detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Wed, 22 Feb 2023 08:49:14 GMT
Age: 65848
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
185.223.93.223/
185.223.93.223301 Moved Permanently 169 B IP 185.223.93.223:0
ASN #14576 HOSTING-SOLUTIONS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 84855c13836b389d5ec7cfd4c9266173
1cf3056ff23c4176fd7ca9816a000ed461d6d323
502083c916ae481cdd413b8d93315300653df5fb3dcc5770c01991de19977eae
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: 185.223.93.223
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 23 Feb 2023 03:06:43 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://laplas.app/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bbe5e8dc913bdcab76f9fe8851ea2e77
9215fadd003873382ed2a4ace79ba337adadd692
e6094932dd4de52ea6360bdfbe8bb15951ebd76255766eee627c5de6f83fcea8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6094932DD4DE52EA6360BDFBE8BB15951EBD76255766EEE627C5DE6F83FCEA8"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11399
Expires: Thu, 23 Feb 2023 06:16:42 GMT
Date: Thu, 23 Feb 2023 03:06:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bf2985444924fcb7c28583d95fe3e07
95b5b25c5e28758f16327475be944d68ba858b4d
1e1b4f9fd2e5b5c38916cea3f07edc4abe897defb9db47123d374bc979cad933
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E1B4F9FD2E5B5C38916CEA3F07EDC4ABE897DEFB9DB47123D374BC979CAD933"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15003
Expires: Thu, 23 Feb 2023 07:16:46 GMT
Date: Thu, 23 Feb 2023 03:06:43 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 51 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 88fb362ec92e875a5a34a7cc5bdf16b4
ca632d1b063ccb63ac422155a77ac90f3c05f25f
1fee369db6acd0137a386678bbe61c6aca159f8ea029a22c2d7ec6c7da91a4af
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: P768NNzfRgsITjNZlV8dwNLYRirxWxUaC9wECkKoJmk0DB7oDHCpVQ==
content-encoding: gzip
via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 google
content-length: 50941
date: Thu, 23 Feb 2023 02:59:10 GMT
age: 453
content-type: application/json
vary: Accept-Encoding
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7fb59e5d3cdf08b94e5f41fdeb9aec6c
ff644039db3b9f74d7e2fab10f93581bea10614a
861573a00d75364e15783c5e448c4f8b4da48b38d9beba3ebd33a87f993489a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "861573A00D75364E15783C5E448C4F8B4DA48B38D9BEBA3EBD33A87F993489A5"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15027
Expires: Thu, 23 Feb 2023 07:17:10 GMT
Date: Thu, 23 Feb 2023 03:06:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hJrgjfZNuxE9KSaiaKPN5rvxb8OJXouJz6MuGq3zXLpCbZi36kueluDw5sTlm/BLsQ5mnT6FWMc=
x-amz-request-id: 0D76HX367A392CQX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 02:06:54 GMT
age: 3589
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6f313739c4c44174fc9a97ac63621b46
319da68d06694330ad9f7901bcde1ca0a6eeac0d
321236ee07769c741890815bc56fd2700ff1974b0534368b9ff2e96320ae4fee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "321236EE07769C741890815BC56FD2700FF1974B0534368B9FF2E96320AE4FEE"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4065
Expires: Thu, 23 Feb 2023 04:14:28 GMT
Date: Thu, 23 Feb 2023 03:06:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Feb 2023 02:53:54 GMT
content-type: application/json
age: 769
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 03:06:43 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 52a27c327b0713d8f98069a67c3c3ec2
6d6ea04ae5be32a8977eec49cad8e7a949c69467
67efa2d1708a6ab7cce04dedd5b7d84c03a05e601773fda40788e0d9738644d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67EFA2D1708A6AB7CCE04DEDD5B7D84C03A05E601773FDA40788E0D9738644D8"
Last-Modified: Wed, 22 Feb 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 23 Feb 2023 09:06:43 GMT
Date: Thu, 23 Feb 2023 03:06:43 GMT
Connection: keep-alive
laplas.app/
31.42.176.127302 Found 0 B IP 31.42.176.127:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery malware Malware - Botnet panel
fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: laplas.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx/1.18.0
