campaignmngr.online/tracking/
302 FOUND 418 B URL HTTP/1.1 campaignmngr.online/tracking/
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (308)
Hash 5e002806b10ca8d06b03cd0d453c9edd
adb7b54d38ad2a7c9cbf1dedf828c0a092bee669
fe667442f411e6ac8dbf139b119ddcdb96db5f587e60d23a3cda3282903505e0
GET /tracking/ HTTP/1.1
Host: campaignmngr.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 FOUND
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 01 Feb 2023 18:53:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 418
Connection: keep-alive
Location: http://ng-app.com/YellowDot/GameWin-24-No-23401220000029413-Web?trxId=83811633-d077-4f71-8af3-a145c7d2246c
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3738
Expires: Wed, 01 Feb 2023 19:55:53 GMT
Date: Wed, 01 Feb 2023 18:53:35 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3368
Expires: Wed, 01 Feb 2023 19:49:43 GMT
Date: Wed, 01 Feb 2023 18:53:35 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12211
Expires: Wed, 01 Feb 2023 22:17:06 GMT
Date: Wed, 01 Feb 2023 18:53:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 18:36:02 GMT
content-type: application/json
age: 1053
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hHRkKwN8vNBD94ZaWmfvd7pPkI/0YU8d7V7e4DY54zICYEP8Y0V5cZh8IMecmc62S6KnoncD6Uo=
x-amz-request-id: 3D059N20M798PV54
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 18:22:46 GMT
age: 1849
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 18:53:35 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ng-app.com/YellowDot/GameWin-24-No-23401220000029413-Web?trxId=83811633-d077-4f71-8af3-a145c7d2246c
302 Found 686 B URL HTTP/1.1 ng-app.com/YellowDot/GameWin-24-No-23401220000029413-Web?trxId=83811633-d077-4f71-8af3-a145c7d2246c
IP
ASN #49582 Upstream Telecommunications And Software Systems S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1b85bba4ebaab790fdfa8aa63e858b08
5e6c2ca6c9c2a43c5a4a034abd81d0c5e2ef3941
c35eff2cccf376c2a5c35e9faa327e9caccd79f918ffa3d987950b10cde06506
GET /YellowDot/GameWin-24-No-23401220000029413-Web?trxId=83811633-d077-4f71-8af3-a145c7d2246c HTTP/1.1
Host: ng-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 01 Feb 2023 18:53:35 GMT
Cache-Control: no-cache, private
Location: http://ng-app.com/yellowdot/gamewin-24-no-23401220000029413-otp-web?trxId=83811633-d077-4f71-8af3-a145c7d2246c
Content-Type: text/html; charset=UTF-8
X-Varnish: 970889305
Age: 0
Via: 1.1 varnish (Varnish/6.0)
X-Cache: MISS
Access-Control-Allow-Origin: *
Set-Cookie: ng_session=eyJpdiI6IldNTk1ZM3dCNWFYMDlxaEZOYU93b3c9PSIsInZhbHVlIjoieVU4NERxMlFCa0lXTmdIMDI3Z25SaEJwaCtpd1gzeGloeEwwNmRXOTA1NUZTWUwyMUJ3SytyYi9IOGJyYTlLbVZ2a0YzdDFrVmN0cHlhR0lnc0xqMVBOM3VXN0Jka0ZyeGRWM0xIbHREWURTVHJxNW9lWEpTeExJRjRObGxUT1ciLCJtYWMiOiI1YTZiYmMxZmFhZWY4MmVhM2IyMGIyNDcyOGRiMjJjODE4NzI0ZjIzOGRiYTMxODcxNDQ3ZTlhODRjYTUyMGI3IiwidGFnIjoiIn0%3D; expires=Thu, 02-Feb-2023 00:53:35 GMT; Max-Age=21600; path=/; httponly; samesite=lax
