salaholiwing.xyz/login/auth?sessions=00de6c27731c83bf8d9c85dda6b4e36a&id_session=53b23c6283b3b65a8db7575e24091c4429dcca24
188.114.96.1301 Moved Permanently 0 B URL HTTP/1.1 salaholiwing.xyz/login/auth?sessions=00de6c27731c83bf8d9c85dda6b4e36a&id_session=53b23c6283b3b65a8db7575e24091c4429dcca24
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Yahoo! Inc
GET /login/auth?sessions=00de6c27731c83bf8d9c85dda6b4e36a&id_session=53b23c6283b3b65a8db7575e24091c4429dcca24 HTTP/1.1
Host: salaholiwing.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Dec 2022 14:06:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 07 Dec 2022 15:06:42 GMT
Location: https://salaholiwing.xyz/login/auth?sessions=00de6c27731c83bf8d9c85dda6b4e36a&id_session=53b23c6283b3b65a8db7575e24091c4429dcca24
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjWLyeApr1zbzboRvagp4183QVoJBmtfmAW3bQ7sTBCrgtvkmDpLq%2FLKNTtSGjwhtfJ5CUZrKVDdYkPAVKdTafKh1nWRkfAsklj9t7EJLF2bMRQy8PpOqt4mAWltmgGRpf6l"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775dd2c979ce0b65-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3086
Expires: Wed, 07 Dec 2022 14:58:08 GMT
Date: Wed, 07 Dec 2022 14:06:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aaee4cb7873d6f1effbadf269482e100
bd55730ac8414fb6861b03c2a97319b4063e2cb9
d724fd9c5704fb8948d575357cad0032e89cf275d57ddb86f013fa97e033487c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6268
Cache-Control: max-age=166141
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:06:42 GMT
Etag: "63906b73-1d7"
Expires: Fri, 09 Dec 2022 12:15:43 GMT
Last-Modified: Wed, 07 Dec 2022 10:31:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14319
Expires: Wed, 07 Dec 2022 18:05:21 GMT
Date: Wed, 07 Dec 2022 14:06:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 13:08:04 GMT
content-type: application/json
age: 3518
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4aPf+yhrKwE7h78A/fmBLPskkCQA+b/CIIYE9GC22WlHprbbm5+D9Cf89/PotQM8X5I7E3+rAjg=
x-amz-request-id: G6BGYS2RPCZS747N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 13:49:23 GMT
age: 1039
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/sQTOGySVfNk
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/sQTOGySVfNk
IP 216.58.211.3:0
Hash c2b554da0809635052add4ba29b2d31f
d30dd4b38ff103839bf2483f280c00fe0c82b304
3155f5fcd0a6fe18b9eeb831f6519039bfeb7319234d75aa86ee58bf4398c872
POST /s/gts1p5/sQTOGySVfNk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:06:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:06:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 13:07:55 GMT
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
age: 3528
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6269
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:06:43 GMT
Last-Modified: Wed, 07 Dec 2022 12:22:14 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2
188.125.94.206200 OK 29 kB URL HTTP/2 s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2
IP 188.125.94.206:0
File type Web Open Font Format (Version 2), TrueType, length 28860, version 1.0\012- data
Hash a99b283070afc519f4816e4300c515d2
65b78d03d56de125060e61069debfc47e38fb3df
fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560
GET /cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2 HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://salaholiwing.xyz
Connection: keep-alive
Referer: https://salaholiwing.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: t6EmcgDQu7ezVzSETNb4PpBesD5UNZxvnFon5mgDIckscWRh8UjzcErZGkwmOoLEBrZBst9WzO0=
x-amz-request-id: 60TTWCGMH3PPG625
date: Sat, 12 Nov 2022 13:06:30 GMT
last-modified: Thu, 19 Apr 2018 19:06:41 GMT
etag: "a99b283070afc519f4816e4300c515d2"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:51 GMT
x-amz-meta-mbst-etag: "YM:1:cb5e4811-e042-455c-b2b2-f984d5f70e0200055a9e8550b736"
x-amz-meta-x-ysws-mbst-vtime: 1507011771545398
expires: Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: font/woff2