Date: Thu, 23 Feb 2023 03:06:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: LSESSID=3jl8kura5uked353lo5p0ipfph; expires=Sun, 26-Feb-2023 03:06:43 GMT; Max-Age=259200; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: /signin
laplas.app/signin
31.42.176.127200 OK 1.1 kB IP 31.42.176.127:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash a7fd96093349d68c263443dbb9865450
b9dabb9556a153c69d2768acab9d0a8dfe1e0235
7ec90586ad460fe19b3bfb33719ffe87a58e37ec70f54ad764eee5d9db9e2bb7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /signin HTTP/1.1
Host: laplas.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: LSESSID=3jl8kura5uked353lo5p0ipfph
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 23 Feb 2023 03:06:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
laplas.app/plugins/material/css/materialdesignicons.min.css
31.42.176.127200 OK 28 kB URL HTTP/1.1 laplas.app/plugins/material/css/materialdesignicons.min.css
IP 31.42.176.127:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5ddf1ea9657af1e7e83b6bc72337a440
d61b44d2e5edfc9235122d4c9a514eb539a09be0
8f78fe5162aaa862c94459ff67e38d44e089119e00c1a3f47f47e9adc024b965
Analyzer Verdict Alert urlquery malware Malware - Botnet panel
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/material/css/materialdesignicons.min.css HTTP/1.1
Host: laplas.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laplas.app/signin
Cookie: LSESSID=3jl8kura5uked353lo5p0ipfph
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 23 Feb 2023 03:06:43 GMT
Content-Type: text/css
Last-Modified: Tue, 18 Oct 2022 10:44:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"634e8373-2391c"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a8530fcefb585de4930c998e366124cc
290ef080fe5bddca89a1a92e505268f9c38a308c
e2369003249fb3ebcc2f3ced2f2cd685376be22d7201cdc52b73751834c5c7fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 03:06:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
laplas.app/plugins/nprogress/nprogress.js
31.42.176.127200 OK 3.7 kB URL HTTP/1.1 laplas.app/plugins/nprogress/nprogress.js
IP 31.42.176.127:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash 36fcb80eb02fdaf398bcbf41202bc71a
8d912e6137dbdaf80d2c84a1ac84198f55f536b2
c100865f7b5d7b681d3711092ffb1ad39a796d461c40ae85773ef76fffc5c323
Analyzer Verdict Alert urlquery malware Malware - Botnet panel
fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/nprogress/nprogress.js HTTP/1.1
Host: laplas.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laplas.app/signin
Cookie: LSESSID=3jl8kura5uked353lo5p0ipfph
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 23 Feb 2023 03:06:43 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 18 Oct 2022 10:44:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"634e8373-2dc6"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 440beb93bc2481c500bed2c2719a96ab
8231c07a8cf345bf3b1e5ca5d7b4e8af60d72ae5
14182dbb3daa77650d97e07e0c567f73648720a4b06633200dd1846da8c5b0bb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 03:06:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
laplas.app/plugins/simplebar/simplebar.css
31.42.176.127200 OK 1.1 kB URL HTTP/1.1 laplas.app/plugins/simplebar/simplebar.css
IP 31.42.176.127:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash 9bc60249dfdf924cc65f6acc1b9a2455
1d0648c11f352e6fd997297fd2d5cdda9d02cbb2
fee48d430f0b3815a34ba4484859010c56bbbe72d612bd44f5dc3212da56985a
Analyzer Verdict Alert urlquery malware Malware - Botnet panel
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/simplebar/simplebar.css HTTP/1.1
Host: laplas.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laplas.app/signin
Cookie: LSESSID=3jl8kura5uked353lo5p0ipfph
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 23 Feb 2023 03:06:43 GMT
Content-Type: text/css
Last-Modified: Tue, 18 Oct 2022 10:44:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"634e8373-fc1"
Content-Encoding: gzip
laplas.app/plugins/nprogress/nprogress.css
31.42.176.127200 OK 555 B URL HTTP/1.1 laplas.app/plugins/nprogress/nprogress.css
IP 31.42.176.127:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