ctxid=eyJpdiI6ImtBR21zWHBYcmw3MEtuSmUvemM2bkE9PSIsInZhbHVlIjoieENRbXY0T1grR245dnlXeUJpMGpKRFZHRGxwT2orRlMwZ2RBc0NXTThVak8wU1cvMGZ2Z2I0RDBxTDRtbERzeURtblUzY0ZOSE1FMWhXMnZvMzRLR0Y1NW5JcCs3NGd3MEJGaFQwcFdQalE9IiwibWFjIjoiZWQ5ODg5MTBmMTdjZjFhOGVmNDc5MjE4YmUzNTU1N2VkNzI2MWFiNTYyZTE0M2NiMTRjZjc2Y2E5YzEzNzZhNSIsInRhZyI6IiJ9; expires=Sat, 29-Jan-2033 18:53:35 GMT; Max-Age=315360000; path=/; httponly; samesite=lax
rd=deleted; expires=Tue, 01-Feb-2022 18:53:34 GMT; Max-Age=0; path=/; httponly; samesite=lax
userSessionID=eyJpdiI6IlNVSldIR2tnR0ltVlN6cXY4aVdYa0E9PSIsInZhbHVlIjoiT2g1S0VSai9mVFJRTDJzYU53bXQ5L3BPcFFJMHZoVnpMQjRYNGxtVkJCeHIvREtHYk9FQzluaTlWdUlGd1cwaHZiVUV5TE9jVDYrTjBGZ1M3NkNXamtySXRrNGdmUU9XbThsRUNLMGdraGs9IiwibWFjIjoiOTE2MGY2NDY1OGYxY2Q0NjE5NjA0YmUxZTM1NDA3ZmQ4ZWFkMjFjMDMwOTY5OWVkNTZjM2M2NjhiZmQwZDg4ZiIsInRhZyI6IiJ9; expires=Wed, 01-Feb-2023 19:23:35 GMT; Max-Age=1800; path=/; httponly; samesite=lax
userPermID=eyJpdiI6ImlzS1dIR3FPMTR1YWpnNkZKd2NDNHc9PSIsInZhbHVlIjoiZWpac2pmMnpQS01aV2RZS0lqMllYczZ6a0Z2V0hwWCtBdE8vSnhMczNPazE3QnJUSGczTldoQXhMYitJd1c3dzNxaHNrTjZyWVVWWjZmaWFObXVxRjczYmRkdFByRUkwbCtvY0RUVE04TzQ9IiwibWFjIjoiOTAzMTFjOTc0NmIyZDQzNTI1MjFjOWI4MDlmMjA5YTRkNDIzZmZlMGYwM2NhMmFiNzI0MGM0Y2I4MGMxMTE3OSIsInRhZyI6IiJ9; expires=Sat, 29-Jan-2033 18:53:35 GMT; Max-Age=315360000; path=/; httponly; samesite=lax
TS01e2a186=01b02e3e89133f902ab1f93c134ef9c5f288eedaf77110c02fd87af9be838f7d1dfd8eab3193b274c005d591a8141a480d1c99507e; Path=/; Domain=.ng-app.com
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
Transfer-Encoding: chunked
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 18:41:42 GMT
age: 713
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14463
Expires: Wed, 01 Feb 2023 22:54:39 GMT
Date: Wed, 01 Feb 2023 18:53:36 GMT
Connection: keep-alive
ng-app.com/yellowdot/gamewin-24-no-23401220000029413-otp-web?trxId=83811633-d077-4f71-8af3-a145c7d2246c
200 OK 46 kB URL HTTP/1.1 ng-app.com/yellowdot/gamewin-24-no-23401220000029413-otp-web?trxId=83811633-d077-4f71-8af3-a145c7d2246c
IP
ASN #49582 Upstream Telecommunications And Software Systems S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (59484)
Hash 7e32472ffe66e0b053d0b3d702fe08c5
e846ee381e578a95965a12e3eff89cb8eafcc942
e9087cf41e97f6ddb26d24b9d115dd041dc49eb8cb700ba836926bdca615fa5b
GET /yellowdot/gamewin-24-no-23401220000029413-otp-web?trxId=83811633-d077-4f71-8af3-a145c7d2246c HTTP/1.1
Host: ng-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: ng_session=eyJpdiI6IldNTk1ZM3dCNWFYMDlxaEZOYU93b3c9PSIsInZhbHVlIjoieVU4NERxMlFCa0lXTmdIMDI3Z25SaEJwaCtpd1gzeGloeEwwNmRXOTA1NUZTWUwyMUJ3SytyYi9IOGJyYTlLbVZ2a0YzdDFrVmN0cHlhR0lnc0xqMVBOM3VXN0Jka0ZyeGRWM0xIbHREWURTVHJxNW9lWEpTeExJRjRObGxUT1ciLCJtYWMiOiI1YTZiYmMxZmFhZWY4MmVhM2IyMGIyNDcyOGRiMjJjODE4NzI0ZjIzOGRiYTMxODcxNDQ3ZTlhODRjYTUyMGI3IiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6ImtBR21zWHBYcmw3MEtuSmUvemM2bkE9PSIsInZhbHVlIjoieENRbXY0T1grR245dnlXeUJpMGpKRFZHRGxwT2orRlMwZ2RBc0NXTThVak8wU1cvMGZ2Z2I0RDBxTDRtbERzeURtblUzY0ZOSE1FMWhXMnZvMzRLR0Y1NW5JcCs3NGd3MEJGaFQwcFdQalE9IiwibWFjIjoiZWQ5ODg5MTBmMTdjZjFhOGVmNDc5MjE4YmUzNTU1N2VkNzI2MWFiNTYyZTE0M2NiMTRjZjc2Y2E5YzEzNzZhNSIsInRhZyI6IiJ9; userSessionID=eyJpdiI6IlNVSldIR2tnR0ltVlN6cXY4aVdYa0E9PSIsInZhbHVlIjoiT2g1S0VSai9mVFJRTDJzYU53bXQ5L3BPcFFJMHZoVnpMQjRYNGxtVkJCeHIvREtHYk9FQzluaTlWdUlGd1cwaHZiVUV5TE9jVDYrTjBGZ1M3NkNXamtySXRrNGdmUU9XbThsRUNLMGdraGs9IiwibWFjIjoiOTE2MGY2NDY1OGYxY2Q0NjE5NjA0YmUxZTM1NDA3ZmQ4ZWFkMjFjMDMwOTY5OWVkNTZjM2M2NjhiZmQwZDg4ZiIsInRhZyI6IiJ9; userPermID=eyJpdiI6ImlzS1dIR3FPMTR1YWpnNkZKd2NDNHc9PSIsInZhbHVlIjoiZWpac2pmMnpQS01aV2RZS0lqMllYczZ6a0Z2V0hwWCtBdE8vSnhMczNPazE3QnJUSGczTldoQXhMYitJd1c3dzNxaHNrTjZyWVVWWjZmaWFObXVxRjczYmRkdFByRUkwbCtvY0RUVE04TzQ9IiwibWFjIjoiOTAzMTFjOTc0NmIyZDQzNTI1MjFjOWI4MDlmMjA5YTRkNDIzZmZlMGYwM2NhMmFiNzI0MGM0Y2I4MGMxMTE3OSIsInRhZyI6IiJ9; TS01e2a186=01b02e3e89133f902ab1f93c134ef9c5f288eedaf77110c02fd87af9be838f7d1dfd8eab3193b274c005d591a8141a480d1c99507e
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 18:53:35 GMT
Cache-Control: no-cache, private
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
X-Varnish: 965299799
Age: 0
Via: 1.1 varnish (Varnish/6.0)
X-Cache: MISS
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Set-Cookie: ng_session=eyJpdiI6InI3SGhxK1pLa3Y4VG4zSTVxLzdEZnc9PSIsInZhbHVlIjoiazVFenBBZW9paE8vSW1FU3hQV3d0L3FYdGg5T2pMZkQvNkZORW5XVGFzT0d3Y3pNLytsNUpPOXNsQXlteGE2a3p1VCt1clZHMk5xSjBFNDNHalhoTDRTWk41R2w5SDlFTnN3MHVKTVJuZ0lsak1PSGJSSndEdGJtSE9veE5BYmoiLCJtYWMiOiJhY2MyZWM5ODllYjU1MmM0MDNkODRjMzE2Yzg4YjVhYmZmNmUzOTZkMTIzMzJmYmNkMTNhMjNhOGYyYWE3YzQ0IiwidGFnIjoiIn0%3D; expires=Thu, 02-Feb-2023 00:53:35 GMT; Max-Age=21600; path=/; httponly; samesite=lax
userPermID=eyJpdiI6IkROWXF1S2FnMkJmdEtOb21pbkhMMXc9PSIsInZhbHVlIjoiM1VQaWYwdnFheTd2STcvT2l3WU1pNmxUZEFYT1JTUmtWWUd6WGd6RjdhSEsxNjZGaXBaeTBHdW1KVjhGUTNZNEkxdTJCRVFoQjFDZnJiR0xsMDBERkF4V3hFamZITytUaVc5Q2F3eDY5SEU9IiwibWFjIjoiOWZkNTdhNzc1ZmE4ZGI3ZGZhYjA2Y2FkZmI4NDQ2YjE1ZTFlYWI0ZTQ0M2QzYmY1MTBiYjM1ZDExMzc5Zjk2ZSIsInRhZyI6IiJ9; expires=Sat, 29-Jan-2033 18:53:35 GMT; Max-Age=315360000; path=/; httponly; samesite=lax
userSessionID=eyJpdiI6IlgzUHY3ZEFvMEZBNU9UeUMvUTBKS0E9PSIsInZhbHVlIjoiVUw0Q3h0QlA3Y0ZXdHEvMlRIay83QisyeVMrSUhYM3BYNDhnZnR3MnFqNHpKL3FDMzQ0blJtMG1WMFlqWkhnTXhQTXdrTWZwelR5cGpnZE1IMjBVd2hueGVNL1VwMHU3VjNKM2ZrbWxsc2M9IiwibWFjIjoiNTEyOWYwYzJiODRhMzc1Zjk3YTVkZDMzMDk3MmM2ZDY3NzUyODdhNjlmMjdkNTIwNzBlMWVjOTQ0ODM2MTRhNyIsInRhZyI6IiJ9; expires=Wed, 01-Feb-2023 19:23:35 GMT; Max-Age=1800; path=/; httponly; samesite=lax
ctxid=eyJpdiI6InJjS21uWkdBNHhpSWU4dHllaHVncWc9PSIsInZhbHVlIjoiV1NTcUJUd3U5MEZ3VFQ5YW5DZUpBN0U0OW5LY2JXVlVQK1UzSWVhK2s1MDdlV1dIK0pKM3hRVDJRMkkza1ZoSGxOWWRpRVNtYzVZVTB5NGRLYmNiNmQ3SnpWODF2bHFHQkg3SC9iTHlFWTg9IiwibWFjIjoiZGRjNTNjOGY4NTQzMmQ3NDcyNjhlODk4MTcyY2M3ZjVmNTc0OWY2MWVmYTlmYTg1OTBmODU1ZWM2MTY0YzhmYyIsInRhZyI6IiJ9; expires=Sat, 29-Jan-2033 18:53:35 GMT; Max-Age=315360000; path=/; httponly; samesite=lax
rd=deleted; expires=Tue, 01-Feb-2022 18:53:34 GMT; Max-Age=0; path=/; httponly; samesite=lax
TS01e2a186=01b02e3e89133f902ab1f93c134ef9c5f288eedaf77110c02fd87af9be838f7d1dfd8eab3193b274c005d591a8141a480d1c99507e; Path=/; Domain=.ng-app.com
Keep-Alive: timeout=5, max=999
Connection: Keep-Alive
Transfer-Encoding: chunked
ng-app.com/yellowdot/assets/YellowDot-gamewin-24-no-23401220000029413-otp-web.css?ver=25
200 OK 3.1 kB URL HTTP/1.1 ng-app.com/yellowdot/assets/YellowDot-gamewin-24-no-23401220000029413-otp-web.css?ver=25
IP
ASN #49582 Upstream Telecommunications And Software Systems S.A.
Hash d5efbad68cb6280456cffe7cbff563e6
3fe8daa5d7a6086b5e3700e99cf673c96f17963c
47ab86b15066a51853fe4f72ca11b8b736171c1a3b82f4e13d8ae67d760cd326
GET /yellowdot/assets/YellowDot-gamewin-24-no-23401220000029413-otp-web.css?ver=25 HTTP/1.1
Host: ng-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ng-app.com/yellowdot/gamewin-24-no-23401220000029413-otp-web?trxId=83811633-d077-4f71-8af3-a145c7d2246c
Cookie: ng_session=eyJpdiI6InI3SGhxK1pLa3Y4VG4zSTVxLzdEZnc9PSIsInZhbHVlIjoiazVFenBBZW9paE8vSW1FU3hQV3d0L3FYdGg5T2pMZkQvNkZORW5XVGFzT0d3Y3pNLytsNUpPOXNsQXlteGE2a3p1VCt1clZHMk5xSjBFNDNHalhoTDRTWk41R2w5SDlFTnN3MHVKTVJuZ0lsak1PSGJSSndEdGJtSE9veE5BYmoiLCJtYWMiOiJhY2MyZWM5ODllYjU1MmM0MDNkODRjMzE2Yzg4YjVhYmZmNmUzOTZkMTIzMzJmYmNkMTNhMjNhOGYyYWE3YzQ0IiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6InJjS21uWkdBNHhpSWU4dHllaHVncWc9PSIsInZhbHVlIjoiV1NTcUJUd3U5MEZ3VFQ5YW5DZUpBN0U0OW5LY2JXVlVQK1UzSWVhK2s1MDdlV1dIK0pKM3hRVDJRMkkza1ZoSGxOWWRpRVNtYzVZVTB5NGRLYmNiNmQ3SnpWODF2bHFHQkg3SC9iTHlFWTg9IiwibWFjIjoiZGRjNTNjOGY4NTQzMmQ3NDcyNjhlODk4MTcyY2M3ZjVmNTc0OWY2MWVmYTlmYTg1OTBmODU1ZWM2MTY0YzhmYyIsInRhZyI6IiJ9; userSessionID=eyJpdiI6IlgzUHY3ZEFvMEZBNU9UeUMvUTBKS0E9PSIsInZhbHVlIjoiVUw0Q3h0QlA3Y0ZXdHEvMlRIay83QisyeVMrSUhYM3BYNDhnZnR3MnFqNHpKL3FDMzQ0blJtMG1WMFlqWkhnTXhQTXdrTWZwelR5cGpnZE1IMjBVd2hueGVNL1VwMHU3VjNKM2ZrbWxsc2M9IiwibWFjIjoiNTEyOWYwYzJiODRhMzc1Zjk3YTVkZDMzMDk3MmM2ZDY3NzUyODdhNjlmMjdkNTIwNzBlMWVjOTQ0ODM2MTRhNyIsInRhZyI6IiJ9; userPermID=eyJpdiI6IkROWXF1S2FnMkJmdEtOb21pbkhMMXc9PSIsInZhbHVlIjoiM1VQaWYwdnFheTd2STcvT2l3WU1pNmxUZEFYT1JTUmtWWUd6WGd6RjdhSEsxNjZGaXBaeTBHdW1KVjhGUTNZNEkxdTJCRVFoQjFDZnJiR0xsMDBERkF4V3hFamZITytUaVc5Q2F3eDY5SEU9IiwibWFjIjoiOWZkNTdhNzc1ZmE4ZGI3ZGZhYjA2Y2FkZmI4NDQ2YjE1ZTFlYWI0ZTQ0M2QzYmY1MTBiYjM1ZDExMzc5Zjk2ZSIsInRhZyI6IiJ9; TS01e2a186=01b02e3e89133f902ab1f93c134ef9c5f288eedaf77110c02fd87af9be838f7d1dfd8eab3193b274c005d591a8141a480d1c99507e
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 18:53:36 GMT
Last-Modified: Tue, 31 Jan 2023 12:00:55 GMT
ETag: "5b65-5f38e157fdd2b-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3086
Content-Type: text/css
X-Varnish: 971805676
Age: 0
Via: 1.1 varnish (Varnish/6.0)
X-Cache: MISS
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
ng-app.com/yellowdot/assets/images/fallback-image-320x160.jpg
200 OK 8.5 kB URL HTTP/1.1 ng-app.com/yellowdot/assets/images/fallback-image-320x160.jpg
IP
ASN #49582 Upstream Telecommunications And Software Systems S.A.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 320x160, components 3\012- data
Hash 764ab790ccaf1fdf6d5cda9da8b50f25
eb0851a3014bdd702969617797fa7365924be932
f3b71c1e48bf1c7c2d944829c7a90f472058cde3bab7e6e4f62a0b25ad94df15
GET /yellowdot/assets/images/fallback-image-320x160.jpg HTTP/1.1
Host: ng-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ng-app.com/yellowdot/gamewin-24-no-23401220000029413-otp-web?trxId=83811633-d077-4f71-8af3-a145c7d2246c
Cookie: ng_session=eyJpdiI6InI3SGhxK1pLa3Y4VG4zSTVxLzdEZnc9PSIsInZhbHVlIjoiazVFenBBZW9paE8vSW1FU3hQV3d0L3FYdGg5T2pMZkQvNkZORW5XVGFzT0d3Y3pNLytsNUpPOXNsQXlteGE2a3p1VCt1clZHMk5xSjBFNDNHalhoTDRTWk41R2w5SDlFTnN3MHVKTVJuZ0lsak1PSGJSSndEdGJtSE9veE5BYmoiLCJtYWMiOiJhY2MyZWM5ODllYjU1MmM0MDNkODRjMzE2Yzg4YjVhYmZmNmUzOTZkMTIzMzJmYmNkMTNhMjNhOGYyYWE3YzQ0IiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6InJjS21uWkdBNHhpSWU4dHllaHVncWc9PSIsInZhbHVlIjoiV1NTcUJUd3U5MEZ3VFQ5YW5DZUpBN0U0OW5LY2JXVlVQK1UzSWVhK2s1MDdlV1dIK0pKM3hRVDJRMkkza1ZoSGxOWWRpRVNtYzVZVTB5NGRLYmNiNmQ3SnpWODF2bHFHQkg3SC9iTHlFWTg9IiwibWFjIjoiZGRjNTNjOGY4NTQzMmQ3NDcyNjhlODk4MTcyY2M3ZjVmNTc0OWY2MWVmYTlmYTg1OTBmODU1ZWM2MTY0YzhmYyIsInRhZyI6IiJ9; userSessionID=eyJpdiI6IlgzUHY3ZEFvMEZBNU9UeUMvUTBKS0E9PSIsInZhbHVlIjoiVUw0Q3h0QlA3Y0ZXdHEvMlRIay83QisyeVMrSUhYM3BYNDhnZnR3MnFqNHpKL3FDMzQ0blJtMG1WMFlqWkhnTXhQTXdrTWZwelR5cGpnZE1IMjBVd2hueGVNL1VwMHU3VjNKM2ZrbWxsc2M9IiwibWFjIjoiNTEyOWYwYzJiODRhMzc1Zjk3YTVkZDMzMDk3MmM2ZDY3NzUyODdhNjlmMjdkNTIwNzBlMWVjOTQ0ODM2MTRhNyIsInRhZyI6IiJ9; userPermID=eyJpdiI6IkROWXF1S2FnMkJmdEtOb21pbkhMMXc9PSIsInZhbHVlIjoiM1VQaWYwdnFheTd2STcvT2l3WU1pNmxUZEFYT1JTUmtWWUd6WGd6RjdhSEsxNjZGaXBaeTBHdW1KVjhGUTNZNEkxdTJCRVFoQjFDZnJiR0xsMDBERkF4V3hFamZITytUaVc5Q2F3eDY5SEU9IiwibWFjIjoiOWZkNTdhNzc1ZmE4ZGI3ZGZhYjA2Y2FkZmI4NDQ2YjE1ZTFlYWI0ZTQ0M2QzYmY1MTBiYjM1ZDExMzc5Zjk2ZSIsInRhZyI6IiJ9; TS01e2a186=01b02e3e89133f902ab1f93c134ef9c5f288eedaf77110c02fd87af9be838f7d1dfd8eab3193b274c005d591a8141a480d1c99507e
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 10:35:14 GMT
Last-Modified: Mon, 04 Jan 2021 16:42:04 GMT
ETag: "2107-5b815c51c8497"
Content-Length: 8455
Cache-Control: max-age=5184000
Expires: Wed, 22 Feb 2023 10:35:14 GMT
Content-Type: image/jpeg
X-Varnish: 965827912 329547925
Age: 3399502
Via: 1.1 varnish (Varnish/6.0)
X-Cache: HIT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=998
Connection: Keep-Alive
ng-app.com/yellowdot/assets/images/fallback-logo.png
200 OK 3.2 kB URL HTTP/1.1 ng-app.com/yellowdot/assets/images/fallback-logo.png
IP
ASN #49582 Upstream Telecommunications And Software Systems S.A.
File type PNG image data, 125 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 579588795c312127d2e053a39a4a8d1a
7b5e21df2cab8bbb9dbd134a7c0ccf815065c432
54e5589e7d70511ebfce74fff2d9b168870a8973e39ee78693c06ca3aa7398fd
GET /yellowdot/assets/images/fallback-logo.png HTTP/1.1
Host: ng-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ng-app.com/yellowdot/gamewin-24-no-23401220000029413-otp-web?trxId=83811633-d077-4f71-8af3-a145c7d2246c
Cookie: ng_session=eyJpdiI6InI3SGhxK1pLa3Y4VG4zSTVxLzdEZnc9PSIsInZhbHVlIjoiazVFenBBZW9paE8vSW1FU3hQV3d0L3FYdGg5T2pMZkQvNkZORW5XVGFzT0d3Y3pNLytsNUpPOXNsQXlteGE2a3p1VCt1clZHMk5xSjBFNDNHalhoTDRTWk41R2w5SDlFTnN3MHVKTVJuZ0lsak1PSGJSSndEdGJtSE9veE5BYmoiLCJtYWMiOiJhY2MyZWM5ODllYjU1MmM0MDNkODRjMzE2Yzg4YjVhYmZmNmUzOTZkMTIzMzJmYmNkMTNhMjNhOGYyYWE3YzQ0IiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6InJjS21uWkdBNHhpSWU4dHllaHVncWc9PSIsInZhbHVlIjoiV1NTcUJUd3U5MEZ3VFQ5YW5DZUpBN0U0OW5LY2JXVlVQK1UzSWVhK2s1MDdlV1dIK0pKM3hRVDJRMkkza1ZoSGxOWWRpRVNtYzVZVTB5NGRLYmNiNmQ3SnpWODF2bHFHQkg3SC9iTHlFWTg9IiwibWFjIjoiZGRjNTNjOGY4NTQzMmQ3NDcyNjhlODk4MTcyY2M3ZjVmNTc0OWY2MWVmYTlmYTg1OTBmODU1ZWM2MTY0YzhmYyIsInRhZyI6IiJ9; userSessionID=eyJpdiI6IlgzUHY3ZEFvMEZBNU9UeUMvUTBKS0E9PSIsInZhbHVlIjoiVUw0Q3h0QlA3Y0ZXdHEvMlRIay83QisyeVMrSUhYM3BYNDhnZnR3MnFqNHpKL3FDMzQ0blJtMG1WMFlqWkhnTXhQTXdrTWZwelR5cGpnZE1IMjBVd2hueGVNL1VwMHU3VjNKM2ZrbWxsc2M9IiwibWFjIjoiNTEyOWYwYzJiODRhMzc1Zjk3YTVkZDMzMDk3MmM2ZDY3NzUyODdhNjlmMjdkNTIwNzBlMWVjOTQ0ODM2MTRhNyIsInRhZyI6IiJ9; userPermID=eyJpdiI6IkROWXF1S2FnMkJmdEtOb21pbkhMMXc9PSIsInZhbHVlIjoiM1VQaWYwdnFheTd2STcvT2l3WU1pNmxUZEFYT1JTUmtWWUd6WGd6RjdhSEsxNjZGaXBaeTBHdW1KVjhGUTNZNEkxdTJCRVFoQjFDZnJiR0xsMDBERkF4V3hFamZITytUaVc5Q2F3eDY5SEU9IiwibWFjIjoiOWZkNTdhNzc1ZmE4ZGI3ZGZhYjA2Y2FkZmI4NDQ2YjE1ZTFlYWI0ZTQ0M2QzYmY1MTBiYjM1ZDExMzc5Zjk2ZSIsInRhZyI6IiJ9; TS01e2a186=01b02e3e89133f902ab1f93c134ef9c5f288eedaf77110c02fd87af9be838f7d1dfd8eab3193b274c005d591a8141a480d1c99507e
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 10:36:26 GMT
Last-Modified: Mon, 04 Jan 2021 16:46:25 GMT
ETag: "c98-5b815d4b01334"
Content-Length: 3224
Cache-Control: max-age=5184000
Expires: Wed, 22 Feb 2023 10:36:26 GMT
Content-Type: image/png
X-Varnish: 977202581 334559038
Age: 3399429
Via: 1.1 varnish (Varnish/6.0)
X-Cache: HIT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=999
Connection: Keep-Alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6xinMVpYHA1fgapNx2BKHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YFCJx5sL/tSYPUoIULoM29T5+oY=
ng-app.com/assets/images/GameWin-logo.jpg
200 OK 9.4 kB URL HTTP/1.1 ng-app.com/assets/images/GameWin-logo.jpg
IP
ASN #49582 Upstream Telecommunications And Software Systems S.A.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 236x51, components 3\012- data
Hash 3d08891367395d6885bb49cfa37c564b
ba95bf5029f92b4d18f74f1ea48d911074135a70
c29111bb7e2df35eb6e05aafd2a76972f10277596b896d576891823341c194ff
GET /assets/images/GameWin-logo.jpg HTTP/1.1
Host: ng-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ng-app.com/yellowdot/gamewin-24-no-23401220000029413-otp-web?trxId=83811633-d077-4f71-8af3-a145c7d2246c
Cookie: ng_session=eyJpdiI6InI3SGhxK1pLa3Y4VG4zSTVxLzdEZnc9PSIsInZhbHVlIjoiazVFenBBZW9paE8vSW1FU3hQV3d0L3FYdGg5T2pMZkQvNkZORW5XVGFzT0d3Y3pNLytsNUpPOXNsQXlteGE2a3p1VCt1clZHMk5xSjBFNDNHalhoTDRTWk41R2w5SDlFTnN3MHVKTVJuZ0lsak1PSGJSSndEdGJtSE9veE5BYmoiLCJtYWMiOiJhY2MyZWM5ODllYjU1MmM0MDNkODRjMzE2Yzg4YjVhYmZmNmUzOTZkMTIzMzJmYmNkMTNhMjNhOGYyYWE3YzQ0IiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6InJjS21uWkdBNHhpSWU4dHllaHVncWc9PSIsInZhbHVlIjoiV1NTcUJUd3U5MEZ3VFQ5YW5DZUpBN0U0OW5LY2JXVlVQK1UzSWVhK2s1MDdlV1dIK0pKM3hRVDJRMkkza1ZoSGxOWWRpRVNtYzVZVTB5NGRLYmNiNmQ3SnpWODF2bHFHQkg3SC9iTHlFWTg9IiwibWFjIjoiZGRjNTNjOGY4NTQzMmQ3NDcyNjhlODk4MTcyY2M3ZjVmNTc0OWY2MWVmYTlmYTg1OTBmODU1ZWM2MTY0YzhmYyIsInRhZyI6IiJ9; userSessionID=eyJpdiI6IlgzUHY3ZEFvMEZBNU9UeUMvUTBKS0E9PSIsInZhbHVlIjoiVUw0Q3h0QlA3Y0ZXdHEvMlRIay83QisyeVMrSUhYM3BYNDhnZnR3MnFqNHpKL3FDMzQ0blJtMG1WMFlqWkhnTXhQTXdrTWZwelR5cGpnZE1IMjBVd2hueGVNL1VwMHU3VjNKM2ZrbWxsc2M9IiwibWFjIjoiNTEyOWYwYzJiODRhMzc1Zjk3YTVkZDMzMDk3MmM2ZDY3NzUyODdhNjlmMjdkNTIwNzBlMWVjOTQ0ODM2MTRhNyIsInRhZyI6IiJ9; userPermID=eyJpdiI6IkROWXF1S2FnMkJmdEtOb21pbkhMMXc9PSIsInZhbHVlIjoiM1VQaWYwdnFheTd2STcvT2l3WU1pNmxUZEFYT1JTUmtWWUd6WGd6RjdhSEsxNjZGaXBaeTBHdW1KVjhGUTNZNEkxdTJCRVFoQjFDZnJiR0xsMDBERkF4V3hFamZITytUaVc5Q2F3eDY5SEU9IiwibWFjIjoiOWZkNTdhNzc1ZmE4ZGI3ZGZhYjA2Y2FkZmI4NDQ2YjE1ZTFlYWI0ZTQ0M2QzYmY1MTBiYjM1ZDExMzc5Zjk2ZSIsInRhZyI6IiJ9; TS01e2a186=01b02e3e89133f902ab1f93c134ef9c5f288eedaf77110c02fd87af9be838f7d1dfd8eab3193b274c005d591a8141a480d1c99507e
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 16:08:32 GMT
Last-Modified: Tue, 24 Aug 2021 07:09:15 GMT
ETag: "24bb-5ca48cfc1c101"
Content-Length: 9403
Cache-Control: max-age=5184000
Expires: Wed, 22 Feb 2023 16:08:32 GMT
Content-Type: image/jpeg
X-Varnish: 965827914 328723626
Age: 3379504
Via: 1.1 varnish (Varnish/6.0)
X-Cache: HIT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=998
Connection: Keep-Alive
analytics-ng-mtn.securewebfraud.io/web/v1/content/view/Confirmation/ng_mtn/AQ4z3kkbMEkFY0fUFmoUffCmvFcNXFw352T7uCHDImRZxipapZ5XIJEEjcVXY8U2G-oF
200 51 B URL HTTP/1.1 analytics-ng-mtn.securewebfraud.io/web/v1/content/view/Confirmation/ng_mtn/AQ4z3kkbMEkFY0fUFmoUffCmvFcNXFw352T7uCHDImRZxipapZ5XIJEEjcVXY8U2G-oF
IP
ASN #49582 Upstream Telecommunications And Software Systems S.A.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 49cdc214849d5ced018d230677b14076
0e75513436e6b01963759f6a88282445ff2e5b3a
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675
GET /web/v1/content/view/Confirmation/ng_mtn/AQ4z3kkbMEkFY0fUFmoUffCmvFcNXFw352T7uCHDImRZxipapZ5XIJEEjcVXY8U2G-oF HTTP/1.1
Host: analytics-ng-mtn.securewebfraud.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ng-app.com/
HTTP/1.1 200
Date: Wed, 01 Feb 2023 18:53:35 GMT
Cache-Control: no-store, private
Content-Disposition: attachment; filename="pixel"
Pragma: no-cache
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 51
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
Set-Cookie: TS01835365=01b02e3e8909ad702b4f96286319c012def03186f80242db922ce782389f42c1e841c0a6adc646bb3dc8af42434c75b603101fd624; Path=/; Domain=.analytics-ng-mtn.securewebfraud.io
ng-app.com/assets/images/GameWin-image-320x160.jpg
200 OK 22 kB URL HTTP/1.1 ng-app.com/assets/images/GameWin-image-320x160.jpg
IP
ASN #49582 Upstream Telecommunications And Software Systems S.A.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 321x161, components 3\012- data
Hash d6f789571d3583a9f1e3dfb76dae01c7
9521f0b2ef52e471bb4c7ee1e888137ede057df6
f2a0824477999ea1c368d362323454518a53507a45421e9194501f2781fce07e
GET /assets/images/GameWin-image-320x160.jpg HTTP/1.1
Host: ng-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ng-app.com/yellowdot/gamewin-24-no-23401220000029413-otp-web?trxId=83811633-d077-4f71-8af3-a145c7d2246c
Cookie: ng_session=eyJpdiI6InI3SGhxK1pLa3Y4VG4zSTVxLzdEZnc9PSIsInZhbHVlIjoiazVFenBBZW9paE8vSW1FU3hQV3d0L3FYdGg5T2pMZkQvNkZORW5XVGFzT0d3Y3pNLytsNUpPOXNsQXlteGE2a3p1VCt1clZHMk5xSjBFNDNHalhoTDRTWk41R2w5SDlFTnN3MHVKTVJuZ0lsak1PSGJSSndEdGJtSE9veE5BYmoiLCJtYWMiOiJhY2MyZWM5ODllYjU1MmM0MDNkODRjMzE2Yzg4YjVhYmZmNmUzOTZkMTIzMzJmYmNkMTNhMjNhOGYyYWE3YzQ0IiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6InJjS21uWkdBNHhpSWU4dHllaHVncWc9PSIsInZhbHVlIjoiV1NTcUJUd3U5MEZ3VFQ5YW5DZUpBN0U0OW5LY2JXVlVQK1UzSWVhK2s1MDdlV1dIK0pKM3hRVDJRMkkza1ZoSGxOWWRpRVNtYzVZVTB5NGRLYmNiNmQ3SnpWODF2bHFHQkg3SC9iTHlFWTg9IiwibWFjIjoiZGRjNTNjOGY4NTQzMmQ3NDcyNjhlODk4MTcyY2M3ZjVmNTc0OWY2MWVmYTlmYTg1OTBmODU1ZWM2MTY0YzhmYyIsInRhZyI6IiJ9; userSessionID=eyJpdiI6IlgzUHY3ZEFvMEZBNU9UeUMvUTBKS0E9PSIsInZhbHVlIjoiVUw0Q3h0QlA3Y0ZXdHEvMlRIay83QisyeVMrSUhYM3BYNDhnZnR3MnFqNHpKL3FDMzQ0blJtMG1WMFlqWkhnTXhQTXdrTWZwelR5cGpnZE1IMjBVd2hueGVNL1VwMHU3VjNKM2ZrbWxsc2M9IiwibWFjIjoiNTEyOWYwYzJiODRhMzc1Zjk3YTVkZDMzMDk3MmM2ZDY3NzUyODdhNjlmMjdkNTIwNzBlMWVjOTQ0ODM2MTRhNyIsInRhZyI6IiJ9; userPermID=eyJpdiI6IkROWXF1S2FnMkJmdEtOb21pbkhMMXc9PSIsInZhbHVlIjoiM1VQaWYwdnFheTd2STcvT2l3WU1pNmxUZEFYT1JTUmtWWUd6WGd6RjdhSEsxNjZGaXBaeTBHdW1KVjhGUTNZNEkxdTJCRVFoQjFDZnJiR0xsMDBERkF4V3hFamZITytUaVc5Q2F3eDY5SEU9IiwibWFjIjoiOWZkNTdhNzc1ZmE4ZGI3ZGZhYjA2Y2FkZmI4NDQ2YjE1ZTFlYWI0ZTQ0M2QzYmY1MTBiYjM1ZDExMzc5Zjk2ZSIsInRhZyI6IiJ9; TS01e2a186=01b02e3e89133f902ab1f93c134ef9c5f288eedaf77110c02fd87af9be838f7d1dfd8eab3193b274c005d591a8141a480d1c99507e
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 17:20:19 GMT
Last-Modified: Tue, 24 Aug 2021 07:09:15 GMT
ETag: "53e8-5ca48cfc1b161"
Content-Length: 21480
Cache-Control: max-age=5184000
Expires: Wed, 22 Feb 2023 17:20:19 GMT
Content-Type: image/jpeg
X-Varnish: 977202584 331650903
Age: 3375196
Via: 1.1 varnish (Varnish/6.0)
X-Cache: HIT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
web-ng-mtn.secure-d.io/web/v1/content/btn-image.png
200 68 B URL HTTP/1.1 web-ng-mtn.secure-d.io/web/v1/content/btn-image.png
IP
ASN #49582 Upstream Telecommunications And Software Systems S.A.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 978c1bee49d7ad5fc1a4d81099b13e18
afcb011cfe6b924f202ee9544f17f631b32a01b1
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
GET /web/v1/content/btn-image.png HTTP/1.1
Host: web-ng-mtn.secure-d.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ng-app.com/
HTTP/1.1 200
Date: Wed, 01 Feb 2023 18:53:35 GMT
Content-Disposition: attachment; filename="pixel"
Pragma: public
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 68
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
Set-Cookie: TS01ca423b=01b02e3e89a46a56bb3f819e4b5b7f03156480cb390dc0e925fc0f0da2c0b87a1c9f59f59931208ebde00df61c131ea6804f4ac18f; Path=/; Domain=.web-ng-mtn.secure-d.io
web-ng-mtn.secure-d.io/web/v1/content/view/Confirmation/ng_mtn/AQ4z3kkbMEkFY0fUFmoUffCmvFcNXFw352T7uCHDImRZxipapZ5XIJEEjcVXY8U2G-oF
200 51 B URL HTTP/1.1 web-ng-mtn.secure-d.io/web/v1/content/view/Confirmation/ng_mtn/AQ4z3kkbMEkFY0fUFmoUffCmvFcNXFw352T7uCHDImRZxipapZ5XIJEEjcVXY8U2G-oF
IP
ASN #49582 Upstream Telecommunications And Software Systems S.A.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 49cdc214849d5ced018d230677b14076
0e75513436e6b01963759f6a88282445ff2e5b3a
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675
GET /web/v1/content/view/Confirmation/ng_mtn/AQ4z3kkbMEkFY0fUFmoUffCmvFcNXFw352T7uCHDImRZxipapZ5XIJEEjcVXY8U2G-oF HTTP/1.1
Host: web-ng-mtn.secure-d.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ng-app.com/
HTTP/1.1 200
Date: Wed, 01 Feb 2023 18:53:36 GMT
Cache-Control: no-store, private
Content-Disposition: attachment; filename="pixel"
Pragma: no-cache
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 51
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
Set-Cookie: TS01ca423b=01b02e3e89f3ccfe3fc54ce5ee8ea5eedb90809a56a4500d99009b29743512cca5ddc6b74417ebe83672e99de30bdae5bed3a42460; Path=/; Domain=.web-ng-mtn.secure-d.io
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3732
Expires: Wed, 01 Feb 2023 19:55:49 GMT
Date: Wed, 01 Feb 2023 18:53:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3732
Expires: Wed, 01 Feb 2023 19:55:49 GMT
Date: Wed, 01 Feb 2023 18:53:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3732
Expires: Wed, 01 Feb 2023 19:55:49 GMT
Date: Wed, 01 Feb 2023 18:53:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3732
Expires: Wed, 01 Feb 2023 19:55:49 GMT
Date: Wed, 01 Feb 2023 18:53:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:53:10 GMT
age: 39627
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pU_436f27nMZKPxZZWqZekERHFTvcG5NT5p_CYEXHRPtIWjDtSA-uA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:15:18 GMT
age: 41899
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hjIm9dNf6UE9rpIlKWeLwWuF7Pm6yJeAZgbwchvJcuDy-zkXEr502w==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:18 GMT
age: 75739
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 22:03:43 GMT
age: 74994
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec7e808a5e82552c46c3417a5b32b836
f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd
f16d982224dfeb0753eaf9d4eb87d80fd1111f682fd8fa36f3177aad5bf926a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6819
x-amzn-requestid: a0368695-4182-40bd-9a28-c50ae783a7a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRHGnoAMF0Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-624285eb16110b8c2360dec5;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4MpUHqMYJoNA7QuRuQwbJIodNkhizq6EL5SPbIoSKFQjtoAKQgLuEg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:25 GMT
age: 75732
etag: "f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2998f7f50ac0eec931c348e8a0fb0c60
f5e411cda74cb7fb4a662f4787e9543b9749c8b5
0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 64EbarGrn6AIpXOE8TIfiBeGFQinx-P9lUIvmiQ1ivZgFrxl7_W4EQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:57:42 GMT
age: 75355
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
137.184.193.83
95.101.11.115
91.241.95.201