Overview

URL ncpine.com/
IP3.18.7.81
ASNAMAZON-02
Location United States
Report completed2022-10-04 14:45:39 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 ncpine.com/ Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (19)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS use.typekit.net (2) 494 2012-07-05 01:42:39 UTC 2022-10-04 04:17:28 UTC 23.36.76.186
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-04 04:45:06 UTC 52.43.61.95
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-04 11:55:48 UTC 142.250.74.10
mnemonic passive DNS ncpine.com (1) 0 2017-01-23 12:33:32 UTC 2022-10-04 12:16:38 UTC 3.19.116.195 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-04 04:16:51 UTC 34.117.237.239
mnemonic passive DNS static.hugedomains.com (10) 86609 2015-10-21 09:17:25 UTC 2022-10-04 05:32:47 UTC 104.26.7.37
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-10-04 04:22:54 UTC 104.18.21.226
mnemonic passive DNS firefox.settings.services.mozilla.com (1) 867 2020-05-27 20:08:30 UTC 2022-10-04 09:13:54 UTC 143.204.55.27
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-04 04:29:41 UTC 143.204.55.25
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-10-04 04:19:28 UTC 151.101.85.229
mnemonic passive DNS www.hugedomains.com (3) 50857 2017-01-29 19:28:56 UTC 2022-10-04 05:32:47 UTC 104.26.7.37
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76
mnemonic passive DNS secure.statcounter.com (1) 14835 2014-02-28 01:22:24 UTC 2022-10-04 06:06:18 UTC 104.20.228.67
mnemonic passive DNS ocsp.pki.goog (9) 175 2017-06-14 07:23:31 UTC 2022-10-04 04:17:09 UTC 142.250.74.3
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-10-04 04:25:35 UTC 142.250.74.164
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-10-04 09:37:43 UTC 142.250.74.168
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-04 07:51:20 UTC 93.184.220.29
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-10-04 04:17:22 UTC 23.36.77.32
mnemonic passive DNS p.typekit.net (1) 620 2012-05-23 14:28:57 UTC 2022-10-04 04:17:29 UTC 23.36.76.186


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 3.18.7.81

Date UQ / IDS / BL URL IP
2022-11-28 03:45:03 +0000
0 - 0 - 1 amedicaltourism.com/ar/about-us/ar/about-us/h (...) 3.18.7.81
2022-11-28 03:20:20 +0000
0 - 0 - 1 iutps.com/assets/images/icons/sec/f44efef5df2 (...) 3.18.7.81
2022-11-28 01:15:19 +0000
0 - 0 - 1 123.indiancredits.com/document/31-phuong-phap (...) 3.18.7.81
2022-11-28 01:13:20 +0000
0 - 0 - 1 123.indiancredits.com/document/3423576-de-va- (...) 3.18.7.81
2022-11-27 05:20:42 +0000
0 - 0 - 1 wowkan.com/theatrikes-stoles 3.18.7.81

Last 5 reports on ASN: AMAZON-02

Date UQ / IDS / BL URL IP
2022-11-28 12:16:14 +0000
0 - 0 - 1 app.logictree.co/d21a1884-c25e-46c5-9a56-6b7c (...) 18.158.88.249
2022-11-28 12:15:05 +0000
0 - 0 - 1 xoc.webcamsekss.nl/eng/rsna-login.html 15.197.130.221
2022-11-28 12:14:31 +0000
0 - 0 - 1 52.62.144.52/55/vbc.exe 52.62.144.52
2022-11-28 12:11:02 +0000
0 - 0 - 2 braokeextrefore.com/0b912cb8-872c-4ada-9a1c-1 (...) 3.124.99.72
2022-11-28 12:08:22 +0000
0 - 0 - 2 top-conttent.com/412f3715-ff64-47fa-abc6-9cb4 (...) 18.193.209.105

Last 2 reports on domain: ncpine.com

Date UQ / IDS / BL URL IP
2022-10-04 14:45:39 +0000
0 - 0 - 1 ncpine.com/ 3.18.7.81
2022-09-25 20:33:38 +0000
0 - 0 - 1 ncpine.com/ 34.205.242.146

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-27 19:17:21 +0000
0 - 0 - 1 57d5.zhanyu66.com/5577.com.example.yumiaokeji (...) 61.147.70.242
2022-11-27 19:12:26 +0000
0 - 0 - 1 109.73.103.171/ANDROID/LANGUAGE/ru.englishgal (...) 109.73.103.171
2022-11-27 19:06:01 +0000
0 - 0 - 29 sh.st/ve1cO 172.67.68.250
2022-11-27 12:51:58 +0000
0 - 0 - 2 shugns.xyz/wordpress/wp-content/plugins/x/vim (...) 104.233.156.100
2022-11-27 12:48:18 +0000
0 - 0 - 4 www.purepdfbook.com/2022/10/magic-full-hd-mov (...) 142.250.74.179


