Report - ad.doubleclick.net/clk;265186560;90846275;t;pc=[TPAS_ID]?//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==

Report Overview

Submitted URL
ad.doubleclick.net/clk;265186560;90846275;t;pc=[TPAS_ID]?//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==
IP
142.250.74.166
ASN
#15169 GOOGLE
Submitted
2024-04-18 20:21:38
Access
public
Website Title
pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com
Final URL
pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-18	459 B	28 kB	104.17.25.14
images.sftcdn.net	77483	2008-09-15	2017-07-20	2024-04-17	580 B	2.4 kB	104.110.18.102
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	1.7 kB	4.2 kB	142.250.74.100
fonts.google.com	31986	1997-09-15	2016-06-16	2024-04-18	1.7 kB	42 kB	142.250.74.14
logo.clearbit.com	27344	2003-07-04	2015-06-30	2024-04-18	494 B	12 kB	54.230.111.26
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-04-18	479 B	118 kB	104.18.11.207
ad.doubleclick.net	186	1996-01-16	2012-05-24	2024-04-18	2.9 kB	3.3 kB	142.250.74.102
desert-wirehaired-currency.glitch.me	unknown	2008-07-18	2024-04-17	2024-04-18	2.9 kB	1.3 kB	52.21.72.108
pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev	unknown	2022-08-23	2024-04-18	2024-04-18	2.6 kB	130 kB	104.18.3.35
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	1.7 kB	80 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-18 20:21:13	medium	Client IP	52.21.72.108	ET HUNTING Suspicious Glitch Hosted TLS SNI Request - Possible Phishing Landing
2024-04-18 20:21:13	low	Client IP	52.21.72.108	ET INFO Observed Online Application Hosting Domain (glitch .me in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js	84 kB	2023-03-07	2024-05-02
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-05-02 04:33:05 Times Seen10903 Hash 7f9fb969ce353c5d77707836391eb28d 62c4042e9ebc691a5372d653b424512a561d1670 2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515 Loading...

	pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com	1.3 kB	2023-03-08	2024-04-25
Pretty URL pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 16:44:50 Last Seen2024-04-25 17:48:28 Times Seen2239 Hash 160f11a1f1b5c685346e0f033b170f66 b8ea0e8e982a0195c3d1ed8f6bfbb31649052960 af555745524b5a2d7e9aa623f85964fad33cda13494e21646a2e597854a7b2d1 Loading...

	pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com	3.4 kB	2023-03-08	2024-04-25
Pretty URL pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 16:44:50 Last Seen2024-04-25 17:48:28 Times Seen2239 Hash c47fcb454544146076bf38a0ad01ed5f b4fe3c348e85b6f631fc0df9f739e9316c560df6 3b9192cc0217fb9406b6e9d9d6b08f78ecef7b87739b999b6d817be0bf23c5fc Loading...

HTTP Transactions (22)

	URL	IP	Response	Size
	ad.doubleclick.net/clk;265186560;90846275;t;pc=[TPAS_ID]?//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==	142.250.74.102		0 B
URL ad.doubleclick.net/clk;265186560;90846275;t;pc=[TPAS_ID]?//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ== IP 142.250.74.102:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /clk;265186560;90846275;t;pc=[TPAS_ID]?//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ== HTTP/1.1 Host: ad.doubleclick.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin: * cross-origin-resource-policy: cross-origin location: //desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ== content-type: text/html; charset=UTF-8 x-content-type-options: nosniff date: Thu, 18 Apr 2024 20:21:13 GMT server: cafe content-length: 0 x-xss-protection: 0 set-cookie: IDE=AHWqTUnzJykoR0O-hY22drUUb-dqnO3OvC3zUowGiQpDLZk93h21VU8fpPzYu-52nmM; expires=Sat, 18-Apr-2026 20:21:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none FLC=COeSAhDD6KgrGIDauX4omdVHMLmBhrEGcADauAQcMho6GAoWKDCYF739wTqCGAILDJobBgi5gYaxBg; expires=Thu, 18-Apr-2024 20:21:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	desert-wirehaired-currency.glitch.me/?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==	52.21.72.108		826 B
URL desert-wirehaired-currency.glitch.me/?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ== IP 52.21.72.108:0 ASN #14618 AMAZON-AES File type HTML document, ASCII text Size 826 B (826 bytes) Hash bfb37596cc649f7916682a55f67fb007 8bebffb9072ec249d3b89e6e4b097d99811008c9 73c19338846603b2ef97937689fe104a9a8e324098785d1b9860e99df40aa0ca HTTP Headers GET /?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ==//desert-wirehaired-currency.glitch.me?/cmdlcmR0c0B1cm9sb2d5bmV2YWRhLmNvbQ== HTTP/1.1 Host: desert-wirehaired-currency.glitch.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Thu, 18 Apr 2024 20:21:13 GMT content-type: text/html; charset=utf-8 content-length: 826 x-amz-id-2: 3leAeHxAqQYH4ldH3d8ArW6QzrVpMqzdWPfAxxEOZlT2S8OupGMqLI2er8uPGZb//5oDlFF22VE= x-amz-request-id: RCT4YFYNCP96VW97 last-modified: Thu, 18 Apr 2024 10:35:42 GMT etag: "bfb37596cc649f7916682a55f67fb007" x-amz-server-side-encryption: AES256 cache-control: no-cache x-amz-version-id: B38VC8TnfBXoRKgm6Pas5ZPnfMvkBgvY accept-ranges: bytes server: AmazonS3 X-Firefox-Spdy: h2`

	pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html	104.18.3.35		24 kB
URL pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html IP 104.18.3.35:0 ASN #13335 CLOUDFLARENET File type HTML document, ASCII text, with very long lines (1280) Size 24 kB (23575 bytes) Hash 939ad1dce84ddaf11cd5102f4fcf8994 d69329adb9b6ef8e92d167120295b20ed0f18a9c 69800ceedd03f21889cce82ff2b05380e6691b535535be803431b6273de130c1 HTTP Headers GET /Secured-Document.html HTTP/1.1 Host: pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://desert-wirehaired-currency.glitch.me/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Thu, 18 Apr 2024 20:21:14 GMT Content-Type: text/html Content-Length: 23575 Connection: keep-alive Accept-Ranges: bytes ETag: "939ad1dce84ddaf11cd5102f4fcf8994" Last-Modified: Thu, 18 Apr 2024 04:18:39 GMT Vary: Accept-Encoding Server: cloudflare CF-RAY: 87675c2cb99856af-OSL`

	pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/assets/css/style.css	104.18.3.35	404 Not Found	27 kB
URL GET HTTP/1.1 pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/assets/css/style.css IP 104.18.3.35:443 ASN #13335 CLOUDFLARENET Requested by https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com Certificate IssuerLet's Encrypt Subject.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT File type HTML document, ASCII text, with very long lines (611) Size 27 kB (27242 bytes) Hash df3d48946e8d3f5a83608308edbb4b86 47b9c40c97abf2658df96b1c06109324e15e1a00 570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499 HTTP Headers `GET /assets/css/style.css HTTP/1.1 Host: pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 404 Not Found Date: Thu, 18 Apr 2024 20:21:14 GMT Content-Type: text/html Content-Length: 27242 Connection: keep-alive Vary: Accept-Encoding Server: cloudflare CF-RAY: 87675c2e3b9d56af-OSL`

	cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js	104.17.25.14	200 OK	27 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (32180) Size 27 kB (26660 bytes) Hash 7f9fb969ce353c5d77707836391eb28d 62c4042e9ebc691a5372d653b424512a561d1670 2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515 HTTP Headers `GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 18 Apr 2024 20:21:14 GMT content-type: application/javascript; charset=utf-8 content-length: 26660 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03ec4-14983" last-modified: Mon, 04 May 2020 16:11:48 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 272974 expires: Tue, 08 Apr 2025 20:21:14 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zh3AoQN%2F73FpJTKDc6QIiawxfCsFrQxfV5jiHna9DLtZPDY2mtpSl4E6WzTh4myhBgPdwaNoBPp%2B%2B5L%2BTmHvgqydTcIsjl2PRwY5bjdio7iFcEaXTaRyhYc5rm6nyiLWA8RqEK7r"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 87675c2ece987131-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	images.sftcdn.net/images/t_app-logo-xl,f_auto,dpr_2/p/7a60e021-3fe5-4334-9e56-7cc6ebae632d/2825932570/roundcube-webmail-roundcube_logo_icon.svg	104.110.18.102	200 OK	1.6 kB
URL GET HTTP/2 images.sftcdn.net/images/t_app-logo-xl,f_auto,dpr_2/p/7a60e021-3fe5-4334-9e56-7cc6ebae632d/2825932570/roundcube-webmail-roundcube_logo_icon.svg IP 104.110.18.102:443 ASN #16625 AKAMAI-AS Requested by https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com Certificate IssuerLet's Encrypt Subjects4-san.cloudinary.com Fingerprint12:4D:54:45:72:66:B8:94:EB:53:70:54:6C:4E:F3:56:78:29:8D:27 ValidityWed, 14 Feb 2024 11:43:07 GMT - Tue, 14 May 2024 11:43:06 GMT File type RIFF (little-endian) data, Web/P image Size 1.6 kB (1620 bytes) Hash 99724406fe475a16c3ba875b3e4742e7 b0a47e644eb92d1d0dcd7dcd41f393f0da26fb1b 2175ef57d8cb9f2c1d8d1f75f2a4d0cce3963fdf0c8013cafbe5ecd1866a6c2c HTTP Headers GET /images/t_app-logo-xl,f_auto,dpr_2/p/7a60e021-3fe5-4334-9e56-7cc6ebae632d/2825932570/roundcube-webmail-roundcube_logo_icon.svg HTTP/1.1 Host: images.sftcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK content-type: image/webp content-length: 1620 etag: "99724406fe475a16c3ba875b3e4742e7" last-modified: Fri, 26 Jun 2020 13:52:47 GMT date: Thu, 18 Apr 2024 20:21:14 GMT cache-control: private, no-transform, max-age=31536000 access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options access-control-allow-origin: * accept-ranges: bytes timing-allow-origin: * server: Cloudinary strict-transport-security: max-age=604800 vary: Accept,User-Agent content-disposition: inline; filename="roundcube-webmail-roundcube_logo_icon.svg" x-content-type-options: nosniff server-timing: cld-akam;dur=5;start=2024-04-18T20:21:14.696Z;desc=hit,rtt;dur=6 X-Firefox-Spdy: h2

	www.google.com/fonts	142.250.74.100		0 B
URL www.google.com/fonts IP 142.250.74.100:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /fonts HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 301 Moved Permanently content-type: application/binary cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Thu, 18 Apr 2024 20:21:14 GMT location: https://fonts.google.com/ p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." content-security-policy: script-src 'nonce-0Mou6NzkYnfNKQQSyeOCEQ' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport cross-origin-opener-policy: same-origin-allow-popups server: ESF content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff set-cookie: NID=513=orqo932vZz1NA8C_YgxdnoD0EWwndjEYh4_zGn8ti1C-UXS-eX9tnHUqo7guqTLvS2xFQ6TA211Pw_MSSPE6jhDg8WqbVdC9TTyn63FnZ2DKoy3Z1eTiLNO74g_Q45nEKBLN-KAwtfb4XZEJKyKkrRWkBFT11Xs4NoUdVbudoNI; expires=Fri, 18-Oct-2024 20:21:14 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/assets/js/script.js	104.18.3.35	404 Not Found	27 kB
URL GET HTTP/1.1 pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/assets/js/script.js IP 104.18.3.35:443 ASN #13335 CLOUDFLARENET Requested by https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com Certificate IssuerLet's Encrypt Subject.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT File type HTML document, ASCII text, with very long lines (611) Size 27 kB (27242 bytes) Hash df3d48946e8d3f5a83608308edbb4b86 47b9c40c97abf2658df96b1c06109324e15e1a00 570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499 HTTP Headers `GET /assets/js/script.js HTTP/1.1 Host: pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 404 Not Found Date: Thu, 18 Apr 2024 20:21:14 GMT Content-Type: text/html Content-Length: 27242 Connection: keep-alive Vary: Accept-Encoding Server: cloudflare CF-RAY: 87675c2ef9e0b50b-OSL`

	www.google.com/fonts	142.250.74.100		0 B
URL www.google.com/fonts IP 142.250.74.100:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /fonts HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 301 Moved Permanently content-type: application/binary cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Thu, 18 Apr 2024 20:21:14 GMT location: https://fonts.google.com/ p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-opener-policy: same-origin-allow-popups content-security-policy: script-src 'nonce-NOna_4-ItNjZ0F5JSUYzbA' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport server: ESF content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff set-cookie: NID=513=QV848o8avbWew_6hKqv2yKmX2VVvxgPqIJwRQ6q2ObBgudBOhgXn0KKTQ3whrxXuNlWZzg-xS71QZUjMJ1674hwi0a2Zv1-9pmafgJcHF0_9Kx8pKwlUTwEyLmx1z5ECVbcBvUHilI1Ii2-SJ_k-_PfHhNlOs_nneX-Qr8V_Zu4; expires=Fri, 18-Oct-2024 20:21:14 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/assets/js/script.js	104.18.3.35	404 Not Found	27 kB
URL GET HTTP/1.1 pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/assets/js/script.js IP 104.18.3.35:443 ASN #13335 CLOUDFLARENET Requested by https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com Certificate IssuerLet's Encrypt Subject.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT File type HTML document, ASCII text, with very long lines (611) Size 27 kB (27242 bytes) Hash df3d48946e8d3f5a83608308edbb4b86 47b9c40c97abf2658df96b1c06109324e15e1a00 570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499 HTTP Headers `GET /assets/js/script.js HTTP/1.1 Host: pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 404 Not Found Date: Thu, 18 Apr 2024 20:21:15 GMT Content-Type: text/html Content-Length: 27242 Connection: keep-alive Vary: Accept-Encoding Server: cloudflare CF-RAY: 87675c33291156af-OSL`

	fonts.google.com/	142.250.74.14		25 kB
URL fonts.google.com/ IP 142.250.74.14:0 ASN #15169 GOOGLE File type data Size 25 kB (24852 bytes) Hash 371933b93a02bf392cf542a2cc18e56c 74a3d1005a29859a0b79b74ed6420ac3d071bd6e 68c96bbf87983efcb9d38185f0bb3a07e5dc1ba5739ed8b9414d7ad56e9843b2 HTTP Headers `GET / HTTP/1.1 Host: fonts.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Thu, 18 Apr 2024 20:21:15 GMT p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." content-security-policy: script-src 'nonce-mZr82W7R2AWWe0FN0AN4Eg' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff set-cookie: NID=513=WmQDl-byqTKqqVQb22caGGkuTjxuv8AWrtQLcyZTpsk61fXDQLKO8YujBRDfgKha-4HihLQzWy-UBL25KjJjAYmhfpZjfecQ8Wcz9Ck7I7Kda22QTFDYeHAlcRrekme-SmJokOn0pZFO7UgBOytQKuuYkqsueVrTndhewz_6aaA; expires=Fri, 18-Oct-2024 20:21:15 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc9.ttf	216.58.207.227	200 OK	21 kB
URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc9.ttf IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto LightRegularVersion 2.137; 2017Roboto-Ligh Size 21 kB (20847 bytes) Hash 85df2cb76110ce9ce787b45a5266d23a 91187234316d05377268346f4631e2de3bb6affe 4501b0c41bd6ffd12d34114eed5113b9e136f5f1715d7b4348dd1ccb570470f9 HTTP Headers GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc9.ttf HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev DNT: 1 Connection: keep-alive Referer: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 20847 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 18 Apr 2024 17:54:41 GMT expires: Fri, 18 Apr 2025 17:54:41 GMT cache-control: public, max-age=31536000 age: 8794 last-modified: Wed, 11 May 2022 19:24:41 GMT content-type: font/ttf vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc9.ttf	216.58.207.227	200 OK	21 kB
URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc9.ttf IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoBoldRoboto BoldVersion 2.137; 2017Roboto-Bo Size 21 kB (20828 bytes) Hash ecec6c79a27c8914400d4116e02668aa 3b2880007b93580c4b35e2b31afe2fc9b6fa5923 8a9a74f4455f392ec3e7499cfda6097b536bb4b7f1e529a079c3d953c08b54ca HTTP Headers GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc9.ttf HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev DNT: 1 Connection: keep-alive Referer: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 20828 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 18 Apr 2024 02:45:33 GMT expires: Fri, 18 Apr 2025 02:45:33 GMT cache-control: public, max-age=31536000 age: 63342 last-modified: Wed, 11 May 2022 19:24:45 GMT content-type: font/ttf vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	logo.clearbit.com/urologynevada.com	54.230.111.26	200 OK	11 kB
URL GET HTTP/2 logo.clearbit.com/urologynevada.com IP 54.230.111.26:443 ASN #16509 AMAZON-02 Requested by https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com Certificate IssuerAmazon Subjectclearbit.com FingerprintCE:16:94:BB:21:1F:D1:5C:C5:B1:B0:D0:51:6C:C5:26:30:0D:59:72 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT File type PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced Size 11 kB (11131 bytes) Hash 107b48df2e47b1bd96a0eb2a58d02553 d4ce03f2a5669881a954ba3b867ca3dea2321c80 2fe77dcf88aa740bb0d59da29a1676188381f1c906b3a8ac48c935ca5546f89e HTTP Headers `GET /urologynevada.com HTTP/1.1 Host: logo.clearbit.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev DNT: 1 Connection: keep-alive Referer: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: image/png access-control-allow-origin: * cache-control: public, max-age=2592000 date: Thu, 18 Apr 2024 16:08:27 GMT x-envoy-response-flags: - server: Clearbit strict-transport-security: max-age=63072000; includeSubDomains; preload x-content-type-options: nosniff x-cache: Hit from cloudfront via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: RZzqF0zG3jXTRnIFhQoNGg6IKYFOEZ7r3YGB4Yxwz19qHFMuZ-pT8A== age: 15168 X-Firefox-Spdy: h2

