r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4353
Expires: Thu, 24 Nov 2022 21:03:09 GMT
Date: Thu, 24 Nov 2022 19:50:36 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5713
Cache-Control: max-age=144948
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:50:36 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:06:24 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 19:18:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1897
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6320
Expires: Thu, 24 Nov 2022 21:35:56 GMT
Date: Thu, 24 Nov 2022 19:50:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: N1zfAkIMDQ6AN0prB9uJvtkO2J3gsyQmgwsEC1V6HeGRSl2xVK3j8Kvsmkqjgh/X9TfM6ktQsn4=
x-amz-request-id: 9FMGQP5R1SDCSMS0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 19:40:31 GMT
age: 605
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
covid.itea.org.mx/wp-content/uploads/2020/post-ca951490118542/post-ca9514901185421/checkout.html?9196159d9148a23ee900f1300b7833d9
189.85.38.54301 Moved Permanently 260 B URL HTTP/1.1 covid.itea.org.mx/wp-content/uploads/2020/post-ca951490118542/post-ca9514901185421/checkout.html?9196159d9148a23ee900f1300b7833d9
IP 189.85.38.54:0
ASN #270139 KIUBIX S.A. DE C.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c3605dda37d42f32d845cf56b1d9f0a4
05d780bfa09cb662bf394256b3b15c34575c7aa9
9b6d6c0a1788c0200c204df21b16eed1388052d58ae313ee41a454ce265af03f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/post-ca951490118542/post-ca9514901185421/checkout.html?9196159d9148a23ee900f1300b7833d9 HTTP/1.1
Host: covid.itea.org.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://covid.itea.org.mx/wp-content/uploads/2020/post-ca951490118542/post-ca9514901185421/checkout.html?9196159d9148a23ee900f1300b7833d9
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 24 Nov 2022 21:44:20 GMT
Content-Length: 260
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:50:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 19:11:11 GMT
cache-control: public,max-age=3600
age: 2366
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7f6f8d8a14d08623df5b0d745f6bb132
e37f310f39ec319b5366d43d4f0850df01e3a7c5
28b89529910f326820db44a3445c8b11f1e3a0d973885965cdd6ff958c548b1a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28B89529910F326820DB44A3445C8B11F1E3A0D973885965CDD6FF958C548B1A"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21577
Expires: Fri, 25 Nov 2022 01:50:14 GMT
Date: Thu, 24 Nov 2022 19:50:37 GMT
Connection: keep-alive
covid.itea.org.mx/wp-content/uploads/2020/post-ca951490118542/post-ca9514901185421/checkout.html?9196159d9148a23ee900f1300b7833d9
189.85.38.54200 OK 6.1 kB URL HTTP/1.1 covid.itea.org.mx/wp-content/uploads/2020/post-ca951490118542/post-ca9514901185421/checkout.html?9196159d9148a23ee900f1300b7833d9
IP 189.85.38.54:0
ASN #270139 KIUBIX S.A. DE C.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (394)
Hash 8b4352d1e4ea9575dfcf5fa3cd1344c0
25edc3503136bb5b66f64645b9c9787c6d1554d2
441652e9f53ec16944183ee23147f80f9d18e28e9e1f27ce092e9f842e47ec2b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/post-ca951490118542/post-ca9514901185421/checkout.html?9196159d9148a23ee900f1300b7833d9 HTTP/1.1
Host: covid.itea.org.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 21 Nov 2022 23:44:25 GMT
Accept-Ranges: bytes
ETag: "8052ef2f3fed81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 24 Nov 2022 21:44:20 GMT
Content-Length: 6097
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2147
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:50:37 GMT
Last-Modified: Thu, 24 Nov 2022 19:14:50 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
www.canadapost.ca/cpo/mc/emails/cpc/images/cpc-main-logo-EN@2x.png
23.61.214.200301 Moved Permanently 0 B URL HTTP/1.1 www.canadapost.ca/cpo/mc/emails/cpc/images/cpc-main-logo-EN@2x.png
IP 23.61.214.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cpo/mc/emails/cpc/images/cpc-main-logo-EN@2x.png HTTP/1.1
Host: www.canadapost.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://covid.itea.org.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://www.canadapost-postescanada.ca/cpo/mc/emails/cpc/images/cpc-main-logo-EN@2x.png
Date: Thu, 24 Nov 2022 19:50:37 GMT
Connection: keep-alive
strict-transport-security: max-age=31536000; includeSubdomains; preload
i.imgur.com/yvq9kDX.png
151.101.84.193200 OK 2.8 kB IP 151.101.84.193:0
File type PNG image data, 119 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 802f006db5b45477ca03a0f1136c1973
2fc0de93834bb7d5a84b2b35a15a4b20f5ff4ab5
8eab0a98668e768f47e03deb52480d8fff2b6a0ef6d49e29b23646fb0af27f06
GET /yvq9kDX.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://covid.itea.org.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sun, 09 Aug 2020 16:14:37 GMT
etag: "802f006db5b45477ca03a0f1136c1973"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 24 Nov 2022 19:50:37 GMT
age: 1155985
x-served-by: cache-iad-kiad7000093-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 6, 1
x-timer: S1669319437.497648,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 2802
X-Firefox-Spdy: h2
covid.itea.org.mx/wp-content/uploads/2020/post-ca951490118542/post-ca9514901185421/Betaalbevestiging_files/wait_turn.gif
189.85.38.54200 OK 1.1 kB URL HTTP/1.1 covid.itea.org.mx/wp-content/uploads/2020/post-ca951490118542/post-ca9514901185421/Betaalbevestiging_files/wait_turn.gif
IP 189.85.38.54:0
ASN #270139 KIUBIX S.A. DE C.V.
