1clviral.site/click/za/envelope/index.php?ts=PropellerAds:%20Push&source=&lp=5f6b9b60-0949-49dc-beb3-c11964072ce4&camp=10k%20English&cid=J88BpLakB5KZURfe9TZrKR&domain=go.13track.site&key=eyJ0aW1lc3RhbXAiOiIxNjcwODgyMDY0IiwiaGFzaCI6IjNlOTY1ZGNjMmM0NTRhYjJmOGQ0OTNhMGE5ZWFiMGM1ZGMwOGQwODIifQ==&isp=Google%20Cloud&bemobdata=c=c27ffb73-0da9-40a9-a2b6-c0c7a37795d0..l=5f6b9b60-0949-49dc-beb3-c11964072ce4..a=0..b=0..r=go.13track.site
200 OK 3.9 kB URL HTTP/1.1 1clviral.site/click/za/envelope/index.php?ts=PropellerAds:%20Push&source=&lp=5f6b9b60-0949-49dc-beb3-c11964072ce4&camp=10k%20English&cid=J88BpLakB5KZURfe9TZrKR&domain=go.13track.site&key=eyJ0aW1lc3RhbXAiOiIxNjcwODgyMDY0IiwiaGFzaCI6IjNlOTY1ZGNjMmM0NTRhYjJmOGQ0OTNhMGE5ZWFiMGM1ZGMwOGQwODIifQ==&isp=Google%20Cloud&bemobdata=c=c27ffb73-0da9-40a9-a2b6-c0c7a37795d0..l=5f6b9b60-0949-49dc-beb3-c11964072ce4..a=0..b=0..r=go.13track.site
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (462)
Hash 120b940f03489fb087cca0b25d6ae25f
a9df4b2390bd616ce95e9484e50cafed05710cf8
4db51366bc0ec6377f569c2c850777b00ee1bbca621eb2e6db10d42e619dad79
GET /click/za/envelope/index.php?ts=PropellerAds:%20Push&source=&lp=5f6b9b60-0949-49dc-beb3-c11964072ce4&camp=10k%20English&cid=J88BpLakB5KZURfe9TZrKR&domain=go.13track.site&key=eyJ0aW1lc3RhbXAiOiIxNjcwODgyMDY0IiwiaGFzaCI6IjNlOTY1ZGNjMmM0NTRhYjJmOGQ0OTNhMGE5ZWFiMGM1ZGMwOGQwODIifQ==&isp=Google%20Cloud&bemobdata=c=c27ffb73-0da9-40a9-a2b6-c0c7a37795d0..l=5f6b9b60-0949-49dc-beb3-c11964072ce4..a=0..b=0..r=go.13track.site HTTP/1.1
Host: 1clviral.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 21:54:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBtQCDel6%2B1av74V5bnDhLxlWQLJDaSn3gIqNrtspBwogbl7A2dLAbYFYm7zzbYI0zYju97P4GM7fe06ZrgK1wUB8kfEENUPsvcmGTgbcA2cwffF9qANoXLWMetKreHX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7789b3339e57b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15135
Expires: Tue, 13 Dec 2022 02:06:57 GMT
Date: Mon, 12 Dec 2022 21:54:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b8fe6ec1ac390bc5b90b68b0e3005299
4ce20d527fcc93a2a6d1c5f3ab73ee8ded2a57f2
1755a645d41780a9e54ee1ad04a2b293d16d2a98e543f81835c3a66e3d58c3be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1755A645D41780A9E54EE1AD04A2B293D16D2A98E543F81835C3A66E3D58C3BE"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7503
Expires: Mon, 12 Dec 2022 23:59:45 GMT
Date: Mon, 12 Dec 2022 21:54:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dbd022fec0a71226daaf29b7563a8896
c37d14dc7b3849a4bb815fa325fb5e70fae54039
22da5e6e3f9507688fc8cb02183d52cf38f4adf8b2c6c52eaf5f88182471efeb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2980
Expires: Mon, 12 Dec 2022 22:44:22 GMT
Date: Mon, 12 Dec 2022 21:54:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 12 Dec 2022 21:33:43 GMT
content-type: application/json
age: 1259
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FV32VnuvZNNKbi6dSSXAbyN3ilzEoc7624aObA2DmZENI8GvfmCDR9p5EnO26cNhZpIkFK64ElsRB8xR+ufmdA==
x-amz-request-id: HZ9QF63Q0DXVTTC3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 12 Dec 2022 21:51:39 GMT
age: 183
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
1clviral.site/click/za/envelope/main.css
200 OK 6.2 kB URL HTTP/1.1 1clviral.site/click/za/envelope/main.css
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (62598), with no line terminators
Hash 03cfdf8f00694ee88ba9ada91a27b535