server: ATS
content-length: 28860
referrer-policy: no-referrer-when-downgrade
age: 2163614
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Origin
X-Firefox-Spdy: h2
s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Semibold.woff2
188.125.94.206200 OK 29 kB URL HTTP/2 s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Semibold.woff2
IP 188.125.94.206:0
File type Web Open Font Format (Version 2), TrueType, length 29040, version 1.0\012- data
Hash af9fdad7698452697b016850fff96423
710130c79bf56297f8abcc6d6c575172590133b0
b8989e0be6a0c3a8a407d8b69b7884eb5ebf401b7eee8b8b98c5eeec3ba497fa
GET /cv/ae/sports/fonts/2017/Yahoo_Sans-Semibold.woff2 HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://salaholiwing.xyz
Connection: keep-alive
Referer: https://salaholiwing.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: wembWkB/RjlV7TM/p/djRnfoI3/DR/WOYGIBWa9PjPGFfviQVZ/0/pLcEo7k5v3kZbBmvuc1Ugg=
x-amz-request-id: QH061CT8VQ0YDEK3
date: Fri, 11 Nov 2022 07:37:22 GMT
last-modified: Thu, 19 Apr 2018 17:33:29 GMT
etag: "af9fdad7698452697b016850fff96423"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:51 GMT
x-amz-meta-mbst-etag: "YM:1:95620d49-21c2-4044-b803-58b70c8e419700055a9e854fb9f1"
x-amz-meta-x-ysws-mbst-vtime: 1507011771480561
expires: Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: font/woff2
server: ATS
content-length: 29040
referrer-policy: no-referrer-when-downgrade
age: 2269762
access-control-allow-origin: *
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Origin
X-Firefox-Spdy: h2
s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2
188.125.94.206200 OK 29 kB URL HTTP/2 s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2
IP 188.125.94.206:0
File type Web Open Font Format (Version 2), TrueType, length 29228, version 1.0\012- data
Hash 7c7c02dcee2bf1c2528db6092d4ad1fa
988a01f705c074261490625c70f94b2642413693
d5312dacbe6f248c6c4b60251d7acf77bc3bc891cd9b880dead36d9babb288c4
GET /cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2 HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://salaholiwing.xyz
Connection: keep-alive
Referer: https://salaholiwing.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: WPq2qFljXD+LWNBOUJTA/DQiYEmNxl98oWH0UqLujmQwIrOigXAKI7Ik5DadpNwl28LAvWi4CRM=
x-amz-request-id: A7DHC6B57DXMS11E
date: Sun, 13 Nov 2022 06:57:26 GMT
last-modified: Thu, 19 Apr 2018 16:25:50 GMT
etag: "7c7c02dcee2bf1c2528db6092d4ad1fa"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:52 GMT
x-amz-meta-mbst-etag: "YM:1:1bb49599-26ac-442e-b6b8-f4e40f067ea500055a9e855b6ecb"
x-amz-meta-x-ysws-mbst-vtime: 1507011772247755
expires: Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: font/woff2
server: ATS
content-length: 29228
referrer-policy: no-referrer-when-downgrade
age: 2099359
access-control-allow-origin: *
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Origin
X-Firefox-Spdy: h2
s.yimg.com/wm/mbr/images/checkbox-checked.svg
188.125.94.206200 OK 659 B URL HTTP/2 s.yimg.com/wm/mbr/images/checkbox-checked.svg
IP 188.125.94.206:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (503)
Hash 45d388e212c9c4039cc351010e60ad75
49b327277925f5c65f190251cc6b76166e38120a
d8239d71006f495d58ab34f656e6ea7218b0ea8fce8ec829cdab0a08e8cf6dd8
GET /wm/mbr/images/checkbox-checked.svg HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salaholiwing.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: +u3xDAJwZpwscUnnmz9QWyJzV3q8b/gd4EnyDqQcIoq2l83FJ8W4LSBT/z59XiRH4G5SKw8AxwQ=
x-amz-request-id: 9XQA6CJ72SJCB008
date: Wed, 16 Nov 2022 03:25:34 GMT
last-modified: Fri, 24 Apr 2020 17:13:52 GMT
etag: "ac8c4fbeda6efad9549cb41b992a8b3a-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=315360000
accept-ranges: bytes
content-type: image/svg+xml
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 1852870
content-encoding: gzip
content-length: 659
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
