toge.co.uk/
95.111.229.222301 Moved Permanently 0 B IP 95.111.229.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Sep 2022 06:34:35 GMT
Server: Apache
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 7506eecd27d7cae0955fdef3e96dfe58=9de41653ebe586d4dc244ffb81ec633f; path=/; secure; HttpOnly
GEO_country_code=NO; expires=Sat, 03-Sep-2022 06:34:35 GMT; Max-Age=86400
GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; expires=Sat, 03-Sep-2022 06:34:35 GMT; Max-Age=86400
Location: https://toge.co.uk/
Last-Modified: Fri, 02 Sep 2022 06:34:35 GMT
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 05:41:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ULfkG8UH1ICsn0FAQfdL5gehpUfgebp-2kQKrSG6giuSHYTGY9hK3Q==
Age: 3174
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9413
Expires: Fri, 02 Sep 2022 09:11:28 GMT
Date: Fri, 02 Sep 2022 06:34:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HMiIXxktFL0zbaw3-LaGnOs50gGcQY8ozGWbGLgj-kybOjZdQgvwtw==
age: 19158
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 06:34:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
toge.co.uk/
95.111.229.222200 OK 18 kB IP 95.111.229.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1411), with CRLF, LF line terminators
Hash 59384fc06957f88f9dac384634d56564
bac2ef547ab1da093a770b7912a12978c4bd5bc2
104f455304026a0e4a2e625e3276c0d46580750cf79f8bdd6cd6ae61d3b5cbd3
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:35 GMT
Server: Apache
Set-Cookie: 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c; path=/; secure; HttpOnly
GEO_country_code=NO; expires=Sat, 03-Sep-2022 06:34:35 GMT; Max-Age=86400
GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; expires=Sat, 03-Sep-2022 06:34:35 GMT; Max-Age=86400
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
toge.co.uk/templates/rt_lumiere/css-compiled/menu-685cc86f548ced3a94b10c3dd4cf763a.css
95.111.229.222200 OK 24 kB URL HTTP/1.1 toge.co.uk/templates/rt_lumiere/css-compiled/menu-685cc86f548ced3a94b10c3dd4cf763a.css
IP 95.111.229.222:0
File type ASCII text, with very long lines (23550), with no line terminators
Hash 66df82bcd884cd853e890543d2b4f0e0
619bcc12efbfd546ece66c3d0106ef0864504afc
53a17376247b8aca2540300642bb1b09f715a86f3903278b858bd757b1fcaeb1
Analyzer Verdict Alert quad9 Sinkholed
GET /templates/rt_lumiere/css-compiled/menu-685cc86f548ced3a94b10c3dd4cf763a.css HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:35 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:22:51 GMT
Accept-Ranges: bytes
Content-Length: 23550
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
toge.co.uk/libraries/gantry/css/grid-responsive.css
95.111.229.222200 OK 5.4 kB URL HTTP/1.1 toge.co.uk/libraries/gantry/css/grid-responsive.css
IP 95.111.229.222:0
Hash fbca889fccd8313b286b720ab04f6848
0c48d7a42c8c155aa93d0f049e29ccb9cb9caaad
71946aa40854e361052f9d35a68b34cd972dfad4c1735acb5f83cd5374c45cdc
Analyzer Verdict Alert quad9 Sinkholed
GET /libraries/gantry/css/grid-responsive.css HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:47 GMT
Accept-Ranges: bytes
Content-Length: 5438
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
toge.co.uk/templates/rt_lumiere/css/master-gecko.css
95.111.229.222200 OK 79 B URL HTTP/1.1 toge.co.uk/templates/rt_lumiere/css/master-gecko.css
IP 95.111.229.222:0
File type ASCII text, with no line terminators
Hash 2713eafe1a3ed57e448f9a96a13c2810
b1390eb97987e0754d2b03f8e0a4d6a166f39673
056ffc830de79c05d22ec4eb1f3b281e5a27a2774d5c6380c689b1ca007a725d
Analyzer Verdict Alert quad9 Sinkholed
GET /templates/rt_lumiere/css/master-gecko.css HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:46 GMT
Accept-Ranges: bytes
Content-Length: 79
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
toge.co.uk/templates/rt_lumiere/css-compiled/thirdparty-k2.css
95.111.229.222200 OK 35 kB URL HTTP/1.1 toge.co.uk/templates/rt_lumiere/css-compiled/thirdparty-k2.css
IP 95.111.229.222:0
File type Unicode text, UTF-8 text, with very long lines (34629), with no line terminators
Hash 9abcdbfb011416d58ae84be0cd9fdeb6
00f76e09cf5690842ffcc67c058285263152066b
92f14530cd86c6d913aeb2f04e6153756f0944801447b3a966afa44df62a90f0
Analyzer Verdict Alert quad9 Sinkholed
GET /templates/rt_lumiere/css-compiled/thirdparty-k2.css HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:22:50 GMT
Accept-Ranges: bytes
Content-Length: 34711
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
toge.co.uk/templates/rt_lumiere/css-compiled/rtl.css
95.111.229.222200 OK 5.3 kB URL HTTP/1.1 toge.co.uk/templates/rt_lumiere/css-compiled/rtl.css
IP 95.111.229.222:0
File type ASCII text, with very long lines (2752)
Hash 45d6d3bd0e9462f9abd57a56fbdeb7ec
d4136db1d03b0b65bbc222a1ae4f1ec437ffd9d3
f14c9f2d6144faa7f089cd55510d1cb85dc6f2845f6fc6400a3b7ed4529b0407
Analyzer Verdict Alert quad9 Sinkholed
GET /templates/rt_lumiere/css-compiled/rtl.css HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:22:50 GMT
