Report - apencerons.com/bWlrZW1AcmVzb3VyY2Vjb25zdWx0aW5nLmNvbQ==?id=com.google.android.apps.youtube.music

Report Overview

Submitted URL
apencerons.com/bWlrZW1AcmVzb3VyY2Vjb25zdWx0aW5nLmNvbQ==?id=com.google.android.apps.youtube.music
IP
190.211.254.196
ASN
#51852 Private Layer INC
Submitted
2023-03-28 13:32:50
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	238 B	34.117.65.55
apencerons.com	unknown	2023-02-07T13:22:42Z	2023-03-28T12:01:12Z	427 B	267 B	190.211.254.196
bongart.pathom.su	unknown	2023-03-10T15:27:47Z	2023-03-28T18:27:11Z	3.3 kB	5.4 kB	104.26.8.186
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.7 kB	7.1 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	122 kB	34.120.237.76
challenges.cloudflare.com	unknown	2021-10-20T07:02:03Z	2023-03-29T12:58:37Z	445 B	339 B	104.18.6.185

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-28 13:33:01	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related
2023-03-28 13:33:01	medium	Client IP	Internal IP	ET DNS Query for .su TLD (Soviet Union) Often Malware Related

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	bongart.pathom.su/MbWlrZW1AcmVzb3VyY2Vjb25zdWx0aW5nLmNvbQ==	3.2 kB	2023-03-29	2023-03-29
Pretty URL bongart.pathom.su/MbWlrZW1AcmVzb3VyY2Vjb25zdWx0aW5nLmNvbQ== IP 104.26.8.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:34:50 Last Seen2023-03-29 23:34:50 Times Seen1 Hash 923e5ca29c66e08959ee5169b9b6db57 0b4caa05262ee616923444029b19110fa94e3c8f 3eb4457657b2678fcad0b70ab09aa45bd67663ca6c43b822e6d12e181a3de982 Loading...

	bongart.pathom.su/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7af03d931b11b503	146 kB	2023-03-29	2023-03-29
Pretty URL bongart.pathom.su/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7af03d931b11b503 IP 104.26.8.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:34:50 Last Seen2023-03-29 23:34:50 Times Seen1 Hash e020922b2d25c6a2ef9ecb4da5617771 adee4711c3720f45d76a10a4c8dc200c784f4899 a82ab834d7c62ac00aa6841651c66c2cab7bd8e218448fa2e9fddee45d780893 Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit	14 kB	2023-03-29	2023-04-14
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:02:57 Last Seen2023-04-14 14:51:42 Times Seen2327 Hash 83dbbe00f3d0cadee2c7bb7128dfc430 22c9253023530e5243691926a5a85775aa63e77b 38065ca232356314bc86aad8e1b1ad253d7b20a16bc6387d01ab225c29e86490 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/6x84z/0x4AAAAAAAAjq6WYeRDKmebM/light/normal	2.1 kB	2023-03-29	2023-03-29
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/6x84z/0x4AAAAAAAAjq6WYeRDKmebM/light/normal IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:34:50 Last Seen2023-03-29 23:34:50 Times Seen1 Hash 58457f6b7eda949c337fbd068e498d89 57b0de2119d83525ced5aa536f45cee3b453d899 1030398330eb6853251d5a1c923f10422143c864c122288ed8f067d682661601 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7af03d985bce0b49	161 kB	2023-03-29	2023-03-29
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7af03d985bce0b49 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:34:50 Last Seen2023-03-29 23:34:50 Times Seen1 Hash 921f99fe4ee41bdb4a7f6fd80ab52c20 4e1aa6cd03f3b353175caf16e16f3cb27b18c0b2 314938885e1fb68b0a9e20ecc88c3f005788a6bfde31fe9865b5219b68f223cb Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-24 06:41:29 Times Seen349338 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#2 Eval - 170d225041a651c7528aa3eff597ee12	560 B	2023-03-29	2023-03-29
Pretty Observations First Seen2023-03-29 23:34:50 Last Seen2023-03-29 23:34:50 Times Seen1 Hash 170d225041a651c7528aa3eff597ee12 f0d150546e56f63a3626da03e8959755e2067157 14f505feb01d9c8704fd6a50aac8fd90f51c099d2ef4d94346edd55383119eee Loading...

	#3 Eval - 70efa725f660990cc6701727e98c360b	769 kB	2023-03-07	2023-07-11
Pretty Observations First Seen2023-03-07 01:07:04 Last Seen2023-07-11 03:19:46 Times Seen6035 Hash 70efa725f660990cc6701727e98c360b 04f4df4180629c6a1a8648630310794bfdb39eb8 cb2789441eb37a5d5520d68b778e5e1a0743c6d105076aa2e3be07147e0dc752 Loading...

	#4 Eval - 93e354e833ee7b4feead7057a3f33168	13 B	2023-03-13	2023-07-11
Pretty Observations First Seen2023-03-13 20:39:31 Last Seen2023-07-11 14:53:30 Times Seen14356 Hash 93e354e833ee7b4feead7057a3f33168 4025c763f11cdc2eef6318108989528620fef9e7 80b90237b40178e74c34d6652d95b3918d01b603ba83f9dce47ba6b19343c245 Loading...

	#5 Eval - 50bda72e04f85f9b4338c0f939c34b9c	15 B	2023-03-13	2023-07-11
Pretty Observations First Seen2023-03-13 20:39:31 Last Seen2023-07-11 18:15:28 Times Seen14456 Hash 50bda72e04f85f9b4338c0f939c34b9c d53056a9d7a7424238f0faf0b93b098f28d4d3ca db8d20f2dfaf9df3877967927de5ecb9648fecda131ab44bf854f8d72baa2b23 Loading...

HTTP Transactions (27)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 93f633ce30c038eb581544323c5a971e 2f60526cb750c6babccc207f75fb5a8ae6f7598b 0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8" Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6092 Expires: Tue, 28 Mar 2023 15:14:11 GMT Date: Tue, 28 Mar 2023 13:32:39 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c83d39f350161ed2f5d20dcd68e47c92 2695a888e652cb314f8094cc6073c3364336d272 62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC" Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8928 Expires: Tue, 28 Mar 2023 16:01:27 GMT Date: Tue, 28 Mar 2023 13:32:39 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 84db75194692d4afe13196bda6f22da8 4c1f49bc973a4917f146d93c8d598344edc021f6 a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Backoff, Alert, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 28 Mar 2023 13:15:51 GMT content-type: application/json age: 1008 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5ad3eec59bebbf969f175627757507c1 b176af3a70db378c9e1f219bab24d9d446070d6f 704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E" Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14266 Expires: Tue, 28 Mar 2023 17:30:25 GMT Date: Tue, 28 Mar 2023 13:32:39 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: wb5hn136G5FsGZYdW3/Xp24ghlLonb0v4jStOggUNq2B34aRZyCIn9Sy7j2Nq1nrw65FjQ2KVkw= x-amz-request-id: 0MTQHHYSDH8GRM53 x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 28 Mar 2023 13:02:03 GMT age: 1836 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Tue, 28 Mar 2023 13:32:39 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a740252e7b24892a3e34f6dfed6e3bde d44d21abb95edd1ccc775632254f11ee94fb585e e289995a2b4b340364dd7dfa32c79c7722ece6cc4b893b38fc68bbce680d2f94 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E289995A2B4B340364DD7DFA32C79C7722ECE6CC4B893B38FC68BBCE680D2F94" Last-Modified: Mon, 27 Mar 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18625 Expires: Tue, 28 Mar 2023 18:43:05 GMT Date: Tue, 28 Mar 2023 13:32:40 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Type, Content-Length, Cache-Control, Expires, ETag, Pragma, Backoff, Last-Modified, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 28 Mar 2023 13:17:25 GMT age: 915 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	push.services.mozilla.com/	34.117.65.55	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 34.117.65.55:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: ZWdNIw3BjLGXBK9ObpXdvQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 2A8+UFq+6v7U1DCfkScetQX7SvY= Date: Tue, 28 Mar 2023 13:32:40 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000`

	apencerons.com/bWlrZW1AcmVzb3VyY2Vjb25zdWx0aW5nLmNvbQ==?id=com.google.android.apps.youtube.music	190.211.254.196	302 Found	0 B
URL HTTP/1.1 apencerons.com/bWlrZW1AcmVzb3VyY2Vjb25zdWx0aW5nLmNvbQ==?id=com.google.android.apps.youtube.music IP 190.211.254.196:0 ASN #51852 Private Layer INC File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /bWlrZW1AcmVzb3VyY2Vjb25zdWx0aW5nLmNvbQ==?id=com.google.android.apps.youtube.music HTTP/1.1 Host: apencerons.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 302 Found Date: Tue, 28 Mar 2023 13:32:39 GMT Server: Apache Location: https://bongart.pathom.su/MbWlrZW1AcmVzb3VyY2Vjb25zdWx0aW5nLmNvbQ== Content-Length: 0 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8`

	bongart.pathom.su/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7af03d931b11b503	104.26.8.186	200 OK	42 B
URL HTTP/2 bongart.pathom.su/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7af03d931b11b503 IP 104.26.8.186:0 ASN #13335 CLOUDFLARENET File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers `GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7af03d931b11b503 HTTP/1.1 Host: bongart.pathom.su User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://bongart.pathom.su/MbWlrZW1AcmVzb3VyY2Vjb25zdWx0aW5nLmNvbQ== Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK date: Tue, 28 Mar 2023 13:32:40 GMT content-type: image/gif content-length: 42 last-modified: Tue, 21 Mar 2023 12:30:57 GMT etag: "6419a381-2a" server: cloudflare cf-ray: 7af03d93bc24b503-OSL x-frame-options: DENY x-content-type-options: nosniff vary: Accept-Encoding expires: Tue, 28 Mar 2023 15:32:40 GMT cache-control: max-age=7200, public accept-ranges: bytes X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3084 Expires: Tue, 28 Mar 2023 14:24:05 GMT Date: Tue, 28 Mar 2023 13:32:41 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3084 Expires: Tue, 28 Mar 2023 14:24:05 GMT Date: Tue, 28 Mar 2023 13:32:41 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3084 Expires: Tue, 28 Mar 2023 14:24:05 GMT Date: Tue, 28 Mar 2023 13:32:41 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3084 Expires: Tue, 28 Mar 2023 14:24:05 GMT Date: Tue, 28 Mar 2023 13:32:41 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10744 bytes) Hash ada29e049501b12a35b0bcc5f68e3e57 5c1ba9bffbcc9007e7f119dbb3197db34a12f8da b45583b5845129386a456e03fbdba25305c8d6d9fb5a8f01d783816ced080629 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10744 x-amzn-requestid: d693d820-7eed-47a3-9b0b-8f43c141bd3a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CdbogF0poAMFTAg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220c9c-22ab350146e8a3a606f74c42;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: KAI78tfv0ATn1DQvBGyodBs9UWsIGdj1Fa50KowbUAO4ab2ceaYhMw== via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 21:49:26 GMT age: 56595 etag: "5c1ba9bffbcc9007e7f119dbb3197db34a12f8da" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb43b8abf-1aec-420b-bc1c-ccfbe765332e.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb43b8abf-1aec-420b-bc1c-ccfbe765332e.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11894 bytes) Hash ee9c83faa5fdb77ba988a41207800b0e 4ac4c600767de39c5134cb97f78fcb29a681ee18 9039f7232ada16ae6d8a447225a15ef949c705a6f9e7aa20b367d001cd88c94f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb43b8abf-1aec-420b-bc1c-ccfbe765332e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11894 x-amzn-requestid: 8b0857c4-1333-45b7-84de-cf3ea7a3240e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CdburGzXoAMF2Cw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220cc4-005cc42d48948a3e0ef56b08;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:38:12 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: fw1M0poEZrxuB51jVwizwBuvn_JY1jaEFXGsRor3wj-OSCfU-lUuIQ== via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 22:05:18 GMT etag: "4ac4c600767de39c5134cb97f78fcb29a681ee18" content-type: image/jpeg age: 55643 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg	34.120.237.76	200 OK	7.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.4 kB (7426 bytes) Hash 1da68df9d96e2758e37b9f15daab027b 5ff19ed6dc5752aa4b15fb88da972b736fd55783 ad924425946dbdf309c764e7097e676185516301feb7722b30d95ffd50b4353f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7426 x-amzn-requestid: 85a30298-4613-4a96-bdba-0899fe9f9475 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CdcsgGZsoAMFQkw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220e4f-10db431e7632048d7b15e0ec;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:44:47 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: JDa9YUJ9xo5mo8tb7poZC8XJDp6USTidZjWEwTZCrioJxR7vur6uJw== via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 22:00:12 GMT age: 55949 etag: "5ff19ed6dc5752aa4b15fb88da972b736fd55783" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg	34.120.237.76	200 OK	69 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type data Size 69 kB (69112 bytes) Hash 3341ab91968923e83f2f91d55a6f5d39 cefdc47bb7680ddd725b515376bbd84e2f73a38d 7ae79830764c4288acbd9f8e923da8ebd64d8517d358bb28ed1a0b86247c75f8 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4000 x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJpraEqyoAMFgNQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: I3GuoZ4ZxAtz0sKe3wrW67aitLlCAbaZkiPw23fl0F3FoumJDEnXiQ== via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 10:12:21 GMT age: 12020 etag: "b798268806dc2f79f033e5872676019faf0e0cc1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd937575-8f71-4732-8bca-faaeed83b6a1.jpeg	34.120.237.76	200 OK	7.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd937575-8f71-4732-8bca-faaeed83b6a1.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.5 kB (7537 bytes) Hash 5fdd8a3f935830ca9e5ffdb5824acebc 39caaddec703fdad962d03fff8687bad2c1df4ad 6fe6301fb3610c3e8a9b62671579db53189bb62ead4cf5ab30a1f1e0b90b8ca2 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd937575-8f71-4732-8bca-faaeed83b6a1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7537 x-amzn-requestid: 2fb06f69-4757-4ba5-9f20-6e829127b931 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CdbqWETgoAMFV5g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220ca8-6421e38b3a0ac0590ffa8b52;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:44 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: JZfiBSqQdWXqpaxSlepC6hEJ888ja6o10GW0KziDifD8KdTmDTn0eQ== via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 22:05:18 GMT age: 55643 etag: "39caaddec703fdad962d03fff8687bad2c1df4ad" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F858e946a-2e67-4e7b-b78f-763226855b6d.jpeg	34.120.237.76	200 OK	9.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F858e946a-2e67-4e7b-b78f-763226855b6d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.0 kB (8961 bytes) Hash 789f11978a1149984408fbbb9a2b3f81 078bd523107096bab5e26d42b18e316c253f1ca7 7974980290443b64126f512686261150cd27331cb7b32a96d1167a97d046e8a3 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F858e946a-2e67-4e7b-b78f-763226855b6d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8961 x-amzn-requestid: 9277e35d-8fe8-482e-b65c-b132dfcbd87e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CdbqBGl0IAMFy4w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220ca6-7869936b33cbf3633c68e7ac;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:42 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: Xz5zjv-po5mgSFz_kkZZ5Hvw9SxY-3d-J2DpvFWxM-iI4jXTsUbiyg== via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 10:16:22 GMT age: 11779 etag: "078bd523107096bab5e26d42b18e316c253f1ca7" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	bongart.pathom.su/MbWlrZW1AcmVzb3VyY2Vjb25zdWx0aW5nLmNvbQ==	104.26.8.186	403 Forbidden	0 B
URL HTTP/2 bongart.pathom.su/MbWlrZW1AcmVzb3VyY2Vjb25zdWx0aW5nLmNvbQ== IP 104.26.8.186:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /MbWlrZW1AcmVzb3VyY2Vjb25zdWx0aW5nLmNvbQ== HTTP/1.1 Host: bongart.pathom.su User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 403 Forbidden date: Tue, 28 Mar 2023 13:32:40 GMT content-type: text/html; charset=UTF-8 cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy: same-origin x-frame-options: SAMEORIGIN cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires: Thu, 01 Jan 1970 00:00:01 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VT2wq4THXnVmTRRz1MdHfsjGesmGqqAatjI8fH1%2FsTmSCj%2FzcR7lCe8M1khHg0J2njpUoUqMQq86g%2BO0lLJ1w%2BnAjsFt8NFpqjmFtEehVFpJ%2Fybv58i953CDftjIbaTuhfmg"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7af03d931b11b503-OSL content-encoding: br X-Firefox-Spdy: h2

	bongart.pathom.su/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7af03d931b11b503	104.26.8.186	200 OK	0 B
URL HTTP/2 bongart.pathom.su/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7af03d931b11b503 IP 104.26.8.186:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7af03d931b11b503 HTTP/1.1 Host: bongart.pathom.su User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://bongart.pathom.su/MbWlrZW1AcmVzb3VyY2Vjb25zdWx0aW5nLmNvbQ==?__cf_chl_rt_tk=TdnUppUoGmN4YEUGehocgxHlRvgtazxRpPbBuH_V8Uc-1680010360-0-gaNycGzNC2U Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Tue, 28 Mar 2023 13:32:40 GMT content-type: application/javascript; charset=UTF-8 cache-control: max-age=0, must-revalidate report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3x%2FOkYKGNuqwxFAeiE1lzYqFqgAzXG4Zh%2BJWyjOE7tUpzedzcREoDq6w4mgVLa6%2BFgmYOOiOV87FyhOaA1f4ggGqvraQkHkuq8tOxBlhWSPauM1Vo57axqsxmbpuvTwwdgV"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7af03d93cc3fb503-OSL content-encoding: br X-Firefox-Spdy: h2

	bongart.pathom.su/favicon.ico	104.26.8.186	403 Forbidden	0 B
URL HTTP/2 bongart.pathom.su/favicon.ico IP 104.26.8.186:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /favicon.ico HTTP/1.1 Host: bongart.pathom.su User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://bongart.pathom.su/MbWlrZW1AcmVzb3VyY2Vjb25zdWx0aW5nLmNvbQ==?__cf_chl_rt_tk=TdnUppUoGmN4YEUGehocgxHlRvgtazxRpPbBuH_V8Uc-1680010360-0-gaNycGzNC2U Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 403 Forbidden date: Tue, 28 Mar 2023 13:32:40 GMT content-type: text/html; charset=UTF-8 cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy: same-origin x-frame-options: SAMEORIGIN cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires: Thu, 01 Jan 1970 00:00:01 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkeHuKJ4eah3yOBrNBSVeqmw1CfH6kTqUS0v0RjCbiH0iJZTTCsRe3CCyD%2F07VZB6sliJHpzH7wXcebWiq3Mox2wiyRBFlah8ZsD3pfOVj23aa7Mrgv5HfyglhtEWDExxoLX"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7af03d93ec6db503-OSL content-encoding: br X-Firefox-Spdy: h2

	challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit	104.18.6.185	200 OK	0 B
URL HTTP/2 challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit IP 104.18.6.185:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://bongart.pathom.su Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Tue, 28 Mar 2023 13:32:41 GMT content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * cache-control: max-age=31536000 vary: Accept-Encoding server: cloudflare cf-ray: 7af03d948d09b4f9-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	bongart.pathom.su/cdn-cgi/challenge-platform/h/b/flow/ov1/1984819246:1680008960:yX5jKII_e5LpJXW8RFiZYPSIXNFiEKzCHWnwpCSCwVM/7af03d931b11b503/3b40ab336af975d	104.26.8.186	200 OK	0 B
URL HTTP/2 bongart.pathom.su/cdn-cgi/challenge-platform/h/b/flow/ov1/1984819246:1680008960:yX5jKII_e5LpJXW8RFiZYPSIXNFiEKzCHWnwpCSCwVM/7af03d931b11b503/3b40ab336af975d IP 104.26.8.186:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1984819246:1680008960:yX5jKII_e5LpJXW8RFiZYPSIXNFiEKzCHWnwpCSCwVM/7af03d931b11b503/3b40ab336af975d HTTP/1.1 Host: bongart.pathom.su User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://bongart.pathom.su/MbWlrZW1AcmVzb3VyY2Vjb25zdWx0aW5nLmNvbQ== Content-type: application/x-www-form-urlencoded CF-Challenge: 3b40ab336af975d Content-Length: 1824 Origin: https://bongart.pathom.su Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Tue, 28 Mar 2023 13:32:41 GMT content-type: text/plain; charset=UTF-8 cf_chl_gen: KR0DFX78wwYBI120qS/i7kmMn5EF4xnoYSt8AIZPrRlM8TU38OwmMbgDVqCTH4JZPa3AST+6G2rYe1mRaR3Jt56HeNQUkf7t/4ungpNpOqTcnuBkydriJo0OEEUAEP5TY+uKJeHrM1bKdKzi9J7nx5GzmsjQdJEbFgM/eJ3JH71Ct/kkMmsqlVmVWMpfb576WwrapPygovS75prQo2lbyYT+OFA6p7U0Lz2p1rATdydxSxHUAnl29GTbQAX1PQo8mrvSnjvCo9KJ3FAxxd7DitHSvEbezM5dDPQnw32qgbNKZz04TFBwmtYEX4ZqyO7yP829nXOF7saRYO+ni8b1fB/ghHgsHCECLB0pdySZlvC+ok6Ye+QKfJ90/wESDgTI$WYv6NKTkfakcm6nl220mWw== report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oJP65kdy3V4CI9Q3KDxSdr5QkvwmxpyS77pUT3PVhnKZaBcedVG3mzsW1Be213FjiBkJDoTqzsHRVH%2FTNF%2FfPMTmxSnIEAudUtQQMETmAXrtzrLnHaFti2OFJAwD25n1FxH"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7af03d94de22b503-OSL content-encoding: br X-Firefox-Spdy: h2

	bongart.pathom.su/cdn-cgi/challenge-platform/h/b/pat/7af03d931b11b503/1680010361122/3c4e874284c3a238e4573b2820bb8c1710b5a0a80ade26e2e7c034de81f9bc17/OfaN5aCV5nwxHYl	104.26.8.186	401 Unauthorized	0 B
URL HTTP/2 bongart.pathom.su/cdn-cgi/challenge-platform/h/b/pat/7af03d931b11b503/1680010361122/3c4e874284c3a238e4573b2820bb8c1710b5a0a80ade26e2e7c034de81f9bc17/OfaN5aCV5nwxHYl IP 104.26.8.186:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /cdn-cgi/challenge-platform/h/b/pat/7af03d931b11b503/1680010361122/3c4e874284c3a238e4573b2820bb8c1710b5a0a80ade26e2e7c034de81f9bc17/OfaN5aCV5nwxHYl HTTP/1.1 Host: bongart.pathom.su User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://bongart.pathom.su/MbWlrZW1AcmVzb3VyY2Vjb25zdWx0aW5nLmNvbQ== Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 401 Unauthorized date: Tue, 28 Mar 2023 13:32:41 GMT content-type: text/plain; charset=UTF-8 www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gPE6HQoTDojjkVzsoILuMFxC1oKgK3ibi58A03oH5vBcAEWJvbmdhcnQucGF0aG9tLnN1, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsZX7oXKP7loT52LdLGGhPx-FcBMIdXnohMZ_iqCvbnx5wO3UpaaYQijaS2knGPME34_57i843skNJNu0cqfk3kSO_UbCNZB1O7R-1HHR-ZeqVYD4DkZsO9MgvQyNI2dA-0ft0Hpg9ZWh8CvxSsydRSbQXQQ7njXvtE7Fgt-epNrnMmxQ1vdZvRFy06TPE1BYopLEuTNzMAh9-7c49XMNwctaTluD96isf1HWDhFRV33vn_F4nLEzOfSbQM2PWLMClyEk-6XFxMfoMxOz-DKqPWJ75hfxsdiW9U4-ylW0C6EFDNYLwJseHmFeb5bjkGR7pDkVj5QfYDajhmkBdl5ODwIDAQAB, max-age=20 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAbcgu5uHuazxqn7yqY032sIQdXBgi1QlTg%2FrbO5OIVTIEu5Qbnhf54D2no5s3Cigvc4gn00OwsdO8asm%2Bu3jkRnuDKMomLj4d5%2BDW2O0yRM0n7s%2BnQ2AX%2BbhAQbMV3s4TbL"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7af03d974a2fb503-OSL X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (27)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1