File type GIF image data, version 89a, 18 x 18\012- data
Hash 330d816a0844ac633272cc6e85e1c643
2fdecb977c6741337c16021bfb5cce107ab1a667
59b66845812b0f601bd3212774a8982a9aaf6d82074e258ea951e2465fad5407
GET /wp-content/uploads/2020/post-ca951490118542/post-ca9514901185421/Betaalbevestiging_files/wait_turn.gif HTTP/1.1
Host: covid.itea.org.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://covid.itea.org.mx/wp-content/uploads/2020/post-ca951490118542/post-ca9514901185421/checkout.html?9196159d9148a23ee900f1300b7833d9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 21 Nov 2022 23:44:25 GMT
Accept-Ranges: bytes
ETag: "58d53303fed81:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 24 Nov 2022 21:44:20 GMT
Content-Length: 1106
push.services.mozilla.com/
35.167.231.108101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.167.231.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Lpa0m/TvqCKrw+UI311lnQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zZV6dVrDoNk6t9/AkwE2J+Ym27o=
covid.itea.org.mx/wp-content/uploads/2020/post-ca951490118542/post-ca9514901185421/Betaalbevestiging_files/cvv.png
189.85.38.54200 OK 1.1 kB URL HTTP/1.1 covid.itea.org.mx/wp-content/uploads/2020/post-ca951490118542/post-ca9514901185421/Betaalbevestiging_files/cvv.png
IP 189.85.38.54:0
ASN #270139 KIUBIX S.A. DE C.V.
File type PNG image data, 58 x 34, 8-bit/color RGB, non-interlaced\012- data
Hash e30d19c88bc9a047c98c0d75760b4d1d
f52edf61d2464ce150650c1054a7954784ddef57
922428c82c4a5a25bba78969b60088162116c8b2dfa79567c0649d1c8031c491
GET /wp-content/uploads/2020/post-ca951490118542/post-ca9514901185421/Betaalbevestiging_files/cvv.png HTTP/1.1
Host: covid.itea.org.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://covid.itea.org.mx/wp-content/uploads/2020/post-ca951490118542/post-ca9514901185421/checkout.html?9196159d9148a23ee900f1300b7833d9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 21 Nov 2022 23:44:25 GMT
Accept-Ranges: bytes
ETag: "932a51303fed81:0"
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 24 Nov 2022 21:44:20 GMT
Content-Length: 1081
www.canadapost-postescanada.ca/cpo/mc/emails/cpc/images/cpc-main-logo-EN@2x.png
23.61.214.200200 OK 7.6 kB URL HTTP/1.1 www.canadapost-postescanada.ca/cpo/mc/emails/cpc/images/cpc-main-logo-EN@2x.png
IP 23.61.214.200:0
File type PNG image data, 248 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 015d963805bf4c8a59b02adb24a58fd3
2713281f3712da85f14630aacf45595fc07101b2
32bdda693a00dda186eab77824a5c7a8b31e5f01b8a0b6cec304106fa6798715
GET /cpo/mc/emails/cpc/images/cpc-main-logo-EN@2x.png HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covid.itea.org.mx/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 7551
Content-Type: image/png
ETag: "5af9e92e-1d7f"
Last-Modified: Mon, 14 May 2018 19:53:18 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 25 Jul 2022 11:33:15 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Date: Thu, 24 Nov 2022 19:50:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15041
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:50:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15041
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:50:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15041
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:50:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DYBcunpyI0FBJsJGh1kKpFI3X8kzCkO3mCxzUtWnaMKBT-Bv-zkq3Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:59:18 GMT
age: 78680
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:08:16 GMT
age: 78142
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rrs7G6Wto6iY0rT6KsKwKAOPJjehXqD0jHZrR_eaiqpepQILFr7Dtw==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:07 GMT