	fonts.google.com/	142.250.74.14		13 kB
URL fonts.google.com/ IP 142.250.74.14:0 ASN #15169 GOOGLE File type gzip compressed data, max compression Size 13 kB (12971 bytes) Hash c0698480f04ac90c6d015c67666b88c3 b1b33f6567ac7c99ee5ec9ff5af413bbe4410081 9e7af8e5a66bc6620894fd4c00966ddf98fc21db00996135de699b0664a99255 HTTP Headers `GET / HTTP/1.1 Host: fonts.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Thu, 18 Apr 2024 20:21:15 GMT p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." content-security-policy: script-src 'nonce-JCHCdVqZou8KpE3WPGJfxg' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff set-cookie: NID=513=Sag8IiiSYW8wle9UFDFhl9JtUKeS07Xlspxup7z_wvvhp8N7T5vivsOdbXqu8oopBp1VRHikM3c-bsU9qH75rXxGmM0v2xS8rSo828dxGh1-0oL2MFfKGvodO4qs_3tgBHy6BzhFcCLFJphZVv8GuIQWRbwjaM2uWvygvjrr1kA; expires=Fri, 18-Oct-2024 20:21:15 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css	104.18.11.207	200 OK	117 kB
URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css IP 104.18.11.207:443 ASN #13335 CLOUDFLARENET Requested by https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com Certificate IssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT File type ASCII text, with very long lines (65371) Size 117 kB (117305 bytes) Hash eedf9ee80c2faa4e1b9ab9017cdfcb88 ed29315e0ffb3f14382431f2724235bf67f44eb3 f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5 HTTP Headers `GET /bootstrap/3.3.4/css/bootstrap.min.css HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 18 Apr 2024 20:21:14 GMT content-type: text/css; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: W/"eedf9ee80c2faa4e1b9ab9017cdfcb88" last-modified: Mon, 25 Jan 2021 22:03:58 GMT cdn-cachedat: 08/04/2023 12:50:24 cdn-proxyver: 1.04 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 722 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-requestid: 7e74c5fea2151758aaf7c8cf1f839c4a cdn-cache: HIT cf-cache-status: HIT age: 12573694 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 87675c2eaf77b50c-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.google.com/fonts	142.250.74.100	301 Moved Permanently	0 B
URL GET HTTP/2 www.google.com/fonts IP 142.250.74.100:443 ASN #15169 GOOGLE Requested by https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com Certificate IssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCC:CC:99:46:65:6C:77:0B:C8:AA:AD:5E:58:B6:2D:19:B2:C7:0B:06 ValidityMon, 04 Mar 2024 07:19:07 GMT - Mon, 27 May 2024 07:19:06 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /fonts HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 301 Moved Permanently content-type: application/binary cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Thu, 18 Apr 2024 20:21:14 GMT location: https://fonts.google.com/ p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." content-security-policy: script-src 'nonce-0Mou6NzkYnfNKQQSyeOCEQ' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport cross-origin-opener-policy: same-origin-allow-popups server: ESF content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff set-cookie: NID=513=orqo932vZz1NA8C_YgxdnoD0EWwndjEYh4_zGn8ti1C-UXS-eX9tnHUqo7guqTLvS2xFQ6TA211Pw_MSSPE6jhDg8WqbVdC9TTyn63FnZ2DKoy3Z1eTiLNO74g_Q45nEKBLN-KAwtfb4XZEJKyKkrRWkBFT11Xs4NoUdVbudoNI; expires=Fri, 18-Oct-2024 20:21:14 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.google.com/	142.250.74.14	200 OK	0 B
URL GET HTTP/2 fonts.google.com/ IP 142.250.74.14:443 ASN #15169 GOOGLE Requested by https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: fonts.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Thu, 18 Apr 2024 20:21:15 GMT p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." content-security-policy: script-src 'nonce-JCHCdVqZou8KpE3WPGJfxg' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff set-cookie: NID=513=Sag8IiiSYW8wle9UFDFhl9JtUKeS07Xlspxup7z_wvvhp8N7T5vivsOdbXqu8oopBp1VRHikM3c-bsU9qH75rXxGmM0v2xS8rSo828dxGh1-0oL2MFfKGvodO4qs_3tgBHy6BzhFcCLFJphZVv8GuIQWRbwjaM2uWvygvjrr1kA; expires=Fri, 18-Oct-2024 20:21:15 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.google.com/	142.250.74.14	200 OK	0 B
