r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8057
Expires: Wed, 01 Feb 2023 04:25:54 GMT
Date: Wed, 01 Feb 2023 02:11:37 GMT
Connection: keep-alive
wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/
159.65.21.71200 OK 3.1 kB URL HTTP/2 wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/
IP 159.65.21.71:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (423), with CRLF line terminators
Hash 1186a237b32b249f7323b816e4d93b27
829042e0fac3e29605ebb4e15d7234a7c2296f86
5f60cee82a68561a9e1263c3dcf880d15eb9d0cfe7ff49564b2f85f83f43991d
Analyzer Verdict Alert openphish BNP Paribas
GET /BNPFRR/71317/ HTTP/1.1
Host: wordpress-931707-3233995.cloudwaysapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: text/html
content-length: 3107
last-modified: Tue, 31 Jan 2023 21:35:04 GMT
etag: "3514-5f3961adce6a3-gzip"
vary: Accept-Encoding
content-encoding: gzip
age: 2183
x-cache: HIT
accept-ranges: bytes
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17329
Expires: Wed, 01 Feb 2023 07:00:26 GMT
Date: Wed, 01 Feb 2023 02:11:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15653
Expires: Wed, 01 Feb 2023 06:32:30 GMT
Date: Wed, 01 Feb 2023 02:11:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 01:35:56 GMT
content-type: application/json
age: 2141
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: x5tib3/1Vp4jFZZT71cfvQDMjzScWRPHQ5Ukv2raC1ROMD+6IZ5kNrzdDxCKW923Gf1dfbTRPns=
x-amz-request-id: MPF4P7BTDK35YM50
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 01:51:23 GMT
age: 1214
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js
104.17.25.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (40808), with no line terminators
Hash cb97ae392c3fb56f4afc6d5f97da4237
38c35ad19fb9b7bacaff79840bef8638b6f52d85
cbff330b47a3850bdc0c1047256d98921de83c11cbdfcdfd42a61d9424b3021d
GET /ajax/libs/sweetalert/2.1.2/sweetalert.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wordpress-931707-3233995.cloudwaysapps.com
Connection: keep-alive
Referer: https://wordpress-931707-3233995.cloudwaysapps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 10494
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ff8-9f68"
last-modified: Mon, 04 May 2020 16:16:56 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 449096
expires: Mon, 22 Jan 2024 02:11:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aq3z5Cli5cY2dFSnVRHXBAT8HrOyL6VxFGSoCTmto9%2BaychOTCfcJKTUfNflcgBQablNwej4hatpgTeDNKlyB2Qkp0xsQrVdJe65csq8RdL9neKePDeixujGB8a8UhV0lyaeFJdq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 792728504840b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/images/logo.png
159.65.21.71200 OK 5.1 kB URL HTTP/2 wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/images/logo.png
IP 159.65.21.71:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 217 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e705e14698bf5b8aabcb8d26ac0316d
d47fd312ba212cf11b298bb55d546557d7d96f2f
310be02c30e9bdb846328d10d61d43013ccc26304439883f96544fc576c76a6c
GET /BNPFRR/71317/assets/images/logo.png HTTP/1.1
Host: wordpress-931707-3233995.cloudwaysapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: image/png
content-length: 5067
last-modified: Tue, 31 Jan 2023 21:35:04 GMT
etag: "63d98988-13cb"
x-robots-tag: noindex, nofollow
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/images/idea.png
159.65.21.71200 OK 828 B URL HTTP/2 wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/images/idea.png
IP 159.65.21.71:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 32 x 32, 8-bit gray+alpha, non-interlaced\012- data
Hash a21301e24158f74a1602e1649038d1d1
3fdbbaca374dcba5f705d585e566f1439a2537ef
06013cb735fdfe4d3deb97fda3710bd89d8b5e9570a5d9ca5d9a6ed8b61c7d55
GET /BNPFRR/71317/assets/images/idea.png HTTP/1.1
Host: wordpress-931707-3233995.cloudwaysapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: image/png
content-length: 828
last-modified: Tue, 31 Jan 2023 21:35:04 GMT
etag: "63d98988-33c"
x-robots-tag: noindex, nofollow
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/images/service.jpg
159.65.21.71200 OK 3.7 kB URL HTTP/2 wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/images/service.jpg
IP 159.65.21.71:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre Studio X, datetime=2019:10:16 00:19:07], baseline, precision 8, 175x34, components 3\012- data
Hash 1264575d9ef3dd2bb7243f03aa6079d3
1951d5baf221231682320ac90946035d83960eb0
895124676e79720d4e3286e86e82b1a703dd8cc27d38f9dfd26acc01a16cf09d
GET /BNPFRR/71317/assets/images/service.jpg HTTP/1.1