age: 79291
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:10:24 GMT
age: 45614
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 79366
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 53170
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6b7dc4d1671058697609045a744d85d6
68c2bf5cba8033be42c9cdcd7963f0e5d8d7e992
86d2f91d7a13f5019200a7dcb46d48c69d2d80b2d354817b12bd3cd49ccd32d4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:50:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 12:12:43 GMT
Expires: Wed, 30 Nov 2022 12:12:42 GMT
Etag: "68c2bf5cba8033be42c9cdcd7963f0e5d8d7e992"
Cache-Control: max-age=490322,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f4acbeda8eb4eb-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6b7dc4d1671058697609045a744d85d6
68c2bf5cba8033be42c9cdcd7963f0e5d8d7e992
86d2f91d7a13f5019200a7dcb46d48c69d2d80b2d354817b12bd3cd49ccd32d4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:50:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 12:12:43 GMT
Expires: Wed, 30 Nov 2022 12:12:42 GMT
Etag: "68c2bf5cba8033be42c9cdcd7963f0e5d8d7e992"
Cache-Control: max-age=490322,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f4acbed8150af6-OSL
secure.ogone.com/ncol/prod/js/jquery.plugins/dependencies/Class.create.js
185.139.247.114200 OK 2.4 kB URL HTTP/1.1 secure.ogone.com/ncol/prod/js/jquery.plugins/dependencies/Class.create.js
IP 185.139.247.114:0
ASN #47957 Compagnie Industrielle Et Financiere D' Ingenierie Ingenico SA
File type ASCII text, with CRLF line terminators
Hash f53fc13d3863425f40c9072827d400ab
2d5303db595da3c3f0ff2e29e5e8d3a577066559
4a4c2721d21ae8f0e6def654b3d3ac6cfe4771c7a0d99bb23dced17ee571e1e9
GET /ncol/prod/js/jquery.plugins/dependencies/Class.create.js HTTP/1.1
Host: secure.ogone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://covid.itea.org.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript
last-modified: Mon, 07 Mar 2011 05:31:02 GMT
accept-ranges: bytes
etag: "02fbbd888dccb1:0"
date: Thu, 24 Nov 2022 19:50:38 GMT
content-length: 2381
strict-transport-security: max-age=16000000; includeSubDomains; preload;
secure.ogone.com/ncol/prod/base64_inc.js
185.139.247.114200 OK 3.1 kB URL HTTP/1.1 secure.ogone.com/ncol/prod/base64_inc.js
IP 185.139.247.114:0
ASN #47957 Compagnie Industrielle Et Financiere D' Ingenierie Ingenico SA
File type ASCII text, with CRLF line terminators
Hash 182372f6e60cacfaba96a0c767c2e78a
1dff48d79166387f91547aacc466c00a12e8f242
20452258ecbbfc7bc63881cf227bc13dca2fd55a1d7514eeb2b397ebc78be6a7
GET /ncol/prod/base64_inc.js HTTP/1.1
Host: secure.ogone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://covid.itea.org.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript
last-modified: Wed, 13 Apr 2011 07:26:54 GMT
accept-ranges: bytes
etag: "0f3ba29acf9cb1:0"
date: Thu, 24 Nov 2022 19:50:38 GMT
content-length: 3143
strict-transport-security: max-age=16000000; includeSubDomains; preload;
secure.ogone.com/ncol/prod/js/jquery.plugins/jquery-migrate-1.4.1.min.js
185.139.247.114200 OK 10 kB URL HTTP/1.1 secure.ogone.com/ncol/prod/js/jquery.plugins/jquery-migrate-1.4.1.min.js
IP 185.139.247.114:0
ASN #47957 Compagnie Industrielle Et Financiere D' Ingenierie Ingenico SA
File type ASCII text, with very long lines (9959), with CRLF line terminators
Hash b644343c88a30cb4b610a852b78c4ae1
77e3e9916241582b6ca0b73128daee0aec4d006c
ef0968035e387c8b468f4a943a9b5998d159c9e2f1a4994c70aa86bf53a9316d
GET /ncol/prod/js/jquery.plugins/jquery-migrate-1.4.1.min.js HTTP/1.1
Host: secure.ogone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://covid.itea.org.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript
last-modified: Mon, 29 Oct 2018 16:55:22 GMT
accept-ranges: bytes