Accept-Ranges: bytes
Content-Length: 5279
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
toge.co.uk/templates/rt_lumiere/css-compiled/mediaqueries.css
95.111.229.222200 OK 12 kB URL HTTP/1.1 toge.co.uk/templates/rt_lumiere/css-compiled/mediaqueries.css
IP 95.111.229.222:0
File type ASCII text, with very long lines (12541), with no line terminators
Hash f4ef43648b179799aa5b0ceca971437c
de7ebd4f2046c720d22e228d31648c3a4563a094
5e4766f3f56303e33a60b7e166dbc58c23049dc65b7327564ccf7a1d51ed3046
Analyzer Verdict Alert quad9 Sinkholed
GET /templates/rt_lumiere/css-compiled/mediaqueries.css HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:22:50 GMT
Accept-Ranges: bytes
Content-Length: 12541
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
toge.co.uk/media/jui/js/jquery-noconflict.js?1af118ce3a74f224152c82ebdf793254
95.111.229.222200 OK 21 B URL HTTP/1.1 toge.co.uk/media/jui/js/jquery-noconflict.js?1af118ce3a74f224152c82ebdf793254
IP 95.111.229.222:0
Hash e2060c4e5e5955c824723b13a212d3ec
18420ce484978f8ba3d7371febf1638828bb7a67
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
Analyzer Verdict Alert quad9 Sinkholed
GET /media/jui/js/jquery-noconflict.js?1af118ce3a74f224152c82ebdf793254 HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:40 GMT
Accept-Ranges: bytes
Content-Length: 21
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 02 Sep 2022 05:38:16 GMT
Cache-Control: max-age=3600
Expires: Fri, 02 Sep 2022 06:08:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1JsLVSFRV3f8xyW3hW94Atd7n2mgT07ZIMHae-OM6CL9MoVtU7ZdTg==
Age: 3380
toge.co.uk/media/jui/js/jquery-migrate.min.js?1af118ce3a74f224152c82ebdf793254
95.111.229.222200 OK 10 kB URL HTTP/1.1 toge.co.uk/media/jui/js/jquery-migrate.min.js?1af118ce3a74f224152c82ebdf793254
IP 95.111.229.222:0
File type ASCII text, with very long lines (9959)
Hash 7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /media/jui/js/jquery-migrate.min.js?1af118ce3a74f224152c82ebdf793254 HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:40 GMT
Accept-Ranges: bytes
Content-Length: 10056
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
toge.co.uk/media/system/js/core.js?1af118ce3a74f224152c82ebdf793254
95.111.229.222200 OK 8.7 kB URL HTTP/1.1 toge.co.uk/media/system/js/core.js?1af118ce3a74f224152c82ebdf793254
IP 95.111.229.222:0
File type Unicode text, UTF-8 text, with very long lines (8729)
Hash e01099c2824b8fc4a435611089253cf7
ac8338f1566be54e957c123c863a97ca8d6f3ada
98333312a99b4c67911a1c1d4bddda30653715ffa23ea460fe385fa1987b39ba
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /media/system/js/core.js?1af118ce3a74f224152c82ebdf793254 HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:40 GMT
Accept-Ranges: bytes
Content-Length: 8735
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
toge.co.uk/templates/rt_lumiere/css-compiled/bootstrap.css
95.111.229.222200 OK 107 kB URL HTTP/1.1 toge.co.uk/templates/rt_lumiere/css-compiled/bootstrap.css
IP 95.111.229.222:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 107 kB (106992 bytes)
Hash 31ba44e5d7d043f3b7431b0d2f4e28ef
183ec51c0cad5082703e137ec18cc2429ea00672
bc7673b20f3422c4eb85cb84d2e701b2f5b3f84a30b40ed881102801a232e27f
Analyzer Verdict Alert quad9 Sinkholed
GET /templates/rt_lumiere/css-compiled/bootstrap.css HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:22:51 GMT
Accept-Ranges: bytes
Content-Length: 106992
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
toge.co.uk/templates/rt_lumiere/css-compiled/master-535aa236189043c4b59154ed552dbd3d.css
95.111.229.222200 OK 132 kB URL HTTP/1.1 toge.co.uk/templates/rt_lumiere/css-compiled/master-535aa236189043c4b59154ed552dbd3d.css
IP 95.111.229.222:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 132 kB (131586 bytes)
Hash 3d04d6ad3a40359fcd76a5eecfdff684
7e8c7a967773ed0e3f522f8c4bd8de6936f1977a
d43b3d68e657d17bd9bdaa79b4711cacd25ff00c3485e62e8f957a62282cdf60
Analyzer Verdict Alert quad9 Sinkholed
GET /templates/rt_lumiere/css-compiled/master-535aa236189043c4b59154ed552dbd3d.css HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:22:51 GMT
Accept-Ranges: bytes
Content-Length: 131586
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
toge.co.uk/media/system/js/mootools-core.js?1af118ce3a74f224152c82ebdf793254
95.111.229.222200 OK 84 kB URL HTTP/1.1 toge.co.uk/media/system/js/mootools-core.js?1af118ce3a74f224152c82ebdf793254
IP 95.111.229.222:0
File type ASCII text, with very long lines (785)
Hash dae9bedb881e4fa30a39d88aae444a0d
c7b66b70133c005c8283f3e1843db92769f71d38
b0fc8a4f81d13b1f3bc1843a6f2d43f46e5c9128837096b8d53f2360b8daec18
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /media/system/js/mootools-core.js?1af118ce3a74f224152c82ebdf793254 HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:40 GMT
Accept-Ranges: bytes
Content-Length: 83893
