /embed/v3/counters.gif?key=cta-json-success&value=1 HTTP/1.1
Host: perf.hsforms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guesty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 14:47:08 GMT
content-type: image/gif
content-length: 35
x-trace: 2BFBBD5596B6FEBD1CCA1A74CDA953A410DF556CB9000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 09580f63-f2e6-4b62-b578-3bb912947d58
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
last-modified: Thu, 02 Feb 2023 14:47:08 GMT
cf-cache-status: MISS
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7933b863ea541c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1 | 104.16.88.5 | 200 OK | 35 B |
URL HTTP/2perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1 IP104.16.88.5:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /embed/v3/counters.gif?key=cta-render-success&value=1 HTTP/1.1
Host: perf.hsforms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guesty.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 14:47:08 GMT
content-type: image/gif
content-length: 35
x-trace: 2B092AD468A3C1CB3082E9603FACB61587B1F1A2F1000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: origin, Accept-Encoding
x-hubspot-correlation-id: ade3a028-4d1a-4094-aed4-3dabaed87ebd
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
last-modified: Thu, 02 Feb 2023 14:47:08 GMT
cf-cache-status: MISS
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7933b863ea521c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hash8a57afef33cd5c5e33e09d22838bb341 5b6d0271de8e460fa1bdcdc19acf83631b43fc0e 1b2e8747eb6fafedc0b414a097e8ef145c5829d58403afb18b03983112215343
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2920
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 14:47:08 GMT
Last-Modified: Thu, 02 Feb 2023 13:58:28 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashafb7888fdc15abe2c2cf6f84bebc667e b1d37941e2dad0d789f0d5c2b36913211034f544 a5cf0e09b4c99ee46d3261ef4032450dc686bba7fb0d29accd295d9b1a06f63b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A5CF0E09B4C99EE46D3261EF4032450DC686BBA7FB0D29ACCD295D9B1A06F63B"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14935
Expires: Thu, 02 Feb 2023 18:56:09 GMT
Date: Thu, 02 Feb 2023 14:47:14 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashafb7888fdc15abe2c2cf6f84bebc667e b1d37941e2dad0d789f0d5c2b36913211034f544 a5cf0e09b4c99ee46d3261ef4032450dc686bba7fb0d29accd295d9b1a06f63b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A5CF0E09B4C99EE46D3261EF4032450DC686BBA7FB0D29ACCD295D9B1A06F63B"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14935
Expires: Thu, 02 Feb 2023 18:56:09 GMT
Date: Thu, 02 Feb 2023 14:47:14 GMT
Connection: keep-alive
|
|
| www.guesty.com/?utm_source=pdf&utm_medium=content&utm_campaign=coronavirus_industry_report | 141.193.213.10 | 200 OK | 0 B |
URL HTTP/2www.guesty.com/?utm_source=pdf&utm_medium=content&utm_campaign=coronavirus_industry_report IP141.193.213.10:0 ASN#209242 Cloudflare London, LLC
| NIDS | Severity | Alert |
|---|
| suricata | medium | ET HUNTING Suspicious GET Request with Possible COVID-19 URI M2 |
GET /?utm_source=pdf&utm_medium=content&utm_campaign=coronavirus_industry_report HTTP/1.1
Host: www.guesty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 02 Feb 2023 14:47:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
link: <https://www.guesty.com/wp-json/>; rel="https://api.w.org/", <https://www.guesty.com/wp-json/wp/v2/pages/18295>; rel="alternate"; type="application/json", <https://www.guesty.com/>; rel=shortlink
set-cookie: _cheq_rti=MEkPmceibg8yxnpwlsDZe6WTmTk=80YEqnybcuBKCxC2mgEGOuIjDQ3NC0bbVSHx/69RTJI3VIixvoZnDSnN+xmSv4+igF+Wy/2N+l0pp412+uFS1csXFrX0Fv+1fuS0F8EG/b9YtAHdKAjd9XIdSyaZLGl3cPI=; Expires=Fri, 02 Feb 2024 15:53:46 GMT; Domain=.guesty.com ; Path=/
cc_id=13; expires=Fri, 02-Feb-2024 14:47:07 GMT; Max-Age=31536000; path=/; domain=.guesty.com
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: MISS
x-cache-group: normal
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8%2BnsglNPPQBFUHgvcJQDrQcp5J7QfHeUrQtj1F3Q2fsl1Mk9uHTWjwzY9Zxq7IXBo27kvMaPG%2FBPF1L3qbX0lZbZ4CovbX%2BsdwX%2FMtnR8MLXExF45tpQpkqZfiscpOQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7933b8554bf1b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| js.hscta.net/cta/current.js | 104.17.224.204 | 200 OK | 0 B |
URL HTTP/2js.hscta.net/cta/current.js IP104.17.224.204:0
GET /cta/current.js HTTP/1.1
Host: js.hscta.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guesty.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 14:47:07 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 19 Dec 2022 10:41:21 UTC
etag: W/"de427b147fa70013c63bb257c88ede56"
x-amz-server-side-encryption: AES256
x-amz-version-id: Gcf58dVrKBkf4GqTGjI3QoL_mPyyv1Zn
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ce05e2e2ef149c875905ee7ff636fb28.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4
x-amz-cf-id: sb5NcVejOzyQAUuRpagTk7sN_4jxO7h5Vrd6yM8l6kpIpt4FU2FLMQ==
age: 159
cache-control: max-age=600
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=cta-embed-js/static-1.116/bundles/current.js&cfRay=78b69b363d02b521-OSL
x-hs-target-asset: cta-embed-js/static-1.116/bundles/current.js
x-hs-cache-status: HIT
cache-tag: staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7933b8617a2e1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|