699a5d82d3a83590711347c9c7d1773bd074f8b5
b4ce08c3d9b7a9f28e7db916721013c2561b1f1bf80a03ed70d84fe2661e1d9e
GET /click/za/envelope/main.css HTTP/1.1
Host: 1clviral.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1clviral.site/click/za/envelope/index.php?ts=PropellerAds:%20Push&source=&lp=5f6b9b60-0949-49dc-beb3-c11964072ce4&camp=10k%20English&cid=J88BpLakB5KZURfe9TZrKR&domain=go.13track.site&key=eyJ0aW1lc3RhbXAiOiIxNjcwODgyMDY0IiwiaGFzaCI6IjNlOTY1ZGNjMmM0NTRhYjJmOGQ0OTNhMGE5ZWFiMGM1ZGMwOGQwODIifQ==&isp=Google%20Cloud&bemobdata=c=c27ffb73-0da9-40a9-a2b6-c0c7a37795d0..l=5f6b9b60-0949-49dc-beb3-c11964072ce4..a=0..b=0..r=go.13track.site
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 21:54:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 11 Nov 2022 06:46:58 GMT
ETag: W/"636defe2-f489"
Expires: Tue, 13 Dec 2022 21:54:30 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 12
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SssSmTx9dSCqmL%2BLS0FloCSslXs66upcEOmRpqpEHE5dTdAycb5CQNpoWFpAR%2FFegYpHhRh1yCOkXdbo2UCpBTpdsdLGPEvbpRAWX1knK7qpoUDyXS8C9x82Sef21z2J"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7789b335f9dab4f7-OSL
alt-svc: h2=":443"; ma=60
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 638a4990025383a0f83ebf29bdb84a68
153e8818dc42f598e47fde8cf398f1447649a4d0
878e34b89800bb271d3588e526eb3598eb3822e263f3bdaf53645847d39d0ad6
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://1clviral.site
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 445571
expires: Sat, 02 Dec 2023 21:54:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76O60LOgNdE6D9n87xzYNT2PEwv%2FSD7aUqlonGMTcHENsaecDZ%2FkkiwKZZnMwNV4yV25nAj1unsQqbzEHxV5dfF0hvtTJOopLfHwDQRDrnfGmoEcTcVOihBp87KCLGcHGkSSYR%2B0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7789b3361a07b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
1clviral.site/click/za/envelope/menu.png
200 OK 409 B URL HTTP/1.1 1clviral.site/click/za/envelope/menu.png
IP
File type PNG image data, 96 x 34, 8-bit/color RGB, non-interlaced\012- data
Hash 4a98f87225fd8e0f1a430a48c0434ac8
be7960d7d9fc8055ed0f7ac3ba2dd8a468489b2f
41d97f40faf1d359aae3802433ea5ddf2931ee9dff59c6e55e43b03f2048ad8f
GET /click/za/envelope/menu.png HTTP/1.1
Host: 1clviral.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1clviral.site/click/za/envelope/index.php?ts=PropellerAds:%20Push&source=&lp=5f6b9b60-0949-49dc-beb3-c11964072ce4&camp=10k%20English&cid=J88BpLakB5KZURfe9TZrKR&domain=go.13track.site&key=eyJ0aW1lc3RhbXAiOiIxNjcwODgyMDY0IiwiaGFzaCI6IjNlOTY1ZGNjMmM0NTRhYjJmOGQ0OTNhMGE5ZWFiMGM1ZGMwOGQwODIifQ==&isp=Google%20Cloud&bemobdata=c=c27ffb73-0da9-40a9-a2b6-c0c7a37795d0..l=5f6b9b60-0949-49dc-beb3-c11964072ce4..a=0..b=0..r=go.13track.site
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 21:54:42 GMT
Content-Type: image/png
Content-Length: 409
Connection: keep-alive
Last-Modified: Fri, 11 Nov 2022 06:46:58 GMT
ETag: "636defe2-199"
Expires: Tue, 13 Dec 2022 21:54:30 GMT
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 12
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vl4H601G2ovIz78Ua2s%2Bca2lw0JS0Rak1n2zWg%2Fcc%2FOuntpVas2OOrLvWkr7yM4KkHX9YGKyL%2FxVgpm%2B68ppLrfmLxS5CGoz8LP6Cgh5pd2WckvEPXTytCdFUDW66cWy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7789b3361d63b4ff-OSL
alt-svc: h2=":443"; ma=60
1clviral.site/click/za/envelope/env_prize.png
200 OK 48 kB URL HTTP/1.1 1clviral.site/click/za/envelope/env_prize.png