3p-udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=794200018&yhlCT=2&yhlBTMS=1670422002830&yhlClientVer=3.53.30&yhlRnd=sXllqctdwmbBbTCU&yhlCompressed=0
188.125.72.139204 No Content 0 B URL HTTP/2 3p-udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=794200018&yhlCT=2&yhlBTMS=1670422002830&yhlClientVer=3.53.30&yhlRnd=sXllqctdwmbBbTCU&yhlCompressed=0
IP 188.125.72.139:0
ASN #34010 Yahoo! UK Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=794200018&yhlCT=2&yhlBTMS=1670422002830&yhlClientVer=3.53.30&yhlRnd=sXllqctdwmbBbTCU&yhlCompressed=0 HTTP/1.1
Host: 3p-udc.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 1700
Origin: https://salaholiwing.xyz
Connection: keep-alive
Referer: https://salaholiwing.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: https://salaholiwing.xyz
vary: Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, private, max-age=0
p3p: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
pragma: no-cache
expires: -1
x-envoy-upstream-service-time: 1
date: Wed, 07 Dec 2022 14:06:42 GMT
server: ATS
age: 1
strict-transport-security: max-age=31536000
set-cookie: A3=d=AQABBPOdkGMCEG1q8sjARCQd29s_oTpnKYsFEgEBAQHvkWOaYwAAAAAA_eMAAA&S=AQAAAlxOA6NA0VMqyYd8HiO3rZQ; Expires=Thu, 7 Dec 2023 20:06:43 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
X-Firefox-Spdy: h2
fc.yahoo.com/sdarla/php/client.php?l=RICH{dest:tgtRICH;asz:flex}&f=794200018&ref=https%3A%2F%2Flogin.yahoo.com%2F&sa=geminifed%253D1%2520y-bucket%253Dmbr-ar-do-ctrl%252Cmbr-limit-cc%252Cmbr-app-password-classifier%252C
188.125.94.206200 OK 22 kB URL HTTP/2 fc.yahoo.com/sdarla/php/client.php?l=RICH{dest:tgtRICH;asz:flex}&f=794200018&ref=https%3A%2F%2Flogin.yahoo.com%2F&sa=geminifed%253D1%2520y-bucket%253Dmbr-ar-do-ctrl%252Cmbr-limit-cc%252Cmbr-app-password-classifier%252C
IP 188.125.94.206:0
File type ASCII text, with very long lines (47619)
Hash 63fbaf127fcd16e086a61130a4a01ce9
b0b07e406a5c76ff490d09202d40002a46761922
9f9dcd137e539d25c76512f58a8dc0d0f7bbe99f5625bac483821b6449886b99
GET /sdarla/php/client.php?l=RICH{dest:tgtRICH;asz:flex}&f=794200018&ref=https%3A%2F%2Flogin.yahoo.com%2F&sa=geminifed%253D1%2520y-bucket%253Dmbr-ar-do-ctrl%252Cmbr-limit-cc%252Cmbr-app-password-classifier%252C HTTP/1.1
Host: fc.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salaholiwing.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:06:43 GMT
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
x-robots-tag: noindex, noarchive, nosnippet, nofollow
x-dns-prefetch-control: off
vary: Accept-Encoding
content-encoding: gzip
cache-control: private,no-cache,no-store
content-length: 21617
content-type: text/javascript;charset=UTF-8
age: 0
strict-transport-security: max-age=15552000
server: ATS
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
s.yimg.com/rq/darla/boot.js
188.125.94.206200 OK 3.6 kB URL HTTP/2 s.yimg.com/rq/darla/boot.js
IP 188.125.94.206:0
File type exported SGML document, ASCII text, with very long lines (7385), with no line terminators
Hash b0e902d8044b21c1d511ff505ca8859c
b0f6563732f3297f2b7f57e2ef12e9ca7c3ce792
b9a68dc9ffb393ac26097ee4c1a5ccc60c9b4132dd19fd8cfd1b4a3767f4bcbb
GET /rq/darla/boot.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salaholiwing.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: h5UHqGDQx9ByA/AvovswBexrGyNeGlD1nGalxGkGyPOXewtCWP63IQTGv2tElcFqH7BoQSsPZVo=
x-amz-request-id: G3CQJCD69DN4H490
date: Tue, 06 Dec 2022 19:02:57 GMT
last-modified: Wed, 10 Aug 2022 00:26:45 GMT
etag: "93d8df54e24138f615918242db0c49a3-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=86400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
content-encoding: gzip
content-length: 3608
age: 68627
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.148.53.106101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.53.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2iSGSwM9nBDQDAF35Uq3Zg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: z4nMzQIZXUnRW271M3JuStnk2Uc=
