Report - hekdpvbbvhktxzlcxqps7047585997.blogspot.com/unsubscribe

Report Overview

Submitted URL
hekdpvbbvhktxzlcxqps7047585997.blogspot.com/unsubscribe
IP
172.217.21.161
ASN
#15169 GOOGLE
Submitted
2022-12-08 03:27:45
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	409 kB	142.250.74.3
ssl.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	398 B	14 kB	172.217.21.163
docs.google.com	122	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	14 kB	142.250.74.14
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.242.254
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	50 kB	34.120.237.76
tikiz.shop	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	710 B	198.54.126.24
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	6.9 kB	142.250.74.74
hekdpvbbvhktxzlcxqps7047585997.blogspot.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	870 B	16 kB	142.250.74.161
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	9.1 kB	216.58.211.3
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	172.64.155.188
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	82 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-08	medium	tikiz.shop	Sinkholed
2022-12-08	medium	tikiz.shop	Sinkholed

JavaScript (9)

	URL	Size	First Seen	Last Seen
	docs.google.com/forms/d/e/1FAIpQLScBJ8NWwj1pXsAd6eF7suWapVBtVCvSx2S-yyIriPOQvIB3MQ/viewform?usp=sf_link	14 kB	2023-03-08	2023-03-08
Pretty URL docs.google.com/forms/d/e/1FAIpQLScBJ8NWwj1pXsAd6eF7suWapVBtVCvSx2S-yyIriPOQvIB3MQ/viewform?usp=sf_link IP 142.250.74.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:30:39 Last Seen2023-03-08 21:30:39 Times Seen1 Hash 379a0fc3f7111e3730ad9fcdde505718 4e4ee0d14400b7e51de0bdb055bad19127c730c3 53449d3b225f987cc8ffaba2ee3f45e1e897a710778fbf733c9c344cc4182b46 Loading...

	docs.google.com/forms/d/e/1FAIpQLScBJ8NWwj1pXsAd6eF7suWapVBtVCvSx2S-yyIriPOQvIB3MQ/viewform?usp=sf_link	624 B	2023-03-08	2023-03-12
Pretty URL docs.google.com/forms/d/e/1FAIpQLScBJ8NWwj1pXsAd6eF7suWapVBtVCvSx2S-yyIriPOQvIB3MQ/viewform?usp=sf_link IP 142.250.74.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:14:25 Last Seen2023-03-12 20:03:01 Times Seen1 Hash 2aad726ab28edb3b695bd1a2775d8d3f 9c015fe0adc0f07b72951afaa404c33c4d963abc 01e355adcc1c73ba1e8d1ac826e5349ef3afb163e0ecbb8600413d9658e9fbbe Loading...

	www.gstatic.com/feedback/js/help/prod/service/lazy.min.js	95 kB	2023-03-08	2023-03-08
Pretty URL www.gstatic.com/feedback/js/help/prod/service/lazy.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:27 Last Seen2023-03-08 22:51:59 Times Seen1 Hash f65c5baf0227fe6fb1c0d90279bf4197 bb0b2329d73ebaeed0f886c636b5fbb96b26f7b3 a4a70ba2825d840bdeb61027aa1b05edfb3362db49816d4b3540a78354db9133 Loading...

	hekdpvbbvhktxzlcxqps7047585997.blogspot.com/unsubscribe	158 B	2023-03-07	2023-03-12
Pretty URL hekdpvbbvhktxzlcxqps7047585997.blogspot.com/unsubscribe IP 142.250.74.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:50:08 Last Seen2023-03-12 07:47:58 Times Seen1 Hash 92efd5c98a9ca07d5dde3d60954d1681 0eb715b645bd1f4cc28e44c279f1a16036aee510 aec4920ea2aa0083a8fb776b310b3b62d6569a8863393f5736fa6d1cd9806699 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 10:56:33 Times Seen37061614 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	docs.google.com/forms/d/e/1FAIpQLScBJ8NWwj1pXsAd6eF7suWapVBtVCvSx2S-yyIriPOQvIB3MQ/viewform?usp=sf_link	200 B	2023-03-07	2024-04-24
Pretty URL docs.google.com/forms/d/e/1FAIpQLScBJ8NWwj1pXsAd6eF7suWapVBtVCvSx2S-yyIriPOQvIB3MQ/viewform?usp=sf_link IP 142.250.74.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:08:14 Last Seen2024-04-24 16:02:34 Times Seen325 Hash 818b5f82ffbb05426d0a1411fb995bbc 19586ce5fdbc67a60faebd0e3230de521795f3d1 b30385b82a634c8a242dc54f0b2a6644c8aa8763de6326143ccfafd5420a56af Loading...

	docs.google.com/forms/d/e/1FAIpQLScBJ8NWwj1pXsAd6eF7suWapVBtVCvSx2S-yyIriPOQvIB3MQ/viewform?usp=sf_link	184 B	2023-03-08	2023-03-08
Pretty URL docs.google.com/forms/d/e/1FAIpQLScBJ8NWwj1pXsAd6eF7suWapVBtVCvSx2S-yyIriPOQvIB3MQ/viewform?usp=sf_link IP 142.250.74.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:30:39 Last Seen2023-03-08 21:41:29 Times Seen1 Hash b97755722906ba77d1b4c78a723d0194 badd447336972730890a72217d9f976f8cfdbd5c 13490b3a41126b1eae240e43154fa15a1393dd110a718f5db75d34ab1765c2d3 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 88b7bb7b69bb5b6a6f937951b30c163d	575 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 21:14:25 Last Seen2023-03-08 22:11:04 Times Seen1 Hash 88b7bb7b69bb5b6a6f937951b30c163d 1fb30f8456ac95e0e7b438ad33b28e1cc01ae5e6 ff8c784580e572a7a88dcb1acdde968abb98b23bd4840c3d7699a6dfbe5dd97f Loading...

	#2 Eval - 2dcc4220869c7178d368146398c901e5	1.7 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 19:50:14 Last Seen2023-03-08 22:21:52 Times Seen1 Hash 2dcc4220869c7178d368146398c901e5 31f681485dd009df0eb8a26f8de324e58c0091f2 bd39e834c049b8f1692caf2dadc11cabb76cd105d6bc97ecfb72b490beae2e84 Loading...

HTTP Transactions (50)

URL IP Response Size

hekdpvbbvhktxzlcxqps7047585997.blogspot.com/unsubscribe

142.250.74.161

301 Moved Permanently

206 B

URL HTTP/1.1
hekdpvbbvhktxzlcxqps7047585997.blogspot.com/unsubscribe
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
206 B (206 bytes)
Hash
720081d3747a7765bf5e3d1ae5b5499b
41ea5a54e20942529aa3bd6d8838eb2197c109c7
55efbad5213e793b0e32bd0535d5964c64c25f7f915074f8b2877e4233254fa9

HTTP Headers

GET /unsubscribe HTTP/1.1
Host: hekdpvbbvhktxzlcxqps7047585997.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://hekdpvbbvhktxzlcxqps7047585997.blogspot.com/unsubscribe
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 08 Dec 2022 03:27:34 GMT
Expires: Thu, 08 Dec 2022 03:27:34 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 206
Server: GSE

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16166
Expires: Thu, 08 Dec 2022 07:57:00 GMT
Date: Thu, 08 Dec 2022 03:27:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13598
Expires: Thu, 08 Dec 2022 07:14:12 GMT
Date: Thu, 08 Dec 2022 03:27:34 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 03:08:07 GMT
content-type: application/json
age: 1167
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c3470f9f0a4df8c1496b577fa9435ff6
f83b0226bb57ed0f3e1acdad61b940414add135d
f542579e3a3577a646babde862282c2afda6ed784360a915143216100f7a3d91

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F542579E3A3577A646BABDE862282C2AFDA6ED784360A915143216100F7A3D91"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6746
Expires: Thu, 08 Dec 2022 05:20:00 GMT
Date: Thu, 08 Dec 2022 03:27:34 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: tnI2pk/KznwdRDwewwRPTFr8wndALhP0HPsEk1E5Ly9iKYM41S6uvlKvj9IvEUF/md+yIZs/YPY=
x-amz-request-id: NDBH9W4A8445XKG2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 02:49:36 GMT
age: 2278
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3ba8392a35e279a05f632a48d38b831f
49fcabcfff2128fb4a87164981595ec9f813f2f6
b82849af3ed3e533f08673c23a3412582bccf9022402a7050d750a96cdf82dad

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 03:27:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 03:27:34 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 03:07:55 GMT
age: 1180
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1514
Cache-Control: max-age=108269
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 03:27:35 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:32:04 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

hekdpvbbvhktxzlcxqps7047585997.blogspot.com/unsubscribe

142.250.74.161

404 Not Found

15 kB

URL HTTP/2
hekdpvbbvhktxzlcxqps7047585997.blogspot.com/unsubscribe
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6565)
Size
15 kB (15010 bytes)
Hash
b762d0a25044e86844b4e4bdf8c47c9d
945d1859efbdd66b067ec28ee9a745dfb468a46d
ef5af9104f030e7de1ba41e3b76b6da00adfd3ac27e5d8ec4543b20bcf23af34

HTTP Headers

GET /unsubscribe HTTP/1.1
Host: hekdpvbbvhktxzlcxqps7047585997.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Dec 2022 03:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 15010
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3ba8392a35e279a05f632a48d38b831f
49fcabcfff2128fb4a87164981595ec9f813f2f6
b82849af3ed3e533f08673c23a3412582bccf9022402a7050d750a96cdf82dad

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 03:27:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

54.148.242.254

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.242.254:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wZmpNiTybc1ZJ/tkivZh4g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yCBXIccRW2HcW0SVW+FrlcR4iJw=

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
24ecf83ca89a5d9fef46308412296775
2dbe54da7fdd301c5d61ae015025022e4ed69e29
b5996b9e54afb8b8a17cba70db7167f105d4e21398850cc114205bd028145582

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 03:27:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 15:52:28 GMT
Expires: Wed, 14 Dec 2022 15:52:27 GMT
Etag: "2dbe54da7fdd301c5d61ae015025022e4ed69e29"
Cache-Control: max-age=562490,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776267faaa8cb4fd-OSL

tikiz.shop/unsubscribe

198.54.126.24

301 Moved Permanently

0 B

URL HTTP/2
tikiz.shop/unsubscribe
IP
198.54.126.24:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /unsubscribe HTTP/1.1
Host: tikiz.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hekdpvbbvhktxzlcxqps7047585997.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://tikiz.shop/unsubscribe/
x-litespeed-cache: hit
content-length: 0
date: Thu, 08 Dec 2022 03:27:36 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

tikiz.shop/unsubscribe/

198.54.126.24

301 Moved Permanently

0 B

URL HTTP/2
tikiz.shop/unsubscribe/
IP
198.54.126.24:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /unsubscribe/ HTTP/1.1
Host: tikiz.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekdpvbbvhktxzlcxqps7047585997.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://docs.google.com/forms/d/e/1FAIpQLScBJ8NWwj1pXsAd6eF7suWapVBtVCvSx2S-yyIriPOQvIB3MQ/viewform?usp=sf_link
x-litespeed-cache: hit
content-length: 0
date: Thu, 08 Dec 2022 03:27:36 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b9083cdf8a3f174763927ae3e9ca3934
1d1ca843e0517b384f693ff52b55fcafc48f9ee7
0f42326e84100eb58e3ac1d2eb5e21f7f0ba3502ddea7f607627a465cc234801

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 03:27:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3552
Expires: Thu, 08 Dec 2022 04:26:48 GMT
Date: Thu, 08 Dec 2022 03:27:36 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3552
Expires: Thu, 08 Dec 2022 04:26:48 GMT
Date: Thu, 08 Dec 2022 03:27:36 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3552
Expires: Thu, 08 Dec 2022 04:26:48 GMT
Date: Thu, 08 Dec 2022 03:27:36 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b9083cdf8a3f174763927ae3e9ca3934
1d1ca843e0517b384f693ff52b55fcafc48f9ee7
0f42326e84100eb58e3ac1d2eb5e21f7f0ba3502ddea7f607627a465cc234801

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 03:27:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6557 bytes)
Hash
210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 06:11:41 GMT
age: 76555
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3552
Expires: Thu, 08 Dec 2022 04:26:48 GMT
Date: Thu, 08 Dec 2022 03:27:36 GMT
Connection: keep-alive

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8179 bytes)
Hash
311cb4353566dfb426dbc692fde93223
979910df445a5c4d3513c8c25e289800335f646d
5ecd5c12620c0b8b6bbf456cb6c016168479a735f4eb67a9a1047677b9d798fb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8179
x-amzn-requestid: 39aa4016-4f48-4d2a-b94b-05432980d66a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czCruHckIAMFkHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639117e4-1953985a5c8d2da8239ec8e8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:47:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qKaRX4QpQU2U8J-jk1lWjhAooObsgxfHuNXv5Bbc69IEMCXAyIESeQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:50:01 GMT
age: 16655
etag: "979910df445a5c4d3513c8c25e289800335f646d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6524c56-aea0-48f9-a1c0-2eb8b37618cc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8401 bytes)
Hash
39ae12151067969e63a9064a2b273e03
9450229c82f195e4b62c0862650dbb3d159b46e8
7b462d7f52643ca683c18d789d2adc4475c64e655489513a2faa1edbd69eecd3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6524c56-aea0-48f9-a1c0-2eb8b37618cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8401
x-amzn-requestid: f90a46ff-cf1f-4a27-a85c-088fdca3abb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4BDF1zIAMF-EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106d3-7496cf2770c9b22924b2a11c;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R6ftXKYEOemnZcKjNanVHiKnPEQw34DUyLPODM5DCcqIGU50qVvNIA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:06:53 GMT
age: 19243
etag: "9450229c82f195e4b62c0862650dbb3d159b46e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F525e2750-67bb-410b-9408-34845ca67f18.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6746 bytes)
Hash
1cfd2bbdab3f88f525c53c375a0e0439
b0a5af508496c98460212497f6e75a0ddfc7f2de
9fd863a6e673c348b4e5cbc3e4747d48e87b4699e9fed7ae9590e36ae72ad9c9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F525e2750-67bb-410b-9408-34845ca67f18.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6746
x-amzn-requestid: 50f40893-5343-473d-96ff-e59b0c7ec77e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_pFx6oAMF1cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-79cff8fe348074d505426909;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s4Zf3VmA9ybuz7NQdvaolSHSFvGyZ0niRgZtogYnTNWEatHRouG3Sw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:01:55 GMT
age: 19541
etag: "b0a5af508496c98460212497f6e75a0ddfc7f2de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95d68d20-ce48-4bc4-a89b-d42a294520bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6656 bytes)
Hash
077c8b656d9ac4ecba7aea40ecaa4e0c
84b9d58a1cf4174f1a55b1c3475a09d579094f19
abf13120589f3c11466a6b3f65874565a78b3a25b047b2089dafdae0cdf71c08

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95d68d20-ce48-4bc4-a89b-d42a294520bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 623488c8-42b4-43d0-a274-f35f4e2695c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4AwH11IAMFfCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106d1-1226750c2e9dbe517b1211e3;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Wvq8PJEuXz7Yf5QE2phHXPYPCLWzIR1MXWiJKyN84yHINqK6H_ZQrQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:05:39 GMT
age: 19317
etag: "84b9d58a1cf4174f1a55b1c3475a09d579094f19"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8011441-85ad-4414-9c3d-7ae1b86acd3f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6926 bytes)
Hash
dc3cc57336eca8e3d0e307bbd970b90e
cd3fffde0e1ab3cdd48b1fd969dbc7cb77daaf6e
9aae742b419b8b6d2371c3e2082d15a8974f530230367e82b6aa7961e41919c9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8011441-85ad-4414-9c3d-7ae1b86acd3f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6926
x-amzn-requestid: ef7f28d4-3d5e-40ad-89f8-77817630530e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctERRH3ToAMFylg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb407-42738f8437edfc5440ae59e7;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c_-xjk5YlgjsKQG_Jd-YL3G4bGYCBiOZvg-1IP-0sxbNgtI9ZgHpcg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 05:22:40 GMT
age: 79496
etag: "cd3fffde0e1ab3cdd48b1fd969dbc7cb77daaf6e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
38ab64c8d5e963bd13caddb191950d94
b2aeb62771557e894a0c7a8e4e46dc13cc4c7f84
d1d95cac0816e3a1ed1fdc7e944029c805cd863e658ba87338436cd66d969cca

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 03:27:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 03:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 03:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 03:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/images/branding/googlelogo/svg/googlelogo_dark_clr_74x24px.svg

142.250.74.3

200 OK

689 B

URL HTTP/2
www.gstatic.com/images/branding/googlelogo/svg/googlelogo_dark_clr_74x24px.svg
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1510), with no line terminators
Size
689 B (689 bytes)
Hash
bbe47763328bc12c05fdad280415fc82
48c060d2c7889fffaf3ba28cf189d06131ba2066
a65c6bb781dfa2606313ef29ca6c1043a508af6373f564a6fbd7b062076cac33

HTTP Headers

GET /images/branding/googlelogo/svg/googlelogo_dark_clr_74x24px.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 689
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 20:37:32 GMT
expires: Tue, 05 Dec 2023 20:37:32 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/svg+xml
age: 197405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
38ab64c8d5e963bd13caddb191950d94
b2aeb62771557e894a0c7a8e4e46dc13cc4c7f84
d1d95cac0816e3a1ed1fdc7e944029c805cd863e658ba87338436cd66d969cca

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 03:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/_/freebird/_/ss/k=freebird.v.r0s_eTHb9UI.L.F4.O/d=1/rs=AMjVe6gpzg7uXgcM96nEopZSjzlTk3xnSg

142.250.74.3

200 OK

92 kB

URL HTTP/2
www.gstatic.com/_/freebird/_/ss/k=freebird.v.r0s_eTHb9UI.L.F4.O/d=1/rs=AMjVe6gpzg7uXgcM96nEopZSjzlTk3xnSg
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65536), with no line terminators
Size
92 kB (91718 bytes)
Hash
969036598b3be56cc6099977cf52f79d
fd928f745122464c66a3b404a6df4b5ee02cf214
43187e6ae08921c432c14060c58edcb9d1454fd34387312804be8d0d31c3187b

HTTP Headers

GET /_/freebird/_/ss/k=freebird.v.r0s_eTHb9UI.L.F4.O/d=1/rs=AMjVe6gpzg7uXgcM96nEopZSjzlTk3xnSg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-forms"
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-length: 91718
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 18:44:04 GMT
expires: Sat, 02 Dec 2023 18:44:04 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Dec 2022 17:25:07 GMT
content-type: text/css; charset=UTF-8
age: 463413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/_/freebird/_/js/k=freebird.v.no.ZNWCsvaBvDk.O/d=1/rs=AMjVe6iSuNSo6yL14SdSU2QPXOCBKJa_Iw/m=viewer_base

142.250.74.3

200 OK

123 kB

URL HTTP/2
www.gstatic.com/_/freebird/_/js/k=freebird.v.no.ZNWCsvaBvDk.O/d=1/rs=AMjVe6iSuNSo6yL14SdSU2QPXOCBKJa_Iw/m=viewer_base
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (527)
Size
123 kB (122881 bytes)
Hash
33027a59f9a8f1ba511a9ed0db68d111
d504f9fd3faa72f9cc23dd310ce044b25b638ff7
c3a6206428acfefa9f501ce606e125a6085ef9a6eda59b08fb1b2ed5fef1c1ed

HTTP Headers

GET /_/freebird/_/js/k=freebird.v.no.ZNWCsvaBvDk.O/d=1/rs=AMjVe6iSuNSo6yL14SdSU2QPXOCBKJa_Iw/m=viewer_base HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-forms"
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-length: 122881
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 21:48:30 GMT
expires: Sat, 02 Dec 2023 21:48:30 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 19:23:30 GMT
content-type: text/javascript; charset=UTF-8
age: 452347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 03:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ssl.gstatic.com/docs/forms/qp_sprite164.svg

172.217.21.163

200 OK

13 kB

URL HTTP/2
ssl.gstatic.com/docs/forms/qp_sprite164.svg
IP
172.217.21.163:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1744)
Size
13 kB (12977 bytes)
Hash
f43550daaba07aa784d58f1738647bf0
45d70c215020e214e82d10b61929c56089352738
db74ef3f6fac631c645f72fe8b44b558cca086629b22504b624d1595212d597f

HTTP Headers

GET /docs/forms/qp_sprite164.svg HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-length: 12977
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 16:39:14 GMT
expires: Sat, 02 Dec 2023 16:39:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Nov 2022 19:48:00 GMT
content-type: image/svg+xml
age: 470903
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

docs.google.com/forms/d/e/1FAIpQLScBJ8NWwj1pXsAd6eF7suWapVBtVCvSx2S-yyIriPOQvIB3MQ/viewform?usp=sf_link

142.250.74.14

200 OK

12 kB

URL HTTP/2
docs.google.com/forms/d/e/1FAIpQLScBJ8NWwj1pXsAd6eF7suWapVBtVCvSx2S-yyIriPOQvIB3MQ/viewform?usp=sf_link
IP
142.250.74.14:0
ASN
#15169 GOOGLE

File type
data
Size
12 kB (11879 bytes)
Hash
c6152712f63a305485532f02775b09c4
b3f05a0c219a4675e4a3c6101ef1dad8466bed40
fcbafc3af72e5328f72c7a2932191070c776b84bdbab4f4a2da1dea99846813b

HTTP Headers

GET /forms/d/e/1FAIpQLScBJ8NWwj1pXsAd6eF7suWapVBtVCvSx2S-yyIriPOQvIB3MQ/viewform?usp=sf_link HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekdpvbbvhktxzlcxqps7047585997.blogspot.com/
Connection: keep-alive
Cookie: __Secure-ENID=5.SE=WgoywoGOUEmJadxoIB0r2lkzXHeKVqth1xGOa4ffzT7dUHt-ZXjx-iHV7oK7BCuj96T6WcNdOxtcPrvT6hvt4NQxsLWhAuRLpweU30AweJoV-BgqMIIyysdeq33RUY6ph26qQ9jBKSd0XSV6yoBSxOS9PmgWEsI53hUDjv_5qeI; CONSENT=PENDING+883
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-robots-tag: noindex, nofollow, nosnippet
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Dec 2022 03:27:36 GMT
content-security-policy-report-only: report-uri https://csp.withgoogle.com/csp/forms/prod;frame-ancestors 'none'
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
referrer-policy: strict-origin-when-cross-origin
content-security-policy: base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'nonce-C00n8kJ9HDF0kqpo2K2wIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: S=spreadsheet_forms=t2s_SNeOOj1u87uymvfTf9ctKYykEFN2FkrtZ3mZImI; Domain=.docs.google.com; Expires=Thu, 08-Dec-2022 04:27:36 GMT; Path=/forms/d/e/1FAIpQLScBJ8NWwj1pXsAd6eF7suWapVBtVCvSx2S-yyIriPOQvIB3MQ; Secure; HttpOnly; SameSite=none
COMPASS=spreadsheet_forms=CjIACWuJV4WzsVYKsGLOazK5tUkKDl6pqZADKog_25hPs1aaKPMzIs3JDRT7SeEnsrkCyhC4z8WcBho0AAlriVcvQWtg27d8u14X-WriF103bZmiutqgX8zNYM3Ns4VuV2V7qC5k_d-M4xi44qgCeQ==; Domain=.docs.google.com; Expires=Thu, 08-Dec-2022 04:27:36 GMT; Path=/forms/d/e/1FAIpQLScBJ8NWwj1pXsAd6eF7suWapVBtVCvSx2S-yyIriPOQvIB3MQ; Secure; HttpOnly; SameSite=none
NID=511=s8m-q-Ft2KkK3T2TpOaiuC8JPWipiWtcEma9Q3UFumOfKhaJqAmKacnlxBLKbkKjGf2USXTNQCfk9o7VfB1r5FPmbGSoB6lTlW9DOFy-zlarZfslo0iKqtKuIWfLtWee--wK12zR5SYh6_P8domqA-Pqo8iG1KCowMfNM9gVSvg; expires=Fri, 09-Jun-2023 03:27:36 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 03:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 03:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2

216.58.207.227

200 OK

35 kB

URL HTTP/2
fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 35060, version 1.0\012- data
Size
35 kB (35060 bytes)
Hash
0360dbc6e8c09dce9183a1fd78f3be2e
6cd4b65a94707ae941d78b12f082c968cb05ec92
2db6bc36808d43fa89029c652636e206fa3e889b35ecf71814ab85f8ba944af3

HTTP Headers

GET /s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://docs.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35060
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 22:36:11 GMT
expires: Wed, 06 Dec 2023 22:36:11 GMT
cache-control: public, max-age=31536000
age: 103886
last-modified: Tue, 19 Apr 2022 17:57:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://docs.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 28423
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

216.58.207.227

200 OK

28 kB

URL HTTP/2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Size
28 kB (28288 bytes)
Hash
53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

HTTP Headers

GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://docs.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 20:35:00 GMT
expires: Thu, 07 Dec 2023 20:35:00 GMT
cache-control: public, max-age=31536000
age: 24757
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 03:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/_/freebird/_/js/k=freebird.v.no.ZNWCsvaBvDk.O/d=0/rs=AMjVe6iSuNSo6yL14SdSU2QPXOCBKJa_Iw/m=sy2m,vGOnYd,sy4g,IZT63,vfuNJf,MpJwZc,n73qwf,sy1q,ws9Tlc,sy5t,sy5y,sy60,sy65,sy67,sy68,siKnQd,T8YtQb,sy0,sy7,sy6,sy8,sy1,sy9,sy1p,sy2w,sy2x,V3dDOb,sy4,sy5,syh,syg,sye,syd,syf,OShpD,syk,syj,syi,syl,J8mJTc,gkf10d,j2YlP,sya,cEt90b,sy1u,sy1v,sy4f,KUM7Z,yxTchf,sy66,xQtZb,qddgKe,sy4d,sy4h,sy2n,sy5u,sy5x,sy61,wR5FRb,pXdRYb,sy2,iFQyKf,sy4j,sy3v,sy5r,sy5z,YNjGDd,sy62,PrPYRd,hc6Ubd,sy69,SpsfSb,dIoSBb,zbML3c,zr1jrb,EmZ2Bf,sy4e,sy34,Uas9Hd,WO9ee,sy1g,sy1o,sy1r,sy1t,sy24,sy3l,A4UTCb,owcnme,UUJqVe,CP1oW,D5UOtd,sy1l,sy1k,syo,sy29,sy1j,sy2b,pxq3x,syz,sy1e,O6y8ed,sym,syq,sy1n,Sk9apb,syn,sbHRWb,cNHZjb,sy39,sy3a,sy2h,sy38,sy3b,Xhpexc,Q91hve,sy2i,sy2g,mRfQQ,sy3d,sy3c,CFa0o,szrus,sy15,sy3m,VXdfxd,sy2o,sy2q,sy2r,sy3w,s39S4,sy27,ENNBBf,L1AAkb,QvB8bb,bCfhJc,sy1m,sy33,u9ZRK,pItcJd,yZuGp,aW3pY,mvo1oc,KFVhZe,sy2s,sy2p,sy2t,sy2u,sy2v,I6YDgd,sy1z,sy1x,sy20,sy21,sy2a,sy1w,sy1y,sy22,sy23,sy25,sy26,sy28,sy2c,fgj8Rb,sy3n,N5Lqpc,IvDHfc,p2tbsc,sy2l,LxALBf,sy3e,sy3f,sy3g,sy3j,sy32,sy1i,i5dxUd,sy3h,sy3i,sy3k,sy3p,sy3t,sy30,wg1P6b,EcW08c,sy3o,sy3q,sy3r,sy3s,t8tqF,SM1lmd,sy2z,sy31,sy4w,sy4x,vofJp,JCrucd,QwQO1b,syt,sys,yfEVte,syp,sy2k,QMSdQb,X16vkb,WdhPgc,sy1f,sy36,sy35,sy37,Ibqgte,ok0nye,DhgO0d,oZECf,syb,akEJMc,zG2TEe,CNqcN,sy3u,TOfxwf,sy40,sy3y,sy41,sy43,sy3x,sy44,sy4a,sy4k,sy4l,sy4m,sy4n,sy4t,sy4u,A2m8uc,jjSbr,sy4q,sy4p,sy4s,sy4r,riEgMd,sy4y,lSvzH,sy45,yUS4Lc,KOZzeb,syx,sy10,sy11,syy,xKXrob,syu,sy18,DPwS9e,sy4c,oCiKKc,sy3z,sy48,sy49,sy4b,sy47,RGrRJf,OkF2xb,syw,sy2j,sy46,xmYr4,ID6c7,sy4v,rmdjlf

216.58.207.227

200 OK

188 kB

URL HTTP/2
www.gstatic.com/_/freebird/_/js/k=freebird.v.no.ZNWCsvaBvDk.O/d=0/rs=AMjVe6iSuNSo6yL14SdSU2QPXOCBKJa_Iw/m=sy2m,vGOnYd,sy4g,IZT63,vfuNJf,MpJwZc,n73qwf,sy1q,ws9Tlc,sy5t,sy5y,sy60,sy65,sy67,sy68,siKnQd,T8YtQb,sy0,sy7,sy6,sy8,sy1,sy9,sy1p,sy2w,sy2x,V3dDOb,sy4,sy5,syh,syg,sye,syd,syf,OShpD,syk,syj,syi,syl,J8mJTc,gkf10d,j2YlP,sya,cEt90b,sy1u,sy1v,sy4f,KUM7Z,yxTchf,sy66,xQtZb,qddgKe,sy4d,sy4h,sy2n,sy5u,sy5x,sy61,wR5FRb,pXdRYb,sy2,iFQyKf,sy4j,sy3v,sy5r,sy5z,YNjGDd,sy62,PrPYRd,hc6Ubd,sy69,SpsfSb,dIoSBb,zbML3c,zr1jrb,EmZ2Bf,sy4e,sy34,Uas9Hd,WO9ee,sy1g,sy1o,sy1r,sy1t,sy24,sy3l,A4UTCb,owcnme,UUJqVe,CP1oW,D5UOtd,sy1l,sy1k,syo,sy29,sy1j,sy2b,pxq3x,syz,sy1e,O6y8ed,sym,syq,sy1n,Sk9apb,syn,sbHRWb,cNHZjb,sy39,sy3a,sy2h,sy38,sy3b,Xhpexc,Q91hve,sy2i,sy2g,mRfQQ,sy3d,sy3c,CFa0o,szrus,sy15,sy3m,VXdfxd,sy2o,sy2q,sy2r,sy3w,s39S4,sy27,ENNBBf,L1AAkb,QvB8bb,bCfhJc,sy1m,sy33,u9ZRK,pItcJd,yZuGp,aW3pY,mvo1oc,KFVhZe,sy2s,sy2p,sy2t,sy2u,sy2v,I6YDgd,sy1z,sy1x,sy20,sy21,sy2a,sy1w,sy1y,sy22,sy23,sy25,sy26,sy28,sy2c,fgj8Rb,sy3n,N5Lqpc,IvDHfc,p2tbsc,sy2l,LxALBf,sy3e,sy3f,sy3g,sy3j,sy32,sy1i,i5dxUd,sy3h,sy3i,sy3k,sy3p,sy3t,sy30,wg1P6b,EcW08c,sy3o,sy3q,sy3r,sy3s,t8tqF,SM1lmd,sy2z,sy31,sy4w,sy4x,vofJp,JCrucd,QwQO1b,syt,sys,yfEVte,syp,sy2k,QMSdQb,X16vkb,WdhPgc,sy1f,sy36,sy35,sy37,Ibqgte,ok0nye,DhgO0d,oZECf,syb,akEJMc,zG2TEe,CNqcN,sy3u,TOfxwf,sy40,sy3y,sy41,sy43,sy3x,sy44,sy4a,sy4k,sy4l,sy4m,sy4n,sy4t,sy4u,A2m8uc,jjSbr,sy4q,sy4p,sy4s,sy4r,riEgMd,sy4y,lSvzH,sy45,yUS4Lc,KOZzeb,syx,sy10,sy11,syy,xKXrob,syu,sy18,DPwS9e,sy4c,oCiKKc,sy3z,sy48,sy49,sy4b,sy47,RGrRJf,OkF2xb,syw,sy2j,sy46,xmYr4,ID6c7,sy4v,rmdjlf
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (531)
Size
188 kB (188162 bytes)
Hash
a6ecbc9a8c202913d472c2fd4fc14eac
4cf5494991e1ae8bcb687c1ec9932b7fecb830b5
4a7c2d4d7b3d1d95c4b7b2d6a91a08ee77584bca01a26f54f49799e49d956f57

HTTP Headers

GET /_/freebird/_/js/k=freebird.v.no.ZNWCsvaBvDk.O/d=0/rs=AMjVe6iSuNSo6yL14SdSU2QPXOCBKJa_Iw/m=sy2m,vGOnYd,sy4g,IZT63,vfuNJf,MpJwZc,n73qwf,sy1q,ws9Tlc,sy5t,sy5y,sy60,sy65,sy67,sy68,siKnQd,T8YtQb,sy0,sy7,sy6,sy8,sy1,sy9,sy1p,sy2w,sy2x,V3dDOb,sy4,sy5,syh,syg,sye,syd,syf,OShpD,syk,syj,syi,syl,J8mJTc,gkf10d,j2YlP,sya,cEt90b,sy1u,sy1v,sy4f,KUM7Z,yxTchf,sy66,xQtZb,qddgKe,sy4d,sy4h,sy2n,sy5u,sy5x,sy61,wR5FRb,pXdRYb,sy2,iFQyKf,sy4j,sy3v,sy5r,sy5z,YNjGDd,sy62,PrPYRd,hc6Ubd,sy69,SpsfSb,dIoSBb,zbML3c,zr1jrb,EmZ2Bf,sy4e,sy34,Uas9Hd,WO9ee,sy1g,sy1o,sy1r,sy1t,sy24,sy3l,A4UTCb,owcnme,UUJqVe,CP1oW,D5UOtd,sy1l,sy1k,syo,sy29,sy1j,sy2b,pxq3x,syz,sy1e,O6y8ed,sym,syq,sy1n,Sk9apb,syn,sbHRWb,cNHZjb,sy39,sy3a,sy2h,sy38,sy3b,Xhpexc,Q91hve,sy2i,sy2g,mRfQQ,sy3d,sy3c,CFa0o,szrus,sy15,sy3m,VXdfxd,sy2o,sy2q,sy2r,sy3w,s39S4,sy27,ENNBBf,L1AAkb,QvB8bb,bCfhJc,sy1m,sy33,u9ZRK,pItcJd,yZuGp,aW3pY,mvo1oc,KFVhZe,sy2s,sy2p,sy2t,sy2u,sy2v,I6YDgd,sy1z,sy1x,sy20,sy21,sy2a,sy1w,sy1y,sy22,sy23,sy25,sy26,sy28,sy2c,fgj8Rb,sy3n,N5Lqpc,IvDHfc,p2tbsc,sy2l,LxALBf,sy3e,sy3f,sy3g,sy3j,sy32,sy1i,i5dxUd,sy3h,sy3i,sy3k,sy3p,sy3t,sy30,wg1P6b,EcW08c,sy3o,sy3q,sy3r,sy3s,t8tqF,SM1lmd,sy2z,sy31,sy4w,sy4x,vofJp,JCrucd,QwQO1b,syt,sys,yfEVte,syp,sy2k,QMSdQb,X16vkb,WdhPgc,sy1f,sy36,sy35,sy37,Ibqgte,ok0nye,DhgO0d,oZECf,syb,akEJMc,zG2TEe,CNqcN,sy3u,TOfxwf,sy40,sy3y,sy41,sy43,sy3x,sy44,sy4a,sy4k,sy4l,sy4m,sy4n,sy4t,sy4u,A2m8uc,jjSbr,sy4q,sy4p,sy4s,sy4r,riEgMd,sy4y,lSvzH,sy45,yUS4Lc,KOZzeb,syx,sy10,sy11,syy,xKXrob,syu,sy18,DPwS9e,sy4c,oCiKKc,sy3z,sy48,sy49,sy4b,sy47,RGrRJf,OkF2xb,syw,sy2j,sy46,xmYr4,ID6c7,sy4v,rmdjlf HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Origin: https://docs.google.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
access-control-allow-origin: https://docs.google.com
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-forms"
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-length: 188162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 16:59:21 GMT
expires: Tue, 05 Dec 2023 16:59:21 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 19:23:30 GMT
content-type: text/javascript; charset=UTF-8
age: 210496
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/_/freebird/_/js/k=freebird.v.no.ZNWCsvaBvDk.O/d=0/rs=AMjVe6iSuNSo6yL14SdSU2QPXOCBKJa_Iw/m=sy42,sWGJ4b

216.58.207.227

200 OK

823 B

URL HTTP/2
www.gstatic.com/_/freebird/_/js/k=freebird.v.no.ZNWCsvaBvDk.O/d=0/rs=AMjVe6iSuNSo6yL14SdSU2QPXOCBKJa_Iw/m=sy42,sWGJ4b
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (506)
Size
823 B (823 bytes)
Hash
48965117727b62d437ba773ddbe2ed9d
098136bd7a74503faff5564677347150d56fceba
160036fa8cd386d05c5f802ac6da5fac65dd1420c51d521f4f579a58ed831d6f

HTTP Headers

GET /_/freebird/_/js/k=freebird.v.no.ZNWCsvaBvDk.O/d=0/rs=AMjVe6iSuNSo6yL14SdSU2QPXOCBKJa_Iw/m=sy42,sWGJ4b HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Origin: https://docs.google.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
access-control-allow-origin: https://docs.google.com
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-forms"
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-length: 823
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 16:51:49 GMT
expires: Tue, 05 Dec 2023 16:51:49 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 19:23:30 GMT
content-type: text/javascript; charset=UTF-8
age: 210948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons+Extended

142.250.74.74

200 OK

4.7 kB

URL HTTP/2
fonts.googleapis.com/icon?family=Material+Icons+Extended
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
4.7 kB (4709 bytes)
Hash
86731cc68bda80147e8967a01976d6fb
a627d619171d793d505ca4c1627328aee415671f
6dfd51d23a93c99eab0f40151d0dd636ff445d1c3ec28f779ee0deec1ee2073e

HTTP Headers

GET /icon?family=Material+Icons+Extended HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 03:27:37 GMT
date: Thu, 08 Dec 2022 03:27:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 03:27:37 GMT
date: Thu, 08 Dec 2022 03:27:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 03:27:37 GMT
date: Thu, 08 Dec 2022 03:27:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (50)

URL HTTP/1.1

IP

ASN

File type