etag: "0b9252ea86fd41:0"
date: Thu, 24 Nov 2022 19:50:38 GMT
content-length: 10057
strict-transport-security: max-age=16000000; includeSubDomains; preload;
secure.ogone.com/images/wait_turn.gif
185.139.247.114200 OK 1.1 kB URL HTTP/1.1 secure.ogone.com/images/wait_turn.gif
IP 185.139.247.114:0
ASN #47957 Compagnie Industrielle Et Financiere D' Ingenierie Ingenico SA
File type GIF image data, version 89a, 18 x 18\012- data
Hash 330d816a0844ac633272cc6e85e1c643
2fdecb977c6741337c16021bfb5cce107ab1a667
59b66845812b0f601bd3212774a8982a9aaf6d82074e258ea951e2465fad5407
GET /images/wait_turn.gif HTTP/1.1
Host: secure.ogone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://covid.itea.org.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
last-modified: Tue, 07 Nov 2017 13:31:26 GMT
accept-ranges: bytes
etag: "04bddb5cc57d31:0"
date: Thu, 24 Nov 2022 19:50:38 GMT
content-length: 1106
strict-transport-security: max-age=16000000; includeSubDomains; preload;
secure.ogone.com/ncol/prod/js/form_validation.js
185.139.247.114200 OK 22 kB URL HTTP/1.1 secure.ogone.com/ncol/prod/js/form_validation.js
IP 185.139.247.114:0
ASN #47957 Compagnie Industrielle Et Financiere D' Ingenierie Ingenico SA
File type ASCII text, with CRLF line terminators
Hash 8246e5290e0f07d48ef8224e9b4e51ff
e652e384be1bda095aa338192d5e63976d57b549
eb22f0ecba843859d810ce48c261e33337cf9164bf88953d09b653fd3fd663e8
GET /ncol/prod/js/form_validation.js HTTP/1.1
Host: secure.ogone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://covid.itea.org.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript
last-modified: Wed, 11 May 2022 15:56:28 GMT
accept-ranges: bytes
etag: "09e99ac4f65d81:0"
date: Thu, 24 Nov 2022 19:50:38 GMT
content-length: 22031
strict-transport-security: max-age=16000000; includeSubDomains; preload;
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6b7dc4d1671058697609045a744d85d6
68c2bf5cba8033be42c9cdcd7963f0e5d8d7e992
86d2f91d7a13f5019200a7dcb46d48c69d2d80b2d354817b12bd3cd49ccd32d4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:50:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 12:12:43 GMT
Expires: Wed, 30 Nov 2022 12:12:42 GMT
Etag: "68c2bf5cba8033be42c9cdcd7963f0e5d8d7e992"
Cache-Control: max-age=490322,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f4acbed8cfb500-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6b7dc4d1671058697609045a744d85d6
68c2bf5cba8033be42c9cdcd7963f0e5d8d7e992
86d2f91d7a13f5019200a7dcb46d48c69d2d80b2d354817b12bd3cd49ccd32d4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:50:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 12:12:43 GMT
Expires: Wed, 30 Nov 2022 12:12:42 GMT
Etag: "68c2bf5cba8033be42c9cdcd7963f0e5d8d7e992"
Cache-Control: max-age=490322,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f4acbeda75b4f4-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6b7dc4d1671058697609045a744d85d6
68c2bf5cba8033be42c9cdcd7963f0e5d8d7e992
86d2f91d7a13f5019200a7dcb46d48c69d2d80b2d354817b12bd3cd49ccd32d4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:50:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 12:12:43 GMT
Expires: Wed, 30 Nov 2022 12:12:42 GMT
Etag: "68c2bf5cba8033be42c9cdcd7963f0e5d8d7e992"
Cache-Control: max-age=490322,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f4acbeda78b4f1-OSL
secure.ogone.com/ncol/prod/js/fp/Fp_inc.1.2.js
185.139.247.114200 OK 21 kB URL HTTP/1.1 secure.ogone.com/ncol/prod/js/fp/Fp_inc.1.2.js
IP 185.139.247.114:0
ASN #47957 Compagnie Industrielle Et Financiere D' Ingenierie Ingenico SA
File type ASCII text, with CRLF line terminators
Hash c6580e85ad8fa10079ab3e318127596e
f3e700ecb773ff463fbd3ca0fbf037bb6cb0603b
3884395f6775c6ecbe466725eaa22ebaaa88dc3ad79bb4b81db6cf5914c16ee2