s.yimg.com/rq/darla/4-10-1/js/g-r-min.js
188.125.94.206200 OK 88 kB URL HTTP/2 s.yimg.com/rq/darla/4-10-1/js/g-r-min.js
IP 188.125.94.206:0
File type ASCII text, with very long lines (32020)
Hash cc36119840f82fafdcec67c9a85b120d
783987b0357205b90b451b1dedc88aab80b68569
b4183038877e7b848b27ba89ab2fbeae5116474b8347f2fab755c48c6afd91f5
GET /rq/darla/4-10-1/js/g-r-min.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salaholiwing.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: VpFC2ll50HU00CNSGfr9OjoMU4ziKx35SpmF1kTvnbjUXoriRCYdJrJHeVdEAKzy0+Vjcgq7hIA=
x-amz-request-id: SP2R0GAPQ7J594WD
date: Mon, 05 Dec 2022 13:30:42 GMT
last-modified: Wed, 10 Aug 2022 00:26:48 GMT
etag: "f6757e8569fef5f162212b684d6483ea-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
content-encoding: gzip
age: 174962
content-length: 88197
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
s.yimg.com/rq/darla/4-10-1/html/r-csc.html
188.125.94.206200 OK 1.2 kB URL HTTP/2 s.yimg.com/rq/darla/4-10-1/html/r-csc.html
IP 188.125.94.206:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1432)
Hash c3458c205e95e726b9aa4d741c7bde10
3866cc1c642072838e9fc547c60b7aed63393c64
05a4b542c33d02ffa764331f9c58834b68d0e97117dbff63b52cebf08e6bc38d
GET /rq/darla/4-10-1/html/r-csc.html HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salaholiwing.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: N+YN7TWqesTu0TaD6PK6yfhNb5E3Dbl8Rl7dMZr0pl4rl7/7gZJGP3TXEQ/8JHuGI5efGKeqlDo=
x-amz-request-id: DW85525BTMJX8HAA
date: Sat, 26 Nov 2022 18:09:39 GMT
last-modified: Wed, 10 Aug 2022 00:26:46 GMT
etag: "1ff9b6e511ccd76562520a75bae161d2-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 935826
content-encoding: gzip
content-length: 1160
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
s.yimg.com/rq/darla/4-10-1/html/r-sf.html
188.125.94.206200 OK 753 B URL HTTP/2 s.yimg.com/rq/darla/4-10-1/html/r-sf.html
IP 188.125.94.206:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7ae708dfe8d60be1e7b979b1847f3423
d83cc17e9131d8c8a519c802579dbfc553455bfe
b1792c28ba823a5c8ff4fcfa3a88a42c8a1d453becfad1dbe4f875bf6dfea799
GET /rq/darla/4-10-1/html/r-sf.html HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salaholiwing.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: PVNK6FUJG44HXSGyEiBjLIkXgUQKgI9zIvZCHBBNxnlFa86ROe/1quBwBfZqDvzZ4oqKHy1Yg8g=
x-amz-request-id: GVFMA4NMWNWAX8T0
date: Wed, 30 Nov 2022 23:01:29 GMT
last-modified: Wed, 10 Aug 2022 00:26:46 GMT
etag: "630dfb686b2205755bab511d73ed42dd-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 572715
content-encoding: gzip
content-length: 753
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
s.yimg.com/rq/darla/4-10-1/js/sfext-min.js
188.125.94.206200 OK 28 kB URL HTTP/2 s.yimg.com/rq/darla/4-10-1/js/sfext-min.js
IP 188.125.94.206:0
File type ASCII text, with very long lines (32017)
Hash ba3ae2cf05cb79d8e84d98bdff3754be
f0224f6939c7511bb4731b2f7b047c4554302643
8601d4c3b1ebb5d9dffbec31f2b34b84ed3a93894f2f3f47ca9a39d2b116eac6
GET /rq/darla/4-10-1/js/sfext-min.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-amz-id-2: C0o+A6FN2u63qeDyXH5c2EcrZRY6iTTXAEVFuFrbPQ3iczxaGgMGwvH13/QqMBRXscgXMQCplw8=
x-amz-request-id: X78Q2703032J5XY3
date: Fri, 02 Dec 2022 19:31:16 GMT
last-modified: Wed, 10 Aug 2022 00:26:49 GMT
etag: "a84b48cbebd5379f03b1e428526ec262-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
content-encoding: gzip
age: 412529
content-length: 27596
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
s.yimg.com/dy/ads/gemini.js
188.125.94.206200 OK 2.1 kB URL HTTP/2 s.yimg.com/dy/ads/gemini.js
IP 188.125.94.206:0
Hash 2a22d05ebd1c2515df35852d64ce5da8
048095b413c6ee43b85e058cb9460b6654970ab2
540e664904da7fd4bf8121382a0692086c8f1f56f7dfbceb9bcee40d533eb6b4
GET /dy/ads/gemini.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 7G2M1mc8KJWydH9Np8eGO8EwFojq/o5hSyft3tWiEjn7f+h4oHucEyBI9ZRWDqBntc9GO4l6/1I=