JavaScript

Executed Scripts (15)


Executed Evals (5)

#1 JavaScript::Eval (size: 17594, repeated: 1) - SHA256: b7b67a5ae2274370caf741b476633bfc9beaf04d9b0f28358d7227eec7fd59bf

                                        (function() {
    var vF = function(U, v) {
            if (!(U = (v = null, n.trustedTypes), U) || !U.createPolicy) return v;
            try {
                v = U.createPolicy("bg", {
                    createHTML: UK,
                    createScript: UK,
                    createScriptURL: UK
                })
            } catch (A) {
                n.console && n.console.error(A.message)
            }
            return v
        },
        oh = function(U, v, A, x, e, C) {
            function J() {
                if (v.P == v) {
                    if (v.B) {
                        var r = [M, x, U, void 0, e, C, arguments];
                        if (2 == A) var N = I(false, false, (L(r, v), v));
                        else if (1 == A) {
                            var O = !v.u.length;
                            L(r, v), O && I(false, false, v)
                        } else N = Cw(v, r);
                        return N
                    }
                    e && C && e.removeEventListener(C, J, q)
                }
            }
            return J
        },
        A4 = function(U, v) {
            return U[v] << 24 | U[(v | 0) + 1] << 16 | U[(v | 0) + 2] << 8 | U[(v | 0) + 3]
        },
        r0 = function(U, v, A, x) {
            return (X(403, A, (xc((x = E(403, A), A.V && x < A.H ? (X(403, A, A.H), J4(v, A)) : X(403, A, v), U), A), x)), E)(368, A)
        },
        Nn = function(U, v, A, x, e, C, J, r) {
            return (v = [60, 32, -94, 21, 71, (J = U & (r = er, 7), 74), v, 90, 56, 20], C = V[A.Z](A.Px), C[A.Z] = function(N) {
                J += 6 + 7 * (e = N, U), J &= 7
            }, C).concat = function(N) {
                return (e = (N = (N = (N = x % 16 + 1, +v[J + 43 & 7] * x * N - 1184 * x * e + J + 37 * e * e + (r() | 0) * N) + 3 * x * x * N - 111 * x * x * e - N * e - 3589 * e, v[N]), void 0), v)[(J + 21 & 7) + (U & 2)] = N, v[J + (U & 2)] = 32, N
            }, C
        },
        kc = function(U, v, A, x, e) {
            for (e = (x = (U.Px = (U.lG = U[U.Mx = (U.pf = nw, OK), W], lX)(U.Z, {get: function() {
                        return this.concat()
                    }
                }), U.Hx = V[U.Z](U.Px, {
                    value: {
                        value: {}
                    }
                }), 0), []); 128 > x; x++) e[x] = String.fromCharCode(x);
            I(true, true, (L((L((F(260, function(C, J, r, N, O, l, z, k, a, m, y, f) {
                function u(D, b) {
                    for (; l < D;) r |= Q(C) << l, l += 8;
                    return b = r & (l -= D, (1 << D) - 1), r >>= D, b
                }
                for (k = ((l = (a = S(C), r = 0), u(3)) | 0) + 1, O = u(5), J = [], z = m = 0; z < O; z++) y = u(1), J.push(y), m += y ? 0 : 1;
                for (z = (m = ((m | 0) - 1).toString(2).length, N = [], 0); z < O; z++) J[z] || (N[z] = u(m));
                for (m = 0; m < O; m++) J[m] && (N[m] = S(C));
                for (f = []; k--;) f.push(E(S(C), C));
                F(a, function(D, b, w, T, t) {
                    for (w = (T = [], 0), b = []; w < O; w++) {
                        if (!J[t = N[w], w]) {
                            for (; t >= T.length;) T.push(S(D));
                            t = T[t]
                        }
                        b.push(t)
                    }
                    D.g = mv((D.i = mv(f.slice(), D), b), D)
                }, C)
            }, (U.zk = (X(39, (F(153, function(C, J) {
                J4((J = E(S(C), C), J), C.P)
            }, (F(76, ((X(23, U, ((F(257, (X(220, (F(203, function(C, J, r, N) {
                J = (r = S(C), N = S(C), S(C)), C.P == C && (J = E(J, C), N = E(N, C), E(r, C)[N] = J, 495 == r && (C.l = void 0, 2 == N && (C.v = Z(C, 32, false), C.l = void 0)))
            }, (F(77, function(C, J, r, N, O, l, z) {
                for (r = (O = (l = E((N = (z = qn((J = S(C), C)), ""), 48), C), l.length), 0); z--;) r = ((r | 0) + (qn(C) | 0)) % O, N += e[l[r]];
                X(J, C, N)
            }, (F(197, function(C, J) {
                (J = S(C), C = E(J, C.P), C[0]).removeEventListener(C[1], C[2], q)
            }, (F(145, function(C, J, r, N, O, l) {
                if (!G(C, true, J, true)) {
                    if ("object" == (r = (l = (r = S((O = S((J = (l = S(C), S(C)), C)), C)), J = E(J, C), E(l, C)), E(r, C)), C = E(O, C), zh(l))) {
                        for (N in O = [], l) O.push(N);
                        l = O
                    }
                    for (O = (N = 0, C = 0 < C ? C : 1, l).length; N < O; N += C) J(l.slice(N, (N | 0) + (C | 0)), r)
                }
            }, (F(204, (X(4, (F(146, (F(319, (F(247, function(C, J, r, N, O) {
                X((J = (O = E((N = E((N = (J = (O = S((r = S(C), C)), S(C)), S(C)), N), C), O), C), E)(J, C), r), C, oh(J, C, N, O))
            }, (X(109, U, ((X(368, U, (F(42, (X(217, (F(486, (F(55, (F(226, function(C, J, r, N) {
                !G(C, true, J, false) && (J = Ih(C), N = J.Bx, r = J.I, C.P == C || r == C.nf && N == C) && (X(J.Al, C, r.apply(N, J.S)), C.Y = C.G())
            }, (F(308, (F(436, (U.Y5 = (F(483, function(C, J, r, N) {
                if (J = C.a1.pop()) {
                    for (N = Q(C); 0 < N; N--) r = S(C), J[r] = C.B[r];
                    C.B = (J[4] = C.B[J[52] = C.B[52], 4], J)
                } else X(403, C, C.H)
            }, (F(405, function(C) {
                jr(4, C)
            }, (F(475, (X(52, (F(64, function(C, J, r) {
                (r = (r = (J = S(C), S)(C), E)(r, C), 0) != E(J, C) && X(403, C, r)
            }, (X(491, U, (F(460, (F(131, (X(51, U, (X(((X(403, (((U.H = 0, U.V8 = (U.o = [], U.B = [], U.g = (U.a1 = [], U.O = (U.D = 0, false), U.N = void 0, void 0), ((U.i = void 0, U).A = (x = window.performance || {}, void 0), U).U = (U.X = ((U.uG = (U.l = void 0, U.j = false, !(U.R = 0, 1)), U).h = (U.P = U, U.V = (U.J = (U.W = 1, null), []), U.F = [], 0), U.C = void 0, 8001), U.K = (U.v = void 0, 25), U.Y = 0, 0), 0), U).nf = function(C) {
                this.P = C
            }, U.u = [], U).Gk = x.timeOrigin || (x.timing || {}).navigationStart || 0, U), 0), X)(105, U, 0), 208), U, U), [])), function(C, J, r, N) {
                (r = E((N = (J = S((r = (N = S(C), S(C)), C)), E(N, C)), r), C), X)(J, C, N[r])
            }), U), function(C, J, r, N) {
                r = E((J = S((N = S(C), r = S(C), C)), r), C), N = E(N, C) == r, X(J, C, +N)
            }), U), R(4))), F(478, function(C, J, r, N) {
                X((r = E((J = E((r = S((J = S(C), C)), N = S(C), J), C), r), C), N), C, J in r | 0)
            }, U), U)), U), []), function(C) {
                Lw(C, 4)
            }), U), U)), U)), 0), function() {}), U), function(C, J, r, N, O, l) {
                G(C, true, J, false) || (l = Ih(C.P), N = l.Bx, O = l.I, J = l.Al, l = l.S, r = l.length, N = 0 == r ? new N[O] : 1 == r ? new N[O](l[0]) : 2 == r ? new N[O](l[0], l[1]) : 3 == r ? new N[O](l[0], l[1], l[2]) : 4 == r ? new N[O](l[0], l[1], l[2], l[3]) : 2(), X(J, C, N))
            }), U), U)), function(C, J, r, N) {
                X((r = S((N = (J = S(C), Q)(C), C)), r), C, E(J, C) >>> N)
            }), U), function(C) {
                jr(1, C)
            }), U), U), [0, 0, 0]), function(C, J, r, N, O) {
                0 !== (J = E((N = (r = E((O = (J = (r = (N = (O = S(C), S(C)), S(C)), S)(C), E(O, C.P)), r), C), E)(N, C), J), C), O) && (J = oh(J, C, 1, r, O, N), O.addEventListener(N, J, q), X(39, C, [O, N, J]))
            }), U), {})), X)(16, U, n), 0)), U)), function(C, J, r, N) {
                r = (J = S(C), N = S(C), S)(C), X(r, C, E(J, C) || E(N, C))
            }), U), function(C, J, r) {
                X((r = (J = (r = S(C), S(C)), r = E(r, C), zh)(r), J), C, r)
            }), U), U), 2048), function(C, J, r) {
                G(C, true, J, false) || (J = S(C), r = S(C), X(r, C, function(N) {
                    return eval(N)
                }(Mn(E(J, C.P)))))
            }), U), U)), U)), U)), U)), U), [160, 0, 0]), function(C) {
                ah(4, C)
            }), U), F)(366, function(C, J, r) {
                X((r = S(C), J = S(C), J), C, "" + E(r, C))
            }, U), 426)), F)(395, function(C, J, r, N, O) {
                for (r = (O = qn((J = S(C), C)), N = 0, []); N < O; N++) r.push(Q(C));
                X(J, C, r)
            }, U), F(341, function(C) {
                ah(3, C)
            }, U), U.dh = 0, function(C, J, r, N) {
                r = (J = E((N = (J = S(C), S(C)), J), C), E)(N, C), X(N, C, r + J)
            }), U), U)), U), 0), 0), U)), [EK]), U), L([c, v], U), [XV, A]), U), U))
        },
        Q = function(U) {
            return U.i ? Vg(U.g, U) : Z(U, 8, true)
        },
        lX = function(U, v) {
            return V[U](V.prototype, {
                call: v,
                floor: v,
                length: v,
                document: v,
                stack: v,
                replace: v,
                console: v,
                splice: v,