URL GET HTTP/2 fonts.google.com/ IP 142.250.74.14:443 ASN #15169 GOOGLE Requested by https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: fonts.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Thu, 18 Apr 2024 20:21:15 GMT p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." content-security-policy: script-src 'nonce-mZr82W7R2AWWe0FN0AN4Eg' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff set-cookie: NID=513=WmQDl-byqTKqqVQb22caGGkuTjxuv8AWrtQLcyZTpsk61fXDQLKO8YujBRDfgKha-4HihLQzWy-UBL25KjJjAYmhfpZjfecQ8Wcz9Ck7I7Kda22QTFDYeHAlcRrekme-SmJokOn0pZFO7UgBOytQKuuYkqsueVrTndhewz_6aaA; expires=Fri, 18-Oct-2024 20:21:15 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.google.com/fonts	142.250.74.100	301 Moved Permanently	0 B
URL GET HTTP/2 www.google.com/fonts IP 142.250.74.100:443 ASN #15169 GOOGLE Requested by https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com Certificate IssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCC:CC:99:46:65:6C:77:0B:C8:AA:AD:5E:58:B6:2D:19:B2:C7:0B:06 ValidityMon, 04 Mar 2024 07:19:07 GMT - Mon, 27 May 2024 07:19:06 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /fonts HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 301 Moved Permanently content-type: application/binary cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Thu, 18 Apr 2024 20:21:14 GMT location: https://fonts.google.com/ p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-opener-policy: same-origin-allow-popups content-security-policy: script-src 'nonce-NOna_4-ItNjZ0F5JSUYzbA' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport server: ESF content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff set-cookie: NID=513=QV848o8avbWew_6hKqv2yKmX2VVvxgPqIJwRQ6q2ObBgudBOhgXn0KKTQ3whrxXuNlWZzg-xS71QZUjMJ1674hwi0a2Zv1-9pmafgJcHF0_9Kx8pKwlUTwEyLmx1z5ECVbcBvUHilI1Ii2-SJ_k-_PfHhNlOs_nneX-Qr8V_Zu4; expires=Fri, 18-Oct-2024 20:21:14 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf	216.58.207.227	200 OK	36 kB
URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html#rgerdts@urologynevada.com Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-Regularhtt Size 36 kB (36216 bytes) Hash a0d084a3e8176664e75f8eca3ebea96c 324ec20b91392a6871d7846e0ff2972447a1b2b8 a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6 HTTP Headers GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev DNT: 1 Connection: keep-alive Referer: https://pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 20776 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 18 Apr 2024 02:32:49 GMT expires: Fri, 18 Apr 2025 02:32:49 GMT cache-control: public, max-age=31536000 age: 64106 last-modified: Wed, 11 May 2022 19:24:42 GMT content-type: font/ttf vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html	104.18.3.35	200 OK	24 kB
URL User Request GET HTTP/1.1 pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev/Secured-Document.html IP 104.18.3.35:443 ASN #13335 CLOUDFLARENET Certificate IssuerLet's Encrypt Subject.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT File type HTML document, ASCII text, with very long lines (1280) Size 24 kB (23575 bytes) Hash 939ad1dce84ddaf11cd5102f4fcf8994 d69329adb9b6ef8e92d167120295b20ed0f18a9c 69800ceedd03f21889cce82ff2b05380e6691b535535be803431b6273de130c1 HTTP Headers GET /Secured-Document.html HTTP/1.1 Host: pub-ca63fbf45a7f426a84884c820e1f1ffd.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://desert-wirehaired-currency.glitch.me/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Thu, 18 Apr 2024 20:21:14 GMT Content-Type: text/html Content-Length: 23575 Connection: keep-alive Accept-Ranges: bytes ETag: "939ad1dce84ddaf11cd5102f4fcf8994" Last-Modified: Thu, 18 Apr 2024 04:18:39 GMT Vary: Accept-Encoding Server: cloudflare CF-RAY: 87675c2cb99856af-OSL`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (22)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP