continuetosite.com/go/9d26ee6b-c9cb-4973-9d04-6d1644e26afc
3.70.16.242302 Found 408 B URL HTTP/1.1 continuetosite.com/go/9d26ee6b-c9cb-4973-9d04-6d1644e26afc
IP 3.70.16.242:0
File type HTML document, ASCII text, with very long lines (408), with no line terminators
Hash 102f929b2ec047ba426baa12ed0976f1
d1a5e13f79bc35f87f5f318981f1e8afc37a496c
c2e15a7fb046ab6bdfb0523054630add6aaef9c56ced84b7b8d4825553ebc6af
Analyzer Verdict Alert fortinet Phishing
GET /go/9d26ee6b-c9cb-4973-9d04-6d1644e26afc HTTP/1.1
Host: continuetosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: openresty
Date: Sat, 03 Dec 2022 18:05:54 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 408
Connection: keep-alive
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
Access-Control-Allow-Origin: *
Location: https://126418717071.trfcompny-offer.com/?p=20434&wid=138711&wid_hmac=978555ea7a9d8539855760ee6ab9bb6c&click_id=58A6SKBVrLPiCGS1abcBY8&click_id=58A6SKBVrLPiCGS1abcBY8
Set-Cookie: bemob-uniq-visit:9d26ee6b-c9cb-4973-9d04-6d1644e26afc=1; Domain=continuetosite.com; Path=/; Expires=Sun, 04 Dec 2022 18:05:54 GMT; HttpOnly
bemob-rotation:9d26ee6b-c9cb-4973-9d04-6d1644e26afc:random:e94b1ad1a075e108100cd3ac7a30bdc6=0-0-0; Domain=continuetosite.com; Path=/; Expires=Sun, 04 Dec 2022 18:05:54 GMT; HttpOnly
bemob-click-id=58A6SKBVrLPiCGS1abcBY8; Domain=continuetosite.com; Path=/; Expires=Sun, 04 Dec 2022 18:05:54 GMT; HttpOnly
Vary: Accept
X-Response-Time: 18.622ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8896
Expires: Sat, 03 Dec 2022 20:34:11 GMT
Date: Sat, 03 Dec 2022 18:05:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5062
Cache-Control: max-age=150579
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:05:55 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:55:34 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15021
Expires: Sat, 03 Dec 2022 22:16:16 GMT
Date: Sat, 03 Dec 2022 18:05:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 17:18:16 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2859
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: d2DFy1j1MsQbZkbQAvuZQWdQILEOXlG2ByRPhjUe+znjf6ycrQ8FcmbkoQrtfznpuI9EN70xlRY=
x-amz-request-id: YYXX0N0PVEKNS3CC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 17:46:39 GMT
age: 1156
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ec7c557e89657e98cf993e7c98384da
4f654e0da338419264172d7eb17c087e8732a20a
58e829f8c2ef661ba6b45ea174b2444c1afbdf2234eb14a78a38a025ac10b6c8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E829F8C2EF661BA6B45EA174B2444C1AFBDF2234EB14A78A38A025AC10B6C8"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10131
Expires: Sat, 03 Dec 2022 20:54:46 GMT
Date: Sat, 03 Dec 2022 18:05:55 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:05:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