GET /ncol/prod/js/fp/Fp_inc.1.2.js HTTP/1.1
Host: secure.ogone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://covid.itea.org.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript
last-modified: Wed, 10 Aug 2011 08:28:20 GMT
accept-ranges: bytes
etag: "02aea753757cc1:0"
date: Thu, 24 Nov 2022 19:50:38 GMT
content-length: 20907
strict-transport-security: max-age=16000000; includeSubDomains; preload;
secure.ogone.com/ncol/prod/js/jquery.plugins/jquery.jquery-encoder-0.1.0.min.js
185.139.247.114200 OK 20 kB URL HTTP/1.1 secure.ogone.com/ncol/prod/js/jquery.plugins/jquery.jquery-encoder-0.1.0.min.js
IP 185.139.247.114:0
ASN #47957 Compagnie Industrielle Et Financiere D' Ingenierie Ingenico SA
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (9330), with CRLF line terminators
Hash 5af211a368321aa7948f4214610f8841
3b475903fa88078a13cb92cf8a5cf35b15a8ef45
d8577728301dbbf96a0561220efdb10f2c6980b3203d159c5d92bdfe7ab570f5
GET /ncol/prod/js/jquery.plugins/jquery.jquery-encoder-0.1.0.min.js HTTP/1.1
Host: secure.ogone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://covid.itea.org.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript
last-modified: Mon, 07 Mar 2011 05:31:02 GMT
accept-ranges: bytes
etag: "02fbbd888dccb1:0"
date: Thu, 24 Nov 2022 19:50:38 GMT
content-length: 20025
strict-transport-security: max-age=16000000; includeSubDomains; preload;
secure.ogone.com/ncol/prod/js/jquery.core/jquery-3.3.1.min.js
185.139.247.114200 OK 87 kB URL HTTP/1.1 secure.ogone.com/ncol/prod/js/jquery.core/jquery-3.3.1.min.js
IP 185.139.247.114:0
ASN #47957 Compagnie Industrielle Et Financiere D' Ingenierie Ingenico SA
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 378087a64e1394fc51f300bb9c11878c
0c3192b500a4fd550e483cf77a49806a5872185b
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
GET /ncol/prod/js/jquery.core/jquery-3.3.1.min.js HTTP/1.1
Host: secure.ogone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://covid.itea.org.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript
last-modified: Mon, 29 Oct 2018 16:55:22 GMT
accept-ranges: bytes
etag: "0b9252ea86fd41:0"
date: Thu, 24 Nov 2022 19:50:39 GMT
content-length: 86929
strict-transport-security: max-age=16000000; includeSubDomains; preload;
www.canadapost.ca/cpo/mc/assets/images/structure/cpo.ico
23.61.214.200301 Moved Permanently 0 B URL HTTP/1.1 www.canadapost.ca/cpo/mc/assets/images/structure/cpo.ico
IP 23.61.214.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cpo/mc/assets/images/structure/cpo.ico HTTP/1.1
Host: www.canadapost.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://covid.itea.org.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://www.canadapost-postescanada.ca/cpo/mc/assets/images/structure/cpo.ico
Date: Thu, 24 Nov 2022 19:50:39 GMT
Connection: keep-alive
strict-transport-security: max-age=31536000; includeSubdomains; preload
www.canadapost-postescanada.ca/cpo/mc/assets/images/structure/cpo.ico
23.61.214.200200 OK 1.2 kB URL HTTP/1.1 www.canadapost-postescanada.ca/cpo/mc/assets/images/structure/cpo.ico
IP 23.61.214.200:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 321e108c8a28cb1121fc6930075fa217
7893d6969e46b42b551dab354f2c9a061f58eb90
e032741dccdf99ba720168be7b75703ec558629392599e0fb74d90c6a45d90fb
GET /cpo/mc/assets/images/structure/cpo.ico HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covid.itea.org.mx/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: image/x-icon
ETag: "55adb66f-47e"
Last-Modified: Tue, 21 Jul 2015 03:03:11 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 17 Oct 2022 02:12:35 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Date: Thu, 24 Nov 2022 19:50:40 GMT
Connection: keep-alive