r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eb76c0b3adf4098ad8a9d1e38250758f
99610ddb2b4ec6d04250ac244f966951695d4f00
01ed8c191c175471aee23cbc196d558e5bf5209f166806fc97db08eb06544bab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01ED8C191C175471AEE23CBC196D558E5BF5209F166806FC97DB08EB06544BAB"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6633
Expires: Tue, 22 Nov 2022 00:28:47 GMT
Date: Mon, 21 Nov 2022 22:38:14 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4843de3bf95411e6aa89834def44bb86
1f1882351ac63fba73a22014382f69df5e02ec96
1e6ed1df02f8fa6c89ddca66f7c9981f8a06127d7ec90b503703137e823bb4b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5550
Cache-Control: max-age=134733
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 22:38:14 GMT
Etag: "637b5375-1d7"
Expires: Wed, 23 Nov 2022 12:03:47 GMT
Last-Modified: Mon, 21 Nov 2022 10:31:17 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 21 Nov 2022 22:09:17 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1737
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8a6c553d89cb6fd1de4787fee2a0e0dc
b974e022ea8675c0a09f58864cc99df05b5b1241
a62ecedcb0953814f982237818a3d902fdca501f82b675629d28b5d476e0fbfa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A62ECEDCB0953814F982237818A3D902FDCA501F82B675629D28B5D476E0FBFA"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6320
Expires: Tue, 22 Nov 2022 00:23:34 GMT
Date: Mon, 21 Nov 2022 22:38:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Wk0dH97limqYz/WpUBZF6dK1NsUM9lZ8cK0wyBqDHw6kuL3Nr135dby1L0JS7db/+/MGJq2Q1zk=
x-amz-request-id: SE3ZQE874ZVGG0C6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 21 Nov 2022 21:42:16 GMT
age: 3358
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 22:38:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 21 Nov 2022 22:08:47 GMT
cache-control: public,max-age=3600
age: 1768
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2db0ebb9efcf3be3c92f23b61de5c065
dd830565723f18a7944c26d24b0fb142d06a71a5
8615316184c4d1d64db923a5364363bbb3d25e146a042c5fbd5bf0cfcec8effb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3814
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 22:38:15 GMT
Last-Modified: Mon, 21 Nov 2022 21:34:41 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
idmsa-accountapp1e.buyanacreage.com/?mvc5o1bgzh59kuz=
44.233.243.30200 OK 188 B URL HTTP/1.1 idmsa-accountapp1e.buyanacreage.com/?mvc5o1bgzh59kuz=
IP 44.233.243.30:0
File type HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 5ff9d3e932c59930755ef025e64d3678
0f29a4304b8353e60d6258f8dea9c4547dfbb78a
06cfd02613b24fa2fc633eb1360fc57389fef11659f648e264fbeafb94a201c1
GET /?mvc5o1bgzh59kuz= HTTP/1.1
Host: idmsa-accountapp1e.buyanacreage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: PHPSESSID=c26ad7ea0f976a76f83f3e5613facfcf; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 188
content-encoding: gzip
date: Mon, 21 Nov 2022 22:38:15 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
push.services.mozilla.com/
44.228.207.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.228.207.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DMtlaIFiVTJD9xVrWU22hg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6QlMCPS/EQ10YFoyfM0Z+ZyiXU8=
idmsa-accountapp1e.buyanacreage.com/account/?view=login&appIdKey=a964943ec38174485605bc03696206a4240738ba7704bf751790251&country=NO
44.233.243.30200 OK 2.8 kB URL HTTP/1.1 idmsa-accountapp1e.buyanacreage.com/account/?view=login&appIdKey=a964943ec38174485605bc03696206a4240738ba7704bf751790251&country=NO
IP 44.233.243.30:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (330)
Hash f5a882df0c296b4d2477cd27522fa1cd
d378e953b34d6a741dd103a53fb189db63d9a3b4
1c3d9f1cf696d67e8abfeea2212b7241d4bde7bf8ec4b6444bca430f26355f83
GET /account/?view=login&appIdKey=a964943ec38174485605bc03696206a4240738ba7704bf751790251&country=NO HTTP/1.1
Host: idmsa-accountapp1e.buyanacreage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idmsa-accountapp1e.buyanacreage.com/?mvc5o1bgzh59kuz=
Cookie: PHPSESSID=c26ad7ea0f976a76f83f3e5613facfcf
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 2803
content-encoding: gzip
date: Mon, 21 Nov 2022 22:38:16 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
idmsa-accountapp1e.buyanacreage.com/assets/css/modal.css
44.233.243.30200 OK 2.9 kB URL HTTP/1.1 idmsa-accountapp1e.buyanacreage.com/assets/css/modal.css
IP 44.233.243.30:0
File type ASCII text, with very long lines (17803), with no line terminators
Hash a7f19133c80fb7fb9c695c10ff93e01c
63292453965e26f5020eff45871d7766010069c9
7808c75338145d0eb05c61de3a2af0eb0cbfda8f0a4be33c1890fc5b2ea4e627
GET /assets/css/modal.css HTTP/1.1
Host: idmsa-accountapp1e.buyanacreage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idmsa-accountapp1e.buyanacreage.com/account/?view=login&appIdKey=a964943ec38174485605bc03696206a4240738ba7704bf751790251&country=NO
Cookie: PHPSESSID=c26ad7ea0f976a76f83f3e5613facfcf
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 28 Nov 2022 22:38:16 GMT
content-type: text/css
last-modified: Wed, 11 Jul 2018 10:56:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2881
date: Mon, 21 Nov 2022 22:38:16 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
idmsa-accountapp1e.buyanacreage.com/assets/css/bootstrap.min.css
44.233.243.30200 OK 18 kB URL HTTP/1.1 idmsa-accountapp1e.buyanacreage.com/assets/css/bootstrap.min.css
IP 44.233.243.30:0
File type ASCII text, with very long lines (65371)
Hash edb6e9116546e00e17919b0bd3fceb02
75091b9ee884ed5f3469d4164db30ca3cb07f724
d39a6172436ee86ca3ce1c6fc78dc4afc6771bba64265bec73804e2034f0df26
GET /assets/css/bootstrap.min.css HTTP/1.1
Host: idmsa-accountapp1e.buyanacreage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idmsa-accountapp1e.buyanacreage.com/account/?view=login&appIdKey=a964943ec38174485605bc03696206a4240738ba7704bf751790251&country=NO
Cookie: PHPSESSID=c26ad7ea0f976a76f83f3e5613facfcf
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 28 Nov 2022 22:38:16 GMT
content-type: text/css
last-modified: Tue, 24 Jun 2014 13:14:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 18148
date: Mon, 21 Nov 2022 22:38:16 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
idmsa-accountapp1e.buyanacreage.com/assets/js/script-login-desktop.js
44.233.243.30200 OK 364 B URL HTTP/1.1 idmsa-accountapp1e.buyanacreage.com/assets/js/script-login-desktop.js
IP 44.233.243.30:0
File type ASCII text, with CRLF line terminators
Hash aad3cd871cb74617433409f076c50085
6ee0b8648e2dbeab7448e83a705fda2383dea4ef
a7d811eb7cd3546964c47a4e5c76820aa53370cbf9e13c13ef1a03cc4e1bf53a
GET /assets/js/script-login-desktop.js HTTP/1.1
Host: idmsa-accountapp1e.buyanacreage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idmsa-accountapp1e.buyanacreage.com/account/?view=login&appIdKey=a964943ec38174485605bc03696206a4240738ba7704bf751790251&country=NO
Cookie: PHPSESSID=c26ad7ea0f976a76f83f3e5613facfcf
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 28 Nov 2022 22:38:16 GMT
content-type: application/javascript
last-modified: Tue, 26 Dec 2017 06:59:06 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 364
date: Mon, 21 Nov 2022 22:38:16 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
idmsa-accountapp1e.buyanacreage.com/assets/js/jquery.validate.min.js
44.233.243.30200 OK 7.5 kB URL HTTP/1.1 idmsa-accountapp1e.buyanacreage.com/assets/js/jquery.validate.min.js
IP 44.233.243.30:0
File type Unicode text, UTF-8 text, with very long lines (23122), with CRLF line terminators
Hash 7c059dab4a9321ae2b27c7acbc1203e4