126418717071.trfcompny-offer.com/?p=20434&wid=138711&wid_hmac=978555ea7a9d8539855760ee6ab9bb6c&click_id=58A6SKBVrLPiCGS1abcBY8&click_id=58A6SKBVrLPiCGS1abcBY8
94.237.99.118200 OK 945 B URL HTTP/2 126418717071.trfcompny-offer.com/?p=20434&wid=138711&wid_hmac=978555ea7a9d8539855760ee6ab9bb6c&click_id=58A6SKBVrLPiCGS1abcBY8&click_id=58A6SKBVrLPiCGS1abcBY8
IP 94.237.99.118:0
Hash 15d0115ed99e113dccf17303ec8b7ef4
281d6331ad00b500c031d1807a4dfcbe1bc98d22
92870ed3558a2cef6da1fce401a6488d4c0b370d9a1dc575b551837ccf7edc8c
GET /?p=20434&wid=138711&wid_hmac=978555ea7a9d8539855760ee6ab9bb6c&click_id=58A6SKBVrLPiCGS1abcBY8&click_id=58A6SKBVrLPiCGS1abcBY8 HTTP/1.1
Host: 126418717071.trfcompny-offer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:05:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 3 Dec 2022 18:05:55 GMT
expires: Sat, 3 Dec 2022 18:05:55 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow
content-encoding: gzip
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 17:11:17 GMT
cache-control: public,max-age=3600
age: 3278
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
optiestrycended.com/bf0465cf-e980-478d-87f2-27d14b1b731e?c2=20434&c1=5x4ah5krl4j5d56c77s4kksso,16629540,5,20434
18.156.93.177302 Found 0 B URL HTTP/2 optiestrycended.com/bf0465cf-e980-478d-87f2-27d14b1b731e?c2=20434&c1=5x4ah5krl4j5d56c77s4kksso,16629540,5,20434
IP 18.156.93.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bf0465cf-e980-478d-87f2-27d14b1b731e?c2=20434&c1=5x4ah5krl4j5d56c77s4kksso,16629540,5,20434 HTTP/1.1
Host: optiestrycended.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 03 Dec 2022 18:05:55 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=2KgjjopAYpLypykmrwp8sNb3PIe9UHPGtI0Fmr2t1MHl4_bveCiFxRzxVkb7sdiBiAvw79EHST3_hpBpJReGXzJS4FLl-ZVT9xB0D8r3dl1izqmAcn77DOaKo3TF8BojqahP_b4EA_Mn9MeB7P4QGWdYuujjG5b5GPOjDtqLoZ90Cq067YBY2sYA7-kfiRvUeAFV5nC0T0fSMOLaoa7c3oOGl6mVmI6ymROjk1Cn-BdyNMlX33jcX4igem5E03S8RgHcHgWsHIvlOFIp1H7hBv4ER0jQ_DKkLh8qVvBvCJ9Ld5Cw5E90qUgAdBq7i8Eu6Cv157xPJ0fTXRqo-pg5ASodTlexiI6_tU0iXXjEia4PYw6xtcLIouB-lXfbXiD75lU8h7cd1fjNSweKVS9wxrVB6gOr1cgoe7d8BR4Jj49T0SPmznkmP6qUbhBcYfGM&lptoken=168c70a4097825cb55b6&c2=20434&c1=5x4ah5krl4j5d56c77s4kksso%2C16629540%2C5%2C20434
pragma: no-cache
set-cookie: bf0465cf-e980-478d-87f2-27d14b1b731e-v4=WMuVIl8AcwovxWyjP1gcrjQF6oEjS1m5DZnUFIWsyEc; Max-Age=86400; Expires=Sun, 04-Dec-2022 18:05:55 GMT; Domain=optiestrycended.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=H7da14bGPE29MdLW6Q67CIXXFl03lgY5WdjPo5FoANFTqfiBRe6FXVgs0pLvfS4X0206lNi9-KbQ8xVE_pV5V3WF-5TGkeTOFRvKHmgmi6Ju51aR5NXVmStPlaNQFyA8yFo5cvjWKrdzTGOE8wdj9TtpKOropufJQUfSjEqo-SP3AIVJtpslmh5ON4Sumf9hIxkKlrhH4ikFKsSd4qFgH5DvsMnoIOrROmg_tBllqZZig1bjG06yRupD9Lj4id4-mima7bC6Lqp0dSuXhattbOvF6HqLTt1aK3hOXvbrzPmM1spPt9_YSDT8oEGKU5URdTd1wbzZsMLNl08yDv4wF1BlS_wSlOKC36ZgUxamGX0AseqG5MuemtQtXZl0unSQs0olWE1oWUlPxDaCbxOrq2MJe-EjztzaRLaFJu4WC4D-4fju2N13CRX72yIszW8K; Max-Age=86400; Expires=Sun, 04-Dec-2022 18:05:55 GMT; Domain=optiestrycended.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5026
Cache-Control: max-age=145482
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:05:55 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:30:37 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=2KgjjopAYpLypykmrwp8sNb3PIe9UHPGtI0Fmr2t1MHl4_bveCiFxRzxVkb7sdiBiAvw79EHST3_hpBpJReGXzJS4FLl-ZVT9xB0D8r3dl1izqmAcn77DOaKo3TF8BojqahP_b4EA_Mn9MeB7P4QGWdYuujjG5b5GPOjDtqLoZ90Cq067YBY2sYA7-kfiRvUeAFV5nC0T0fSMOLaoa7c3oOGl6mVmI6ymROjk1Cn-BdyNMlX33jcX4igem5E03S8RgHcHgWsHIvlOFIp1H7hBv4ER0jQ_DKkLh8qVvBvCJ9Ld5Cw5E90qUgAdBq7i8Eu6Cv157xPJ0fTXRqo-pg5ASodTlexiI6_tU0iXXjEia4PYw6xtcLIouB-lXfbXiD75lU8h7cd1fjNSweKVS9wxrVB6gOr1cgoe7d8BR4Jj49T0SPmznkmP6qUbhBcYfGM&lptoken=168c70a4097825cb55b6&c2=20434&c1=5x4ah5krl4j5d56c77s4kksso%2C16629540%2C5%2C20434
69.16.175.42200 OK 3.8 kB URL HTTP/1.1 k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=2KgjjopAYpLypykmrwp8sNb3PIe9UHPGtI0Fmr2t1MHl4_bveCiFxRzxVkb7sdiBiAvw79EHST3_hpBpJReGXzJS4FLl-ZVT9xB0D8r3dl1izqmAcn77DOaKo3TF8BojqahP_b4EA_Mn9MeB7P4QGWdYuujjG5b5GPOjDtqLoZ90Cq067YBY2sYA7-kfiRvUeAFV5nC0T0fSMOLaoa7c3oOGl6mVmI6ymROjk1Cn-BdyNMlX33jcX4igem5E03S8RgHcHgWsHIvlOFIp1H7hBv4ER0jQ_DKkLh8qVvBvCJ9Ld5Cw5E90qUgAdBq7i8Eu6Cv157xPJ0fTXRqo-pg5ASodTlexiI6_tU0iXXjEia4PYw6xtcLIouB-lXfbXiD75lU8h7cd1fjNSweKVS9wxrVB6gOr1cgoe7d8BR4Jj49T0SPmznkmP6qUbhBcYfGM&lptoken=168c70a4097825cb55b6&c2=20434&c1=5x4ah5krl4j5d56c77s4kksso%2C16629540%2C5%2C20434
IP 69.16.175.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6949d24133f236df95cae698505e5364
fefb5cda8f6874621572e89cbcc3698d39572104
82f0b45e8a8123695600314163796276237bd0e1f11f712afa82a7afefe52992
GET /bing/search.html?cep=2KgjjopAYpLypykmrwp8sNb3PIe9UHPGtI0Fmr2t1MHl4_bveCiFxRzxVkb7sdiBiAvw79EHST3_hpBpJReGXzJS4FLl-ZVT9xB0D8r3dl1izqmAcn77DOaKo3TF8BojqahP_b4EA_Mn9MeB7P4QGWdYuujjG5b5GPOjDtqLoZ90Cq067YBY2sYA7-kfiRvUeAFV5nC0T0fSMOLaoa7c3oOGl6mVmI6ymROjk1Cn-BdyNMlX33jcX4igem5E03S8RgHcHgWsHIvlOFIp1H7hBv4ER0jQ_DKkLh8qVvBvCJ9Ld5Cw5E90qUgAdBq7i8Eu6Cv157xPJ0fTXRqo-pg5ASodTlexiI6_tU0iXXjEia4PYw6xtcLIouB-lXfbXiD75lU8h7cd1fjNSweKVS9wxrVB6gOr1cgoe7d8BR4Jj49T0SPmznkmP6qUbhBcYfGM&lptoken=168c70a4097825cb55b6&c2=20434&c1=5x4ah5krl4j5d56c77s4kksso%2C16629540%2C5%2C20434 HTTP/1.1
Host: k9j5t5p4.ssl.hwcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 18:05:55 GMT
Connection: Keep-Alive
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 3825
Content-Type: text/html
Last-Modified: Tue, 13 Sep 2022 07:52:04 GMT
Accept-Ranges: bytes
ETag: "353efcbbb0d9f329fcb72d951e78b0af"
Server: WasabiS3/7.7.900-2022-08-19-6bff245bcf (head04)
x-amz-id-2: 1Ej5xyfBqGmENCTJLfWzHu+TEyx/gDfpUdxMR62kNQYGsjcr2pzBRmOFZ997iklNgKIrpx1qXKAx
x-amz-request-id: BFB971400E16BED6
X-HW: 1670090755.dop013.sk1.t,1670090755.cds210.sk1.shn,1670090755.dop013.sk1.t,1670090755.cds231.sk1.c
Access-Control-Allow-Origin: *
k9j5t5p4.ssl.hwcdn.net/bing/blogo.png
69.16.175.42200 OK 7.7 kB URL HTTP/1.1 k9j5t5p4.ssl.hwcdn.net/bing/blogo.png
IP 69.16.175.42:0
File type PNG image data, 200 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash 0cf8d7eff944be4c1291e59790d6f38c
48a017b08bc2e90155f8f822d8833bbd16a8a8fa
f1f97ddb28a4925de8234dd9a91b0cd8d5e8d050e2a2f5993ecffc278e733c37
GET /bing/blogo.png HTTP/1.1
Host: k9j5t5p4.ssl.hwcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=2KgjjopAYpLypykmrwp8sNb3PIe9UHPGtI0Fmr2t1MHl4_bveCiFxRzxVkb7sdiBiAvw79EHST3_hpBpJReGXzJS4FLl-ZVT9xB0D8r3dl1izqmAcn77DOaKo3TF8BojqahP_b4EA_Mn9MeB7P4QGWdYuujjG5b5GPOjDtqLoZ90Cq067YBY2sYA7-kfiRvUeAFV5nC0T0fSMOLaoa7c3oOGl6mVmI6ymROjk1Cn-BdyNMlX33jcX4igem5E03S8RgHcHgWsHIvlOFIp1H7hBv4ER0jQ_DKkLh8qVvBvCJ9Ld5Cw5E90qUgAdBq7i8Eu6Cv157xPJ0fTXRqo-pg5ASodTlexiI6_tU0iXXjEia4PYw6xtcLIouB-lXfbXiD75lU8h7cd1fjNSweKVS9wxrVB6gOr1cgoe7d8BR4Jj49T0SPmznkmP6qUbhBcYfGM&lptoken=168c70a4097825cb55b6&c2=20434&c1=5x4ah5krl4j5d56c77s4kksso%2C16629540%2C5%2C20434
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 18:05:56 GMT
Connection: Keep-Alive
Cache-Control: max-age=31536000
Content-Length: 7676
Content-Type: image/png
Last-Modified: Mon, 12 Sep 2022 17:52:53 GMT
Accept-Ranges: bytes
ETag: "0cf8d7eff944be4c1291e59790d6f38c"
Server: WasabiS3/7.7.900-2022-08-19-6bff245bcf (head17)
x-amz-id-2: +nK8+QUPvy+bc6t3weGl8RMUqn9yqTLhZY5omr88YW5Cgbkpup07w9rSKxF9pAOPFMFKqRSq+JK1
x-amz-request-id: D8E3D71BEDAC8449
X-HW: 1670090755.dop013.sk1.t,1670090755.cds210.sk1.shn,1670090756.dop013.sk1.t,1670090756.cds233.sk1.c
Access-Control-Allow-Origin: *
push.services.mozilla.com/
35.83.91.138101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.91.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7fPbEYFMRfcTxW12g1/ASw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: N0UWHW4d7QFTMvpJdNcClmEsMsY=
k9j5t5p4.ssl.hwcdn.net/favicon.ico
69.16.175.42502 Bad Gateway 0 B URL HTTP/1.1 k9j5t5p4.ssl.hwcdn.net/favicon.ico
IP 69.16.175.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: k9j5t5p4.ssl.hwcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=2KgjjopAYpLypykmrwp8sNb3PIe9UHPGtI0Fmr2t1MHl4_bveCiFxRzxVkb7sdiBiAvw79EHST3_hpBpJReGXzJS4FLl-ZVT9xB0D8r3dl1izqmAcn77DOaKo3TF8BojqahP_b4EA_Mn9MeB7P4QGWdYuujjG5b5GPOjDtqLoZ90Cq067YBY2sYA7-kfiRvUeAFV5nC0T0fSMOLaoa7c3oOGl6mVmI6ymROjk1Cn-BdyNMlX33jcX4igem5E03S8RgHcHgWsHIvlOFIp1H7hBv4ER0jQ_DKkLh8qVvBvCJ9Ld5Cw5E90qUgAdBq7i8Eu6Cv157xPJ0fTXRqo-pg5ASodTlexiI6_tU0iXXjEia4PYw6xtcLIouB-lXfbXiD75lU8h7cd1fjNSweKVS9wxrVB6gOr1cgoe7d8BR4Jj49T0SPmznkmP6qUbhBcYfGM&lptoken=168c70a4097825cb55b6&c2=20434&c1=5x4ah5krl4j5d56c77s4kksso%2C16629540%2C5%2C20434
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 502 Bad Gateway
Date: Sat, 03 Dec 2022 18:05:56 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Cache-Control: max-age=10
Content-Length: 0
X-HW: 1670090755.dop013.sk1.t,1670090755.cds210.sk1.shn,1670090756.dop013.sk1.t,1670090756.cds216.sk1.p
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2865
Expires: Sat, 03 Dec 2022 18:53:42 GMT
Date: Sat, 03 Dec 2022 18:05:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2865
Expires: Sat, 03 Dec 2022 18:53:42 GMT
Date: Sat, 03 Dec 2022 18:05:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:39:04 GMT
age: 70013
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fcb89ca25035b2bbb71ae5dd175fcd40
544428cdad754b1bb7be3cd46a79bf078fd5b450
36dcbbe6cd2710ee502776b4bcf32053e92b750a55e2bd4cdeadbc694c7c2699
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: c824c317-e6e3-4006-9f9d-ea54e8170a4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cf2_tGErIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63896b97-7fc523296afea4dd4b5d1de8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 03:05:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tp50A9LYeT1RvSPImBUoQNKtarPryKb8Zacm_nxqDh-gegwdQov7Nw==
via: 1.1 40b967aa4aa18637c4b91214147f3cb4.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 03:50:52 GMT
age: 51305
etag: "544428cdad754b1bb7be3cd46a79bf078fd5b450"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ElvfdUly4Rb3YOQyMO2C_VelFUe6xcFbMh6x5fNrRzGjKCITdGSwLQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:47 GMT
age: 73690
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:54 GMT
age: 73683
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 06:00:50 GMT
age: 43507
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GBhAilKMKo9RvIzqzF9V4jTZbvpa2rPZeoy6Jy8fMc1-JO078OAYzQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:53:40 GMT
age: 43937
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12641da0f431.tc999linkz.com/?p=20434&wid=138711&wid_hmac=978555ea7a9d8539855760ee6ab9bb6c&click_id=58A6SKBVrLPiCGS1abcBY8&co=1&noback=1
94.237.99.118200 OK 0 B URL HTTP/2 12641da0f431.tc999linkz.com/?p=20434&wid=138711&wid_hmac=978555ea7a9d8539855760ee6ab9bb6c&click_id=58A6SKBVrLPiCGS1abcBY8&co=1&noback=1
IP 94.237.99.118:0
GET /?p=20434&wid=138711&wid_hmac=978555ea7a9d8539855760ee6ab9bb6c&click_id=58A6SKBVrLPiCGS1abcBY8&co=1&noback=1 HTTP/1.1
Host: 12641da0f431.tc999linkz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:05:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: rts-trck=1; expires=Sat, 03-Dec-2022 18:15:55 GMT; Max-Age=600; path=/; domain=12641da0f431.tc999linkz.com
t-uuid=5x4ah5krt2oct9t0hvqyocck0; expires=Fri, 03-Dec-2032 18:05:55 GMT; Max-Age=315619200; path=/; domain=.tc999linkz.com
rts-trck=1; expires=Sat, 03-Dec-2022 18:15:55 GMT; Max-Age=600; path=/; domain=12641da0f431.tc999linkz.com
traffic-back=ok; expires=Sat, 03-Dec-2022 18:06:25 GMT; Max-Age=30; path=/; domain=.tc999linkz.com
last-modified: Sat, 3 Dec 2022 18:05:55 GMT
expires: Sat, 3 Dec 2022 18:05:55 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow
content-encoding: gzip
X-Firefox-Spdy: h2