x-amz-request-id: W7NW9HY6SD1EWZZZ
date: Wed, 07 Dec 2022 12:46:19 GMT
last-modified: Tue, 19 May 2020 04:19:48 GMT
x-amz-server-side-encryption: AES256
cache-control: max-age=12000
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
etag: "ff73e1c29819f206b98107479b29bb95-df"
age: 4825
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.cmp.advertising.com/libraries/Espresso-1.7.7.js
192.229.221.202200 OK 19 kB URL HTTP/2 cdn.cmp.advertising.com/libraries/Espresso-1.7.7.js
IP 192.229.221.202:0
File type ASCII text, with very long lines (65192)
Hash ef589ef03d80c73e6d9f53d872af8261
92defa76aab0daa75bac04b95b91b8041e9e1d78
10fb7025c2a366fabcedd6931027a3c8201bae8d439e1cf2d6309358c011311c
GET /libraries/Espresso-1.7.7.js HTTP/1.1
Host: cdn.cmp.advertising.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.yimg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 9859592
cache-control: max-age=31557600, s-maxage=31557600
content-type: application/javascript
date: Wed, 07 Dec 2022 14:06:43 GMT
etag: W/"67d4a5df063111244bbbdf2a21572ceb"
last-modified: Thu, 24 Oct 2019 17:20:01 GMT
server: ECAcc (ska/F779)
vary: Accept-Encoding
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-id: UZ72mA7UkgDlc-c_FXJboLlsbEx-_Av6qDo1ohAECs6Pp_4jI3HRww==
x-amz-cf-pop: FRA6-C1
x-amz-expiration: expiry-date="Wed, 23 Oct 2024 00:00:00 GMT", rule-id="EntireBucket"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: HIT
content-length: 19364
X-Firefox-Spdy: h2
s.yimg.com/av/ads/1624361061572-4611.jpg
188.125.94.206200 OK 93 kB URL HTTP/2 s.yimg.com/av/ads/1624361061572-4611.jpg
IP 188.125.94.206:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x627, components 3\012- data
Hash 87d23d71c621acd0f3a343bb42145cf5
b6a12fe0ff6db386122da6d08bfec67299ee4d2b
7bd2c504389aa489ccb0bfdad89d51851b90fa66d5c5d502614091a2c722b0eb
GET /av/ads/1624361061572-4611.jpg HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.yimg.com/rq/darla/4-10-1/html/r-sf.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 9NxEpEeAj7ZmFxHXzVcpvrbSgDxyErkQESO0fYyGWKuSPNgpG3hUSQELsN/0G/LFkUdWYbevsB0=
x-amz-request-id: 5Z7KVWBBHPFH3460
date: Tue, 22 Nov 2022 23:07:33 GMT
last-modified: Tue, 22 Jun 2021 11:24:22 GMT
etag: "87d23d71c621acd0f3a343bb42145cf5"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, public
accept-ranges: bytes
content-type: image/jpeg
server: ATS
content-length: 92695
referrer-policy: no-referrer-when-downgrade
age: 1263551
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Origin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7145
Expires: Wed, 07 Dec 2022 16:05:49 GMT
Date: Wed, 07 Dec 2022 14:06:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7145
Expires: Wed, 07 Dec 2022 16:05:49 GMT
Date: Wed, 07 Dec 2022 14:06:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7145
Expires: Wed, 07 Dec 2022 16:05:49 GMT
Date: Wed, 07 Dec 2022 14:06:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7145
Expires: Wed, 07 Dec 2022 16:05:49 GMT
Date: Wed, 07 Dec 2022 14:06:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 20033
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 604a4132da78a0c013b5818644adb121
ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cmRvAOLmk_xZC4RKdin-lozUNeK9-icqkzsQmSjP9scXnnCLxkvJ5A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:53 GMT
age: 57891
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 20:49:34 GMT
age: 62230
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e95ebce9d79ba46cb96af9a45af1762f
985c6761675e6bcc0186f64d55f94cf09352f05c
5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nm0qQpo75zvDYWxv8V3GvOSBFenh8ocfjV9d02Mc2l-ABieIb3h2uA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:53:40 GMT
age: 58384
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b6cef-6b79-466f-a8bf-5f3864c9b0e7.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b6cef-6b79-466f-a8bf-5f3864c9b0e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9f7b9c77a99173619ee85d0cfa8e2f8