ba9be8785a1b88acfce267d11d18d0f0bd39ee1d
c345510541f587e31e6e1860237f9338ebc15029a453b87c658184ab1238337f
GET /assets/js/jquery.validate.min.js HTTP/1.1
Host: idmsa-accountapp1e.buyanacreage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idmsa-accountapp1e.buyanacreage.com/account/?view=login&appIdKey=a964943ec38174485605bc03696206a4240738ba7704bf751790251&country=NO
Cookie: PHPSESSID=c26ad7ea0f976a76f83f3e5613facfcf
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 28 Nov 2022 22:38:16 GMT
content-type: application/javascript
last-modified: Mon, 12 Nov 2018 02:18:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7526
date: Mon, 21 Nov 2022 22:38:16 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
idmsa-accountapp1e.buyanacreage.com/assets/css/style-login-desktop.css
44.233.243.30200 OK 1.7 kB URL HTTP/1.1 idmsa-accountapp1e.buyanacreage.com/assets/css/style-login-desktop.css
IP 44.233.243.30:0
File type ASCII text, with very long lines (7994), with no line terminators
Hash 7f0008fe6a5714f86775e8f175a83e21
4f65d4cce9dd977ca16f0673a31767323e8fc0d6
f796a66d6c9c0009598a0d4fe292b30c084a027bbe79a572c601574584f3c466
GET /assets/css/style-login-desktop.css HTTP/1.1
Host: idmsa-accountapp1e.buyanacreage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idmsa-accountapp1e.buyanacreage.com/account/?view=login&appIdKey=a964943ec38174485605bc03696206a4240738ba7704bf751790251&country=NO
Cookie: PHPSESSID=c26ad7ea0f976a76f83f3e5613facfcf
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 28 Nov 2022 22:38:16 GMT
content-type: text/css
last-modified: Wed, 11 Jul 2018 10:57:02 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1699
date: Mon, 21 Nov 2022 22:38:16 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
idmsa-accountapp1e.buyanacreage.com/assets/js/jquery.js
44.233.243.30200 OK 30 kB URL HTTP/1.1 idmsa-accountapp1e.buyanacreage.com/assets/js/jquery.js
IP 44.233.243.30:0
File type ASCII text, with very long lines (32065), with CRLF line terminators
Hash 639056f8010e5edf521bd1a7b89e2da8
f9cf412b6e6a278880d2da5268ca4f75ff8c1878
3c6b384468c60e3509e07be64d4e7340cca8c239a10ec25002fb1773b5c3830c
GET /assets/js/jquery.js HTTP/1.1
Host: idmsa-accountapp1e.buyanacreage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idmsa-accountapp1e.buyanacreage.com/account/?view=login&appIdKey=a964943ec38174485605bc03696206a4240738ba7704bf751790251&country=NO
Cookie: PHPSESSID=c26ad7ea0f976a76f83f3e5613facfcf
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 28 Nov 2022 22:38:16 GMT
content-type: application/javascript
last-modified: Mon, 12 Nov 2018 02:38:58 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 29912
date: Mon, 21 Nov 2022 22:38:16 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6280
Expires: Tue, 22 Nov 2022 00:22:56 GMT
Date: Mon, 21 Nov 2022 22:38:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6280
Expires: Tue, 22 Nov 2022 00:22:56 GMT
Date: Mon, 21 Nov 2022 22:38:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 34I3ZsWcHKNvx-MctWUIyOgHOm8vjDMxuHtcGZmykKvEtbs4JziNqA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 15:03:51 GMT
age: 27265
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b919084-f564-465a-ac1a-59e00596bb76.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b919084-f564-465a-ac1a-59e00596bb76.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10f54d1625147d074c29bdff1897ef8f
d1359b0dcf6974d685b5c55c5789810863cce7cd
6431d25310697b4455f3e9487a11415f082d05e02d33b29cad3c8862ece28322
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b919084-f564-465a-ac1a-59e00596bb76.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8405
x-amzn-requestid: b93c951e-7aa0-468d-92b9-4079f7bfc9ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1jFbGoWIAMFZ7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63787eef-14f7c7985f46ffde1b7e3ed6;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 06:59:59 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: igI_KH6b82XL2t9qV_D6OPyhgMS3VOq1i6sRbZ6vgx6Ub0utS3JE_g==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:47:01 GMT
age: 3075
etag: "d1359b0dcf6974d685b5c55c5789810863cce7cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb52ad6b-bc3e-4cc6-8c74-7f367173fbdc.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb52ad6b-bc3e-4cc6-8c74-7f367173fbdc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b52c578c918c74f35f3c0a3f0c5dd2be
39d9b60a2b11b95c0ae37f35deb9a594d8e61d08
48a67feefffe59d04660c0e7de58234f184bded9cbb121da8157387ebd24f8f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb52ad6b-bc3e-4cc6-8c74-7f367173fbdc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4269
x-amzn-requestid: 9e70b9ad-7fb2-4f2d-bc87-d703abeb4888
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I62ERzIAMFcvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeab-6de953ea2d2aee071fea324b;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:31 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KSAEAQLao_Wbr7-82c36qtuN-bHp_dE4tItvqg_WZS-1TNGYla1o9w==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:58:29 GMT
age: 2387
etag: "39d9b60a2b11b95c0ae37f35deb9a594d8e61d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6280
Expires: Tue, 22 Nov 2022 00:22:56 GMT
Date: Mon, 21 Nov 2022 22:38:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc359aabf-c4a1-4d9e-8a0a-da6aa777cb57.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc359aabf-c4a1-4d9e-8a0a-da6aa777cb57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fd91c051d71cf4d0a1436e4f371cd958
4c51df26158581b7db7a1dd4a8b44013e1b5493c
f1cc4c2d990689b2482c9817191fd1367a64aec5be46f8a074296d235acca341
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc359aabf-c4a1-4d9e-8a0a-da6aa777cb57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11307
x-amzn-requestid: e9ae5ce5-6e07-4deb-843b-ea49fc889d2c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6oHvoIAMF8qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-0dcf9a735bcbd51d0acdb0bf;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mvlsQDF0wOF5I4B0GTF5aLgKzZsWWiIExjJ6Vl66VO6C4F2I655dYw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:58:29 GMT
age: 2387
etag: "4c51df26158581b7db7a1dd4a8b44013e1b5493c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ab62c5a7c3296600de924eb0b283bc1
bc4a2dc43898e3fb78ba7301d8b09b280991d221
f2a4c0829a4fb9a585113ed358832d16470ec391035a302a8f3c4666172f02bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10556
x-amzn-requestid: d2426c6d-5e78-496c-8649-0496a872b380
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-Iq0GPVoAMF9bg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee45-1ee6dc09394731cc4dbfc38a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sBNLrVAl4G6pJ-OBZ6aJZC64MrkkGQdsuZKITQwcqgYgP6-GJiblfA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:59:20 GMT
age: 2336
etag: "bc4a2dc43898e3fb78ba7301d8b09b280991d221"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6280
Expires: Tue, 22 Nov 2022 00:22:56 GMT
Date: Mon, 21 Nov 2022 22:38:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42393be4-96e6-4fee-afa8-60cac6e267b3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42393be4-96e6-4fee-afa8-60cac6e267b3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5bb00c9b254742a11d702be8af57119
e8969b4e036498b7b2de1c12e3b9181e7443afe8
6577c4bf05ebde80d47002fb4630c145a8220b81aa9d69790b1e0182b9c99c02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42393be4-96e6-4fee-afa8-60cac6e267b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10955
x-amzn-requestid: 455b2a98-a843-424d-92fe-13cea7aaa426