Host: wordpress-931707-3233995.cloudwaysapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: image/jpeg
content-length: 3745
last-modified: Tue, 31 Jan 2023 21:35:04 GMT
etag: "63d98988-ea1"
x-robots-tag: noindex, nofollow
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/sweetalert2@7.26.11/dist/sweetalert2.all.min.js
151.101.1.229200 OK 15 kB URL HTTP/2 cdn.jsdelivr.net/npm/sweetalert2@7.26.11/dist/sweetalert2.all.min.js
IP 151.101.1.229:0
File type Unicode text, UTF-8 text, with very long lines (34666)
Hash 4d09ebb6b98eea8864b0907f469b3915
0bd401bfe99c80a9675e3c60012cdb64a131197d
d5d777125e123cd311ceb283f7f9c6a9d16fc593a704e089e31f12aa3570a35e
GET /npm/sweetalert2@7.26.11/dist/sweetalert2.all.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wordpress-931707-3233995.cloudwaysapps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 7.26.11
x-jsd-version-type: version
etag: W/"f0e9-mwT0+YYEiqCevutFnxfidLvDzeY"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 01 Feb 2023 02:11:37 GMT
age: 1877057
x-served-by: cache-fra-eddf8230115-FRA, cache-bma1626-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14829
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash b5e8d694ca8300a925005be6ba00bdf7
1fecb8f37a5201748dbf72dc4a8ca1e4d40a97f7
f716bf5391d81f45e81f38ad00494006b135d5240ee263a59c022637ee49f2e3
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 02:11:37 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "7694FA14E5FE1EC9F4FB66DF07FD786369BB9C59"
Expires: Wed, 01 Feb 2023 13:00:00 GMT
Last-Modified: Wed, 01 Feb 2023 01:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1037
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79272851196eb521-OSL
wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/fonts/Dosis-Bold.woff
159.65.21.71200 OK 47 kB URL HTTP/2 wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/fonts/Dosis-Bold.woff
IP 159.65.21.71:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format, TrueType, length 47376, version 0.0\012- data
Hash 4abf620df273ff5fe4b8e2fb8974b384
57a5674f9597d27b31b4c58197e4f88f69e6607f
f8a0fe1123bb5d8a3f465045e852077b3e0560989e86e66f3640a9d85f5078ff
GET /BNPFRR/71317/assets/fonts/Dosis-Bold.woff HTTP/1.1
Host: wordpress-931707-3233995.cloudwaysapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/css/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: application/font-woff
content-length: 47376
last-modified: Tue, 31 Jan 2023 21:35:04 GMT
etag: "63d98988-b910"
x-robots-tag: noindex, nofollow
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 01:41:42 GMT
age: 1796
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19294
Expires: Wed, 01 Feb 2023 07:33:12 GMT
Date: Wed, 01 Feb 2023 02:11:38 GMT
Connection: keep-alive
push.services.mozilla.com/
35.162.98.11101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.98.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cN+uG3mwr5TcAZeEP+1bEw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CArV14X8/Go1Z6+X8rTGnSXh6do=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12601
Expires: Wed, 01 Feb 2023 05:41:40 GMT
Date: Wed, 01 Feb 2023 02:11:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12601
Expires: Wed, 01 Feb 2023 05:41:40 GMT
Date: Wed, 01 Feb 2023 02:11:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12601
Expires: Wed, 01 Feb 2023 05:41:40 GMT
Date: Wed, 01 Feb 2023 02:11:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4392f298c9e98515493f1235810838f
b89eebf2b8adac69487262100b07da8bc171ecf7
b368d87d3a0fe4e1a8ddc82bed704b3056ad2874b8d325111b399b18807c1e5e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15656
x-amzn-requestid: 6723d22f-8b16-4fb2-af92-9b3257fc2a1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIHpRoAMFRYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-03b1c6646f63ba716a6298e1;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI_26DHcHAlPCmTjye1fME6LZ-P77thSz8OXLtyxZS2613uv0SAH7Q==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 07:26:49 GMT
age: 67490
etag: "b89eebf2b8adac69487262100b07da8bc171ecf7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71bb87d4-a329-46af-946e-9b5edda7dddb.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71bb87d4-a329-46af-946e-9b5edda7dddb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2419bbbf287e620325438f5620183e32
257963245f14742bf9cd90e71ca748066d5495c3
47c7495be97a81189da17fc3abf430d1f4ecae95fdda30006cc462a4cea4c643
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71bb87d4-a329-46af-946e-9b5edda7dddb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7628
x-amzn-requestid: 29c70d62-ed3a-4c90-8f32-2dc0c1caf5e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcDSnG4RIAMF5eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4b276-0267c928110be13d26906bed;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 05:28:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: temaq_TJ35QzsVDLMotam8rNea4vwiE7Zo7i8wlqQJr0JIXdL1_Iww==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 20:27:56 GMT
age: 20623
etag: "257963245f14742bf9cd90e71ca748066d5495c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2998f7f50ac0eec931c348e8a0fb0c60
f5e411cda74cb7fb4a662f4787e9543b9749c8b5
0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 64EbarGrn6AIpXOE8TIfiBeGFQinx-P9lUIvmiQ1ivZgFrxl7_W4EQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 10:37:05 GMT
age: 56074
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XtqfgDxskGIUmZdRj2nrGDpo9KvECk528eLZV29xNx3h7CLOu49mnQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:19 GMT
age: 16160
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff881dee4-27ea-4970-91da-e85794176516.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff881dee4-27ea-4970-91da-e85794176516.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2caf8f791d29d1c03e383b08fe71b042
91254d0b2c68291701ba967f71e5319c8edd1d0a
354892b28eda2bcf225909a8f92b6ddb5be5d47c43445ae4243a59c80e10ef9e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff881dee4-27ea-4970-91da-e85794176516.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7876
x-amzn-requestid: 6c502e4a-ac64-48cc-8210-59225f5e9947
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foetOH7PoAMFynA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9ab21-539f36af56fde05121a0179a;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 23:58:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Doj1fDH3h-Nvtuw3BLgKgDzxStiR2jqWLrggw_3Z5bJCmJ7FUuSkpA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 00:28:18 GMT
age: 6201
etag: "91254d0b2c68291701ba967f71e5319c8edd1d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55af221f-e2a5-4ea0-ba8f-1f045ea1cbb7.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55af221f-e2a5-4ea0-ba8f-1f045ea1cbb7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d09523ece9b6da85a1a007c7e2abcb6
a637b08e2fbba31ef60103b2d9fd3c6f96d84b27
811bbd2e85b83dcaa8743a1d7e513fd76b81d4ced2b8aa99c62f9590f20e85a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55af221f-e2a5-4ea0-ba8f-1f045ea1cbb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8812
x-amzn-requestid: 8c568658-2708-4031-93ff-1654cc17a311
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foeeZGjKIAMFyUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9aac2-4587a6e43c1430ed03d0e69b;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 23:56:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ruezZVYkepU-yrFId_e_dATOHRg8DyX0deLtm7CXt8vvL4cx0QtgNw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 00:13:02 GMT
etag: "a637b08e2fbba31ef60103b2d9fd3c6f96d84b27"
content-type: image/jpeg
age: 7117
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/images/favicon.ico
159.65.21.71200 OK 0 B URL HTTP/2 wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/images/favicon.ico
IP 159.65.21.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /BNPFRR/71317/assets/images/favicon.ico HTTP/1.1
Host: wordpress-931707-3233995.cloudwaysapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: image/x-icon
last-modified: Tue, 31 Jan 2023 21:35:04 GMT
vary: Accept-Encoding
etag: W/"63d98988-6b6"
x-robots-tag: noindex, nofollow
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/css/bootstrap.min.css
159.65.21.71200 OK 0 B URL HTTP/2 wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/css/bootstrap.min.css
IP 159.65.21.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /BNPFRR/71317/assets/css/bootstrap.min.css HTTP/1.1
Host: wordpress-931707-3233995.cloudwaysapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: text/css
last-modified: Tue, 31 Jan 2023 21:35:04 GMT
vary: Accept-Encoding
etag: W/"63d98988-2606e"
x-robots-tag: noindex, nofollow
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/css/helpers.css
159.65.21.71200 OK 0 B URL HTTP/2 wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/css/helpers.css
IP 159.65.21.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /BNPFRR/71317/assets/css/helpers.css HTTP/1.1
Host: wordpress-931707-3233995.cloudwaysapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: text/css
last-modified: Tue, 31 Jan 2023 21:35:04 GMT
vary: Accept-Encoding
etag: W/"63d98988-a318"
x-robots-tag: noindex, nofollow
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/css/main.css
159.65.21.71200 OK 0 B URL HTTP/2 wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/css/main.css
IP 159.65.21.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /BNPFRR/71317/assets/css/main.css HTTP/1.1
Host: wordpress-931707-3233995.cloudwaysapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: text/css
last-modified: Tue, 31 Jan 2023 21:35:04 GMT
vary: Accept-Encoding
etag: W/"63d98988-2760"
x-robots-tag: noindex, nofollow
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/css/spinner.css
159.65.21.71200 OK 0 B URL HTTP/2 wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/css/spinner.css
IP 159.65.21.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /BNPFRR/71317/assets/css/spinner.css HTTP/1.1
Host: wordpress-931707-3233995.cloudwaysapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: text/css
last-modified: Tue, 31 Jan 2023 21:35:04 GMT
vary: Accept-Encoding
etag: W/"63d98988-317"
x-robots-tag: noindex, nofollow
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/js/fontawesome.min.js
159.65.21.71200 OK 0 B URL HTTP/2 wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/js/fontawesome.min.js
IP 159.65.21.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /BNPFRR/71317/assets/js/fontawesome.min.js HTTP/1.1
Host: wordpress-931707-3233995.cloudwaysapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 21:35:04 GMT
vary: Accept-Encoding
etag: W/"63d98988-10314e"
x-robots-tag: noindex, nofollow
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/js/main.js
159.65.21.71200 OK 0 B URL HTTP/2 wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/js/main.js
IP 159.65.21.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /BNPFRR/71317/assets/js/main.js HTTP/1.1
Host: wordpress-931707-3233995.cloudwaysapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 21:35:04 GMT
vary: Accept-Encoding
etag: W/"63d98988-c97"
x-robots-tag: noindex, nofollow
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/common/log.js
159.65.21.71200 OK 0 B URL HTTP/2 wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/common/log.js
IP 159.65.21.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /BNPFRR/71317/common/log.js HTTP/1.1
Host: wordpress-931707-3233995.cloudwaysapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 21:35:04 GMT
vary: Accept-Encoding
etag: W/"63d98988-3e9"
x-robots-tag: noindex, nofollow
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/css/fonts.css
159.65.21.71200 OK 0 B URL HTTP/2 wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/css/fonts.css
IP 159.65.21.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /BNPFRR/71317/assets/css/fonts.css HTTP/1.1
Host: wordpress-931707-3233995.cloudwaysapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: text/css
last-modified: Tue, 31 Jan 2023 21:35:04 GMT
vary: Accept-Encoding
etag: W/"63d98988-e92"
x-robots-tag: noindex, nofollow
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/js/jquery.min.js
159.65.21.71200 OK 0 B URL HTTP/2 wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/js/jquery.min.js
IP 159.65.21.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /BNPFRR/71317/assets/js/jquery.min.js HTTP/1.1
Host: wordpress-931707-3233995.cloudwaysapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 21:35:04 GMT
vary: Accept-Encoding
etag: W/"63d98988-15851"
x-robots-tag: noindex, nofollow
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/js/popper.min.js
159.65.21.71200 OK 0 B URL HTTP/2 wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/js/popper.min.js
IP 159.65.21.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /BNPFRR/71317/assets/js/popper.min.js HTTP/1.1
Host: wordpress-931707-3233995.cloudwaysapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 21:35:04 GMT
vary: Accept-Encoding
etag: W/"63d98988-4f74"
x-robots-tag: noindex, nofollow
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/js/bootstrap.min.js
159.65.21.71200 OK 0 B URL HTTP/2 wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/assets/js/bootstrap.min.js
IP 159.65.21.71:0
ASN #14061 DIGITALOCEAN-ASN
GET /BNPFRR/71317/assets/js/bootstrap.min.js HTTP/1.1
Host: wordpress-931707-3233995.cloudwaysapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wordpress-931707-3233995.cloudwaysapps.com/BNPFRR/71317/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 02:11:37 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 21:35:04 GMT
vary: Accept-Encoding
etag: W/"63d98988-e354"
x-robots-tag: noindex, nofollow
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2