IP
File type PNG image data, 257 x 184, 8-bit/color RGBA, non-interlaced\012- data
Hash ff3109d90571ab76e7905599dceebb71
7abc6f898a513e150a4b2f74883115a284703104
b8de0045aabe4e23294332dcc0b5c57cd0ed2b538f4c728558dcffc339e79842
GET /click/za/envelope/env_prize.png HTTP/1.1
Host: 1clviral.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1clviral.site/click/za/envelope/index.php?ts=PropellerAds:%20Push&source=&lp=5f6b9b60-0949-49dc-beb3-c11964072ce4&camp=10k%20English&cid=J88BpLakB5KZURfe9TZrKR&domain=go.13track.site&key=eyJ0aW1lc3RhbXAiOiIxNjcwODgyMDY0IiwiaGFzaCI6IjNlOTY1ZGNjMmM0NTRhYjJmOGQ0OTNhMGE5ZWFiMGM1ZGMwOGQwODIifQ==&isp=Google%20Cloud&bemobdata=c=c27ffb73-0da9-40a9-a2b6-c0c7a37795d0..l=5f6b9b60-0949-49dc-beb3-c11964072ce4..a=0..b=0..r=go.13track.site
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 21:54:42 GMT
Content-Type: image/png
Content-Length: 47684
Connection: keep-alive
Last-Modified: Fri, 11 Nov 2022 06:46:58 GMT
ETag: "636defe2-ba44"
Expires: Tue, 13 Dec 2022 21:54:30 GMT
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 12
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UG2xUDKQ0eMGHoE%2Fz%2F2sTidMykmXyQE57X9eiJVQoJ%2BI%2FbX55aWkwxw5yp4RN4yuWsY3Jrnjc9YHKb%2Bh1sXQ3bxDObLKFQ8n8SHXQhZQW%2FN%2FKBM2hlaZqQaO5RjwTczs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7789b3361e32b506-OSL
alt-svc: h2=":443"; ma=60
1clviral.site/click/za/envelope/env_closed.png
200 OK 2.5 kB URL HTTP/1.1 1clviral.site/click/za/envelope/env_closed.png
IP
File type PNG image data, 257 x 184, 8-bit colormap, non-interlaced\012- data
Hash 9adbaf1f271f2921d941cfc431705ff0
e82f0ee057bac2525d8558c431995b4f59f3a897
ec8362f7adbe35e42507491256929b59a8af11a8b369bc800f778b834e411abf
GET /click/za/envelope/env_closed.png HTTP/1.1
Host: 1clviral.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1clviral.site/click/za/envelope/index.php?ts=PropellerAds:%20Push&source=&lp=5f6b9b60-0949-49dc-beb3-c11964072ce4&camp=10k%20English&cid=J88BpLakB5KZURfe9TZrKR&domain=go.13track.site&key=eyJ0aW1lc3RhbXAiOiIxNjcwODgyMDY0IiwiaGFzaCI6IjNlOTY1ZGNjMmM0NTRhYjJmOGQ0OTNhMGE5ZWFiMGM1ZGMwOGQwODIifQ==&isp=Google%20Cloud&bemobdata=c=c27ffb73-0da9-40a9-a2b6-c0c7a37795d0..l=5f6b9b60-0949-49dc-beb3-c11964072ce4..a=0..b=0..r=go.13track.site
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 21:54:42 GMT
Content-Type: image/png
Content-Length: 2537
Connection: keep-alive
Last-Modified: Fri, 11 Nov 2022 06:46:58 GMT
ETag: "636defe2-9e9"
Expires: Tue, 13 Dec 2022 21:54:30 GMT
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 12
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9GQqYDxEv%2BrGlel3Q%2BiArW26FV%2FJc9ADSNSEQDMNc8brg7yzixcCVuiyrWVXtABYcg0PCz%2F6NiCY11zgloYp8qduzsgT9WYfwIRSXMBizCgWgToV3wBGRVaiZzI5Gt2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7789b33619e5b521-OSL
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 21:54:42 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
1clviral.site/click/za/envelope/mtn.png
200 OK 2.3 kB URL HTTP/1.1 1clviral.site/click/za/envelope/mtn.png
IP
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 78e725e5b6d9e07a0e8d192a14e90559
9ba1d76bbf0919234a3d752431bec03873490202
fe00545ef4f123b42763d8b543969343ce70a0b0814112246903f52a0b2cb672
GET /click/za/envelope/mtn.png HTTP/1.1