Hash 5e037bda10dbbf017ee5d11ae41ae338
0bb0be581d6c9793e6751e744eeba876bd845cc4
e05e332f5ee7b916b190a5013bf5c83e457b5a6b306d64b5db0ba949ddcf0eed
Analyzer Verdict Alert urlquery malware Malware - Botnet panel
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/nprogress/nprogress.css HTTP/1.1
Host: laplas.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laplas.app/signin
Cookie: LSESSID=3jl8kura5uked353lo5p0ipfph
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 23 Feb 2023 03:06:43 GMT
Content-Type: text/css
Last-Modified: Tue, 18 Oct 2022 10:44:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"634e8373-5b2"
Content-Encoding: gzip
laplas.app/css/style.css
31.42.176.127200 OK 55 kB IP 31.42.176.127:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type Unicode text, UTF-8 text, with very long lines (624)
Hash e5eca53b091748e9a6bf4db4df4a01da
59d537cc5e2e3c06a5a299895e4fc7f7307fe9e4
134371c27ea329131ab19b04d6ad1b034bdbc8ec6dfb00c1f41ac5c14cd174d7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/style.css HTTP/1.1
Host: laplas.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laplas.app/signin
Cookie: LSESSID=3jl8kura5uked353lo5p0ipfph
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 23 Feb 2023 03:06:43 GMT
Content-Type: text/css
Last-Modified: Tue, 20 Dec 2022 19:40:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63a20fc0-568d9"
Content-Encoding: gzip
www.google.com/recaptcha/api.js
142.250.74.132200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (850), with no line terminators
Hash b7a83b95075ffc461accfebe3f5ae0d8
23c7d59dbb1fe2f6a19f437bb4ee8b40de681200
c9b3fdaaa3a280ccf7519fc927ef5b74e432cda963d812b921d94575c0f1cc3d
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laplas.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 23 Feb 2023 03:06:43 GMT
date: Thu, 23 Feb 2023 03:06:43 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
laplas.app/images/logo3.png
31.42.176.127200 OK 4.5 kB URL HTTP/1.1 laplas.app/images/logo3.png
IP 31.42.176.127:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 8b6c8d0910ec8ef5507d0c9e449dbc2a
6ed27d29dcb1efc29848152caad5a6f2aa97f037
44b9c6ddebda04cd7c8683814e009c6ce42fc8841fd7ec1657c0cb4e085707f6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /images/logo3.png HTTP/1.1
Host: laplas.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laplas.app/signin
Cookie: LSESSID=3jl8kura5uked353lo5p0ipfph
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 23 Feb 2023 03:06:43 GMT
Content-Type: image/png
Content-Length: 4536
Last-Modified: Mon, 02 Jan 2023 22:35:51 GMT
Connection: keep-alive
ETag: "63b35c47-11b8"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a8530fcefb585de4930c998e366124cc
290ef080fe5bddca89a1a92e505268f9c38a308c
e2369003249fb3ebcc2f3ced2f2cd685376be22d7201cdc52b73751834c5c7fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 03:06:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5a9e54f54243639a31020050bfc7fb55
c49766d67bea2ce07bd3c925d42897ab992f94e2
26b96bbdd02ca9498d5c7a4b970ebbec31039db95a2ce6e5a6ff665c73023a8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 03:06:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash be0ff97444ab9ff002dc0c3a855b6867
6b835c9cfa35b65f809ab3e8c150425048749e02
ed2c6e805d226e16f32c4a08bbe9f7171bf271fabd4d66a67efe197db6fe5407
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 03:06:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21248, version 1.0\012- data
Hash 481105857aba99f91faa3cd9a360e8e1
a2d8dcb59555878d359c2bebbc8be6985d26d7d2
f8c2240958cb1fff47d921ca0f3097f9e7403ada01af2382477ef42c404c38d4
GET /s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://laplas.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Feb 2023 17:41:32 GMT
expires: Fri, 16 Feb 2024 17:41:32 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:38:57 GMT
content-type: font/woff2
age: 552312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
laplas.app/images/favicon.png
31.42.176.127200 OK 13 kB URL HTTP/1.1 laplas.app/images/favicon.png
IP 31.42.176.127:0
ASN #43641 SOLLUTIUM EU Sp z.o.o.
