detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Sat, 11 Mar 2023 15:23:35 GMT
Age: 36154
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
rgestaffmogive.xyz/
104.21.77.207301 Moved Permanently 0 B IP 104.21.77.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: rgestaffmogive.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 12 Mar 2023 01:26:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 12 Mar 2023 02:26:09 GMT
Location: https://rgestaffmogive.xyz/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nPeHw2p7oItd6Zl1rQNF%2BgdOXNAYHL2PbccvobK8thG3Fzp61WWPuz0SYYKPPCwqil1BsPeqX6dz5Aar%2FZ485T1qq4v%2F0Fjy66BHvypmm1vnhv1Sonpsl3O%2B1i5QJwJxBNoghI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a683f545860b4eb-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a86f9f278bfd94c396eee60204ee33c8
fd4b187ce2439b6330264e7f73713e3bd002a489
fb9e5ea6dc1eb3bbbc836695de02dcf54732c32f3077cc1992468f61ebea794e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB9E5EA6DC1EB3BBBC836695DE02DCF54732C32F3077CC1992468F61EBEA794E"
Last-Modified: Fri, 10 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10647
Expires: Sun, 12 Mar 2023 04:23:36 GMT
Date: Sun, 12 Mar 2023 01:26:09 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9ce33c47154f4826255fe9bbe54d72be
e10a363c007a6d15ed43eb35b4e5c246d85c5eed
cf423db1a8ad1dce1b5c25f6025d14411b4a46e95a6001288949f046e244bc24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF423DB1A8AD1DCE1B5C25F6025D14411B4A46E95A6001288949F046E244BC24"
Last-Modified: Fri, 10 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19650
Expires: Sun, 12 Mar 2023 06:53:39 GMT
Date: Sun, 12 Mar 2023 01:26:09 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1a564ae484daef6a82bb08116ad794eb
f75350abf28a42c16324901035889a1f3af700a1
225214187df3f50835a8aafcc4555fe47cf0b78938b71d34fb422942292b153b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "225214187DF3F50835A8AAFCC4555FE47CF0B78938B71D34FB422942292B153B"
Last-Modified: Fri, 10 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13580
Expires: Sun, 12 Mar 2023 05:12:29 GMT
Date: Sun, 12 Mar 2023 01:26:09 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 39 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash ae7cdc28d370394ffb33a6ab7116b6e8
6f4c529537b78c7b2529058105cf68f4e9ed452a
d822bea4bd5e3ab054e730077ca8dce30afa47dc328bf135178f95ad28f37dbb
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: odgC-xcrk_9RF3zTlfIkvQmA_Zueb4wzZfRPs40armpkTpPhJHVFOw==
content-encoding: gzip
via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 01:14:22 GMT
content-type: application/json
vary: Accept-Encoding
content-length: 39084
age: 707
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: o42DSK0V4Ibnvbafwp2C8cKviRwLk4UyIaHD/p0MaWKaQT6rb6VFAhTbCp4ZqyU5omB2Tr14a2I=
x-amz-request-id: P8KHF9CDC7R95ZQM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 12 Mar 2023 01:07:07 GMT
age: 1142
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 99824e6e553dd5649b1d199589a6dab2
00b2c24f6ef22620045c3b2ef7a63ea9ac8cc0a2
3a4695284040436fd256023da7d39bab8b16f8a2d4f7105c0f995f610dcab2d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A4695284040436FD256023DA7D39BAB8B16F8A2D4F7105C0F995F610DCAB2D2"
Last-Modified: Thu, 09 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6888
Expires: Sun, 12 Mar 2023 03:20:57 GMT
Date: Sun, 12 Mar 2023 01:26:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 12 Mar 2023 01:09:10 GMT
content-type: application/json
age: 1019
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 12 Mar 2023 01:26:09 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash cdba757c67ed11f77d4bbe077c515a2f
de5484b5bc34d9c36829f3e854a89b0d685f4fc8
dc0ec77b9c55e529698a8a2768f974e9017a4dad190447c6121e8ecd976a6eb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6548
Cache-Control: max-age=148717
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 01:26:10 GMT
Etag: "640cb28b-1d7"
Expires: Mon, 13 Mar 2023 18:44:47 GMT
Last-Modified: Sat, 11 Mar 2023 16:55:39 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 34074a698d329d4ef360e4e7e1d233e6
6b6a57a57c5b9e486faf50ff03acfd0ba2c13f14
bf3031c8640f9bc3d1ab94e5e45cdba32f39cc4590f11821317fdce573012fb9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF3031C8640F9BC3D1AB94E5E45CDBA32F39CC4590F11821317FDCE573012FB9"
Last-Modified: Thu, 09 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2361
Expires: Sun, 12 Mar 2023 02:05:31 GMT
Date: Sun, 12 Mar 2023 01:26:10 GMT
Connection: keep-alive
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Sat, 11 Mar 2023 15:23:35 GMT
Age: 36155
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, ETag, Backoff, Expires, Alert, Pragma, Cache-Control, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 12 Mar 2023 01:06:47 GMT
age: 1163
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
52.27.222.34200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 52.27.222.34:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Sun, 12 Mar 2023 01:26:10 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
push.services.mozilla.com/
52.40.68.141101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.68.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m8K1opw5fnxGdx8d7P6GVg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VU3IretRojPkHwDDcGu7e9dt0VA=
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221678568236249%22
35.241.9.150200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221678568236249%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (22067), with no line terminators
Hash 196e3940c11b8376e45859111b43ef0f
3e24555b7ddd68c993bb37f669d64697a020ac0f
f2bf58a8b1e391900d5afc202b41058c33a8d06bc9d8d8784f45569e7aa8a887
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221678568236249%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 22067
via: 1.1 google
date: Sun, 12 Mar 2023 01:02:01 GMT
age: 1449
last-modified: Sat, 11 Mar 2023 20:57:16 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1677879347585&_since=%221643818378440%22
35.241.9.150200 OK 9.1 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1677879347585&_since=%221643818378440%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (9105), with no line terminators
Hash b133f3016a86778a3209d04556a44e32
347c03ef016a2475b07a4dfad57fa87f3c3f499c
187b48ee1f810ea16219ead8790471f44d911bbb4d98b85ff94996c0f6abecfe
GET /v1/buckets/blocklists/collections/gfx/changeset?_expected=1677879347585&_since=%221643818378440%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 9105
via: 1.1 google
date: Sun, 12 Mar 2023 00:52:24 GMT
age: 2026
last-modified: Sat, 11 Mar 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: HvDYYVg8PxEct0H8iH5nkoLOiZu2zg4hsRhmJ3tA+qhiLovFsHQQrjQBA5ccHdmAkCG9ynNUnlo=
x-amz-request-id: TQ4NX32KV8KQKQR0
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 12 Mar 2023 00:45:45 GMT
age: 2425
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1678235841178&_since=%221666204638208%22
35.241.9.150200 OK 39 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1678235841178&_since=%221666204638208%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (38565), with no line terminators
Hash 92d8254fc225725cb2c00e73b29b2ae4
467765c66cea430f5777a04ffe29e08b9ac4d6a0
db6b068d9a92b115b989a81f8d1a9411cdee0957ea9088127ab39978cbd3199f
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1678235841178&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 38565
via: 1.1 google
date: Sun, 12 Mar 2023 01:07:57 GMT
age: 1093
last-modified: Wed, 08 Mar 2023 00:37:21 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 12 Mar 2023 01:09:10 GMT
content-type: application/json
age: 1020
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8b7913b6c169db0dea2e8e6f8aedb024
0d625f2005946d39426bf930b0bb00e2720b5964
4b06dbc6e4297f8d32b61e14162b51ba6dd10420fcd42ef52217b6d51fb91de6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B06DBC6E4297F8D32B61E14162B51BA6DD10420FCD42EF52217B6D51FB91DE6"
Last-Modified: Fri, 10 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14828
Expires: Sun, 12 Mar 2023 05:33:18 GMT
Date: Sun, 12 Mar 2023 01:26:10 GMT
Connection: keep-alive
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
34.111.73.144200 OK 807 kB URL HTTP/2 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
IP 34.111.73.144:0
Size 807 kB (807180 bytes)
Hash 914be443bdfbe8a1c3ded61e1c114bd6
4fe7c5ff83f6a29e6699f4cebc17550891504661
41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857
GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EGrrl3iHnmN/7WEJX7kls5Q5g248hcG7vM+TZBSUxNBwSsiJN9PKyCrI958muBGg9gOEKMNx3S0=
x-amz-request-id: 6F8R8QJC1A5JXHFK
x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7
accept-ranges: bytes
server: AmazonS3
content-length: 807180
via: 1.1 google
date: Wed, 08 Mar 2023 12:56:00 GMT
age: 304210
last-modified: Tue, 10 Jan 2023 12:38:46 GMT
etag: "914be443bdfbe8a1c3ded61e1c114bd6"
content-type: application/octet-stream
cache-control: public,max-age=604800
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1678508165816&_since=%221666279968541%22
35.241.9.150200 OK 83 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1678508165816&_since=%221666279968541%22
IP 35.241.9.150:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8cbb6364d2a3045c368172f7e55b823f
1150a575f7dcbb58f3e1107783b4b24f14ddbba0
6cfa05c9a410424eb22d950935f8ec01859ccbea8d8cd1f5a6d4c77ad49cca2c
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1678508165816&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 83206
via: 1.1 google
date: Sun, 12 Mar 2023 01:02:51 GMT
age: 1400
last-modified: Sat, 11 Mar 2023 04:16:05 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1678492875047&_since=%221666483264567%22
35.241.9.150200 OK 52 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1678492875047&_since=%221666483264567%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (52321), with no line terminators
Hash f279a03d40758c3cba1e62f4666213f9
325b31725e101a54937059537a96f3217aa2ba8c
8f18187378a90807a595a601c4b6fdced77c296d97eb54e0d6eb45f0b82e0b02
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1678492875047&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 52321
via: 1.1 google
date: Sun, 12 Mar 2023 01:02:52 GMT
age: 1399
last-modified: Sat, 11 Mar 2023 00:01:15 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22
35.241.9.150200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (22470), with no line terminators
Hash 874fe8a0b671cc454b734f04aa4ebed5
e50f692b68926aecd7c29a5bc7742e86b5b6c946
9869c97439e63c2e52c9cf89d0c7a3ea47fd8331f465854723f546f214850722
GET /v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 22470
via: 1.1 google
date: Sun, 12 Mar 2023 00:38:12 GMT
age: 2879
last-modified: Fri, 10 Mar 2023 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
35.241.9.150200 OK 2.4 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (2387), with no line terminators
Hash 17cea9e6c9b3440a87e38aff3317f59d
df7868616abeba4ecc07a67645eec3d92822f1c8
c9572b650ea3b016147836e1c4d7c5daeff8b8f09d397a1d6421174514d1a013
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2387
via: 1.1 google
date: Sun, 12 Mar 2023 01:02:52 GMT
age: 1399
last-modified: Fri, 10 Mar 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
35.241.9.150200 OK 681 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (681), with no line terminators
Hash 06849396e8224a632b1b6080df499692
3543fd58ea1aaa0a43a050c359e597ebf0be27a4
87d936fd01217124eceb639d7cca0d4a597f794c7fa6a22fed46312918c079f4
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Pragma, Last-Modified, ETag, Retry-After, Cache-Control, Content-Type, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 681
via: 1.1 google
date: Sun, 12 Mar 2023 01:11:21 GMT
age: 890
last-modified: Thu, 09 Mar 2023 16:36:57 GMT
etag: "1678379817030"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
35.241.9.150200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1718), with no line terminators
Hash 136242fe65a8e0feeddc1d2ee231be10
a79f677c8972c90507bfda2fba3614754e1bf899
ccc405689ffa5bcdd43e4c4cc94ed9284e0f20e20281c6a3b2820ab341ef92e5
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1718
via: 1.1 google
date: Sun, 12 Mar 2023 00:28:40 GMT
age: 3451
last-modified: Thu, 09 Mar 2023 16:36:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
35.241.9.150200 OK 1.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1250), with no line terminators
Hash 3987da189d430f8c568fc6bb0bf9a703
48795f72dfddb19bd913d71b40a7ad5fa538e14b
b85cf27c188a5d9da197fa766f99f9fe9d1bb665f4c318bec000cf637bdbb169
GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1250
via: 1.1 google
date: Sun, 12 Mar 2023 00:50:21 GMT
age: 2150
last-modified: Thu, 09 Mar 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
35.241.9.150200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1742), with no line terminators
Hash ff48c589b33d4a42f5ff4024bc41478a
1906eff2f35e545df5669685709dfcc44756fd93
3fe886730727c42da4e4f9a2ac3038f0e9d5708ef34bb5f02356efda7e2bb7b8
GET /v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1742
via: 1.1 google
date: Sun, 12 Mar 2023 00:33:21 GMT
age: 3170
last-modified: Thu, 09 Mar 2023 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
35.241.9.150200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1505), with no line terminators
Hash 26f956e8a298cd002dc7a269de09a20b
24b54d7e7ca0248edbe06641628816e3837e6a0c
fb2123010d1495facec75fd27e52e18daa1eed8f2bdf9de2656d3410632d7334
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1505
via: 1.1 google
date: Sun, 12 Mar 2023 00:44:50 GMT
age: 2481
last-modified: Tue, 07 Mar 2023 16:36:48 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
35.241.9.150200 OK 935 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (935), with no line terminators
Hash 378c6ec9df2ec5293661e0c9147a6e41
ae37594f50234ff3d9e633da61e9c396a3cc64fc
1cab8bc35416690ca039bfe690140f0a7bde440c909cd55b3de8f0e0d18fda11
GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 935
via: 1.1 google
date: Sun, 12 Mar 2023 00:32:37 GMT
age: 3214
last-modified: Tue, 07 Mar 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22
35.241.9.150200 OK 7.0 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (6983), with no line terminators
Hash 789a069349090c38b1045f1c53560dfb
a26c90aa66c299cc87b74e28d726da130b30cc75
0c068d5a0f3167ec4ed4bf171bbabacf1fd871ad81fa03d9d879feb4961fb18f
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 6983
via: 1.1 google
date: Sun, 12 Mar 2023 00:35:53 GMT
age: 3018
last-modified: Tue, 07 Mar 2023 15:15:19 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3226
Expires: Sun, 12 Mar 2023 02:19:57 GMT
Date: Sun, 12 Mar 2023 01:26:11 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3226
Expires: Sun, 12 Mar 2023 02:19:57 GMT
Date: Sun, 12 Mar 2023 01:26:11 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3226
Expires: Sun, 12 Mar 2023 02:19:57 GMT
Date: Sun, 12 Mar 2023 01:26:11 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3226
Expires: Sun, 12 Mar 2023 02:19:57 GMT
Date: Sun, 12 Mar 2023 01:26:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26033b42139d27c847cf9881a17e0332
b196fbef36c2a5242abfc5d7115f1efd39499453
028dd1c86eaab6b991ad3dcb7fda21cdcfe8f9b22155c6bcb9363fbe379096ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4512
x-amzn-requestid: e9ba0dc3-3e1a-4ff5-8d0d-57386ced2fb1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BotIeGZ-IAMFmBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf569-1a45fa73148fb01f3822ee29;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:40:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: wkfdSY68kDN6OsZ-rUHVYuqwBOHFh2lupX6GUYdmi25d3Ae2CEl6vw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d15b6a95f7c8298444f59a99d8027cec.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:40:57 GMT
age: 13514
etag: "b196fbef36c2a5242abfc5d7115f1efd39499453"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be71491cee9b47dc3ffb23b4fdff25b3
79c7d22c8df6d305f46c5779ccb9f25169d4d111
e785896e5840fb901ddd0118bef3ccad6b59a96d8eef0e8ccd9c95a3c261ba45
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8487
x-amzn-requestid: 92381f1a-0140-47e9-a971-594a7de36c3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BkEcBGizoAMFgOA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640b1ab3-1a54b65a5d7083e62dcb85ab;Sampled=0
x-amzn-remapped-date: Fri, 10 Mar 2023 11:55:31 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Nn4eV-UeuWZ02ANOxzTUSgE4UODtaZxeIjp8UJfU8PgUny2shFaDjQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:42:25 GMT
age: 13426
etag: "79c7d22c8df6d305f46c5779ccb9f25169d4d111"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd79ce52-61f2-47b0-a88d-03f2fe3aa889.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd79ce52-61f2-47b0-a88d-03f2fe3aa889.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fd5c28821c8bf2d62d0c4332f06bd71
6e2c08457854437b2b851340277d31439e5ab470
86725a37e80a10c5b0b52a10e498225d97565752ec25303cb159a34386a49523
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd79ce52-61f2-47b0-a88d-03f2fe3aa889.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8845
x-amzn-requestid: b556bc0e-9cf5-4062-9df4-0ccee00cbab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BoswFH5soAMF2SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf4cd-0ba8e60549c78f9d3b720a20;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:38:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: NkwWf1xpGvLrLBG0HbYXV5VH69eG_pxwZtI2-Kp_pilWEmUywXihGQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ac463f3377446e4c603deca30feb744a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 22:15:44 GMT
etag: "6e2c08457854437b2b851340277d31439e5ab470"
content-type: image/jpeg
age: 11427
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13023a0e-6076-492b-85f7-561f44c10dbc.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13023a0e-6076-492b-85f7-561f44c10dbc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eec0a8ace7d436f1b1274597ce85d1e5
b77e1a9598e9623fa633adc18cf1109420f93f85
aae51362b60519c7193c4c8b71215147d382e337ac257ce1aed362b05f840db9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13023a0e-6076-492b-85f7-561f44c10dbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8229
x-amzn-requestid: d45ea140-a43e-4c2d-8aea-0f15df3f2385
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BoszIHh_IAMF-qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf4e0-714cd100321abf0f2b27939d;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: MWzxECUzh6ZVuXfHr8wzJEcfxJbVgK8sM_wYPGALRCwbCW-h4HpK_Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:57:00 GMT
age: 12551
etag: "b77e1a9598e9623fa633adc18cf1109420f93f85"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadb67293-98ca-46f9-9626-0fdc2b3607f1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadb67293-98ca-46f9-9626-0fdc2b3607f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3758d9695ad881041587efdf68c75cb6
234720cec03e5bca4269c85eff6e98cf83a68417
7a01c86ec4b12c13b3aff4d36abec7c81110af4b1d30c036ba83b19d6aa43f9f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadb67293-98ca-46f9-9626-0fdc2b3607f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11575
x-amzn-requestid: 50efdf75-0e90-4442-823f-5d4d3b9b2c6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BotK5FrXIAMFkIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf578-12d61d395b5bf4bd0d21a737;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:41:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: JnfdvK366uXy83DrdBGRb51HkX9Gwkmhu0_c_-W8B6uiucELJcja_Q==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:57:01 GMT
etag: "234720cec03e5bca4269c85eff6e98cf83a68417"
content-type: image/jpeg
age: 12550
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1645617e-315b-4828-a837-6f43c26239f3.webp
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1645617e-315b-4828-a837-6f43c26239f3.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a260ac2164ba9dcf80a9d9785b00b64
8440defe1b992f47d6cc744ea89149f570129630
06f9cd692a85c54e65efba8deded48dbd13fb4bac84e5adb601b6dd872037d9a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1645617e-315b-4828-a837-6f43c26239f3.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3749
x-amzn-requestid: 21224146-a517-4aa7-9107-eb0f533d5b62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bosz6E4IIAMFZUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf4e5-6e6b5aa1791c251476ab1627;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 7-WzINx5n-GoaLcRiz4OfIWSLZnNC4dsN75io8AMN3mGPEL39sXt9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:57:02 GMT
age: 12549
etag: "8440defe1b992f47d6cc744ea89149f570129630"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.mercdn.net/item/detail/orig/photos/m502340975_1.jpg?1479701585
199.232.214.131200 OK 98 kB URL HTTP/2 static.mercdn.net/item/detail/orig/photos/m502340975_1.jpg?1479701585
IP 199.232.214.131:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x721, components 3\012- data
Hash 0af8b109d6059467039dd7ea9c6c95c3
8f6f04aa6db241511885d78fe8f5060871c0440b
0503a5752803024cd1926a4866d0712a56835b611e1ab295f386629fe8e51f9e
GET /item/detail/orig/photos/m502340975_1.jpg?1479701585 HTTP/1.1
Host: static.mercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgestaffmogive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
cache-control: max-age=315360000
etag: W/"EECAmR2I0ZRlUnQyWCIAAAAiMzU2N2U2MmRiY2Y5MTRiMDIyOWI5ZTc3YTBjNzJhZjgi"
last-modified: Mon, 21 Nov 2016 04:13:06 GMT
x-amz-id-2: wj8I8GSPB7MboTRCRXqT5y6vlNLB1daKaDmJCYteyuxs02QdvygB97OwosnsvQmeCY+MaTRv6Hw=
x-amz-request-id: RX2MZNZZ87XHBS3D
x-amz-version-id: null
via: http/1.1 rear.sv102 (ATS [cMsSfW]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
accept-ranges: bytes
date: Sun, 12 Mar 2023 01:26:16 GMT
age: 2186057
x-served-by: cache-tyo11969-TYO, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 222, 1
x-timer: S1678584376.278484,VS0,VE1
access-control-allow-origin: *
content-length: 97769
X-Firefox-Spdy: h2
static.mercdn.net/item/detail/orig/photos/m61307427453_1.jpg?1663308712
199.232.214.131200 OK 27 kB URL HTTP/2 static.mercdn.net/item/detail/orig/photos/m61307427453_1.jpg?1663308712
IP 199.232.214.131:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x640, components 3\012- data
Hash e297d86524a88afa7f6ed830c77feeeb
92eac77682aecbefe7695b8711c4894e13b78ec6
495a94733c3e0b6a8cc1189dee44233fffc095f6ab4f021c90acf6a441ed4bac
GET /item/detail/orig/photos/m61307427453_1.jpg?1663308712 HTTP/1.1
Host: static.mercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgestaffmogive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
cache-control: max-age=315360000
etag: W/"EIpZR48CYs1OqRMkYyIAAAAiZWNmMzNhNWQyYjhmZDBiYWI4ZWE4ZDEwZmU1Yjc5NzAi"
last-modified: Fri, 16 Sep 2022 06:11:53 GMT
x-amz-id-2: Sc/uIJqk/8MEJ3xJda4pEyXzHHFHjNrnGfpVqMEmSlRyQUsXrRWW7EyYOFL/M+ropwyU/xCl2fw=
x-amz-request-id: P9SEYDBV2H4DNGFM
x-amz-version-id: Zp0mH8rGZMNvP5XGttWFlMRhEQeGLrM_
via: http/1.1 rear.sv101 (ATS [cMsSfW]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
accept-ranges: bytes
date: Sun, 12 Mar 2023 01:26:16 GMT
age: 3369677
x-served-by: cache-tyo11944-TYO, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 245, 1
x-timer: S1678584376.280341,VS0,VE1
access-control-allow-origin: *
content-length: 26915
X-Firefox-Spdy: h2
static.mercdn.net/item/detail/orig/photos/m91269632399_1.jpg?1662618673
199.232.214.131200 OK 33 kB URL HTTP/2 static.mercdn.net/item/detail/orig/photos/m91269632399_1.jpg?1662618673
IP 199.232.214.131:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x640, components 3\012- data
Hash cc7e8ee1a2df0471ee86829588e7552c
dc57eddd73b7ce3a312a20e128e052d7ecafd815
120351749a85de1dd325cb8c6ce158aa2786cffa871820d931cd07b91c13a234
GET /item/detail/orig/photos/m91269632399_1.jpg?1662618673 HTTP/1.1
Host: static.mercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgestaffmogive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
cache-control: max-age=315360000
etag: W/"EJMtr9F1ynj6MowZYyIAAAAiY2M3ZThlZTFhMmRmMDQ3MWVlODY4Mjk1ODhlNzU1MmMi"
last-modified: Thu, 08 Sep 2022 06:31:14 GMT
x-amz-id-2: 4XKQtnul6LU+JiA8OXta80T6VJhvzt8/ahCbecyxH8UBwu2g8xwHaoByHNyVz/ZkfGSI4PwVuu0=
x-amz-request-id: 1YC3VY1SKCMAC0E1
x-amz-version-id: nWmKmte3zWeUyVQgl47vAZBXs.gLEpfh
via: http/1.1 rear.sv113 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
accept-ranges: bytes
date: Sun, 12 Mar 2023 01:26:16 GMT
age: 3395244
x-served-by: cache-tyo11961-TYO, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 329, 1
x-timer: S1678584376.279855,VS0,VE1
access-control-allow-origin: *
content-length: 32829
X-Firefox-Spdy: h2
static.mercdn.net/item/detail/orig/photos/m57782927115_1.jpg?1667175665
199.232.214.131200 OK 76 kB URL HTTP/2 static.mercdn.net/item/detail/orig/photos/m57782927115_1.jpg?1667175665
IP 199.232.214.131:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 700x700, components 3\012- data
Hash 72f9a200a767036ded5e6ae3fd99cbe0
c3b22193765f1a98547308d3da96fa51433f6687
a1fea120937bdde7e318f1e7a67dccd2858a4817d95f321493c070087151d309
GET /item/detail/orig/photos/m57782927115_1.jpg?1667175665 HTTP/1.1
Host: static.mercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgestaffmogive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
cache-control: max-age=315360000
etag: W/"ED5yiRYDwKz58hRfYyIAAAAiNjJjZmZkMmVkNzUwMDkxMzg5OTM0YzhiMmNjMTE5NDAi"
last-modified: Mon, 31 Oct 2022 00:21:06 GMT
x-amz-id-2: KwuWNarUTfwH5St7LPovlxKwTpZBvN7GFcTSxeiwIKTq4MgB6CeCTl4S0ZwIafrM+vT409oZ39k=
x-amz-request-id: S38KWV9HBDXJ19FG
x-amz-version-id: bg3uf_9ZQEV2maARuO8brAR26ad8Ip8z
via: http/1.1 rear.sv127 (ATS [cMsSfW]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
accept-ranges: bytes
date: Sun, 12 Mar 2023 01:26:16 GMT
age: 5291185
x-served-by: cache-tyo11935-TYO, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 38, 1
x-timer: S1678584376.284854,VS0,VE1
access-control-allow-origin: *
content-length: 76497
X-Firefox-Spdy: h2
static.mercdn.net/item/detail/orig/photos/m16938788960_1.jpg?1631013895
199.232.214.131200 OK 82 kB URL HTTP/2 static.mercdn.net/item/detail/orig/photos/m16938788960_1.jpg?1631013895
IP 199.232.214.131:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Hash dffae17e5eabad3c2ba20b5b1ccea404
25c24499c001393b16bdb10621f141af1bbbf056
4d3f3ba89d1cd6a09ec89f3c54f0ac2845f52a3e796e4b11d1b285fbc23e1701
GET /item/detail/orig/photos/m16938788960_1.jpg?1631013895 HTTP/1.1
Host: static.mercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgestaffmogive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
cache-control: max-age=315360000
etag: W/"ELGkPbFYOn-hCEw3YSIAAAAiNGMwM2E0YzRkN2IzZTE3NGJhNmQ3YWUxODlmMzIyYzQi"
last-modified: Tue, 07 Sep 2021 11:24:56 GMT
x-amz-id-2: NCjbcIga+651Nm6QceyB897CJJm88hml8doeHP/EI8M0KevK63Fhn+XIrhIl1mcojdl3PLvbZnc=
x-amz-request-id: 8P56FVT376GDQ27X
x-amz-version-id: NyvF.QHqAFkGBLq9Ua6vI1jWAgaq48R4
via: http/1.1 rear.sv102 (ATS [cMsSfW]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
accept-ranges: bytes
date: Sun, 12 Mar 2023 01:26:16 GMT
age: 4694399
x-served-by: cache-tyo11922-TYO, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 301, 1
x-timer: S1678584376.278734,VS0,VE1
access-control-allow-origin: *
content-length: 82448
X-Firefox-Spdy: h2
static.mercdn.net/item/detail/orig/photos/m65378298040_1.jpg?1669530444
199.232.214.131200 OK 45 kB URL HTTP/2 static.mercdn.net/item/detail/orig/photos/m65378298040_1.jpg?1669530444
IP 199.232.214.131:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x720, components 3\012- data
Hash b28082f7c86748fe2cbca464b76550da
02f8a0f80ba7816a84554d3353f3d11e1c0bd024
ed9c492ba2d07ea2aec74b3a537f69aa34c706bcdd1f45ef36080c262ed05ee0
GET /item/detail/orig/photos/m65378298040_1.jpg?1669530444 HTTP/1.1
Host: static.mercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgestaffmogive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
cache-control: max-age=315360000
etag: W/"ELxMpcmSc6efTQODYyIAAAAiNDIwZmFhNWViODI4NzQ4YThjNTgxMTRhZGQ3Y2RiOTEi"
last-modified: Sun, 27 Nov 2022 06:27:25 GMT
x-amz-id-2: 9DpgXRLil260jHqLqK86Eir6aPDXH9jSOc6bpdoy02PpzaJ570+WvJvqmFXePctUVBTK3GT3/4Y=
x-amz-request-id: 23M9KPEVCN3TN68Y
x-amz-version-id: DBSKVSswctWdNl0sce_7o02UmmjbrVm5
via: http/1.1 rear.sv115 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
accept-ranges: bytes
date: Sun, 12 Mar 2023 01:26:16 GMT
age: 1016299
x-served-by: cache-tyo11979-TYO, cache-bma1679-BMA
x-cache: HIT, MISS
x-cache-hits: 25, 0
x-timer: S1678584376.278843,VS0,VE256
access-control-allow-origin: *
content-length: 45009
X-Firefox-Spdy: h2
static.mercdn.net/item/detail/orig/photos/m78721488338_1.jpg?1667493609
199.232.214.131200 OK 31 kB URL HTTP/2 static.mercdn.net/item/detail/orig/photos/m78721488338_1.jpg?1667493609
IP 199.232.214.131:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 605x720, components 3\012- data
Hash 12cd5208afa5be66cc755659bdbc9e57
8f809649fe8f1c6476811616d517e548f5bcaf7d
1102d8e56c8355c0e38fcdafc7bf482e8de25904e38457455b5e4fb779670660
GET /item/detail/orig/photos/m78721488338_1.jpg?1667493609 HTTP/1.1
Host: static.mercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgestaffmogive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
cache-control: max-age=315360000
etag: W/"EEughzUFJYVV6u5jYyIAAAAiOTU0ZTc1Y2RmMjk1ZWU3OTNhZTlhNjlkNDI5NGE4ODgi"
last-modified: Thu, 03 Nov 2022 16:40:10 GMT
x-amz-id-2: mf414AilLRjnedTApz7A5fOzXfs3OEOLESFSz5qlW3waFnpBZNW1ibVCOaFNTV3pB73ZN9c/eRw=
x-amz-request-id: A2WPZ9N0M5JTFR9N
x-amz-version-id: OO.xUujElqTgUkcAnhU._d0ck_w9qzFG
via: http/1.1 rear.sv127 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
accept-ranges: bytes
date: Sun, 12 Mar 2023 01:26:16 GMT
age: 417121
x-served-by: cache-tyo11947-TYO, cache-bma1679-BMA
x-cache: HIT, MISS
x-cache-hits: 2, 0
x-timer: S1678584376.284836,VS0,VE257
access-control-allow-origin: *
content-length: 31030
X-Firefox-Spdy: h2
static.mercdn.net/item/detail/orig/photos/m57711244630_1.jpg?1641694219
199.232.214.131200 OK 92 kB URL HTTP/2 static.mercdn.net/item/detail/orig/photos/m57711244630_1.jpg?1641694219
IP 199.232.214.131:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 810x1080, components 3\012- data
Hash c3079a21ecc88e830776a502e127906d
1a67fa664ab931e94953056e401b565727afd8ab
963719685f94643c2cc515d4970e03bb6a78782ce597bd79b678f1eb086d53f1
GET /item/detail/orig/photos/m57711244630_1.jpg?1641694219 HTTP/1.1
Host: static.mercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgestaffmogive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
cache-control: max-age=315360000
etag: W/"EJ-pMzsTv-DsDETaYSIAAAAiYmRjMzBiMTBjY2NjYTgwOWQ0Njk1ZWQ2MGU1YmYxNTAi"
last-modified: Sun, 09 Jan 2022 02:10:20 GMT
x-amz-id-2: 28SYWpinAz3/FzkK578FcI/x8sJe13h+oChsVg2a2fLomZ6k2PCoaaurJagAcLjohSM93WZE7NI=
x-amz-request-id: HC5HCSZ5KJJ8HTTG
x-amz-version-id: ZURtasuTH.9PDK9ZoCcYAco_o1b9liUP
via: http/1.1 rear.sv103 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
accept-ranges: bytes
date: Sun, 12 Mar 2023 01:26:16 GMT
age: 348034
x-served-by: cache-tyo11976-TYO, cache-bma1679-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1678584376.284757,VS0,VE262
access-control-allow-origin: *
content-length: 92549
X-Firefox-Spdy: h2
static.mercdn.net/item/detail/orig/photos/m54331655270_1.jpg?1653726164
199.232.214.131200 OK 19 kB URL HTTP/2 static.mercdn.net/item/detail/orig/photos/m54331655270_1.jpg?1653726164
IP 199.232.214.131:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x720, components 3\012- data
Hash 0d316e5d849d99eb2eb6ba81e41b5c64
1aa26d459eaa29ccb0a4163fbea6689f43d26381
3b3c938a9c024c6324796dd6d7b51acf34e529d9eba2bdb16744eaced9affdf4
GET /item/detail/orig/photos/m54331655270_1.jpg?1653726164 HTTP/1.1
Host: static.mercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgestaffmogive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
cache-control: max-age=315360000
etag: W/"ECG_sytZ7yAh1duRYiIAAAAiOWUyNzE2YjY3MDM2NjdhNzBlNjIyNGI1M2JlY2Y0MGIi"
last-modified: Sat, 28 May 2022 08:22:45 GMT
x-amz-id-2: EfCbB3U/Ld67hNhrY6EgRjQA3Or7oF5HfrITx/90AdtRLskEqQf/66uq8KlWBNu7PvEBNpdhTU8=
x-amz-request-id: HE5DV95RMWZ2W2R3
x-amz-version-id: X6P.HCeBU5.bO29faSGOZsIVUtxgQq1C
via: http/1.1 rear.sv116 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
accept-ranges: bytes
date: Sun, 12 Mar 2023 01:26:16 GMT
age: 571112
x-served-by: cache-tyo11946-TYO, cache-bma1679-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1678584376.284774,VS0,VE278
access-control-allow-origin: *
content-length: 19176
X-Firefox-Spdy: h2
static.mercdn.net/item/detail/orig/photos/m22693969585_1.jpg?1647334172
199.232.214.131200 OK 39 kB URL HTTP/2 static.mercdn.net/item/detail/orig/photos/m22693969585_1.jpg?1647334172
IP 199.232.214.131:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x540, components 3\012- data
Hash 0e1ac002151c3c664f928c95bea2331d
6b50070a21f9e3b511f795c7a57e592d3e22d866
f821ede346091716e5e4b0934087b99add808a6ccee704ae40ea34029bb9e948
GET /item/detail/orig/photos/m22693969585_1.jpg?1647334172 HTTP/1.1
Host: static.mercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgestaffmogive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
cache-control: max-age=315360000
etag: W/"ENN3FtzZfJgPHVMwYiIAAAAiN2UxNzg4M2FlZjkwMzVmNGE4NDU5MWM5MzBmMTdiNzki"
last-modified: Tue, 15 Mar 2022 08:49:33 GMT
x-amz-id-2: t6imkA//NKL1hxAWWolcUyXSNSQ10Q0K/oVxE/qn8jsy3wVlGTNXXL8EU2WPe0xA1bXqSYwbESU=
x-amz-request-id: TZ92Y7WA3VPAECDB
x-amz-version-id: Fd1dXGQnm1WyKhfNqNJshw.3GQqM4Z9n
via: http/1.1 rear.sv106 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
accept-ranges: bytes
date: Sun, 12 Mar 2023 01:26:16 GMT
age: 916294
x-served-by: cache-tyo11975-TYO, cache-bma1679-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1678584376.278366,VS0,VE292
access-control-allow-origin: *
content-length: 38704
X-Firefox-Spdy: h2
static.mercdn.net/item/detail/orig/photos/m84779380619_1.jpg?1646655574
199.232.214.131200 OK 34 kB URL HTTP/2 static.mercdn.net/item/detail/orig/photos/m84779380619_1.jpg?1646655574
IP 199.232.214.131:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x720, components 3\012- data
Hash f45951faaab88195b60d6cf5a216d09a
414a6bff56bf8740c3999ccec52af607a6b10be2
2f0997f6730ca47483e72f183fbd2a09a0eb73ae2dfa93a14c5cd42a492647b3
GET /item/detail/orig/photos/m84779380619_1.jpg?1646655574 HTTP/1.1
Host: static.mercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgestaffmogive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
cache-control: max-age=315360000
etag: W/"ED40KbFGr6QuV_glYiIAAAAiNzk1MDI3YTFhOTljMzc4ZDhjOTk2ZDJhZTFhOTY1MWEi"
last-modified: Mon, 07 Mar 2022 12:19:35 GMT
x-amz-id-2: iRCp1O2VLUOn+81eXdL9C4Z++UjmcFvtp1Ck6Jtk7nrUDH+bLiVXPFc6ky8bXwDdIBrH6JFz4hI=
x-amz-request-id: EX9F1C7S038XG6B9
x-amz-version-id: aATl53A4d9EgmFc_b7k.hpmgHvw3QH51
via: http/1.1 rear.sv127 (ATS [cMsSfW]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
accept-ranges: bytes
date: Sun, 12 Mar 2023 01:26:16 GMT
age: 0
x-served-by: cache-tyo11974-TYO, cache-bma1679-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1678584376.284806,VS0,VE305
access-control-allow-origin: *
content-length: 34138
X-Firefox-Spdy: h2
static.mercdn.net/item/detail/orig/photos/m62509339695_1.jpg?1669880499
199.232.214.131200 OK 67 kB URL HTTP/2 static.mercdn.net/item/detail/orig/photos/m62509339695_1.jpg?1669880499
IP 199.232.214.131:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Hash 44ec81a76a1abac680f0a115880efe7c
c6beb1ad65462a96328c595b65da26c9250a8bd0
6d75818f66cd696f6810cc2019734eeeaaa6b2bb0d22b65e2ea0dc066d91fb9f
GET /item/detail/orig/photos/m62509339695_1.jpg?1669880499 HTTP/1.1
Host: static.mercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgestaffmogive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
cache-control: max-age=315360000
etag: W/"EBEpEFhl2x8ItFqIYyIAAAAiYzVkNzgzYWM4MjJmY2M2Y2QxMGNmZjg5YWE1NjhkMzMi"
last-modified: Thu, 01 Dec 2022 07:41:40 GMT
x-amz-id-2: j3/dA4BuoVLqBWxh45+PfWPp10wv1bkeEis7YaSPSXcByfaUaYAZP44R5Ks17ZZwGfRHtvS5r2s=
x-amz-request-id: SK95KCVBTN6DCM59
x-amz-version-id: p8nXb.dGi2rh1t45jAo3cOxT_zHMIz5E
via: http/1.1 rear.sv114 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
accept-ranges: bytes
date: Sun, 12 Mar 2023 01:26:16 GMT
age: 949642
x-served-by: cache-tyo11978-TYO, cache-bma1679-BMA
x-cache: HIT, MISS
x-cache-hits: 17, 0
x-timer: S1678584376.278118,VS0,VE313
access-control-allow-origin: *
content-length: 66874
X-Firefox-Spdy: h2
static.mercdn.net/item/detail/orig/photos/m70547971490_1.jpg?1643466430
199.232.214.131200 OK 82 kB URL HTTP/2 static.mercdn.net/item/detail/orig/photos/m70547971490_1.jpg?1643466430
IP 199.232.214.131:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x720, components 3\012- data
Hash 6145e556842466e0b5271bf64a9dd360
518c1041be12804de7d2899d49e19725a3162184
404fe6ed8ce2789c4dab96b1745aaf6421fb7276c9739dcecda7fd3370a0c3f0
GET /item/detail/orig/photos/m70547971490_1.jpg?1643466430 HTTP/1.1
Host: static.mercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgestaffmogive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
cache-control: max-age=315360000
etag: W/"ECGKpLA54ufVv071YSIAAAAiNWJjMTU4NTdiNDYxOTBhMDQzZmJkMGUwNWYxMjI2MDYi"
last-modified: Sat, 29 Jan 2022 14:27:11 GMT
x-amz-id-2: eI/BdFAqg9F0pbzAhA6j79N5TKodKKR4qhgMylHEyWGeA5+I3s8PUYXSBEQWsaRnmED09vMhpf4=
x-amz-request-id: XVWRC0A9972V71SN
x-amz-version-id: AXiSV8KnxESPVVpogAFzp5dZGB11v6gx
via: http/1.1 rear.sv122 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
accept-ranges: bytes
date: Sun, 12 Mar 2023 01:26:16 GMT
age: 378388
x-served-by: cache-tyo11964-TYO, cache-bma1679-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1678584376.278938,VS0,VE319
access-control-allow-origin: *
content-length: 81862
X-Firefox-Spdy: h2
static.mercdn.net/item/detail/orig/photos/m95934382733_1.jpg?1643005199
199.232.214.131200 OK 186 kB URL HTTP/2 static.mercdn.net/item/detail/orig/photos/m95934382733_1.jpg?1643005199
IP 199.232.214.131:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 186 kB (186248 bytes)
Hash 74a8826178d6a5b25fffe8a103540b00
c916149a924a84b4f48b4adc2417fb68aed98df3
41d3c2c64d4b88d2a1aea0c820e4c75cadbef8339f6ae0fb655070c3f087a3a0
GET /item/detail/orig/photos/m95934382733_1.jpg?1643005199 HTTP/1.1
Host: static.mercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgestaffmogive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
cache-control: max-age=315360000
etag: W/"ENs9tpJPlj8TEEXuYSIAAAAiMTQ5MDc5NDg1ZDBmYTJlMDYyNGRlNzIyZmE3ZTFjNDQi"
last-modified: Mon, 24 Jan 2022 06:20:00 GMT
x-amz-id-2: XW9yU3Tu0ec9HBbE2DMGbKpJFqvBcLY/ghkml94cwoYzPiP34NvQIy3KoOgbK0rBXMELmhmlWf4=
x-amz-request-id: EX9F2PGZ832HZ4PF
x-amz-version-id: VCkk9ymaWqveA5BhRgqyT_y3hzYT.gO0
via: http/1.1 rear.sv103 (ATS [cMsSfW]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
accept-ranges: bytes
date: Sun, 12 Mar 2023 01:26:16 GMT
age: 0
x-served-by: cache-tyo11954-TYO, cache-bma1679-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1678584376.284820,VS0,VE362
access-control-allow-origin: *
content-length: 186248
X-Firefox-Spdy: h2
static.mercdn.net/item/detail/orig/photos/m18484214798_1.jpg?1656796169
199.232.214.131200 OK 154 kB URL HTTP/2 static.mercdn.net/item/detail/orig/photos/m18484214798_1.jpg?1656796169
IP 199.232.214.131:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 154 kB (153963 bytes)
Hash d92f1265124b1369a837eb50fbcd3354
a25f7b1d5dfa6f7271cb3185d9328c3929039aaf
9e85d60dd981754cd0b4d6885ca61451480b839df6480f92d4223b91de282bec
GET /item/detail/orig/photos/m18484214798_1.jpg?1656796169 HTTP/1.1
Host: static.mercdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgestaffmogive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
cache-control: max-age=315360000
etag: W/"EJpsRiEnxHPvC7TAYiIAAAAiZjYyYjA4NDc3NWQ5NmRmMTE5YTJhMTFjYjRhYzMxZjci"
last-modified: Sat, 02 Jul 2022 21:09:31 GMT
x-amz-id-2: TeuxxL3LKG5SN4/rg8x/8B5COD9cSP8RGNt1O/vB/n7xXIaib3ksQZyH2vN/aOWao8ijDNp0DO8=
x-amz-request-id: EX932P1ZT448MEWX
x-amz-version-id: YzePTCQwvTPf3wwC_PAvV6flUj4px_N3
via: http/1.1 rear.sv120 (ATS [cMsSfW]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
accept-ranges: bytes
date: Sun, 12 Mar 2023 01:26:16 GMT
age: 0
x-served-by: cache-tyo11957-TYO, cache-bma1679-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1678584376.284795,VS0,VE362
access-control-allow-origin: *
content-length: 153963
X-Firefox-Spdy: h2
rgestaffmogive.xyz/
172.67.211.132200 OK 100 kB IP 172.67.211.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (21058), with CRLF, CR, LF line terminators
Hash 639fb5a9b02d34245ba233bc975e69da
0fb2a18f06ddb1f1ce8c1fc2d990c537c53c9f54
18fcabca394eaf9bf00809b83c402256453819f8f09bde0d5b37ab644b0f37b9
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: rgestaffmogive.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 12 Mar 2023 01:26:15 GMT
content-type: text/html; charset=utf-8
set-cookie: zenid=7m0lkd2vrvdfl6r5qsq469jrc2; path=/; domain=.rgestaffmogive.xyz; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xAGOFyJUUPmrP%2BaObjM92b7RNu%2BNNSMODnSN83X6qUAAu5LHvjcYgaHF8BvDx2aVej9%2BIflzWwVKHTcgYgjBZ%2FuTTE7WKRG84j4b%2FSCFde9lw3KFw5gp9hmKiaqEGdYyCDzwdg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a683f556900b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2