Host: 1clviral.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1clviral.site/click/za/envelope/index.php?ts=PropellerAds:%20Push&source=&lp=5f6b9b60-0949-49dc-beb3-c11964072ce4&camp=10k%20English&cid=J88BpLakB5KZURfe9TZrKR&domain=go.13track.site&key=eyJ0aW1lc3RhbXAiOiIxNjcwODgyMDY0IiwiaGFzaCI6IjNlOTY1ZGNjMmM0NTRhYjJmOGQ0OTNhMGE5ZWFiMGM1ZGMwOGQwODIifQ==&isp=Google%20Cloud&bemobdata=c=c27ffb73-0da9-40a9-a2b6-c0c7a37795d0..l=5f6b9b60-0949-49dc-beb3-c11964072ce4..a=0..b=0..r=go.13track.site
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 21:54:42 GMT
Content-Type: image/png
Content-Length: 2297
Connection: keep-alive
Last-Modified: Fri, 11 Nov 2022 06:46:58 GMT
ETag: "636defe2-8f9"
Expires: Tue, 13 Dec 2022 21:54:30 GMT
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 12
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHg1m%2FhGvntyUUSXdwUt0FjsVMS0hMG4syWvMlDMUHnwS1Aw1nYK66iUT6ch89YCO%2FWF33HUXKJh4LjidU%2BIHVFePPSRyKJd4FSoFHFQm0HNuE5xFMakiGWomfQhGOmh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7789b336cf61b506-OSL
alt-svc: h2=":443"; ma=60
js.nextpsh.top/ps/ps.js?id=nAUQ0QB37kiul2tT9Ejpyg
200 OK 22 kB URL HTTP/2 js.nextpsh.top/ps/ps.js?id=nAUQ0QB37kiul2tT9Ejpyg
IP
ASN #35277 Llhost Inc. Srl
File type Unicode text, UTF-8 text, with very long lines (21622), with no line terminators
Hash 295320f339ea31f00b445992e2fdde93
a8c7d785621ab9a83bdf15147b8ad48baadee0f4
62c34ff24789f5057d5477c2985791feadcb4845bb055ae0cf748a4b529f83b3
Analyzer Verdict Alert quad9 Sinkholed
GET /ps/ps.js?id=nAUQ0QB37kiul2tT9Ejpyg HTTP/1.1
Host: js.nextpsh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1clviral.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 21:54:42 GMT
content-type: application/javascript
content-length: 21863
set-cookie: __psu=a2b11d3a-2f7f-49f1-8348-981389de3bd7; expires=Thu, 12 Dec 2024 21:54:42 GMT; path=/; secure; samesite=none
cache-control: max-age=0, no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
1clviral.site/click/za/envelope/29e5d4862f0470607f803d462bddf5f14cf57969.png
200 OK 220 B URL HTTP/1.1 1clviral.site/click/za/envelope/29e5d4862f0470607f803d462bddf5f14cf57969.png
IP
File type PNG image data, 13 x 12, 8-bit colormap, non-interlaced\012- data
Hash e4c6e8dcd575bd5f346565ce8dbacfe7
29e5d4862f0470607f803d462bddf5f14cf57969
9e79a749ac5f41341fdff11f64845580207490915f72b09ec320e0db0fea224a
GET /click/za/envelope/29e5d4862f0470607f803d462bddf5f14cf57969.png HTTP/1.1
Host: 1clviral.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1clviral.site/click/za/envelope/main.css
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 21:54:42 GMT
Content-Type: image/png
Content-Length: 220
Connection: keep-alive
Last-Modified: Fri, 11 Nov 2022 06:46:58 GMT
ETag: "636defe2-dc"
Expires: Tue, 13 Dec 2022 21:54:30 GMT
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 12
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuK5F%2BP0wDmNLP2OkKAQmbScfkmPMlVp4ISo2CCF5GOS59ao%2Ff8yGtslJzTL6kI%2BLWnOEurECbFilMg%2FBr9gRnM7U5XoPQJyzdhiOtcEDkIU2uHY2A%2F60bfua%2F%2FWRUpD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7789b336ffbdb506-OSL
alt-svc: h2=":443"; ma=60
js.nextpsh.top/ps/config.js?id=nAUQ0QB37kiul2tT9Ejpyg
200 OK 356 B URL HTTP/2 js.nextpsh.top/ps/config.js?id=nAUQ0QB37kiul2tT9Ejpyg
IP
ASN #35277 Llhost Inc. Srl
File type ASCII text, with CRLF line terminators
Hash 0bba2ca7f0180b1ecac227209f65d779
9a7a0029e1676be96355adb369c28be52bdb8e3f
9bd55a2b4d4726c08c72d29255063b3b5e1737b538e3266024ee0cd0b10d7c52