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 86a3820bd75de4dc38c6534e93babccc
a3635d463cb75f6c61295dc5b5074bba5fa6047c
c3d332c59ccc4389ea38acbc531109b633d76c2541f1d4338cc3a729fe679f0a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /images/favicon.png HTTP/1.1
Host: laplas.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laplas.app/signin
Cookie: LSESSID=3jl8kura5uked353lo5p0ipfph
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 23 Feb 2023 03:06:44 GMT
Content-Type: image/png
Content-Length: 12612
Last-Modified: Mon, 19 Dec 2022 23:52:48 GMT
Connection: keep-alive
ETag: "63a0f950-3144"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash be0ff97444ab9ff002dc0c3a855b6867
6b835c9cfa35b65f809ab3e8c150425048749e02
ed2c6e805d226e16f32c4a08bbe9f7171bf271fabd4d66a67efe197db6fe5407
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 03:06:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js
142.250.74.35200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js
IP 142.250.74.35:0
File type HTML document, ASCII text, with very long lines (839)
Size 165 kB (164689 bytes)
Hash 7f27adb1216e4ddb02884fd68a1ec297
a33a85dfc58ca995fa184035b8fdb896866c361f
aeea36b977f073b902c2c5536b21f43e931fc2ac5ba3601db228e686457e9bc8
GET /recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://laplas.app
Connection: keep-alive
Referer: https://laplas.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164689
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Feb 2023 17:15:53 GMT
expires: Wed, 21 Feb 2024 17:15:53 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 121851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, Alert, Content-Length, Backoff, ETag, Cache-Control, Retry-After, Last-Modified, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Feb 2023 02:20:35 GMT
age: 2769
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5aa46280b9f4ef8602f5e1b6864d898f
f1b8d2278116c2873ec0683122818fc186c74392
bb61e1178bc48dc26984f63f54d2621706fe49faa6f9a5651b06befa53cea9a0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1495
Cache-Control: max-age=137618
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 03:06:44 GMT
Etag: "63f648ff-1d7"
Expires: Fri, 24 Feb 2023 17:20:22 GMT
Last-Modified: Wed, 22 Feb 2023 16:55:27 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5fa728a339ca32e616d483e61d0aebcd
6a63966de94d16390c8f1e47e5b67fe5bb67f7cd
7e83729d554404e59f1f1ff809ac776d3596487e2b062a1e38af8e29f33c0686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E83729D554404E59F1F1FF809AC776D3596487E2B062A1E38AF8E29F33C0686"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3872
Expires: Thu, 23 Feb 2023 04:11:16 GMT
Date: Thu, 23 Feb 2023 03:06:44 GMT
Connection: keep-alive
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
44.225.87.128200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 44.225.87.128:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Thu, 23 Feb 2023 03:06:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Feb 2023 21:48:03 GMT
expires: Fri, 16 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 537521
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.211.127.63101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.211.127.63:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L7y2H7wjMpE6St1KDBNOtg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: j0TcSJg7zgGVSvxwfidTsCR2B6s=
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221677121036546%22
35.241.9.150200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221677121036546%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (21681), with no line terminators
Hash accef8a81ca596001ad5a8fd66ed4bc2
f7167c5429485e973fa1a14646dd4b50eef53caf
71fbf95a3cfbc0f51e2860cd25fa87fc2cdfd9df9b5f5dbe29fa42bdce4d19e0
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221677121036546%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21681
via: 1.1 google
date: Thu, 23 Feb 2023 03:02:02 GMT
last-modified: Thu, 23 Feb 2023 02:57:16 GMT