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-JLvGMvoAMFgQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bef17-02c2af195b3088e8781f7d65;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGKctwdD4oSZt8YfYIgU_CYD1HN0aK6FOnTVoEvlTCabkciD5dgK6w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:59:36 GMT
age: 2320
etag: "e8969b4e036498b7b2de1c12e3b9181e7443afe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
idmsa-accountapp1e.buyanacreage.com/assets/img/logo.png
44.233.243.30200 OK 4.7 kB URL HTTP/1.1 idmsa-accountapp1e.buyanacreage.com/assets/img/logo.png
IP 44.233.243.30:0
File type PNG image data, 420 x 112, 8-bit colormap, non-interlaced\012- data
Hash 643a1f9fc2aa09799472c39031456af5
70f89834a607b4a00e5c1e8ff2bd66b798db04df
c691a459c75691e086dfbbacf08d2f4591a8316f11484ff99a5ca500a172e2b4
Analyzer Verdict Alert urlquery Phishing - Apple
GET /assets/img/logo.png HTTP/1.1
Host: idmsa-accountapp1e.buyanacreage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idmsa-accountapp1e.buyanacreage.com/account/?view=login&appIdKey=a964943ec38174485605bc03696206a4240738ba7704bf751790251&country=NO
Cookie: PHPSESSID=c26ad7ea0f976a76f83f3e5613facfcf
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 28 Nov 2022 22:38:16 GMT
content-type: image/png
last-modified: Wed, 29 Nov 2017 07:29:44 GMT
accept-ranges: bytes
content-length: 4690
date: Mon, 21 Nov 2022 22:38:16 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
idmsa-accountapp1e.buyanacreage.com/assets/img/navbar-repeat-login.png
44.233.243.30200 OK 186 B URL HTTP/1.1 idmsa-accountapp1e.buyanacreage.com/assets/img/navbar-repeat-login.png
IP 44.233.243.30:0
File type PNG image data, 1 x 105, 8-bit/color RGBA, non-interlaced\012- data
Hash 830a3bf9352f3c3b78865d529d72cee4
1b5d9f63eb347cee0e8a612e8af6adcfc3b929f3
e49898a9129afa7b491faa3cfe7e03667c7152e1aad867b3c910c9de8aad2ab7
Analyzer Verdict Alert urlquery Phishing - Apple
GET /assets/img/navbar-repeat-login.png HTTP/1.1
Host: idmsa-accountapp1e.buyanacreage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idmsa-accountapp1e.buyanacreage.com/assets/css/style-login-desktop.css
Cookie: PHPSESSID=c26ad7ea0f976a76f83f3e5613facfcf
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 28 Nov 2022 22:38:16 GMT
content-type: image/png
last-modified: Wed, 29 Nov 2017 07:57:10 GMT
accept-ranges: bytes
content-length: 186
date: Mon, 21 Nov 2022 22:38:16 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
idmsa-accountapp1e.buyanacreage.com/assets/img/btn.png
44.233.243.30200 OK 711 B URL HTTP/1.1 idmsa-accountapp1e.buyanacreage.com/assets/img/btn.png
IP 44.233.243.30:0
File type PNG image data, 29 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 72ae62bf41ef56795a918c54169c1243
ed438963479a897b970eb29f916f8b81c46d5cff
20561e3f883ab183123a6ef5a08a66fd701c6553766be53950034e487731b3fb
Analyzer Verdict Alert urlquery Phishing - Apple
GET /assets/img/btn.png HTTP/1.1
Host: idmsa-accountapp1e.buyanacreage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idmsa-accountapp1e.buyanacreage.com/assets/css/style-login-desktop.css
Cookie: PHPSESSID=c26ad7ea0f976a76f83f3e5613facfcf
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 28 Nov 2022 22:38:16 GMT
content-type: image/png
last-modified: Sat, 26 Dec 2015 16:24:34 GMT
accept-ranges: bytes
content-length: 711
date: Mon, 21 Nov 2022 22:38:16 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
idmsa-accountapp1e.buyanacreage.com/assets/img/footerbawah.png
44.233.243.30200 OK 18 kB URL HTTP/1.1 idmsa-accountapp1e.buyanacreage.com/assets/img/footerbawah.png
IP 44.233.243.30:0
File type PNG image data, 1904 x 648, 8-bit/color RGB, non-interlaced\012- data
Hash 25df2c6e44b26835c1fce66d9f75b18c
2ee160b67ceff16bca4809d95e195c569e4c2e7e
baf8e9f894f6c7bc28f3bde57e17845f74360c496ad97ba288954deec210c7bc
GET /assets/img/footerbawah.png HTTP/1.1
Host: idmsa-accountapp1e.buyanacreage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idmsa-accountapp1e.buyanacreage.com/assets/css/style-login-desktop.css
Cookie: PHPSESSID=c26ad7ea0f976a76f83f3e5613facfcf
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 28 Nov 2022 22:38:17 GMT
content-type: image/png
last-modified: Thu, 17 Feb 2022 15:43:42 GMT
accept-ranges: bytes
content-length: 17794
date: Mon, 21 Nov 2022 22:38:17 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
idmsa-accountapp1e.buyanacreage.com/assets/img/navbar.png
44.233.243.30200 OK 20 kB URL HTTP/1.1 idmsa-accountapp1e.buyanacreage.com/assets/img/navbar.png
IP 44.233.243.30:0
File type PNG image data, 1000 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 3eec9a839c236164353015a4becf6310
ad05219c34d3a4dc026e708436701fe8ad6eb116
9d031ab45532cbbc836814405707597d04c0830d59c713fc26176c4e48e6a5cc
Analyzer Verdict Alert urlquery Phishing - Apple
GET /assets/img/navbar.png HTTP/1.1
Host: idmsa-accountapp1e.buyanacreage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idmsa-accountapp1e.buyanacreage.com/assets/css/style-login-desktop.css
Cookie: PHPSESSID=c26ad7ea0f976a76f83f3e5613facfcf
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 28 Nov 2022 22:38:16 GMT
content-type: image/png
last-modified: Fri, 25 Dec 2015 13:19:08 GMT
accept-ranges: bytes
content-length: 20218
date: Mon, 21 Nov 2022 22:38:16 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
idmsa-accountapp1e.buyanacreage.com/assets/img/fot.png
44.233.243.30200 OK 67 kB URL HTTP/1.1 idmsa-accountapp1e.buyanacreage.com/assets/img/fot.png
IP 44.233.243.30:0
File type PNG image data, 1902 x 61, 8-bit/color RGBA, non-interlaced\012- data
Hash 3dcdedf20bc77cbbdee5f2b8ae29dbb1
cd93f3ffdd276085fe8181d434aecd397617d98f
345e61aa67f62cfe752729e2762f0e371ae85c46b72c4be81dda8a639b77c5ed
GET /assets/img/fot.png HTTP/1.1
Host: idmsa-accountapp1e.buyanacreage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idmsa-accountapp1e.buyanacreage.com/assets/css/style-login-desktop.css
Cookie: PHPSESSID=c26ad7ea0f976a76f83f3e5613facfcf
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 28 Nov 2022 22:38:16 GMT
content-type: image/png
last-modified: Mon, 22 Feb 2021 04:46:18 GMT
accept-ranges: bytes
content-length: 67059
date: Mon, 21 Nov 2022 22:38:16 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
idmsa-accountapp1e.buyanacreage.com/assets/img/footer-login-desktop.png
44.233.243.30200 OK 68 kB URL HTTP/1.1 idmsa-accountapp1e.buyanacreage.com/assets/img/footer-login-desktop.png
IP 44.233.243.30:0
File type PNG image data, 1010 x 387, 8-bit/color RGBA, non-interlaced\012- data
Hash 03f050d044fa1712f4da42ba60c1bb57
980756aec61d0ada8dd224449bcb7ae6acee1d7e
63d0b4747b1208a82a115837bf59556c26a2bf4173bcf7a6cbb9254373a7c0f5
Analyzer Verdict Alert urlquery Phishing - Apple
GET /assets/img/footer-login-desktop.png HTTP/1.1
Host: idmsa-accountapp1e.buyanacreage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idmsa-accountapp1e.buyanacreage.com/assets/css/style-login-desktop.css
Cookie: PHPSESSID=c26ad7ea0f976a76f83f3e5613facfcf
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 28 Nov 2022 22:38:17 GMT
content-type: image/png
last-modified: Tue, 26 Dec 2017 14:25:54 GMT
accept-ranges: bytes
content-length: 67831
date: Mon, 21 Nov 2022 22:38:17 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
idmsa-accountapp1e.buyanacreage.com/assets/css/31642.ttf
44.233.243.30200 OK 61 kB URL HTTP/1.1 idmsa-accountapp1e.buyanacreage.com/assets/css/31642.ttf
IP 44.233.243.30:0
File type OpenType font data\012- data
Hash ac12dcfaf66432f2a03841b143885edc
db7761528f3a664929adccf84fadc1db823272cd
7a8a6c668e967c89719f22492cf9ad7582a48f602f051ce54c6a75b2e9fbbd75
GET /assets/css/31642.ttf HTTP/1.1
Host: idmsa-accountapp1e.buyanacreage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idmsa-accountapp1e.buyanacreage.com/assets/css/style-login-desktop.css
Cookie: PHPSESSID=c26ad7ea0f976a76f83f3e5613facfcf
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 28 Nov 2022 22:38:16 GMT
content-type: font/ttf
last-modified: Fri, 03 Jun 2016 08:29:00 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 61274
date: Mon, 21 Nov 2022 22:38:16 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
idmsa-accountapp1e.buyanacreage.com/assets/img/favicon.ico
44.233.243.30200 OK 1.7 kB URL HTTP/1.1 idmsa-accountapp1e.buyanacreage.com/assets/img/favicon.ico
IP 44.233.243.30:0
File type MS Windows icon resource - 4 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 07bc3f17fb6d83d454c8683dc4f41729
bd9ed118a5b5adcb213fa4e3aeaceb2009da3c68
ef45c64ec3437c7f9f7b81d94ac77774d41b047129f12ed638fdd71a38f52361
Analyzer Verdict Alert urlquery Phishing - Apple
GET /assets/img/favicon.ico HTTP/1.1
Host: idmsa-accountapp1e.buyanacreage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idmsa-accountapp1e.buyanacreage.com/account/?view=login&appIdKey=a964943ec38174485605bc03696206a4240738ba7704bf751790251&country=NO
Cookie: PHPSESSID=c26ad7ea0f976a76f83f3e5613facfcf
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 28 Nov 2022 22:38:17 GMT
content-type: image/x-icon
last-modified: Fri, 25 Dec 2015 16:05:32 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1699
date: Mon, 21 Nov 2022 22:38:17 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
idmsa-accountapp1e.buyanacreage.com/assets/img/login-desktop.png
44.233.243.30200 OK 1.1 MB URL HTTP/1.1 idmsa-accountapp1e.buyanacreage.com/assets/img/login-desktop.png
IP 44.233.243.30:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, progressive, precision 8, 4628x1732, components 3\012- data
Size 1.1 MB (1080923 bytes)
Hash e2f376b6b058ff6c7c1e6f3b525a9157
5c50c1cd477de76e7b1e2c6437479664bb86ca7b
bca2ec8caf9eaaa75ed49a2f0de20067590b055d7457ae1f0c67acd394055fdc
Analyzer Verdict Alert urlquery Phishing - Apple
GET /assets/img/login-desktop.png HTTP/1.1
Host: idmsa-accountapp1e.buyanacreage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idmsa-accountapp1e.buyanacreage.com/account/?view=login&appIdKey=a964943ec38174485605bc03696206a4240738ba7704bf751790251&country=NO
Cookie: PHPSESSID=c26ad7ea0f976a76f83f3e5613facfcf
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 28 Nov 2022 22:38:16 GMT
content-type: image/png
last-modified: Tue, 10 Jul 2018 22:32:34 GMT
accept-ranges: bytes
content-length: 1080923
date: Mon, 21 Nov 2022 22:38:16 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250ba249-12ee-4979-b668-ef3afc231f85.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250ba249-12ee-4979-b668-ef3afc231f85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a8c99a41a1c0213a6d95d5782e2b655d
c7c444cf6ab6555aacd6fe880342c17bdbc5967a
f55dddb58be2409d2e7b8e4283dbdf7287978da9fb05263efa0dd04c8063247b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250ba249-12ee-4979-b668-ef3afc231f85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7286
x-amzn-requestid: 108d7b8f-6e5d-45f5-81be-00909af7c3d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-JMFFTLoAMFxDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bef19-180473656275f6d37c6538cd;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:35:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4aSJaqIAup8gCr52e659Io9W_WTl_8ndVuBhA-5XBNYd2JiAL5DR3Q==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:47:01 GMT
etag: "c7c444cf6ab6555aacd6fe880342c17bdbc5967a"
content-type: image/jpeg
age: 3082
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2