Analyzer Verdict Alert quad9 Sinkholed
GET /ps/config.js?id=nAUQ0QB37kiul2tT9Ejpyg HTTP/1.1
Host: js.nextpsh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1clviral.site/
Cookie: __psu=a2b11d3a-2f7f-49f1-8348-981389de3bd7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 21:54:42 GMT
content-type: application/javascript
content-length: 356
cache-control: max-age=0, no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
1clviral.site/click/za/envelope/89f7729bfd0bc3ee3bd95e2f65bd9e9d155e05f4.png
200 OK 1.1 kB URL HTTP/1.1 1clviral.site/click/za/envelope/89f7729bfd0bc3ee3bd95e2f65bd9e9d155e05f4.png
IP
File type PNG image data, 38 x 38, 8-bit colormap, non-interlaced\012- data
Hash 01bfdda5f2504fb4d61ff8df02d019be
89f7729bfd0bc3ee3bd95e2f65bd9e9d155e05f4
d77ec3b24a20913661a083a4f6e588ee2ce98a3c83d7455c861a1cd0b167399c
GET /click/za/envelope/89f7729bfd0bc3ee3bd95e2f65bd9e9d155e05f4.png HTTP/1.1
Host: 1clviral.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1clviral.site/click/za/envelope/index.php?ts=PropellerAds:%20Push&source=&lp=5f6b9b60-0949-49dc-beb3-c11964072ce4&camp=10k%20English&cid=J88BpLakB5KZURfe9TZrKR&domain=go.13track.site&key=eyJ0aW1lc3RhbXAiOiIxNjcwODgyMDY0IiwiaGFzaCI6IjNlOTY1ZGNjMmM0NTRhYjJmOGQ0OTNhMGE5ZWFiMGM1ZGMwOGQwODIifQ==&isp=Google%20Cloud&bemobdata=c=c27ffb73-0da9-40a9-a2b6-c0c7a37795d0..l=5f6b9b60-0949-49dc-beb3-c11964072ce4..a=0..b=0..r=go.13track.site
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 21:54:42 GMT
Content-Type: image/png
Content-Length: 1066
Connection: keep-alive
Last-Modified: Fri, 11 Nov 2022 06:46:58 GMT
ETag: "636defe2-42a"
Expires: Tue, 13 Dec 2022 21:54:30 GMT
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 12
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1LYw2WOe28DmzfQ%2FZ22BEsp8RujwyqqoNuaW2AJJiSepTw8YaDtbNxK2SPq9efUoDw6t63gJq1FxvJdsSXYmD36HHPBgZmOFAJejT7K%2FVDvmvVDJO48JvkKsxkfYEDk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7789b337b8e1b506-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6d462d3e6bc6168ee30040355f8b96ee
7578100cefe27a95fc25fa11481d78353185a9f0
7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 21:54:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/8.4.1/firebase-app.js
200 OK 6.8 kB URL HTTP/2 www.gstatic.com/firebasejs/8.4.1/firebase-app.js
IP
File type ASCII text, with very long lines (21158)
Hash cc9770d1cd023f5acf160f83840856fe
3b9c4a75943e3101e25a612ff975d03e9ef6f5ab
6b37f2d363f4b788f0b1473c7f51522bd85fe319ac39e7fb1c70aceaf35fe42e
GET /firebasejs/8.4.1/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1clviral.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:23 GMT
expires: Sat, 09 Dec 2023 13:33:23 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
content-type: text/javascript; charset=UTF-8
age: 289279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
200 OK 11 kB URL HTTP/2 www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP
File type ASCII text, with very long lines (40976)
Hash 65fc850cb32508517dcbc63b09aa7909
b6a0811a047ac43a061b326c424e57e3b125eaee
cb0497203016e7af18b3989110eaca26fed09c7c2e1ae0fda9a159b6784f69d5
GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1clviral.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 13:37:26 GMT
expires: Thu, 07 Dec 2023 13:37:26 GMT
cache-control: public, max-age=31536000
age: 461836
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6d462d3e6bc6168ee30040355f8b96ee