content-type: application/json
age: 283
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1677069440866&_since=%221666204638208%22
35.241.9.150200 OK 33 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1677069440866&_since=%221666204638208%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (32643), with no line terminators
Hash 111a124bfe0fcca1d00eacc4056304c0
09f7b2abd4d09de09db0e11add552e995346c23c
3dfc4c61e3f4a5d95c359d2914ec2dcf4bfc413116dec9b98bc104ecc9f446bf
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1677069440866&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 32643
via: 1.1 google
date: Thu, 23 Feb 2023 02:45:25 GMT
age: 1280
last-modified: Wed, 22 Feb 2023 12:37:20 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Wed, 22 Feb 2023 08:49:14 GMT
Age: 65851
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: uuxagSAwpUQFHjnxbhre4ryTutX3eNIedTAcInZCymAZGV9dappSci/f+6HprgjprDEEus3ZdRI=
x-amz-request-id: BSTEH1Y1TXCABD4Q
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 02:49:05 GMT
age: 1060
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Feb 2023 02:53:54 GMT
content-type: application/json
age: 771
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 299cfd09608d974f3058fb736224367b
1307c521c6c3854bd0156ba0c8fa8480b3d9b1e5
3fdc46e8fa678463b9446f87190e53740be3e274fcd75e213e9681f845830708
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FDC46E8FA678463B9446F87190E53740BE3E274FCD75E213E9681F845830708"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2619
Expires: Thu, 23 Feb 2023 03:50:24 GMT
Date: Thu, 23 Feb 2023 03:06:45 GMT
Connection: keep-alive
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
34.111.73.144200 OK 807 kB URL HTTP/2 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
IP 34.111.73.144:0
Size 807 kB (807180 bytes)
Hash 914be443bdfbe8a1c3ded61e1c114bd6
4fe7c5ff83f6a29e6699f4cebc17550891504661
41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857
GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9PKljb9HzEWbEsrpijhymDJonVDj7mFMQWxompz1fmvM7/G7LghF5Aom/t4fnlON+U/UtXTLez4=
x-amz-request-id: NYWYNZZ3YT1KBAQD
x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7
accept-ranges: bytes
server: AmazonS3
content-length: 807180
via: 1.1 google
date: Wed, 22 Feb 2023 12:55:36 GMT
age: 51069
last-modified: Tue, 10 Jan 2023 12:38:46 GMT
etag: "914be443bdfbe8a1c3ded61e1c114bd6"
content-type: application/octet-stream
cache-control: public,max-age=604800
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1676781773899&_since=%221643818378440%22
35.241.9.150200 OK 6.0 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1676781773899&_since=%221643818378440%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (5951), with no line terminators
Hash 84c45909a46631dec23c78a3a547ca95
b511f80ad0abe7a6f0ce8988a0b9275573665c9a
ce6af1c28962645f13129411c11c7f156f0cd9e282f5ef0146d5cbd84a4e2b7e
GET /v1/buckets/blocklists/collections/gfx/changeset?_expected=1676781773899&_since=%221643818378440%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 5951
via: 1.1 google
date: Thu, 23 Feb 2023 02:48:41 GMT
age: 1084
last-modified: Sun, 19 Feb 2023 04:42:53 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
35.241.9.150200 OK 681 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (681), with no line terminators
Hash b3c57c4bb39f0c7541d93ba82a5cd4c9
be92fd1cee01b4a8bb4174b0b11e53be649cd1a3
98e848e13f44cb1595f2f1882c734fd25761a0e8facae4e0c3dcff6f322a4000
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Content-Length, Content-Type, Cache-Control, Pragma, Retry-After, ETag, Expires, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 681
via: 1.1 google
date: Thu, 23 Feb 2023 02:55:03 GMT
age: 702
last-modified: Wed, 22 Feb 2023 16:36:55 GMT
etag: "1677083815772"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
35.241.9.150200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1718), with no line terminators
Hash 3cbf51bbaf8bb528a034989257447d86
8dd38651205ecdbf2c5093b3df5de8bd626c9d92
59a47ed5c562bad2d78d22af00951c1fdf4a6eb2066324e966dbe4525e64ec3f
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1718
via: 1.1 google
date: Thu, 23 Feb 2023 02:29:31 GMT
age: 2234
last-modified: Wed, 22 Feb 2023 16:36:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
35.241.9.150200 OK 1.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1250), with no line terminators
Hash c9f7f64ea0e8fd2d1098afb18806601b
fac82a10d89a339d7970db44b47633465d7b16f8
e0ed15ed986855d3c7eec307e2333aeea9211c5c3d8849dabaa56395dbaec026
GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1250
via: 1.1 google
date: Thu, 23 Feb 2023 03:02:20 GMT
age: 265
last-modified: Wed, 22 Feb 2023 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
35.241.9.150200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1743), with no line terminators
Hash 8d7098a815bd465cf003589b0703c6b0
202cba221e952763f4ccf8e16df65693d9098b44
8cf3d3a8263ffc0df70842cb3968feef260daaa2977cd450819a346d48712114
GET /v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1743
via: 1.1 google
date: Thu, 23 Feb 2023 02:38:32 GMT
age: 1693
last-modified: Wed, 22 Feb 2023 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675734066429&_since=%221662044085942%22
35.241.9.150200 OK 5.6 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675734066429&_since=%221662044085942%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (5628), with no line terminators
Hash c2aaf121f79032d2dbef3b6bbebc5bda
9aea63df55fe7bbf0337658087da5679e68fff39
570d0386b573c64a975e5ce952c25a81ad35b59a114e7d86f9a85d2a0d4c5c62
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675734066429&_since=%221662044085942%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 5628
via: 1.1 google
date: Thu, 23 Feb 2023 03:04:13 GMT
age: 152
last-modified: Wed, 22 Feb 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1677079981951&_since=%221666279968541%22
35.241.9.150200 OK 106 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1677079981951&_since=%221666279968541%22
IP 35.241.9.150:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 106 kB (106535 bytes)
Hash 44317bc4f401543ba080c8b77e2aff54
ae769488dfa10cd08cf730a63ac64b0a29246a8a
167da22ccd9986da793ecdc27155152f073ca124306a599050be0c55cba79678
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1677079981951&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 106535
via: 1.1 google
date: Thu, 23 Feb 2023 02:49:45 GMT
age: 1020
last-modified: Wed, 22 Feb 2023 15:33:02 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1677012027435&_since=%221666483264567%22
35.241.9.150200 OK 60 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1677012027435&_since=%221666483264567%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (59855), with no line terminators
Hash bcb198ca74c45fbd1b5861b2a0f9d223
5412c0ce213fac042543ac71439580df1344f9d6
cc36baa1c30fb3d6aa628df0a08dad136d3ddbf90fb7efcd7d814b80fed967d9
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1677012027435&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 59855
via: 1.1 google
date: Thu, 23 Feb 2023 02:49:45 GMT
age: 1020
last-modified: Tue, 21 Feb 2023 20:40:27 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15066
Expires: Thu, 23 Feb 2023 07:17:52 GMT
Date: Thu, 23 Feb 2023 03:06:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
35.241.9.150200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1505), with no line terminators
Hash 8c387573e466da58de34efecea89a4a1
3bee30f48f21c082dee7ce7b52ebd7b4e30edca8
019686dbf2b110ba2e746777c3539cf842f44eeb333ec45af0f41d785a2c9272
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1505
via: 1.1 google
date: Thu, 23 Feb 2023 02:34:50 GMT
age: 1916
last-modified: Mon, 20 Feb 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15066
Expires: Thu, 23 Feb 2023 07:17:52 GMT
Date: Thu, 23 Feb 2023 03:06:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15066
Expires: Thu, 23 Feb 2023 07:17:52 GMT
Date: Thu, 23 Feb 2023 03:06:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15066
Expires: Thu, 23 Feb 2023 07:17:52 GMT
Date: Thu, 23 Feb 2023 03:06:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9c643f-2d83-48c4-9450-1b873c5cc877.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9c643f-2d83-48c4-9450-1b873c5cc877.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25edfc4908176ce024f4c8b9622cbe2a
938086638fe62b81018b6ce0d459728bb266b6ec
1151a4d1e341883aa26ec969c65e95685d751074ad2c4f54ed6e21b2fce25bac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9c643f-2d83-48c4-9450-1b873c5cc877.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9857
x-amzn-requestid: bb5b0484-d946-4954-a8ef-6419cc93bfd4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqSoFcDoAMF6VQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a76-5f8c7a1f0fb6a01e0213ba46;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RsXvkVXlfNrcr1Hr82G0H11Ai_oyHo_HDME-cYpO0NeDDqy000B-rA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:38:54 GMT
age: 19672
etag: "938086638fe62b81018b6ce0d459728bb266b6ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7713f4b5-c3f3-4d1b-b482-207e7dba9b9f.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7713f4b5-c3f3-4d1b-b482-207e7dba9b9f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 74dd13a48eb1b654aa657ac1b50abd24
4b5a935ba7d60b1f68e89d56115a91bd90fef982
c2edd14bfbfcce7e37c6226b47f31a133e9e51efcd0dcbc2a33bc89c564446d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7713f4b5-c3f3-4d1b-b482-207e7dba9b9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6136
x-amzn-requestid: a2466096-4fbe-43aa-8f32-b4bd90d8a0d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Auq1HFb2oAMFS9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f5be86-453b0b3210b8885f0b64abda;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 07:04:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2S_xlaG6EP-i1UFYcKaygH3r-2qj2d7nlw9LPdRuXiW1BifDDnqFzg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 07:17:07 GMT
age: 71379
etag: "4b5a935ba7d60b1f68e89d56115a91bd90fef982"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0752d2b-baa6-43fe-9853-c2658724f5b7.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0752d2b-baa6-43fe-9853-c2658724f5b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92d2c80b251bb51747853df99da38ca1
ad95ca2ec077179e3f9e7663a5121cf712828036
1dd23526abe0cd324f4e53ff13e1de599d8c54938c773cd856be7a1cecf5b954
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0752d2b-baa6-43fe-9853-c2658724f5b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9586
x-amzn-requestid: 96df496a-e183-46f2-8c4c-5d3fa4bb6458
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqS9EKDoAMFt6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a79-2a16a6546a261fea3682a4b2;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -G7CVDFZWQF8EZWghmCaae7zzYlFNiwcnkyDGSSqshdx_eWzeziZSQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:55:57 GMT
age: 18649
etag: "ad95ca2ec077179e3f9e7663a5121cf712828036"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdafc403d-ba8c-45cc-ba07-47b9b8673685.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdafc403d-ba8c-45cc-ba07-47b9b8673685.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f89fe2187067877f5d5808f1d50ec7cb
200aa55e7c88cbc90d9e4c62eb5ccbf1c14a0a6b
bb9819d00d58efbe26c0216e39ef78c0f25ad47e8ccbe9c5b169de9a324b0910
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdafc403d-ba8c-45cc-ba07-47b9b8673685.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6046
x-amzn-requestid: 2be82087-190d-4769-a112-34acec2c5d77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AkyHCEc-oAMFRoA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f1ca2c-1921dab22ab9d3d762474b9e;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 07:05:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vHIE13LN8sAqSE0R7hYwmRHgWTHKSOGHsFfvwjYDBo3CfhpHnQfhWg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 18:49:36 GMT
age: 29830
etag: "200aa55e7c88cbc90d9e4c62eb5ccbf1c14a0a6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16bba10c-0b1a-400c-a0d0-d758645c391d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16bba10c-0b1a-400c-a0d0-d758645c391d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df07040a4f8a9dcdd6a4d8b9f9d35b93
229f7cb923d6ef0dac480883d0af0673437c5c04
46de73176cce2258bd66ca8888dfa9f49f654aecdcd132434137df06091bac85
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16bba10c-0b1a-400c-a0d0-d758645c391d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11631
x-amzn-requestid: 80f4f0f1-d97b-42ca-870d-55db701dae20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqSyG2IoAMFz-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a77-0f4faa41169ffb1231b6dc50;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: n5Pduh39Ln8uRqq8EUH-zsZ2XGk2xCXAuPeo6ivJM2s8-ubR5TzMiQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:56:07 GMT
age: 18639
etag: "229f7cb923d6ef0dac480883d0af0673437c5c04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f9a89eb-15c4-4ee5-8e07-be7d0bca0c0c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f9a89eb-15c4-4ee5-8e07-be7d0bca0c0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73092691335db0ba56525bfa3250fbce
b2cbe62e7bc5114ba3fdac992bd7dc10dc0ce315
503fd71110d9c9d9fc58f91d12a86dc9e6476097985ea27c7f3ba6e68141b3c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f9a89eb-15c4-4ee5-8e07-be7d0bca0c0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5638
x-amzn-requestid: ab451da5-c1bb-4e76-bdfb-9eac0cc15047
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ArChsGCJoAMFzsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f44ad7-75fbcc00300f736e1b5f0ad1;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 04:38:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _tpLRgxyIekcso0QkTix7ECuUw7GNDtsPIDT1EQ-AhCBEFrg3Cg04g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 16:49:22 GMT
age: 77245
etag: "b2cbe62e7bc5114ba3fdac992bd7dc10dc0ce315"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
35.241.9.150200 OK 935 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (935), with no line terminators
Hash 6c796237d371d417e638a02a0cd932e7
6d289d3a27964ab953e0dd0d0d771ce754bc8851
b8d634496126a0452c5b9443293308160c29efffa1462027e0161876494982e8
GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 935
via: 1.1 google
date: Thu, 23 Feb 2023 02:34:00 GMT
age: 1966
last-modified: Mon, 20 Feb 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22
35.241.9.150200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (22469), with no line terminators
Hash 17717d070272f82b3d1e5ea83e8cb663
71c48b44180dd2fa42c9506df93de407f8ad3362
e9499f291df345def3e65b7c951365247357ba986c5c4aaf74c24bae96402a23
GET /v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 22469
via: 1.1 google
date: Thu, 23 Feb 2023 03:06:39 GMT
age: 7
last-modified: Thu, 16 Feb 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: hFFQ0eaSs+CHqstHgOHsQOmtuWbdKxqG1mIi/np1xczegq1D4EZj6SH0MaUEBL0UlITWXiY7uyUVv5zhrxfTEg==
x-amz-request-id: 6YBFWB624GAWNWFT
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 02:23:26 GMT
age: 2600
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
35.241.9.150200 OK 2.4 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (2387), with no line terminators
Hash ffc6488079ed80a847550c9639a3dcbb
c605ae42b2e5f24edd322ff3dedcdb59487e3ffe
54185fa9e3158fc0bf16e9fc85b801f488dec533221128b5e00a12425d22b9b2
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2387
via: 1.1 google
date: Thu, 23 Feb 2023 02:19:14 GMT
age: 2852
last-modified: Thu, 16 Feb 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Karla:400,700|Roboto
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Karla:400,700|Roboto
IP 142.250.74.74:0
GET /css?family=Karla:400,700|Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://laplas.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Feb 2023 03:06:43 GMT
date: Thu, 23 Feb 2023 03:06:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2