GET /login.php?email=&wand=hwr6h9ugbivenndo0x9m86dr87k9cvpilsazudjxv9hdevqqbwy1rmoz9ztvwyglwuvcrpwszsglarkzi4fpiewkxq HTTP/1.1
Host: m-xserver-ne-jp.e-kei.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
 94.152.13.36
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Server: nginx
Date: Tue, 14 Feb 2023 09:22:13 GMT
Content-Length: 162
Connection: keep-alive
Location: https://m-xserver-ne-jp.e-kei.pl/login.php?email=&wand=hwr6h9ugbivenndo0x9m86dr87k9cvpilsazudjxv9hdevqqbwy1rmoz9ztvwyglwuvcrpwszsglarkzi4fpiewkxq
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
 95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "44C24F6C3C0470E5B2112F9089EEF8029A4F80DC966EACEE001841B08E59CB79"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7588
Expires: Tue, 14 Feb 2023 11:28:41 GMT
Date: Tue, 14 Feb 2023 09:22:13 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "F6FEA261B800D26E329CED17006C9F5D10B6C490DAC3B2276CC7B0E2AA38316C"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6332
Expires: Tue, 14 Feb 2023 11:07:45 GMT
Date: Tue, 14 Feb 2023 09:22:13 GMT
Connection: keep-alive
|
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
 35.241.9.150
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 14 Feb 2023 08:49:03 GMT
age: 1990
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "A129CF843807FEFF42F74C16F73D3E770B143B8F501969694FC4F158BC3E8BA4"
Last-Modified: Sat, 11 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6935
Expires: Tue, 14 Feb 2023 11:17:48 GMT
Date: Tue, 14 Feb 2023 09:22:13 GMT
Connection: keep-alive
|
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.117.237.239
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Tue, 14 Feb 2023 09:22:13 GMT
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
x-amz-id-2: Fu23CxJaQLpOVZ/VYn3EODbIQ53jLTQI9A3MNi917Cg3kZNG13yuVRMQjd3rxGVfqZ8oasli4yh3R6hjMFoQKw==
x-amz-request-id: SXFR0Z1A25JK012X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 14 Feb 2023 08:46:52 GMT
age: 2121
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /login.php?email=&wand=hwr6h9ugbivenndo0x9m86dr87k9cvpilsazudjxv9hdevqqbwy1rmoz9ztvwyglwuvcrpwszsglarkzi4fpiewkxq HTTP/1.1
Host: m-xserver-ne-jp.e-kei.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
|
94.152.13.36
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
server: nginx
date: Tue, 14 Feb 2023 09:22:13 GMT
content-length: 0
location: Login.php?email=&wand=f5YRC1uAjwRmsiv4jGbyM939TcgQyaQth6xtlqwWNnzeB0cZwS6kpk1lXoXQ8bJOxdfOfvkkq9SBtg5TUmnFQzflN0
X-Firefox-Spdy: h2
|
GET /favicon.ico HTTP/1.1
Host: m-xserver-ne-jp.e-kei.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m-xserver-ne-jp.e-kei.pl/Login.php?email=&wand=f5YRC1uAjwRmsiv4jGbyM939TcgQyaQth6xtlqwWNnzeB0cZwS6kpk1lXoXQ8bJOxdfOfvkkq9SBtg5TUmnFQzflN0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
94.152.13.36
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
server: nginx
date: Tue, 14 Feb 2023 09:22:14 GMT
content-length: 0
location: Login.php?email=&wand=weSiOvqhQgMd5Ek2ZSTfl7hICUg1k3LRpW01CvT20lr0rDZJnmUEW4qfchMykI0aLz2u0u6El7oi3kyK04n8jGoeU8
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "E7094B2DFA67BAD54E8A075146D0C62026C573560FE359EE1869B5727EB03145"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18398
Expires: Tue, 14 Feb 2023 14:28:52 GMT
Date: Tue, 14 Feb 2023 09:22:14 GMT
Connection: keep-alive
|
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
35.241.9.150
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, Pragma, Expires, Cache-Control, Retry-After, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 14 Feb 2023 09:14:53 GMT
age: 441
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9C2j2O4F0TRegH+C4Ta7vg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
44.229.20.251
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dB14aotskF7jiSmRhoZHsonLp5Y=
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "F215D87CAD50E9310BF2A4DF263B24E1C87E7CDA29E48F93F6B0D76EB218AB1D"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17309
Expires: Tue, 14 Feb 2023 14:10:45 GMT
Date: Tue, 14 Feb 2023 09:22:16 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "F215D87CAD50E9310BF2A4DF263B24E1C87E7CDA29E48F93F6B0D76EB218AB1D"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17309
Expires: Tue, 14 Feb 2023 14:10:45 GMT
Date: Tue, 14 Feb 2023 09:22:16 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "F215D87CAD50E9310BF2A4DF263B24E1C87E7CDA29E48F93F6B0D76EB218AB1D"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17309
Expires: Tue, 14 Feb 2023 14:10:45 GMT
Date: Tue, 14 Feb 2023 09:22:16 GMT
Connection: keep-alive
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31b064cd-e914-46c4-9261-f5cf1e300786.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 10677
x-amzn-requestid: 7fbf05af-939a-443c-9add-f856b5ab4b1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AS_zFH3hoAMFUkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eaace0-0676c24e496661ff545249f0;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ASk3lL6xNgUz-lLwE7lpLLh_PK_Iq-PSAz3VSOZrEweutYlfUggXTg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 22:26:35 GMT
etag: "346f3744c1fd32467ac8c1783f7c28c0ffd3cc4b"
age: 39341
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3b95fd0-70b7-4757-9068-83472c90622c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 12032
x-amzn-requestid: 1be7b95f-1088-4e2a-ba74-bba8a5c3b615
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AMZ_gHE7oAMFfkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e809fc-65057649605a732b64098657;Sampled=0
x-amzn-remapped-date: Sat, 11 Feb 2023 21:34:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3wc9cOb6EBcYrHuQPvVx1h8f0xSef25washUegMtRo7oeLosn4RlYg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 22:35:18 GMT
age: 38818
etag: "8fac706269ae3ec4a9f60a64f6b08066e9eeb22a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6809b4a1-e882-4032-a262-ee3ceb939a04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 9192
x-amzn-requestid: 895986d8-1db5-44f0-a1b6-bb2055bf7576
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AS_zaG8cIAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eaace2-41299d3654b9046938c6cbb0;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BxIwLcj-190cWmUXBG-uG6yHibhueXAqUTkF7_hxbMmCnV-mTXyFdA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 22:13:02 GMT
age: 40154
etag: "b604fe9d95be6fc7708819bdef34fa6b760fe745"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ba070e2-295e-485b-8bb9-cf35a649e9d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 10635
x-amzn-requestid: 98a6b744-d08f-4e53-a0b0-735b336c8513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AS_zjG9boAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eaace3-5d86345a4ee7009e61291369;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KJ56reDkEbXg0bE7sE4pB1n7Lkn1nLiKblbKM9aFYCow4tpHrIqGnw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 22:26:43 GMT
etag: "121031f827508bc441ab34387ffdf9bf878c43a9"
age: 39333
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faee02a15-8482-4f95-a7be-3d184d8c9d77.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 2360
x-amzn-requestid: f2e6dc22-444c-42af-947c-6d9d6f0253de
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AS_0iFhHIAMFjXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eaace9-18f8bade4f2ddbd0018c2117;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KnF84pWgZ03u1BhryzomWqZhN25K5_BjXzKpSRLhbI0T7yp7tQNAzg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 22:31:29 GMT
etag: "70a5fda7f3515776a08d7063619eb4a8a61efba0"
age: 39047
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F318ff2b9-f4f9-4c7a-81df-9e4b1f2674dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 11402
x-amzn-requestid: 17e77e17-627f-4070-848a-e2fba60ca596
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ATAtHGmBIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eaae53-6958c09576c288a3308a3aab;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 21:40:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Dpp-f-oSw2ecOBy3Nrkb_ijKrd0U55k1Tl_vMDvGC-9EJRRIKl6hHw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 22:14:56 GMT
age: 40040
etag: "3a8baa33c526c25a0eb42a3a777cf38eeb01b25c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /Login.php?email=&wand=f5YRC1uAjwRmsiv4jGbyM939TcgQyaQth6xtlqwWNnzeB0cZwS6kpk1lXoXQ8bJOxdfOfvkkq9SBtg5TUmnFQzflN0 HTTP/1.1
Host: m-xserver-ne-jp.e-kei.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
|
94.152.13.36
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Tue, 14 Feb 2023 09:22:13 GMT
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
Magic:
Size: 0
Md5:
Sha1:
Sha256:
Blocklists:
- openphish: Generic/Spear Phishing
|
GET /Login.php?email=&wand=weSiOvqhQgMd5Ek2ZSTfl7hICUg1k3LRpW01CvT20lr0rDZJnmUEW4qfchMykI0aLz2u0u6El7oi3kyK04n8jGoeU8 HTTP/1.1
Host: m-xserver-ne-jp.e-kei.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://m-xserver-ne-jp.e-kei.pl/Login.php?email=&wand=f5YRC1uAjwRmsiv4jGbyM939TcgQyaQth6xtlqwWNnzeB0cZwS6kpk1lXoXQ8bJOxdfOfvkkq9SBtg5TUmnFQzflN0
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
94.152.13.36
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Tue, 14 Feb 2023 09:22:14 GMT
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
Magic:
Size: 0
Md5:
Sha1:
Sha256:
Blocklists:
- openphish: Generic/Spear Phishing
|