7578100cefe27a95fc25fa11481d78353185a9f0
7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 21:54:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 12 Dec 2022 21:33:17 GMT
age: 1285
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bfa71e09f8fb73abe57aa41bb7ec25a8
04dbbe15d76b63bfa9ff197b3f41c3283d505f02
a1695bda3bf4c25b6989a7d5ba25a9a13c47cda059e11651c571609250bb9b0b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1695BDA3BF4C25B6989A7D5BA25A9A13C47CDA059E11651C571609250BB9B0B"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8811
Expires: Tue, 13 Dec 2022 00:21:33 GMT
Date: Mon, 12 Dec 2022 21:54:42 GMT
Connection: keep-alive
domainanalyticsapi.com/api/errors/install?message=TypeError:%20can%27t%20access%20property%20%22register%22,%20navigator[_0x142ae0(...)]%20is%20undefined
200 OK 0 B URL HTTP/1.1 domainanalyticsapi.com/api/errors/install?message=TypeError:%20can%27t%20access%20property%20%22register%22,%20navigator[_0x142ae0(...)]%20is%20undefined
IP
ASN #35277 Llhost Inc. Srl
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/errors/install?message=TypeError:%20can%27t%20access%20property%20%22register%22,%20navigator[_0x142ae0(...)]%20is%20undefined HTTP/1.1
Host: domainanalyticsapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://1clviral.site/
Origin: http://1clviral.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Dec 2022 21:54:42 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
ocsp.digicert.com/
200 OK 471 B IP
Hash ee19f96e42a0eca99d00c8d91f977c35
3bf8dbf8b8ce6ea7adadf7bb92cae2f9502fbee9
6d8adcb1494bfe2ca73cd6b77eb57b2d08e07b05eb892fea98a1fde0bfb2ea12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4332
Cache-Control: max-age=131060
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 21:54:43 GMT
Etag: "6396ef2b-1d7"
Expires: Wed, 14 Dec 2022 10:19:03 GMT
Last-Modified: Mon, 12 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MrJshza+4Yh4+DucDmbkpw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: v2gfunFdDPxfhmZLVL7pIazdfg8=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6542
Expires: Mon, 12 Dec 2022 23:43:46 GMT
Date: Mon, 12 Dec 2022 21:54:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6542
Expires: Mon, 12 Dec 2022 23:43:46 GMT
Date: Mon, 12 Dec 2022 21:54:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6542
Expires: Mon, 12 Dec 2022 23:43:46 GMT
Date: Mon, 12 Dec 2022 21:54:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9f8d3e3c9e5d2ed74c3894b4825fcc2f
6bbd19dbf5112b5c52a1ccbfff3c9d7d0ab030da
9e44f93e65206ae7095cf9177296f4f528f1c2597cffa4853b7d6dcabf032796
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5619
x-amzn-requestid: df7189d2-5cad-43a2-9511-20c5de53f710
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAEMPFCSIAMF4uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d81-729683c606fd6abc5bc70534;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: kbfjvh64NjCUE-e-3z7W58vyJMisRwERUV_W99jn3vrErY4bF1SFsg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:58:39 GMT
etag: "6bbd19dbf5112b5c52a1ccbfff3c9d7d0ab030da"
content-type: image/jpeg
age: 86165
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a22fc7807fb3337f0af5e546c7ad366a
0d5969394b370a5c77c53ed58f55e5f8a45da3ab
98b4f4fd27dc036697fb0328083bce6e691b7493428f3a54991087d9d1165d97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5530
x-amzn-requestid: adecbb8c-cec3-46a0-b32c-0026b8421fe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4d8Fg6IAMF61g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903abf-4bcb385f27cb438c36a2cd5e;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: J2FSKW1AHhnyu2NBJDcqib3iVsOk745-dgnNgmk6T-QKcg-z5He7qw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 09:24:15 GMT
age: 45029
etag: "0d5969394b370a5c77c53ed58f55e5f8a45da3ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2020df3404a4b7c3e142af4a1330b848
2fe69b52fe03128e86550bf08474ecac82682384
37a52c158d5cfdf3589e19163cf446c02ce1466f444656080b02da82d2bcefae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6311
x-amzn-requestid: 46ccaee0-bde8-4be6-9dc8-46e3ae356dc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8xUYH10oAMF8Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394fc1b-2440251f06cb950a57489555;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 21:37:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UU3eyJXDqth6F65_913HL9lqA3qZHfGExAV89BRzHpQho5wZbQRTmw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:52:33 GMT
age: 131
etag: "2fe69b52fe03128e86550bf08474ecac82682384"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9051770b3587c195bea670f8820e8cfe
abf58087f0e345202da088238daea85d177b431b
f687a10c0ae63699a551977e9a4ec5bc7ba606b1925178d7ed4ec6728889bb2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8841
x-amzn-requestid: 09b64f8e-60c0-4cf6-a0dc-15e597bd9d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMWH7MIAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-3471ee5f5a78b55c424e2c6d;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KkltHSO_YnfExbgR5cg199uOPnKy62zoMPwFfktRCpu03ImoFNMAIw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 22:37:58 GMT
age: 83806
etag: "abf58087f0e345202da088238daea85d177b431b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75dd1ecae61b991cd21929deb9244aac
4f14c9f7b36dfa356877251f1e6a0f5936286c4b
3435eda8961bb9954fcf5fd7c957ce58fd7aa4bb9e00525b8f42756adcf341e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6438
x-amzn-requestid: 517b1627-9789-48e8-b5df-106fee878820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENaGN6IAMFoUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d88-28cbd126745e8ab15d937936;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: amWbF9zOStURk7mvKoCOs0babDMecP7hOWzf4Hrn8RGThFiqv-_elg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:59:55 GMT
age: 86089
etag: "4f14c9f7b36dfa356877251f1e6a0f5936286c4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg
200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38876d760ef06c8471468c474c1e28a7
d43cd03d5eb3e7618b6fb70c935010c2ac92ad32
a0747f29eb6084eef42d3c247594973b02c619c7ec56b6137e24b6d0362557a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4720
x-amzn-requestid: dd990fe1-8447-403e-b276-40889af5baa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENuF6SoAMF7oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d8a-59b5a8f92ef6111e64e16079;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SBYH2ZqOyZx6tB8u3g3dkimaCUGSWAMQhULpYs4gWrmZ6i3_1Br_zQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:57:39 GMT
etag: "d43cd03d5eb3e7618b6fb70c935010c2ac92ad32"
content-type: image/jpeg
age: 86225
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
104.21.77.245
34.120.237.76
93.184.220.29
104.17.24.14
46.148.125.182
23.36.77.32