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
toge.co.uk/templates/rt_lumiere/js/rokmediaqueries.js
95.111.229.222200 OK 4.6 kB URL HTTP/1.1 toge.co.uk/templates/rt_lumiere/js/rokmediaqueries.js
IP 95.111.229.222:0
File type HTML document text\012- HTML document, ASCII text
Hash 522877bbe29c717ed72a3dc6f7d80a67
7b4bb2ba01f303d275f0d4d997746e15e801d5b1
8b150f93cf2879f70c8c0d99c88ff75977399e829cc29d5de392a54a8f830d63
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /templates/rt_lumiere/js/rokmediaqueries.js HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:46 GMT
Accept-Ranges: bytes
Content-Length: 4623
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
toge.co.uk/media/jui/js/jquery.min.js?1af118ce3a74f224152c82ebdf793254
95.111.229.222200 OK 98 kB URL HTTP/1.1 toge.co.uk/media/jui/js/jquery.min.js?1af118ce3a74f224152c82ebdf793254
IP 95.111.229.222:0
File type ASCII text, with very long lines (65462)
Hash 48a197817927a6eda6f531064f1dba71
5ba19dcca2e2d7ac659af0fbc97dc99e505c498b
05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /media/jui/js/jquery.min.js?1af118ce3a74f224152c82ebdf793254 HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:40 GMT
Accept-Ranges: bytes
Content-Length: 97646
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
toge.co.uk/libraries/gantry/js/browser-engines.js
95.111.229.222200 OK 3.6 kB URL HTTP/1.1 toge.co.uk/libraries/gantry/js/browser-engines.js
IP 95.111.229.222:0
Hash 6b61035ae80deb6fb1a5e821ab75e8a3
d5620876e7999c8efde2540dc10bb7d81f390672
17c560e161d8c0d40fe43a700e10ef2a32631ce61eef08b067ca5cf9316d4cff
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /libraries/gantry/js/browser-engines.js HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:47 GMT
Accept-Ranges: bytes
Content-Length: 3600
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
toge.co.uk/templates/rt_lumiere/js/video.js
95.111.229.222200 OK 2.5 kB URL HTTP/1.1 toge.co.uk/templates/rt_lumiere/js/video.js
IP 95.111.229.222:0
Hash 621f9cf48714553143684ba0e2849220
965a56e4d7f567f6d39695358b74e6b390c79f63
9780739ec81aab15a71d73ec270f921f8e765925aee161d8b78c30f4ade2e3d9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /templates/rt_lumiere/js/video.js HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:46 GMT
Accept-Ranges: bytes
Content-Length: 2523
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2eb022bbcb69557dc09477b624814e87
6030f2c630a01fbc027c887d31e696f84cc60c97
d7a508e276f0ca1b58b6af39720fb7ebb26fb38df50a159eb82d1d2542610b85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4143
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:36 GMT
Last-Modified: Fri, 02 Sep 2022 05:25:33 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
toge.co.uk/modules/mod_roknavmenu/themes/default/js/rokmediaqueries.js
95.111.229.222200 OK 3.0 kB URL HTTP/1.1 toge.co.uk/modules/mod_roknavmenu/themes/default/js/rokmediaqueries.js
IP 95.111.229.222:0
File type HTML document, ASCII text
Hash a70cd2d2a760bb71e2fb61a62b724199
c124e57d4d4462dcaf9885146450fa67a09b8170
5a425ed6358face9162d7aaae6be914115c10f857c7d87c6fbd157d408f7158a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /modules/mod_roknavmenu/themes/default/js/rokmediaqueries.js HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:49 GMT
Accept-Ranges: bytes
Content-Length: 3015
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
toge.co.uk/modules/mod_roknavmenu/themes/default/js/responsive.js
95.111.229.222200 OK 2.1 kB URL HTTP/1.1 toge.co.uk/modules/mod_roknavmenu/themes/default/js/responsive.js
IP 95.111.229.222:0
File type ASCII text, with very long lines (306)
Hash 11dfb02c40cb9aeb337b6526ef13147e
6c12ae04383f074a3c8b0e12951623433e7a27f1
75dfabc4b7bf6df6fe1dedecc6830c10e8437a26847daab7276cde5ba7cbfb22
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /modules/mod_roknavmenu/themes/default/js/responsive.js HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:49 GMT
Accept-Ranges: bytes
Content-Length: 2134
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
toge.co.uk/modules/mod_ppc_fastfont/js/fastfont.js
95.111.229.222200 OK 2.4 kB URL HTTP/1.1 toge.co.uk/modules/mod_ppc_fastfont/js/fastfont.js
IP 95.111.229.222:0
File type ASCII text, with CRLF line terminators
Hash 9455bf9e5125a4696af826b8132bdf5a
06e53d62af41e8616a5ea0b7980827bc923b3dc3
0ea9972f4506c445f09a850b7edf334692732a65bcac473586ea7226fd6281f7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /modules/mod_ppc_fastfont/js/fastfont.js HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:49 GMT
Accept-Ranges: bytes
Content-Length: 2412
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
toge.co.uk/plugins/system/EUCookieDirectiveLite/EUCookieDirectiveLite/EUCookieDirective.js
95.111.229.222200 OK 625 B URL HTTP/1.1 toge.co.uk/plugins/system/EUCookieDirectiveLite/EUCookieDirectiveLite/EUCookieDirective.js
IP 95.111.229.222:0
File type ASCII text, with CRLF line terminators
Hash 0b973b38fc20788c58c092b4bb72eebd
10f9c5916f8bf50ffaa962abab8624ec15224b66
41fcd1504d68d574d4afe0ea7a942a037d8ec4bfeec4b054aa9e75b3371a3b3c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /plugins/system/EUCookieDirectiveLite/EUCookieDirectiveLite/EUCookieDirective.js HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:42 GMT
Accept-Ranges: bytes
Content-Length: 625
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
toge.co.uk/media/system/js/mootools-more.js?1af118ce3a74f224152c82ebdf793254
95.111.229.222200 OK 237 kB URL HTTP/1.1 toge.co.uk/media/system/js/mootools-more.js?1af118ce3a74f224152c82ebdf793254
IP 95.111.229.222:0
File type Unicode text, UTF-8 text, with very long lines (2903)
Size 237 kB (236825 bytes)
Hash 471d5cbdf6786206310da0448076a9ea
a5124b0be4decb1ebca72e44531c3da85f0170f6
9db43e4a687084df93038c3d02cc4c149dff1210727059b82a7aac112a486eda
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /media/system/js/mootools-more.js?1af118ce3a74f224152c82ebdf793254 HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:40 GMT
Accept-Ranges: bytes
Content-Length: 236825
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
toge.co.uk/images/Logo%20-%20Toge.png
95.111.229.222200 OK 17 kB URL HTTP/1.1 toge.co.uk/images/Logo%20-%20Toge.png
IP 95.111.229.222:0
File type PNG image data, 598 x 184, 8-bit/color RGBA, non-interlaced\012- data
Hash 1a45c9079f6bc8d8bdf4bc602a2abfa2
9b2f83f3ff4f6f00eee94c27b356c1a6b7da3db9
3923b5b4460a6710ec588e1a22f93038a101071b5833fed1caca0f4b6be7ddd4
Analyzer Verdict Alert quad9 Sinkholed
GET /images/Logo%20-%20Toge.png HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:42 GMT
Accept-Ranges: bytes
Content-Length: 16701
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
toge.co.uk/plugins/system/EUCookieDirectiveLite/EUCookieDirectiveLite/images/info_icon.png
95.111.229.222200 OK 2.2 kB URL HTTP/1.1 toge.co.uk/plugins/system/EUCookieDirectiveLite/EUCookieDirectiveLite/images/info_icon.png
IP 95.111.229.222:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 214ed67c0e85f9c8f0a898f4c2623c8d
c80aea3884833a4dc9566ab72e49d5cc2370c91c
a55e7d1ff86dabe54aa89f7234698816d276bee6a60e4b95b9054fe4e540eb8e
Analyzer Verdict Alert quad9 Sinkholed
GET /plugins/system/EUCookieDirectiveLite/EUCookieDirectiveLite/images/info_icon.png HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:42 GMT
Accept-Ranges: bytes
Content-Length: 2160
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
toge.co.uk/modules/mod_ppc_fastfont/img/27fontreset.png
95.111.229.222200 OK 749 B URL HTTP/1.1 toge.co.uk/modules/mod_ppc_fastfont/img/27fontreset.png
IP 95.111.229.222:0
File type PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f0ac59b6148754ef3795e08b14cbf0d
b5725d1222a288be6f28132af3ed56243367db94
79da55c1c41eee0aab621c4005a461a8211e842db044dd0705907d0dba6a70d1
Analyzer Verdict Alert quad9 Sinkholed
GET /modules/mod_ppc_fastfont/img/27fontreset.png HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:49 GMT
Accept-Ranges: bytes
Content-Length: 749
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
toge.co.uk/modules/mod_ppc_fastfont/img/27fontincrease.png
95.111.229.222200 OK 653 B URL HTTP/1.1 toge.co.uk/modules/mod_ppc_fastfont/img/27fontincrease.png
IP 95.111.229.222:0
File type PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash 9dc8072e92d2fd497af9d97f780c9992
f7b2dcb68e0df82916967f506fe2f68ffce13f22
155d73471e324b2b5e3687ef01afe2b72c0b93c8f0306873de1a51ab55a60ce9
Analyzer Verdict Alert quad9 Sinkholed
GET /modules/mod_ppc_fastfont/img/27fontincrease.png HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:49 GMT
Accept-Ranges: bytes
Content-Length: 653
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
toge.co.uk/modules/mod_ppc_fastfont/img/27fontdecrease.png
95.111.229.222200 OK 660 B URL HTTP/1.1 toge.co.uk/modules/mod_ppc_fastfont/img/27fontdecrease.png
IP 95.111.229.222:0
File type PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash 2455a9c355ef8c9be369df57eddb4df4
eb88c5cf4a1aeaf66d5ab5c1cfc24ec80ce2f745
feb042e5c0e3826bb086a243f5e20867f541e3e47885a7f7724fcfcc86e7fb57
Analyzer Verdict Alert quad9 Sinkholed
GET /modules/mod_ppc_fastfont/img/27fontdecrease.png HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:49 GMT
Accept-Ranges: bytes
Content-Length: 660
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
toge.co.uk/images/Logo---PMP.png
95.111.229.222200 OK 6.3 kB URL HTTP/1.1 toge.co.uk/images/Logo---PMP.png
IP 95.111.229.222:0
File type PNG image data, 100 x 87, 8-bit/color RGBA, non-interlaced\012- data
Hash 4ca1c2d0c681553d86214ef41bbd7bf1
60f02f346cfaa8c1c800ffad6bb090efbb600005
ae987a2615ad6555952f0e0a3e2948f4f178a7281fc924d2c264c7b63db4bd97
Analyzer Verdict Alert quad9 Sinkholed
GET /images/Logo---PMP.png HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:42 GMT
Accept-Ranges: bytes
Content-Length: 6274
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
toge.co.uk/modules/mod_ppc_fastfont/img/27none.png
95.111.229.222404 Not Found 10 kB URL HTTP/1.1 toge.co.uk/modules/mod_ppc_fastfont/img/27none.png
IP 95.111.229.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash a034c0d23e729920f698ecde56fcdba7
45c24dbec0d4f9aba56945c59d106c3fea20d3f3
ebb7cc8627157e96027d2da43afe30b544f85111bae767867c5559e1948d34df
Analyzer Verdict Alert quad9 Sinkholed
GET /modules/mod_ppc_fastfont/img/27none.png HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
toge.co.uk/templates/rt_lumiere/fonts/SofiaProLight-webfont.woff
95.111.229.222200 OK 25 kB URL HTTP/1.1 toge.co.uk/templates/rt_lumiere/fonts/SofiaProLight-webfont.woff
IP 95.111.229.222:0
File type Web Open Font Format, TrueType, length 25116, version 1.0\012- data
Hash 5ecb2fde83875663c42d23bcc9c74993
9e0962bb0494f6e8b381fe582ecbc058fead6fca
9096b2fc36e0a08ba5601f7b644dd4dc885db38584163ed32dab8ccee54674a0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /templates/rt_lumiere/fonts/SofiaProLight-webfont.woff HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://toge.co.uk/templates/rt_lumiere/css-compiled/master-535aa236189043c4b59154ed552dbd3d.css
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:46 GMT
Accept-Ranges: bytes
Content-Length: 25116
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff
toge.co.uk/templates/rt_lumiere/videos/clean-elegant-abstract-corporate-background_nkgc2uvml__D_x264.webm
95.111.229.222404 Not Found 10 kB URL HTTP/1.1 toge.co.uk/templates/rt_lumiere/videos/clean-elegant-abstract-corporate-background_nkgc2uvml__D_x264.webm
IP 95.111.229.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 7994b203508409e3f053ebae667ab07b
8acd3806773fb0df3c462f0d12eabf366e025bf4
0373e61dc1c7bf029afa252dcbd9f2ef0b367e9a548079ed2d344a2f5f160276
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /templates/rt_lumiere/videos/clean-elegant-abstract-corporate-background_nkgc2uvml__D_x264.webm HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
toge.co.uk/plugins/system/EUCookieDirectiveLite/EUCookieDirectiveLite/images/continue_button.png
95.111.229.222200 OK 1.2 kB URL HTTP/1.1 toge.co.uk/plugins/system/EUCookieDirectiveLite/EUCookieDirectiveLite/images/continue_button.png
IP 95.111.229.222:0
File type PNG image data, 5 x 24, 8-bit colormap, non-interlaced\012- data
Hash 57172523a2f77e25ea3f832aa5f1ffaa
33eabf2a6ac51e1ffc3bac41f9d690751e686b4b
94d02ca17b5675626be6ea234f69ee2ae715cb5801c17af2e005f6e24e9dcf31
Analyzer Verdict Alert quad9 Sinkholed
GET /plugins/system/EUCookieDirectiveLite/EUCookieDirectiveLite/images/continue_button.png HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:42 GMT
Accept-Ranges: bytes
Content-Length: 1192
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6f0d13621a550aa591f087c2945aa2c5
18b520f7f9a71966c115f664def155bcacc60096
cf7e40d37010a5aa8ab4cb3091bd665b7401fa42fac3b1de62ca7a48c6b89b4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.98200 OK 57 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (2897)
Hash 9490f3734d5e5239a4577aa11d2ce4ed
c72973c2114c1b61b45b4498816660fae8a3a482
f22fc8026f6efd5487e0e9150f9b37695b05159a8aaaa7d85fa593c575d74073
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Fri, 02 Sep 2022 06:34:36 GMT
expires: Fri, 02 Sep 2022 06:34:36 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 2719629525570909443
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57360
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.40.152.118101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.152.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: j6IizsC3PC0bNZf/MkIbCQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: P6wArkyJD8mVyVCc6ealRfLLWv8=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6f0d13621a550aa591f087c2945aa2c5
18b520f7f9a71966c115f664def155bcacc60096
cf7e40d37010a5aa8ab4cb3091bd665b7401fa42fac3b1de62ca7a48c6b89b4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
toge.co.uk/templates/rt_lumiere/videos/clean-elegant-abstract-corporate-background_nkgc2uvml__D_x264.ogg
95.111.229.222404 Not Found 10 kB URL HTTP/1.1 toge.co.uk/templates/rt_lumiere/videos/clean-elegant-abstract-corporate-background_nkgc2uvml__D_x264.ogg
IP 95.111.229.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 397ab57a94019a0546c3f11bd45d0f03
c29c5093fb304e21c23386fd04fb618bd24ffb88
ff95e6d06212105363e61cd1f536f42c8d129e6749b1d5f1f1c2b500b920a324
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /templates/rt_lumiere/videos/clean-elegant-abstract-corporate-background_nkgc2uvml__D_x264.ogg HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 003e8a2cb35bb65683fccbf8bf7a9797
b26fbc7607825162686c7e164d51956addeb1a6c
a71ec1144878270f76c09c51967a1d24b7d82dd700e83216be1e814a74796403
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 09a8bd805dba1307ae0bd76a0c9ca73d
bdc16e7610abae944da47ff3a0e5fea818241fb0
e3978f36e9c5f0b909ed64015db629e2c64b46e75d165c6d1d146fcb792cdbde
GET /pagead/html/r20220831/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4412
x-xss-protection: 0
date: Thu, 01 Sep 2022 20:15:31 GMT
expires: Thu, 15 Sep 2022 20:15:31 GMT
cache-control: public, max-age=1209600
age: 37145
etag: 8616628553774171045
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
toge.co.uk/templates/rt_lumiere/videos/clean-elegant-abstract-corporate-background_nkgc2uvml__D_x264.mp4
95.111.229.222206 Partial Content 500 kB URL HTTP/1.1 toge.co.uk/templates/rt_lumiere/videos/clean-elegant-abstract-corporate-background_nkgc2uvml__D_x264.mp4
IP 95.111.229.222:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 500 kB (499580 bytes)
Hash 1b85fc9d87bfe19aff52d01d83f51f2f
f86189ae45a08b7eb8e8082c421710d29047790a
1594e276063b187bdaac4fb04aaeea86d0edf4ff0e5edc9c9eddfa07fcd5b1ff
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /templates/rt_lumiere/videos/clean-elegant-abstract-corporate-background_nkgc2uvml__D_x264.mp4 HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:46 GMT
Accept-Ranges: bytes
Content-Length: 964913
Content-Range: bytes 0-964912/964913
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: video/mp4
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 003e8a2cb35bb65683fccbf8bf7a9797
b26fbc7607825162686c7e164d51956addeb1a6c
a71ec1144878270f76c09c51967a1d24b7d82dd700e83216be1e814a74796403
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
toge.co.uk/templates/rt_lumiere/favicon.ico
95.111.229.222200 OK 1.2 kB URL HTTP/1.1 toge.co.uk/templates/rt_lumiere/favicon.ico
IP 95.111.229.222:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 377aedc8da90d32d33358e5c8dc920c1
f3cc8fb0b04ebf14bdf751e7e71b24c490fcc9b7
382915b9808802cac6700e6f8d36218044e54ce7a116605de70200c5af3b4157
Analyzer Verdict Alert quad9 Sinkholed
GET /templates/rt_lumiere/favicon.ico HTTP/1.1
Host: toge.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Cookie: GEO_country_code=NO; GEO_country_code_hash=4c6dd6d0d68997918e07fcb2add8f0eb; 7506eecd27d7cae0955fdef3e96dfe58=d140e2e5b5f787911ce347e7dd87f81c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:34:36 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 18:21:46 GMT
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/x-icon
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 77dcbad667fa753223ab404f9e5efc2e
8aa7da6ed9b77d478e9205e41c8b6fe0a973ae70
0a59d091c042b60cb2193e33754db4e8c2fd7c8e4abd5150a72db06cdc661a94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5750c2d8ad348838b41b96ebb27b0b81
86526a56637555a0463df607b7b5cf565a439f27
5cbde2bd32be846c5afb1fce35b0f7de0c4aeec9de4213ddd118467ea70c3e62
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=toge.co.uk
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=toge.co.uk
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=toge.co.uk HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 02 Sep 2022 06:34:37 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0aae712e1c80eda97fb62f31ed527c78
b0e7042d0c0fc9f34b6bde01292a9d30d9118ee7
4cbcf3c4805ef24821ee501bd5610a51ad3e2ad870e4e2d138c41b164a03ec7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=toge.co.uk
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=toge.co.uk
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=toge.co.uk HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 02 Sep 2022 06:34:37 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0aae712e1c80eda97fb62f31ed527c78
b0e7042d0c0fc9f34b6bde01292a9d30d9118ee7
4cbcf3c4805ef24821ee501bd5610a51ad3e2ad870e4e2d138c41b164a03ec7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 77dcbad667fa753223ab404f9e5efc2e
8aa7da6ed9b77d478e9205e41c8b6fe0a973ae70
0a59d091c042b60cb2193e33754db4e8c2fd7c8e4abd5150a72db06cdc661a94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5750c2d8ad348838b41b96ebb27b0b81
86526a56637555a0463df607b7b5cf565a439f27
5cbde2bd32be846c5afb1fce35b0f7de0c4aeec9de4213ddd118467ea70c3e62
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 68a4217b3e77473315052f97d6f3f0f1
4fddb559bc0f85063021438f8666b14c530ef0d8
5b156ac741db0ad05e3de259a53590be41bbb2bda2e84290abfb4f71fa650735
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 68a4217b3e77473315052f97d6f3f0f1
4fddb559bc0f85063021438f8666b14c530ef0d8
5b156ac741db0ad05e3de259a53590be41bbb2bda2e84290abfb4f71fa650735
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js
142.250.74.33200 OK 9.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1621)
Hash a4c731f85862faf40d4fae51bf83fb0c
537ddcb9b854155e5f9136d0585dd54e26447baf
0826f7dfc1e4a221aba4cc7c381d0259c54f5fed8a9f50c0a247696f40af2d49
GET /pagead/js/r20220831/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 9632
x-xss-protection: 0
date: Fri, 02 Sep 2022 06:28:00 GMT
expires: Fri, 16 Sep 2022 06:28:00 GMT
cache-control: public, max-age=1209600
etag: 2755732409155645664
content-type: text/javascript; charset=UTF-8
age: 397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (2276)
Hash ceef0ca095073b4ec419ad144ec336c1
9b3f3d2431b9c0d99435d45d420bbd4b1927b1e1
a6bd3712cc1aeaec9f5a7445c595d52607d34457546a189bf51a775a4112e4e8
GET /pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 7599
x-xss-protection: 0
date: Fri, 02 Sep 2022 06:18:48 GMT
expires: Fri, 16 Sep 2022 06:18:48 GMT
cache-control: public, max-age=1209600
etag: 9215437806027971270
content-type: text/javascript; charset=UTF-8
age: 949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.34200 OK 45 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.34:0
File type ASCII text, with very long lines (3498)
Hash e233451d114b7f2754d6a4eb131920ce
34aab2498621e84e7946aeb1830c8178c2417f52
8e31af45a596f9d000300c2220b1953f3d6adbb5bfafdf9a493f6b29ac1df323
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 44792
date: Fri, 02 Sep 2022 06:34:37 GMT
expires: Fri, 02 Sep 2022 06:34:37 GMT
cache-control: private, max-age=3000
etag: "1661945761880069"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4398
Expires: Fri, 02 Sep 2022 07:47:55 GMT
Date: Fri, 02 Sep 2022 06:34:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4398
Expires: Fri, 02 Sep 2022 07:47:55 GMT
Date: Fri, 02 Sep 2022 06:34:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4398
Expires: Fri, 02 Sep 2022 07:47:55 GMT
Date: Fri, 02 Sep 2022 06:34:37 GMT
Connection: keep-alive
www.gstatic.com/mysidia/8e474446b56ed6ef0feeec2d987f1a60.js?tag=mysidia_one_click_handler_one_afma_2019
142.250.74.163200 OK 14 kB URL HTTP/2 www.gstatic.com/mysidia/8e474446b56ed6ef0feeec2d987f1a60.js?tag=mysidia_one_click_handler_one_afma_2019
IP 142.250.74.163:0
File type C++ source, ASCII text, with very long lines (2915)
Hash 65081d26ce5619c42f6377390fc30a6e
89aef02330fec069247a1d0ed7e7a4eacf3035bf
f52acdb084f4f9d563ae9b0ddaf72b484dfcb868eb980d81a6010d719bc40a67
GET /mysidia/8e474446b56ed6ef0feeec2d987f1a60.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 13628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 02:23:26 GMT
expires: Wed, 30 Nov 2022 02:23:26 GMT
cache-control: public, max-age=7776000
last-modified: Thu, 01 Sep 2022 00:50:12 GMT
content-type: text/javascript
age: 101471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4398
Expires: Fri, 02 Sep 2022 07:47:55 GMT
Date: Fri, 02 Sep 2022 06:34:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d848f7606889b048b6334e70d8a5e0
85239ef4f2fee8d3345e599bc942cab63ff3aaf6
da6cf33b440b51f72a70f309d62fd581aed246b6a78b8f329fa3899db15ff86d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5889
x-amzn-requestid: 42237574-f86e-4ece-b986-6d0c5910fcc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMVgHajoAMFmXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112756-48ff9d98464cf3c9680d97b4;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:42:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _7BBSlQQucoO5poncTYuX4fcmS4WFg3UcVFXalckGCCNFKJ0h5UpsQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:06:51 GMT
etag: "85239ef4f2fee8d3345e599bc942cab63ff3aaf6"
content-type: image/jpeg
age: 30466
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc4d5a-9f0a-4b9f-a3a8-5d297d24ea9a.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc4d5a-9f0a-4b9f-a3a8-5d297d24ea9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b01e38b12bffb2f525351913eaa246cb
b7f8c0db9e2ddc795726b77b8f8f21037611fca8
e06e127b8ab197f09cc1b4a18d643908aef03898e86a80ca5f901865bfdbd5fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc4d5a-9f0a-4b9f-a3a8-5d297d24ea9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7174
x-amzn-requestid: 6b46447e-a28e-4ae8-978e-6729da4aff62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzL6_FraoAMFQIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126ac-67d9e46104e9215a6f13c224;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vPQvLQ8_vp4YJKL8eWIgpezOqP_xtwupVgL9ZIUq5udMwJ4TSpGbtA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:48:30 GMT
age: 31567
etag: "b7f8c0db9e2ddc795726b77b8f8f21037611fca8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83578926-60c1-4347-9d40-1845983e3806.webp
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83578926-60c1-4347-9d40-1845983e3806.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a4a411e9707d0449c7fc30926269872
f414bc9bb3b3dd0cc8a0ac417a834f03ea893eef
20a110db23f5ffba53824132da7a2f819c910c5a0d8fc0af135349e8456df96f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83578926-60c1-4347-9d40-1845983e3806.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9443
x-amzn-requestid: 5a2fd10e-8652-4843-bd60-081411a64879
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLxYGQNoAMF8XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311266f-72f229ab31d5889a5845c47c;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:38:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VMWGHUs6YvJEkpm1iMG2S4iffNM2uCRTPEPwArRaGcOj9ny13V75oA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:11:47 GMT
age: 30170
etag: "f414bc9bb3b3dd0cc8a0ac417a834f03ea893eef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabd16196-9b7d-4f76-a8de-a26de11457c1.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabd16196-9b7d-4f76-a8de-a26de11457c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 623699b045e8c9b492a6c9fcb5e7d38e
279a3235c82630d37ad58fc4044ff05d3d0857f8
6c001c267a6020ed07a523d05735dcd461475c46d41657b9ef8498584fc9e0c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabd16196-9b7d-4f76-a8de-a26de11457c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8213
x-amzn-requestid: af2c8998-e85f-4e1a-875b-3a8a87498b7a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XwLKYE4OIAMF4og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ff242-78ff5a4c134b41691b66727e;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 23:44:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZfilBx8D-yAtDZB6GbNLrcSV-0S6R704n835RmBpJ8TnBjZBOznEBw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 07:01:40 GMT
age: 84777
etag: "279a3235c82630d37ad58fc4044ff05d3d0857f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe107ad28-65a4-4da6-acf9-ccb14d8503cd.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe107ad28-65a4-4da6-acf9-ccb14d8503cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e22c8145b541b1fbc277f2f76fd91d2a
ec84f7d5c5202df3bd716e19ceb9b0283cfff714
32dbfeaac6960253057fe4d24ad7d782d4e398a49b188c0af357dd924bf0c9c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe107ad28-65a4-4da6-acf9-ccb14d8503cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10489
x-amzn-requestid: 9ddf3d6f-b4d1-4d5f-a84d-cfdb3bcbd80c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLx_HKqoAMFzCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112672-7de601b74dcc23070611db09;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:38:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p8UoOZXko5kHqr_GvEy2q1W9hSuLkA-Xp2KG9tO7S4pmyz_Dl4s-DA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:03:15 GMT
age: 30682
etag: "ec84f7d5c5202df3bd716e19ceb9b0283cfff714"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa854afe7-aed7-459f-b9d3-a92ee390f3f0.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa854afe7-aed7-459f-b9d3-a92ee390f3f0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3565104073de1cd27919a8ee68fe296e
5a6425a36ab00449593951fbd4bfba8e4194c217
d60f8a074d84ff44c5273da404fbc79438462a5786c54408ec938bd8ae80e2a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa854afe7-aed7-459f-b9d3-a92ee390f3f0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8877
x-amzn-requestid: 3c9a7b05-f9f7-4b64-8812-6747130b4c5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xi98yFNVoAMFjiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630aa9eb-64260de84540a2a135bc6eb0;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 23:34:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8W5132q8zMN9_zT21rEKq8gvG9jSkCH1K3VqYnZKwRMFlvpUGqe_Uw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 05:55:42 GMT
age: 2335
etag: "5a6425a36ab00449593951fbd4bfba8e4194c217"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 126030
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
216.58.211.10200 OK 16 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
IP 216.58.211.10:0
Hash 00a29b00e3eaaef2072195493dc6c120
680390ed9a3f601490e6dcb36210d57fcfd79887
eeb48e248ec2799e6eda586c081b64d257636a05a835b232a95db832556e79f3
GET /css?family=Roboto%3A300%2C400%2C700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 06:34:37 GMT
date: Fri, 02 Sep 2022 06:34:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 126030
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 67921e2bd7c620bdd4db5ed1e73d3146
1deaa030ab490c63f94bde4c7ada5e2f849fb506
7fcee2496cdc63c9779941621d9e61acd006910947ccb6c7e98f383b0bf4574c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 44656ce581668703adbd7bd6591c95ff
79938f0d5f53ba9eabd6b7175ce3f1a8ba961a87
9d04aac842fa195d66ae8f46deccca302037f6b702f36b5bfc024bd245f583e2
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toge.co.uk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 02 Sep 2022 06:34:38 GMT
date: Fri, 02 Sep 2022 06:34:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-9eVK2i9-GmiUXFdd15CMBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dc076b754adaddcb000f3f987b6c5df2
01e9b40591692b8b2a6a94729e9481c7e600d248
9dbf2e71e1cbad91a71154b729e8ef496eda7544828a8bfd4f64e6dd70c4f64d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:34:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN