| happy-mobi.net/2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/?campaign_name=ET%20PPV%20R%20BL-m%20ETLK%202sp&lander_name=Gg%20et/gg9335game/age21-btn-p-amh-mc-2sp/&clickid=w1n34nc68rdqepskidkg0kfu&source=5f8261e8-8bcc-4a3b-98c1-46af3fca21cd&cep=Nnb9_tXAoEWsGqbDAR29tK8zjxdn2JBVQx0zIhJ-o4KIdzlPqbsMKB4TDYVU5g7Gj4xlKyajtTpu6VepoTVF9VvvuErepwV0AqG2a0CmMck2KljSbRCOusQCVa3lPAeDM_o3aW7IQUDVwSb05_2q7wpmHB2nOL5LTRmJ-i2j2xpbsWEkw4bNbZJaVG-ZOQzoT1FKilG_mHMjuJCzUlS6sdCVjNUfgBjEeHmqDY5nI9dssqtqIx6a2sgzMGD8Ive6Iba1ZHZXlJInC9quL1Pk4P69ER9YMZk5fmkGaf1EVoWqdG2W-cARX7ee0RtQJnWrhpfalGrVFnsd_fFsZfboLK-msQMrA2dkNuCfMOO6peMdy42q1mMwvp3vVYtkQ2RDB0Isk8Yy2l9MTFwH6SWlSg&lptoken=16bf698c976b44af241f | 54.230.111.70 | 301 Moved Permanently | 167 B |
URL HTTP/1.1happy-mobi.net/2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/?campaign_name=ET%20PPV%20R%20BL-m%20ETLK%202sp&lander_name=Gg%20et/gg9335game/age21-btn-p-amh-mc-2sp/&clickid=w1n34nc68rdqepskidkg0kfu&source=5f8261e8-8bcc-4a3b-98c1-46af3fca21cd&cep=Nnb9_tXAoEWsGqbDAR29tK8zjxdn2JBVQx0zIhJ-o4KIdzlPqbsMKB4TDYVU5g7Gj4xlKyajtTpu6VepoTVF9VvvuErepwV0AqG2a0CmMck2KljSbRCOusQCVa3lPAeDM_o3aW7IQUDVwSb05_2q7wpmHB2nOL5LTRmJ-i2j2xpbsWEkw4bNbZJaVG-ZOQzoT1FKilG_mHMjuJCzUlS6sdCVjNUfgBjEeHmqDY5nI9dssqtqIx6a2sgzMGD8Ive6Iba1ZHZXlJInC9quL1Pk4P69ER9YMZk5fmkGaf1EVoWqdG2W-cARX7ee0RtQJnWrhpfalGrVFnsd_fFsZfboLK-msQMrA2dkNuCfMOO6peMdy42q1mMwvp3vVYtkQ2RDB0Isk8Yy2l9MTFwH6SWlSg&lptoken=16bf698c976b44af241f IP54.230.111.70:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hashf5d40b7259645010f9a248858ad14178 b3051d17a6ec8c9e166bf09a62b48261ab86957b 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/?campaign_name=ET%20PPV%20R%20BL-m%20ETLK%202sp&lander_name=Gg%20et/gg9335game/age21-btn-p-amh-mc-2sp/&clickid=w1n34nc68rdqepskidkg0kfu&source=5f8261e8-8bcc-4a3b-98c1-46af3fca21cd&cep=Nnb9_tXAoEWsGqbDAR29tK8zjxdn2JBVQx0zIhJ-o4KIdzlPqbsMKB4TDYVU5g7Gj4xlKyajtTpu6VepoTVF9VvvuErepwV0AqG2a0CmMck2KljSbRCOusQCVa3lPAeDM_o3aW7IQUDVwSb05_2q7wpmHB2nOL5LTRmJ-i2j2xpbsWEkw4bNbZJaVG-ZOQzoT1FKilG_mHMjuJCzUlS6sdCVjNUfgBjEeHmqDY5nI9dssqtqIx6a2sgzMGD8Ive6Iba1ZHZXlJInC9quL1Pk4P69ER9YMZk5fmkGaf1EVoWqdG2W-cARX7ee0RtQJnWrhpfalGrVFnsd_fFsZfboLK-msQMrA2dkNuCfMOO6peMdy42q1mMwvp3vVYtkQ2RDB0Isk8Yy2l9MTFwH6SWlSg&lptoken=16bf698c976b44af241f HTTP/1.1
Host: happy-mobi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 02 Dec 2022 09:17:13 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://happy-mobi.net/2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/?campaign_name=ET%20PPV%20R%20BL-m%20ETLK%202sp&lander_name=Gg%20et/gg9335game/age21-btn-p-amh-mc-2sp/&clickid=w1n34nc68rdqepskidkg0kfu&source=5f8261e8-8bcc-4a3b-98c1-46af3fca21cd&cep=Nnb9_tXAoEWsGqbDAR29tK8zjxdn2JBVQx0zIhJ-o4KIdzlPqbsMKB4TDYVU5g7Gj4xlKyajtTpu6VepoTVF9VvvuErepwV0AqG2a0CmMck2KljSbRCOusQCVa3lPAeDM_o3aW7IQUDVwSb05_2q7wpmHB2nOL5LTRmJ-i2j2xpbsWEkw4bNbZJaVG-ZOQzoT1FKilG_mHMjuJCzUlS6sdCVjNUfgBjEeHmqDY5nI9dssqtqIx6a2sgzMGD8Ive6Iba1ZHZXlJInC9quL1Pk4P69ER9YMZk5fmkGaf1EVoWqdG2W-cARX7ee0RtQJnWrhpfalGrVFnsd_fFsZfboLK-msQMrA2dkNuCfMOO6peMdy42q1mMwvp3vVYtkQ2RDB0Isk8Yy2l9MTFwH6SWlSg&lptoken=16bf698c976b44af241f
X-Cache: Redirect from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zWHKrApN_Pte24FN3JwJyAhgPeWZ7xEfAbR82YfRDZgrWHbZMXwttA==
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash3bbb845b153026fc5332dd4506585b57 3cad200fac28fd00f34ce6ef79373e661e188743 6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16485
Expires: Fri, 02 Dec 2022 13:51:58 GMT
Date: Fri, 02 Dec 2022 09:17:13 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash0c748388899e8a8d3680355da2ea5020 903c620cd137613daafb0da0508c37b2f4a67212 39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5709
Cache-Control: max-age=96548
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:17:13 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 12:06:21 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash55b4c61a1e99001307750e3647fe1102 7559f9f6770b7d3f45b723167062096312641e08 39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2262
Expires: Fri, 02 Dec 2022 09:54:55 GMT
Date: Fri, 02 Dec 2022 09:17:13 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 08:18:11 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3543
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Wi2uzNK3QXMIxisfE7resMjMtkuqPifLSKiXxwwi0ZZ/4GcvUQ3uMEh1rP5GMV/Wfhc7JOxAXnc=
x-amz-request-id: KJDP7NMTCV4DDPW1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 08:46:03 GMT
age: 1871
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:17:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.r2m02.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m02.amazontrust.com/ IP54.230.80.227:0
Hash5499e81e2c666bc49bf95c6503d3b971 649d4f624d8dc00a0f1aad24bd84b62a9e9f0a69 927961c42ffcf77f2ddbb8eb8e0ed2b7b5580dfe352dbbdab0abd000e6e39086
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=137638
Date: Fri, 02 Dec 2022 09:17:14 GMT
Etag: "63893940-1d7"
Expires: Sat, 03 Dec 2022 23:31:12 GMT
Last-Modified: Thu, 01 Dec 2022 23:31:12 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IyKYNPpe5pUYWQfre57rm4lGFcuSVTEVWOBiDsSwUsCyyKbOXdo7jQ==
|
|
| happy-mobi.net/2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/loading2.gif | 54.230.111.98 | 200 OK | 37 kB |
URL HTTP/2happy-mobi.net/2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/loading2.gif IP54.230.111.98:0
File typeGIF image data, version 89a, 70 x 70\012- data Hashc26c3f849a5b578ed5494ade3dfb6837 add1f2224f425c034f040973e83edd798f0727a9 3dfebea695e74f95113339686c6167ecd8e05afb20d69e3fd74d2acc8689e39b
GET /2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/loading2.gif HTTP/1.1
Host: happy-mobi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://happy-mobi.net/2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/?campaign_name=ET%20PPV%20R%20BL-m%20ETLK%202sp&lander_name=Gg%20et/gg9335game/age21-btn-p-amh-mc-2sp/&clickid=w1n34nc68rdqepskidkg0kfu&source=5f8261e8-8bcc-4a3b-98c1-46af3fca21cd&cep=Nnb9_tXAoEWsGqbDAR29tK8zjxdn2JBVQx0zIhJ-o4KIdzlPqbsMKB4TDYVU5g7Gj4xlKyajtTpu6VepoTVF9VvvuErepwV0AqG2a0CmMck2KljSbRCOusQCVa3lPAeDM_o3aW7IQUDVwSb05_2q7wpmHB2nOL5LTRmJ-i2j2xpbsWEkw4bNbZJaVG-ZOQzoT1FKilG_mHMjuJCzUlS6sdCVjNUfgBjEeHmqDY5nI9dssqtqIx6a2sgzMGD8Ive6Iba1ZHZXlJInC9quL1Pk4P69ER9YMZk5fmkGaf1EVoWqdG2W-cARX7ee0RtQJnWrhpfalGrVFnsd_fFsZfboLK-msQMrA2dkNuCfMOO6peMdy42q1mMwvp3vVYtkQ2RDB0Isk8Yy2l9MTFwH6SWlSg&lptoken=16bf698c976b44af241f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 37009
server: nginx/1.20.0
last-modified: Sat, 12 Mar 2016 19:28:38 GMT
accept-ranges: bytes
date: Fri, 02 Dec 2022 09:17:08 GMT
etag: "56e46de6-9091"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: w0CvTg3s9Ry9l2SEMAPiHFnp-ZRmWZ7tSdR8mGsU16E9xQj3S6eljA==
age: 45310
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash1f88399f3fdd89dbb9ca1229cb67143a 325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3 831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5762
Cache-Control: max-age=91537
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:17:14 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:42:51 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 09:11:15 GMT
cache-control: public,max-age=3600
age: 359
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe431235b16f05264a0dd915e95020df6 aff1a144016c066756c69dae0b0f6df6c06faead 140cee0562bb6f398ac337b63a48efa620d9a9fa1529c0cc3e8157e50483a90b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "140CEE0562BB6F398AC337B63A48EFA620D9A9FA1529C0CC3E8157E50483A90B"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21557
Expires: Fri, 02 Dec 2022 15:16:31 GMT
Date: Fri, 02 Dec 2022 09:17:14 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 52.24.78.9 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.24.78.9:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Cade5DMl3ZuVIVoINaoQ5Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yWU0Omg8RNWkDI8VCq5EZ13+/1Q=
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashecab83d593cc540b02689be5be7abc8a 81cda579b7b9b22332b85266b0126585f3d3f73f d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14948
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 09:17:16 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashecab83d593cc540b02689be5be7abc8a 81cda579b7b9b22332b85266b0126585f3d3f73f d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14948
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 09:17:16 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashecab83d593cc540b02689be5be7abc8a 81cda579b7b9b22332b85266b0126585f3d3f73f d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14948
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 09:17:16 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashecab83d593cc540b02689be5be7abc8a 81cda579b7b9b22332b85266b0126585f3d3f73f d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14948
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 09:17:16 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashecab83d593cc540b02689be5be7abc8a 81cda579b7b9b22332b85266b0126585f3d3f73f d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14948
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 09:17:16 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg | 34.120.237.76 | 200 OK | 2.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb47431190f34eccf0a6efb98e2a32b7d 9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704 08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 42149
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg | 34.120.237.76 | 200 OK | 7.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash498ab4412ed5cf977bc23e4e870894b0 23753fe8af09ec8ffa10eed4d201a71833885c99 036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 17nFm7AQdmRYS_af-EJ4XBVw8l3YudcphlpcZMveuVjvjhhYdkAQsw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:33:10 GMT
age: 38646
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png | 34.120.237.76 | 200 OK | 16 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash82ea44d6cb116fb1f5752ce9bb87e345 f799dfd89a4f5a452dc837b8616549f578fb4184 e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15495
x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDIFxzIAMFzEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nwKxQKsw8g5zCzfMFu_XpOac5rhImez29TKrycGJzozZyHTzoCHASw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:20:06 GMT
age: 39430
etag: "f799dfd89a4f5a452dc837b8616549f578fb4184"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4c7113338bc3310b13d23ca415c177e2 2cb4edc6b161c6d2d5b47aa498ae54e677966466 3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10270
x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfG1nEvYoAMFliA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NQ21d2_5JO2Ym-LEnDecub9bK6wUyvM2zUf_XpfMGag83fVWlMjT8w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:09 GMT
age: 41227
etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp | 34.120.237.76 | 200 OK | 7.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd147ccb10bda82b153a596c3c967cd6a ffd0763f997e71a8c1458523fc17cafe8849dfdf 1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:08:56 GMT
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
content-type: image/jpeg
age: 40100
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg | 34.120.237.76 | 200 OK | 6.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb986f9fcbeca91ed5c8d58fbfaf47d19 6e6c8bd2bce144cc4da1cd7be375b046b60dca79 07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 00:54:54 GMT
age: 30142
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| happy-mobi.net/2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/jquery-3.6.0.min.js | 54.230.111.98 | 200 OK | 0 B |
URL HTTP/2happy-mobi.net/2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/jquery-3.6.0.min.js IP54.230.111.98:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/jquery-3.6.0.min.js HTTP/1.1
Host: happy-mobi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://happy-mobi.net/2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/?campaign_name=ET%20PPV%20R%20BL-m%20ETLK%202sp&lander_name=Gg%20et/gg9335game/age21-btn-p-amh-mc-2sp/&clickid=w1n34nc68rdqepskidkg0kfu&source=5f8261e8-8bcc-4a3b-98c1-46af3fca21cd&cep=Nnb9_tXAoEWsGqbDAR29tK8zjxdn2JBVQx0zIhJ-o4KIdzlPqbsMKB4TDYVU5g7Gj4xlKyajtTpu6VepoTVF9VvvuErepwV0AqG2a0CmMck2KljSbRCOusQCVa3lPAeDM_o3aW7IQUDVwSb05_2q7wpmHB2nOL5LTRmJ-i2j2xpbsWEkw4bNbZJaVG-ZOQzoT1FKilG_mHMjuJCzUlS6sdCVjNUfgBjEeHmqDY5nI9dssqtqIx6a2sgzMGD8Ive6Iba1ZHZXlJInC9quL1Pk4P69ER9YMZk5fmkGaf1EVoWqdG2W-cARX7ee0RtQJnWrhpfalGrVFnsd_fFsZfboLK-msQMrA2dkNuCfMOO6peMdy42q1mMwvp3vVYtkQ2RDB0Isk8Yy2l9MTFwH6SWlSg&lptoken=16bf698c976b44af241f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 01 Dec 2022 16:19:59 GMT
server: nginx/1.20.0
last-modified: Thu, 06 Jan 2022 15:49:08 GMT
etag: W/"61d70f74-15d9d"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RZkvJ35Bc-vXOtDkvZ-ddWLc7OxPW64BmY50A-lDztFQR5oP0qyBYQ==
age: 61035
X-Firefox-Spdy: h2
|
|
| happy-mobi.net/2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/js-2rs.js | 54.230.111.98 | 200 OK | 0 B |
URL HTTP/2happy-mobi.net/2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/js-2rs.js IP54.230.111.98:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/js-2rs.js HTTP/1.1
Host: happy-mobi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://happy-mobi.net/2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/?campaign_name=ET%20PPV%20R%20BL-m%20ETLK%202sp&lander_name=Gg%20et/gg9335game/age21-btn-p-amh-mc-2sp/&clickid=w1n34nc68rdqepskidkg0kfu&source=5f8261e8-8bcc-4a3b-98c1-46af3fca21cd&cep=Nnb9_tXAoEWsGqbDAR29tK8zjxdn2JBVQx0zIhJ-o4KIdzlPqbsMKB4TDYVU5g7Gj4xlKyajtTpu6VepoTVF9VvvuErepwV0AqG2a0CmMck2KljSbRCOusQCVa3lPAeDM_o3aW7IQUDVwSb05_2q7wpmHB2nOL5LTRmJ-i2j2xpbsWEkw4bNbZJaVG-ZOQzoT1FKilG_mHMjuJCzUlS6sdCVjNUfgBjEeHmqDY5nI9dssqtqIx6a2sgzMGD8Ive6Iba1ZHZXlJInC9quL1Pk4P69ER9YMZk5fmkGaf1EVoWqdG2W-cARX7ee0RtQJnWrhpfalGrVFnsd_fFsZfboLK-msQMrA2dkNuCfMOO6peMdy42q1mMwvp3vVYtkQ2RDB0Isk8Yy2l9MTFwH6SWlSg&lptoken=16bf698c976b44af241f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 01 Dec 2022 17:18:10 GMT
server: nginx/1.20.0
last-modified: Sun, 25 Sep 2022 14:58:46 GMT
etag: W/"63306ca6-910"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rPT28rlaxbAveMG1CiWonUfRtCVhP2Www6csomJMSfJqUJKC8TShJg==
age: 57544
X-Firefox-Spdy: h2
|
|
| deefauph.com/pfe/current/micro.tag.min.js?z=5101589&ymid=w1n34nc68rdqepskidkg0kfu&var=5f8261e8-8bcc-4a3b-98c1-46af3fca21cd&sw=/sw-check-permissions-4e1e4.js | 139.45.197.251 | 200 OK | 0 B |
URL HTTP/2deefauph.com/pfe/current/micro.tag.min.js?z=5101589&ymid=w1n34nc68rdqepskidkg0kfu&var=5f8261e8-8bcc-4a3b-98c1-46af3fca21cd&sw=/sw-check-permissions-4e1e4.js IP139.45.197.251:0
GET /pfe/current/micro.tag.min.js?z=5101589&ymid=w1n34nc68rdqepskidkg0kfu&var=5f8261e8-8bcc-4a3b-98c1-46af3fca21cd&sw=/sw-check-permissions-4e1e4.js HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://happy-mobi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:17:14 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-9a87"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| happy-mobi.net/2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/?campaign_name=ET%20PPV%20R%20BL-m%20ETLK%202sp&lander_name=Gg%20et/gg9335game/age21-btn-p-amh-mc-2sp/&clickid=w1n34nc68rdqepskidkg0kfu&source=5f8261e8-8bcc-4a3b-98c1-46af3fca21cd&cep=Nnb9_tXAoEWsGqbDAR29tK8zjxdn2JBVQx0zIhJ-o4KIdzlPqbsMKB4TDYVU5g7Gj4xlKyajtTpu6VepoTVF9VvvuErepwV0AqG2a0CmMck2KljSbRCOusQCVa3lPAeDM_o3aW7IQUDVwSb05_2q7wpmHB2nOL5LTRmJ-i2j2xpbsWEkw4bNbZJaVG-ZOQzoT1FKilG_mHMjuJCzUlS6sdCVjNUfgBjEeHmqDY5nI9dssqtqIx6a2sgzMGD8Ive6Iba1ZHZXlJInC9quL1Pk4P69ER9YMZk5fmkGaf1EVoWqdG2W-cARX7ee0RtQJnWrhpfalGrVFnsd_fFsZfboLK-msQMrA2dkNuCfMOO6peMdy42q1mMwvp3vVYtkQ2RDB0Isk8Yy2l9MTFwH6SWlSg&lptoken=16bf698c976b44af241f | 54.230.111.98 | 200 OK | 0 B |
URL HTTP/2happy-mobi.net/2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/?campaign_name=ET%20PPV%20R%20BL-m%20ETLK%202sp&lander_name=Gg%20et/gg9335game/age21-btn-p-amh-mc-2sp/&clickid=w1n34nc68rdqepskidkg0kfu&source=5f8261e8-8bcc-4a3b-98c1-46af3fca21cd&cep=Nnb9_tXAoEWsGqbDAR29tK8zjxdn2JBVQx0zIhJ-o4KIdzlPqbsMKB4TDYVU5g7Gj4xlKyajtTpu6VepoTVF9VvvuErepwV0AqG2a0CmMck2KljSbRCOusQCVa3lPAeDM_o3aW7IQUDVwSb05_2q7wpmHB2nOL5LTRmJ-i2j2xpbsWEkw4bNbZJaVG-ZOQzoT1FKilG_mHMjuJCzUlS6sdCVjNUfgBjEeHmqDY5nI9dssqtqIx6a2sgzMGD8Ive6Iba1ZHZXlJInC9quL1Pk4P69ER9YMZk5fmkGaf1EVoWqdG2W-cARX7ee0RtQJnWrhpfalGrVFnsd_fFsZfboLK-msQMrA2dkNuCfMOO6peMdy42q1mMwvp3vVYtkQ2RDB0Isk8Yy2l9MTFwH6SWlSg&lptoken=16bf698c976b44af241f IP54.230.111.98:0
GET /2sp/mob/et/gg9335game/age21-btn-p-amh-mc-2sp/?campaign_name=ET%20PPV%20R%20BL-m%20ETLK%202sp&lander_name=Gg%20et/gg9335game/age21-btn-p-amh-mc-2sp/&clickid=w1n34nc68rdqepskidkg0kfu&source=5f8261e8-8bcc-4a3b-98c1-46af3fca21cd&cep=Nnb9_tXAoEWsGqbDAR29tK8zjxdn2JBVQx0zIhJ-o4KIdzlPqbsMKB4TDYVU5g7Gj4xlKyajtTpu6VepoTVF9VvvuErepwV0AqG2a0CmMck2KljSbRCOusQCVa3lPAeDM_o3aW7IQUDVwSb05_2q7wpmHB2nOL5LTRmJ-i2j2xpbsWEkw4bNbZJaVG-ZOQzoT1FKilG_mHMjuJCzUlS6sdCVjNUfgBjEeHmqDY5nI9dssqtqIx6a2sgzMGD8Ive6Iba1ZHZXlJInC9quL1Pk4P69ER9YMZk5fmkGaf1EVoWqdG2W-cARX7ee0RtQJnWrhpfalGrVFnsd_fFsZfboLK-msQMrA2dkNuCfMOO6peMdy42q1mMwvp3vVYtkQ2RDB0Isk8Yy2l9MTFwH6SWlSg&lptoken=16bf698c976b44af241f HTTP/1.1
Host: happy-mobi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
date: Fri, 02 Dec 2022 01:25:21 GMT
server: nginx/1.20.0
last-modified: Thu, 27 Oct 2022 15:45:14 GMT
etag: W/"635aa78a-332c"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8K79oezRHg0cX3oewzrnqMKd_AxYIFGVMsvPOI3mQteXect4VSBmBw==
age: 28313
X-Firefox-Spdy: h2
|
|