05ba0fab4533b9837dd8558ffa5eb168e974d2b3
17184aca15041d2770fe14397fc0ab87e5f8e9f910b557031ba7fbf1349b0b9c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b6cef-6b79-466f-a8bf-5f3864c9b0e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11464
x-amzn-requestid: 04d9e95d-563e-4258-934e-add82f95a638
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGysEDmIAMFSIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851aa-426e37fb562dc25b3449311b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RspslnJzOcAHAL--VTgFJkFxb1PvLM6OHJmJUsdOKocI5ZPmJSLdoA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:16:43 GMT
age: 24601
etag: "05ba0fab4533b9837dd8558ffa5eb168e974d2b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4884ce2731d3033b12e4792c1bbf453e
63b6efc98cb04228d82ac28fceb97bb1cf8d82fb
8c37704d0e1fd16239e28cbdb88c5ac6a2e9cfb70f8457bfab127202f89d3788
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14896
x-amzn-requestid: 58d94b15-dce0-44c0-96b1-917f1206a39e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnA4RFkeoAMFfGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4834-7c1667b53795d5c11a3bfdda;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:11:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tM0WOO_Ypgj2QxJSz9GHZZTsKjzsvyD6tjpp4G0ZpuGAIGmnEe4oqQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:15:11 GMT
age: 21093
etag: "63b6efc98cb04228d82ac28fceb97bb1cf8d82fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ir2.beap.gemini.yahoo.com/mbcsc?bv=1.0.0&es=UR.DUGgGIS9mJjgjgAZOWQnyaphxtaa18KMS3JjZn.IJJ0dCubVIPvbRwJVOXVf64V.coVWz0NJUf7PE.wXJMJXwMn7U2i0MLs5N8D3CBM2r_9y6Qf5aivtrcmN.RM4_wmHw1MX9ujmpLe9W945EMTwQx.cbFsh9646nMQqYb4QKFJ6fuJ24CWBjQ7doauBgtvDm9k_9pIr._3KeUZKcJmX5qm2.mJqwzcs_7md530yFoZi3omYOLWCNtYkvbHZWLBdaYOIgFaRgTVhS_0MLEzmDGBm1NIJgrbG.ZzHAPlwYuVYQP9nLAF5xVocmY0LVisdYxenStqMSgVYxFKFMYVohWEr5JUpihXPFwouDALJ5m8kbQEWEXe4B79c_CkkyOwjQnWWtbCSoaLhnGkiGkUzp2jbqWZ2jvRikAM56mABEPYKY8HPGNyItWT6QtEU4kdRx0XqTNIqFVXn4VQ--&ap=pp%3Dm%2Cpi%3D1
212.82.100.169200 OK 0 B URL HTTP/2 ir2.beap.gemini.yahoo.com/mbcsc?bv=1.0.0&es=UR.DUGgGIS9mJjgjgAZOWQnyaphxtaa18KMS3JjZn.IJJ0dCubVIPvbRwJVOXVf64V.coVWz0NJUf7PE.wXJMJXwMn7U2i0MLs5N8D3CBM2r_9y6Qf5aivtrcmN.RM4_wmHw1MX9ujmpLe9W945EMTwQx.cbFsh9646nMQqYb4QKFJ6fuJ24CWBjQ7doauBgtvDm9k_9pIr._3KeUZKcJmX5qm2.mJqwzcs_7md530yFoZi3omYOLWCNtYkvbHZWLBdaYOIgFaRgTVhS_0MLEzmDGBm1NIJgrbG.ZzHAPlwYuVYQP9nLAF5xVocmY0LVisdYxenStqMSgVYxFKFMYVohWEr5JUpihXPFwouDALJ5m8kbQEWEXe4B79c_CkkyOwjQnWWtbCSoaLhnGkiGkUzp2jbqWZ2jvRikAM56mABEPYKY8HPGNyItWT6QtEU4kdRx0XqTNIqFVXn4VQ--&ap=pp%3Dm%2Cpi%3D1
IP 212.82.100.169:0
ASN #34010 Yahoo! UK Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mbcsc?bv=1.0.0&es=UR.DUGgGIS9mJjgjgAZOWQnyaphxtaa18KMS3JjZn.IJJ0dCubVIPvbRwJVOXVf64V.coVWz0NJUf7PE.wXJMJXwMn7U2i0MLs5N8D3CBM2r_9y6Qf5aivtrcmN.RM4_wmHw1MX9ujmpLe9W945EMTwQx.cbFsh9646nMQqYb4QKFJ6fuJ24CWBjQ7doauBgtvDm9k_9pIr._3KeUZKcJmX5qm2.mJqwzcs_7md530yFoZi3omYOLWCNtYkvbHZWLBdaYOIgFaRgTVhS_0MLEzmDGBm1NIJgrbG.ZzHAPlwYuVYQP9nLAF5xVocmY0LVisdYxenStqMSgVYxFKFMYVohWEr5JUpihXPFwouDALJ5m8kbQEWEXe4B79c_CkkyOwjQnWWtbCSoaLhnGkiGkUzp2jbqWZ2jvRikAM56mABEPYKY8HPGNyItWT6QtEU4kdRx0XqTNIqFVXn4VQ--&ap=pp%3Dm%2Cpi%3D1 HTTP/1.1
Host: ir2.beap.gemini.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.yimg.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Wed, 07 Dec 2022 14:06:44 GMT
age: 0
strict-transport-security: max-age=31536000
server: ATS
public-key-pins-report-only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
expect-ct: max-age=31536000; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only";
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
geo.yahoo.com/p?_E=adperf&outcm=performance&etrg=backgroundPost&usergenf=0&etag=performance%2Cdarla&s=794200018&pvid=jZ.ffTEwLjLNC4q0jnigWwJROTEuOQAAAABuIXrE&D_bv=1.0.0&D_ts=0&D_v=sdarla_4-10-1&D_l=93%2C12%2C1603%2C1209%2C0%2C0%2C406%2C94%2C9&D_m=0%2C%2C%2C0%2C794200018&test=&D_e=&D_p=10%2C0%2CRICH%2C1440x1024%2C999999%2C999999%2C999999%2C0%2C0%2C263%2C-1%2C74%2C-1%2C-1%2C2%2CjZ.ffTEwLjLNC4q0jnigWwJROTEuOQAAAABuIXrE%3A-1%3ARICH%2C2%2C2%2C4%2C1%2C0%2C2%2C0%2C0%2C6%2C1%2C6%2C2%2C0%2C0%2C0%2C0%2C74%2C4%2C3%2Chttps%253A%2F%2Fsalaholiwing.xyz%2Flogin%2Fauth%253Fsessions%253D00de6c27731c83bf8d9c85dda6b4e36a%2526id_session%253D53b23c6283b3b65a8db7575e24091c4429dcca24%2C%2C0%2Ctrue%2C3%2C0%2C0%2C5000%2C0%2C0%2C-1%2C-1%2C-1%2C-1%3B&D_res=%7B%22RICH%22%3A%5B%7B%22name%22%3A%22https%3A%2F%2Fir2.beap.gemini.yahoo.com%2Fmbcsc%3Fbv%3D1.0.0%26es%3DUR.DUGgGIS9mJjgjgAZOWQnyaphxtaa18KMS3JjZn.IJJ0dCubVIPvbRwJVOXVf64V.coVWz0NJUf7PE.wXJMJXwMn7U2i0MLs5N8D3CBM2r_9y6Qf5aivtrcmN.RM4_wmHw1MX9ujmpLe9W945EMTwQx.cbFsh9646nMQqYb4QKFJ6fuJ24CWBjQ7doauBgtvDm9k_9pIr._3KeUZKcJmX5qm2.mJqwzcs_7md530yFoZi3omYOLWCNtYkvbHZWLBdaYOIgFaRgTVhS_0MLEzmDGBm1NIJgrbG.ZzHAPlwYuVYQP9nLAF5xVocmY0LVisdYxenStqMSgVYxFKFMYVohWEr5JUpihXPFwouDALJ5m8kbQEWEXe4B79c_CkkyOwjQnWWtbCSoaLhnGkiGkUzp2jbqWZ2jvRikAM56mABEPYKY8HPGNyItWT6QtEU4kdRx0XqTNIqFVXn4VQ--%26ap%3Dpp%253Dm%252Cpi%253D1%22%2C%22dur%22%3A188%2C%22st%22%3A1137%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fs.yimg.com%2Fcv%2Feng%2Fexternals%2F131110%2Fa%2Fp.gif%22%2C%22dur%22%3A51%2C%22st%22%3A107%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fcdn.cmp.advertising.com%2Flibraries%2FEspresso-1.7.7.js%22%2C%22dur%22%3A48%2C%22st%22%3A137%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fjs%2Fsfext-min.js%22%2C%22dur%22%3A21%2C%22st%22%3A41%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fs.yimg.com%2Fdy%2Fads%2Fgemini.js%22%2C%22dur%22%3A17%2C%22st%22%3A106%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22first-contentful-paint%22%3A255%7D%5D%7D&t=1670422009276
188.125.72.139200 OK 43 B URL HTTP/2 geo.yahoo.com/p?_E=adperf&outcm=performance&etrg=backgroundPost&usergenf=0&etag=performance%2Cdarla&s=794200018&pvid=jZ.ffTEwLjLNC4q0jnigWwJROTEuOQAAAABuIXrE&D_bv=1.0.0&D_ts=0&D_v=sdarla_4-10-1&D_l=93%2C12%2C1603%2C1209%2C0%2C0%2C406%2C94%2C9&D_m=0%2C%2C%2C0%2C794200018&test=&D_e=&D_p=10%2C0%2CRICH%2C1440x1024%2C999999%2C999999%2C999999%2C0%2C0%2C263%2C-1%2C74%2C-1%2C-1%2C2%2CjZ.ffTEwLjLNC4q0jnigWwJROTEuOQAAAABuIXrE%3A-1%3ARICH%2C2%2C2%2C4%2C1%2C0%2C2%2C0%2C0%2C6%2C1%2C6%2C2%2C0%2C0%2C0%2C0%2C74%2C4%2C3%2Chttps%253A%2F%2Fsalaholiwing.xyz%2Flogin%2Fauth%253Fsessions%253D00de6c27731c83bf8d9c85dda6b4e36a%2526id_session%253D53b23c6283b3b65a8db7575e24091c4429dcca24%2C%2C0%2Ctrue%2C3%2C0%2C0%2C5000%2C0%2C0%2C-1%2C-1%2C-1%2C-1%3B&D_res=%7B%22RICH%22%3A%5B%7B%22name%22%3A%22https%3A%2F%2Fir2.beap.gemini.yahoo.com%2Fmbcsc%3Fbv%3D1.0.0%26es%3DUR.DUGgGIS9mJjgjgAZOWQnyaphxtaa18KMS3JjZn.IJJ0dCubVIPvbRwJVOXVf64V.coVWz0NJUf7PE.wXJMJXwMn7U2i0MLs5N8D3CBM2r_9y6Qf5aivtrcmN.RM4_wmHw1MX9ujmpLe9W945EMTwQx.cbFsh9646nMQqYb4QKFJ6fuJ24CWBjQ7doauBgtvDm9k_9pIr._3KeUZKcJmX5qm2.mJqwzcs_7md530yFoZi3omYOLWCNtYkvbHZWLBdaYOIgFaRgTVhS_0MLEzmDGBm1NIJgrbG.ZzHAPlwYuVYQP9nLAF5xVocmY0LVisdYxenStqMSgVYxFKFMYVohWEr5JUpihXPFwouDALJ5m8kbQEWEXe4B79c_CkkyOwjQnWWtbCSoaLhnGkiGkUzp2jbqWZ2jvRikAM56mABEPYKY8HPGNyItWT6QtEU4kdRx0XqTNIqFVXn4VQ--%26ap%3Dpp%253Dm%252Cpi%253D1%22%2C%22dur%22%3A188%2C%22st%22%3A1137%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fs.yimg.com%2Fcv%2Feng%2Fexternals%2F131110%2Fa%2Fp.gif%22%2C%22dur%22%3A51%2C%22st%22%3A107%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fcdn.cmp.advertising.com%2Flibraries%2FEspresso-1.7.7.js%22%2C%22dur%22%3A48%2C%22st%22%3A137%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fjs%2Fsfext-min.js%22%2C%22dur%22%3A21%2C%22st%22%3A41%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fs.yimg.com%2Fdy%2Fads%2Fgemini.js%22%2C%22dur%22%3A17%2C%22st%22%3A106%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22first-contentful-paint%22%3A255%7D%5D%7D&t=1670422009276
IP 188.125.72.139:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /p?_E=adperf&outcm=performance&etrg=backgroundPost&usergenf=0&etag=performance%2Cdarla&s=794200018&pvid=jZ.ffTEwLjLNC4q0jnigWwJROTEuOQAAAABuIXrE&D_bv=1.0.0&D_ts=0&D_v=sdarla_4-10-1&D_l=93%2C12%2C1603%2C1209%2C0%2C0%2C406%2C94%2C9&D_m=0%2C%2C%2C0%2C794200018&test=&D_e=&D_p=10%2C0%2CRICH%2C1440x1024%2C999999%2C999999%2C999999%2C0%2C0%2C263%2C-1%2C74%2C-1%2C-1%2C2%2CjZ.ffTEwLjLNC4q0jnigWwJROTEuOQAAAABuIXrE%3A-1%3ARICH%2C2%2C2%2C4%2C1%2C0%2C2%2C0%2C0%2C6%2C1%2C6%2C2%2C0%2C0%2C0%2C0%2C74%2C4%2C3%2Chttps%253A%2F%2Fsalaholiwing.xyz%2Flogin%2Fauth%253Fsessions%253D00de6c27731c83bf8d9c85dda6b4e36a%2526id_session%253D53b23c6283b3b65a8db7575e24091c4429dcca24%2C%2C0%2Ctrue%2C3%2C0%2C0%2C5000%2C0%2C0%2C-1%2C-1%2C-1%2C-1%3B&D_res=%7B%22RICH%22%3A%5B%7B%22name%22%3A%22https%3A%2F%2Fir2.beap.gemini.yahoo.com%2Fmbcsc%3Fbv%3D1.0.0%26es%3DUR.DUGgGIS9mJjgjgAZOWQnyaphxtaa18KMS3JjZn.IJJ0dCubVIPvbRwJVOXVf64V.coVWz0NJUf7PE.wXJMJXwMn7U2i0MLs5N8D3CBM2r_9y6Qf5aivtrcmN.RM4_wmHw1MX9ujmpLe9W945EMTwQx.cbFsh9646nMQqYb4QKFJ6fuJ24CWBjQ7doauBgtvDm9k_9pIr._3KeUZKcJmX5qm2.mJqwzcs_7md530yFoZi3omYOLWCNtYkvbHZWLBdaYOIgFaRgTVhS_0MLEzmDGBm1NIJgrbG.ZzHAPlwYuVYQP9nLAF5xVocmY0LVisdYxenStqMSgVYxFKFMYVohWEr5JUpihXPFwouDALJ5m8kbQEWEXe4B79c_CkkyOwjQnWWtbCSoaLhnGkiGkUzp2jbqWZ2jvRikAM56mABEPYKY8HPGNyItWT6QtEU4kdRx0XqTNIqFVXn4VQ--%26ap%3Dpp%253Dm%252Cpi%253D1%22%2C%22dur%22%3A188%2C%22st%22%3A1137%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fs.yimg.com%2Fcv%2Feng%2Fexternals%2F131110%2Fa%2Fp.gif%22%2C%22dur%22%3A51%2C%22st%22%3A107%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fcdn.cmp.advertising.com%2Flibraries%2FEspresso-1.7.7.js%22%2C%22dur%22%3A48%2C%22st%22%3A137%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fs.yimg.com%2Frq%2Fdarla%2F4-10-1%2Fjs%2Fsfext-min.js%22%2C%22dur%22%3A21%2C%22st%22%3A41%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fs.yimg.com%2Fdy%2Fads%2Fgemini.js%22%2C%22dur%22%3A17%2C%22st%22%3A106%2C%22ssl%22%3A0%2C%22dns%22%3A0%2C%22conn%22%3A0%7D%2C%7B%22first-contentful-paint%22%3A255%7D%5D%7D&t=1670422009276 HTTP/1.1
Host: geo.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salaholiwing.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:06:49 GMT
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
pragma: no-cache
content-length: 43
content-type: image/gif
x-envoy-upstream-service-time: 1
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
X-Firefox-Spdy: h2
s.yimg.com/ss/rapid-3.53.30.js
188.125.94.206200 OK 0 B URL HTTP/2 s.yimg.com/ss/rapid-3.53.30.js
IP 188.125.94.206:0
GET /ss/rapid-3.53.30.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salaholiwing.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4mBwu1E+XGbo7Up9PBKNPx65+U7PrYGk0nXYkyP0iD3C/c+8w+6fESehP0/qwfQMK2u6TTz64AM=
x-amz-request-id: 6VQ83265R05ZY1V7
date: Sat, 03 Dec 2022 07:38:21 GMT
last-modified: Tue, 29 Jun 2021 01:45:07 GMT
etag: "665798d28ecf9be7cbc434e75267920d-df"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, immutable
x-amz-version-id: .Bcg25AHAdRCkTvv5tMdNmGVEjznZ_m3
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 368903
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
s.yimg.com/wm/mbr/fe8264f3a0c47d3b35f5bd152c3c7a03e6eb7011/bundle.js
188.125.94.206200 OK 0 B URL HTTP/2 s.yimg.com/wm/mbr/fe8264f3a0c47d3b35f5bd152c3c7a03e6eb7011/bundle.js
IP 188.125.94.206:0
GET /wm/mbr/fe8264f3a0c47d3b35f5bd152c3c7a03e6eb7011/bundle.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salaholiwing.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TMpue8k/Rd36rlKNQRJxfqbB6ooFFoPu+JEyHvD0umnD7ZHlkNXhPSQab91FYtbsD+QKeOiQGiY=
x-amz-request-id: GB0YC6FE2WQ383NR
date: Mon, 05 Dec 2022 15:52:43 GMT
last-modified: Fri, 04 Nov 2022 18:05:40 GMT
etag: "8300c4757ae93053ae726ccbe58baec4-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 166441
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2