                prototype: v,
                pop: v,
                parent: v,
                propertyIsEnumerable: v
            })
        },
        R = function(U, v) {
            for (v = []; U--;) v.push(255 * Math.random() | 0);
            return v
        },
        Cw = function(U, v, A, x, e) {
            if (x = v[0], x == p) U.K = 25, U.T(v);
            else if (x == W) {
                A = v[1];
                try {
                    e = U.A || U.T(v)
                } catch (C) {
                    K(U, C), e = U.A
                }
                A(e)
            } else if (x == fw) U.T(v);
            else if (x == c) U.T(v);
            else if (x == XV) {
                try {
                    for (e = 0; e < U.o.length; e++) try {
                        A = U.o[e], A[0][A[1]](A[2])
                    } catch (C) {}
                } catch (C) {}(0, v[1])(function(C, J) {
                    U.s(C, true, J)
                }, (U.o = [], function(C) {
                    L([(C = !U.u.length, D_)], U), C && I(false, true, U)
                }))
            } else {
                if (x == M) return e = v[2], X(345, U, v[6]), X(368, U, e), U.T(v);
                x == D_ ? (U.F = [], U.B = null, U.V = []) : x == EK && "loading" === n.document.readyState && (U.J = function(C, J) {
                    function r() {
                        J || (J = true, C())
                    }(n.document.addEventListener("DOMContentLoaded", (J = false, r), q), n).addEventListener("load", r, q)
                })
            }
        },
        jr = function(U, v, A, x) {
            h((A = (x = S(v), S(v)), A), v, H(U, E(x, v)))
        },
        I = function(U, v, A, x, e, C) {
            if (A.u.length) {
                A.uG = (A.j = !(A.j && 0(), 0), v);
                try {
                    x = A.G(), A.Y = x, A.N = 0, A.U = x, C = yg(A, v), e = A.G() - A.U, A.R += e, e < (U ? 0 : 10) || 0 >= A.K-- || (e = Math.floor(e), A.F.push(254 >= e ? e : 254))
                } finally {
                    A.j = false
                }
                return C
            }
        },
        g, WF = function(U, v, A) {
            if (3 == U.length) {
                for (A = 0; 3 > A; A++) v[A] += U[A];
                for (A = (U = 0, [13, 8, 13, 12, 16, 5, 3, 10, 15]); 9 > U; U++) v[3](v, U % 3, A[U])
            }
        },
        zh = function(U, v, A) {
            if ("object" == (v = typeof U, v))
                if (U) {
                    if (U instanceof Array) return "array";
                    if (U instanceof Object) return v;
                    if ("[object Window]" == (A = Object.prototype.toString.call(U), A)) return "object";
                    if ("[object Array]" == A || "number" == typeof U.length && "undefined" != typeof U.splice && "undefined" != typeof U.propertyIsEnumerable && !U.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == A || "undefined" != typeof U.call && "undefined" != typeof U.propertyIsEnumerable && !U.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == v && "undefined" == typeof U.call) return "object";
            return v
        },
        Vg = function(U, v) {
            return (U = U.create().shift(), v.i.create()).length || v.g.create().length || (v.g = void 0, v.i = void 0), U
        },
        Lw = function(U, v, A, x) {
            for (A = (x = S(U), 0); 0 < v; v--) A = A << 8 | Q(U);
            X(x, U, A)
        },
        Y = function(U, v, A) {
            A = this;
            try {
                kc(this, U, v)
            } catch (x) {
                K(this, x), v(function(e) {
                    e(A.A)
                })
            }
        },
        F = function(U, v, A) {
            v[X(U, A, v), EK] = 2796
        },
        J4 = function(U, v) {
            X(403, v, (v.a1.push(v.B.slice()), v.B[403] = void 0, U))
        },
        xc = function(U, v, A, x, e, C) {
            if (!v.A) {
                v.h++;
                try {
                    for (x = (e = 0, A = v.H, void 0); --U;) try {
                        if ((C = void 0, v).i) x = Vg(v.i, v);
                        else {
                            if (e = E(403, v), e >= A) break;
                            x = (C = (X(105, v, e), S(v)), E)(C, v)
                        }
                        G(v, (x && x[D_] & 2048 ? x(v, U) : d(0, v, [P, 21, C]), false), U, false)
                    } catch (J) {
                        E(23, v) ? d(22, v, J) : X(23, v, J)
                    }
                    if (!U) {
                        if (v.Zr) {
                            xc(335982656583, (v.h--, v));
                            return
                        }
                        d(0, v, [P, 33])
                    }
                } catch (J) {
                    try {
                        d(22, v, J)
                    } catch (r) {
                        K(v, r)
                    }
                }
                v.h--
            }
        },
        G = function(U, v, A, x, e, C, J, r, N) {
            if (U.W += (U.P = ((e = (r = (J = (C = (N = (v || U.N++, 0 < U.D && U.j && U.uG && 1 >= U.h && !U.i && !U.J && (!v || 1 < U.X - A) && 0 == document.hidden), 4 == U.N)) || N ? U.G() : U.Y, J) - U.Y, r >> 14), U).v && (U.v ^= e * (r << 2)), e) || U.P, e), C || N) U.Y = J, U.N = 0;
            if (!N || J - U.U < U.D - (x ? 255 : v ? 5 : 2)) return false;
            return !(((X(403, (x = E(v ? 105 : 403, (U.X = A, U)), U), U.H), U).u.push([fw, x, v ? A + 1 : A]), U).J = FV, 0)
        },
        Sr = function(U, v, A, x, e) {
            for (v = (e = v[3] | 0, v[2] | 0), x = 0; 14 > x; x++) U = U >>> 8 | U << 24, U += A | 0, U ^= v + 3462, A = A << 3 | A >>> 29, A ^= U, e = e >>> 8 | e << 24, e += v | 0, e ^= x + 3462, v = v << 3 | v >>> 29, v ^= e;
            return [A >>> 24 & 255, A >>> 16 & 255, A >>> 8 & 255, A >>> 0 & 255, U >>> 24 & 255, U >>> 16 & 255, U >>> 8 & 255, U >>> 0 & 255]
        },
        Rh = function(U, v, A, x) {
            try {
                x = U[((v | 0) + 2) % 3], U[v] = (U[v] | 0) - (U[((v | 0) + 1) % 3] | 0) - (x | 0) ^ (1 == v ? x << A : x >>> A)
            } catch (e) {
                throw e;
            }
        },
        Qg = function(U, v) {
            return U(function(A) {
                A(v)
            }), [function() {
                return v
            }]
        },
        K = function(U, v) {
            U.A = ((U.A ? U.A + "~" : "E:") + v.message + ":" + v.stack).slice(0, 2048)
        },
        bX = function(U, v, A, x) {
            function e() {}
            return x = uX(U, function(C) {
                e && (v && FV(v), A = C, e(), e = void 0)
            }, (A = void 0, !!v))[0], {
                invoke: function(C, J, r, N) {
                    function O() {
                        A(function(l) {
                            FV(function() {
                                C(l)
                            })
                        }, r)
                    }
                    if (!J) return J = x(r), C && C(J), J;
                    A ? O() : (N = e, e = function() {
                        (N(), FV)(O)
                    })
                }
            }
        },
        E = function(U, v) {
            if ((v = v.B[U], void 0) === v) throw [P, 30, U];
            if (v.value) return v.create();
            return v.create(3 * U * U + 32 * U + 97), v.prototype
        },
        UK = function(U) {
            return U
        },
        n = this || self,
        Ih = function(U, v, A, x, e, C) {
            for (x = (v = (((A = (C = U[Gh] || {}, S)(U), C).Al = S(U), C).S = [], U.P) == U ? (Q(U) | 0) - 1 : 1, S)(U), e = 0; e < v; e++) C.S.push(S(U));
            for (C.Bx = E(x, U); v--;) C.S[v] = E(C.S[v], U);
            return C.I = E(A, U), C
        },
        Z_ = function(U, v) {
            ((v.push(U[0] << 24 | U[1] << 16 | U[2] << 8 | U[3]), v).push(U[4] << 24 | U[5] << 16 | U[6] << 8 | U[7]), v).push(U[8] << 24 | U[9] << 16 | U[10] << 8 | U[11])
        },
        cF = function(U, v, A) {
            return U.s(function(x) {
                A = x
            }, false, v), A
        },
        h = function(U, v, A, x, e, C) {
            if (v.P == v)
                for (e = E(U, v), 491 == U ? (U = function(J, r, N, O) {
                        if (e.k5 != (r = (O = e.length, (O | 0) - 4 >> 3), r)) {
                            r = (r << (N = [0, 0, C[1], (e.k5 = r, C[2])], 3)) - 4;
                            try {
                                e.Q8 = Sr(A4(e, (r | 0) + 4), N, A4(e, r))
                            } catch (l) {
                                throw l;
                            }
                        }
                        e.push(e.Q8[O & 7] ^ J)
                    }, C = E(217, v)) : U = function(J) {
                        e.push(J)
                    }, x && U(x & 255), v = 0, x = A.length; v < x; v++) U(A[v])
        },
        X = function(U, v, A) {
            if (403 == U || 105 == U) v.B[U] ? v.B[U].concat(A) : v.B[U] = mv(A, v);
            else {
                if (v.O && 495 != U) return;
                220 == U || 491 == U || 51 == U || 52 == U || 217 == U ? v.B[U] || (v.B[U] = Nn(62, A, v, U)) : v.B[U] = Nn(97, A, v, U)
            }
            495 == U && (v.v = Z(v, 32, false), v.l = void 0)
        },
        L = function(U, v) {
            v.u.splice(0, 0, U)
        },
        qn = function(U, v) {
            return (v = Q(U), v) & 128 && (v = v & 127 | Q(U) << 7), v
        },
        FV = n.requestIdleCallback ? function(U) {
            requestIdleCallback(function() {
                U()
            }, {
                timeout: 4
            })
        } : n.setImmediate ? function(U) {
            setImmediate(U)
        } : function(U) {
            setTimeout(U, 0)
        },
        yg = function(U, v, A, x) {
            for (; U.u.length;) {
                U.J = null, x = U.u.pop();
                try {
                    A = Cw(U, x)
                } catch (e) {
                    K(U, e)
                }
                if (v && U.J) {
                    (v = U.J, v)(function() {
                        I(true, true, U)
                    });
                    break
                }
            }
            return A
        },
        B, ah = function(U, v, A, x, e) {
            h(((A = E((A = S((e = U & 4, U &= 3, v)), x = S(v), A), v), e && (A = pw("" + A)), U) && h(x, v, H(2, A.length)), x), v, A)
        },
        d = function(U, v, A, x, e, C) {
            if (!v.O) {
                if ((U = (0 == (x = E(52, ((C = void 0, A) && A[0] === P && (U = A[1], C = A[2], A = void 0), v)), x.length) && (e = E(105, v) >> 3, x.push(U, e >> 8 & 255, e & 255), void 0 != C && x.push(C & 255)), ""), A && (A.message && (U += A.message), A.stack && (U += ":" + A.stack)), A = E(4, v), 3) < A) {
                    v.P = (C = (U = (A -= ((U = U.slice(0, (A | 0) - 3), U).length | 0) + 3, pw)(U), v.P), v);
                    try {
                        h(491, v, H(2, U.length).concat(U), 9)
                    } finally {
                        v.P = C
                    }
                }
                X(4, v, A)
            }
        },
        H = function(U, v, A, x) {
            for (x = (U | 0) - (A = [], 1); 0 <= x; x--) A[(U | 0) - 1 - (x | 0)] = v >> 8 * x & 255;
            return A
        },
        S = function(U, v) {
            if (U.i) return Vg(U.g, U);
            return (v = Z(U, 8, true), v & 128) && (v ^= 128, U = Z(U, 2, true), v = (v << 2) + (U | 0)), v
        },
        q = {
            passive: true,
            capture: true
        },
        uX = function(U, v, A, x) {
            return (x = g[U.substring(0, 3) + "_"]) ? x(U.substring(3), v, A) : Qg(v, U)
        },
        pw = function(U, v, A, x, e) {
            for (e = (U = U.replace(/\r\n/g, "\n"), A = v = 0, []); A < U.length; A++) x = U.charCodeAt(A), 128 > x ? e[v++] = x : (2048 > x ? e[v++] = x >> 6 | 192 : (55296 == (x & 64512) && A + 1 < U.length && 56320 == (U.charCodeAt(A + 1) & 64512) ? (x = 65536 + ((x & 1023) << 10) + (U.charCodeAt(++A) & 1023), e[v++] = x >> 18 | 240, e[v++] = x >> 12 & 63 | 128) : e[v++] = x >> 12 | 224, e[v++] = x >> 6 & 63 | 128), e[v++] = x & 63 | 128);
            return e
        },
        mv = function(U, v, A) {
            return ((A = V[v.Z](v.Hx), A)[v.Z] = function() {
                return U
            }, A).concat = function(x) {
                U = x
            }, A
        },
        Z = function(U, v, A, x, e, C, J, r, N, O, l, z, k, a) {
            if (N = E(403, U), N >= U.H) throw [P, 31];
            for (l = (z = (r = v, x = U.lG.length, 0), N); 0 < r;) J = l % 8, a = 8 - (J | 0), O = l >> 3, a = a < r ? a : r, k = U.V[O], A && (e = U, e.l != l >> 6 && (e.l = l >> 6, C = E(495, e), e.C = Sr(e.l, [0, 0, C[1], C[2]], e.v)), k ^= U.C[O & x]), l += a, z |= (k >> 8 - (J | 0) - (a | 0) & (1 << a) - 1) << (r | 0) - (a | 0), r -= a;
            return X(403, (A = z, U), (N | 0) + (v | 0)), A
        },
        Gh = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        p = ((Y.prototype.mN = void 0, Y.prototype).U3 = void 0, Y.prototype.Zr = false, []),
        M = (Y.prototype.L = "toString", []),
        fw = [],
        P = {},
        XV = [],
        EK = [],
        c = [],
        D_ = [],
        W = [],
        er = ((((((((Z_, function() {})(R), Rh, function() {})(WF), B = Y.prototype, B.vx = function(U, v, A) {
            return U ^ ((v = (v ^= v << 13, v ^= v >> 17, (v ^ v << 5) & A)) || (v = 1), v)
        }, B).Tk = function(U, v, A, x, e) {
            for (e = x = 0; x < U.length; x++) e += U.charCodeAt(x), e += e << 10, e ^= e >> 6;
            return (U = (e += e << 3, e ^= e >> 11, e + (e << 15)) >>> 0, x = new Number(U & (1 << v) - 1), x)[0] = (U >>> v) % A, x
        }, Y.prototype).Z = "create", B.s = function(U, v, A, x, e) {
            if ((A = "array" === zh(A) ? A : [A], this).A) U(this.A);
            else try {
                x = [], e = !this.u.length, L([p, x, A], this), L([W, U, x], this), v && !e || I(true, v, this)
            } catch (C) {
                K(this, C), U(this.A)
            }
        }, B).y8 = function() {
            return Math.floor(this.R + (this.G() - this.U))
        }, B).ff = function(U, v, A, x, e, C) {
            for (A = (e = C = 0, []); C < U.length; C++)
                for (x = x << v | U[C], e += v; 7 < e;) e -= 8, A.push(x >> e & 255);
            return A
        }, B).G = (window.performance || {}).now ? function() {
            return this.Gk + window.performance.now()
        } : function() {
            return +new Date
        }, void 0),
        V = P.constructor;
    (B.gh = function() {
        return Math.floor(this.G())
    }, Y.prototype).T = function(U, v) {
        return U = {}, er = function() {
                return v == U ? 97 : 61
            }, v = {},
            function(A, x, e, C, J, r, N, O, l, z, k, a, m, y, f) {
                v = (C = v, U);
                try {
                    if (f = A[0], f == c) {
                        a = A[1];
                        try {
                            for (r = atob((x = [], a)), l = O = 0; O < r.length; O++) y = r.charCodeAt(O), 255 < y && (x[l++] = y & 255, y >>= 8), x[l++] = y;
                            X(495, (this.H = (this.V = x, this.V.length << 3), this), [0, 0, 0])
                        } catch (u) {
                            d(17, this, u);
                            return
                        }
                        xc(8001, this)
                    } else if (f == p) A[1].push(E(220, this).length, E(51, this).length, E(4, this), E(491, this).length), X(368, this, A[2]), this.B[458] && r0(8001, E(458, this), this);
                    else {
                        if (f == W) {
                            this.P = (m = H(2, (E(220, (O = A[2], this)).length | 0) + 2), J = this.P, this);
                            try {
                                N = E(52, this), 0 < N.length && h(220, this, H(2, N.length).concat(N), 10), h(220, this, H(1, this.W), 109), h(220, this, H(1, this[W].length)), r = 0, r -= (E(220, this).length | 0) + 5, r += E(109, this) & 2047, z = E(491, this), 4 < z.length && (r -= (z.length | 0) + 3), 0 < r && h(220, this, H(2, r).concat(R(r)), 15), 4 < z.length && h(220, this, H(2, z.length).concat(z), 156)
                            } finally {
                                this.P = J
                            }
                            if (e = (l = R(2).concat(E(220, this)), l[1] = l[0] ^ 6, l[3] = l[1] ^ m[0], l[4] = l[1] ^ m[1], this).iG(l)) e = "!" + e;
                            else
                                for (r = 0, e = ""; r < l.length; r++) k = l[r][this.L](16), 1 == k.length && (k = "0" + k), e += k;
                            return E(491, (E((x = e, 220), this).length = O.shift(), E(51, this).length = O.shift(), X(4, this, O.shift()), this)).length = O.shift(), x
                        }
                        if (f == fw) r0(A[2], A[1], this);
                        else if (f == M) return r0(8001, A[1], this)
                    }
                } finally {
                    v = C
                }
            }
    }();
    var nw, OK = (Y.prototype.hl = (Y.prototype[XV] = [0, 0, 1, 1, 0, 1, 1], Y.prototype.iG = function(U, v, A, x) {
            if (x = window.btoa) {
                for (A = (v = 0, ""); v < U.length; v += 8192) A += String.fromCharCode.apply(null, U.slice(v, v + 8192));
                U = x(A).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else U = void 0;
            return U
        }, Y.prototype.Jl = 0, 0), /./),
        Kw = c.pop.bind(Y.prototype[p]),
        Mn = (nw = lX(Y.prototype.Z, {get: (OK[Y.prototype.L] = Kw, Kw)
        }), Y.prototype.Su = void 0, function(U, v) {
            return (v = vF()) && 1 === U.eval(v.createScript("1")) ? function(A) {
                return v.createScript(A)
            } : function(A) {
                return "" + A
            }
        })(n);
    40 < (g = n.botguard || (n.botguard = {}), g.m) || (g.m = 41, g.bg = bX, g.a = uX), g.qBf_ = function(U, v, A) {
        return A = new Y(U, v), [function(x) {
            return cF(A, x)
        }]
    };
}).call(this);
                                    

#2 JavaScript::Eval (size: 22, repeated: 1) - SHA256: eb3a140c9b84b3b5c69ed2966cf442240e63fc12aaf1e79d0c35aec5b237d9d7

                                        0,
function(C) {
    Lw(C, 1)
}
                                    

#3 JavaScript::Eval (size: 22, repeated: 1) - SHA256: ba41c5348d38a6ebd3399d0378ae76921f287d04f94ff5d93d6709e7f2a962b7

                                        0,
function(C) {
    Lw(C, 2)
}
                                    

#4 JavaScript::Eval (size: 15548, repeated: 1) - SHA256: 1bf232e3afa032afeeb821804dac4bdcfae32c16178d33975a668df67e9d0841

                                        /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var x = function(U, v) {
            if (!(U = (v = null, A.trustedTypes), U) || !U.createPolicy) return v;
            try {
                v = U.createPolicy("bg", {
                    createHTML: J,
                    createScript: J,
                    createScriptURL: J
                })
            } catch (C) {
                A.console && A.console.error(C.message)
            }
            return v
        },
        A = this || self,
        J = function(U) {
            return U
        };
    (0, eval)(function(U, v) {
        return (v = x()) && 1 === U.eval(v.createScript("1")) ? function(C) {
            return v.createScript(C)
        } : function(C) {
            return "" + C
        }
    }(A)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var vF=function(U,v){if(!(U=(v=null,n.trustedTypes),U)||!U.createPolicy)return v;try{v=U.createPolicy("bg",{createHTML:UK,createScript:UK,createScriptURL:UK})}catch(A){n.console&&n.console.error(A.message)}return v},oh=function(U,v,A,x,e,C){function J(){if(v.P==v){if(v.B){var r=[M,x,U,void 0,e,C,arguments];if(2==A)var N=I(false,false,(L(r,v),v));else if(1==A){var O=!v.u.length;L(r,v),O&&I(false,false,v)}else N=Cw(v,r);return N}e&&C&&e.removeEventListener(C,J,q)}}return J},A4=function(U,v){return U[v]<<24|U[(v|0)+1]<<16|U[(v|0)+2]<<8|U[(v|0)+3]},r0=function(U,v,A,x){return(X(403,A,(xc((x=E(403,A),A.V&&x<A.H?(X(403,A,A.H),J4(v,A)):X(403,A,v),U),A),x)),E)(368,A)},Nn=function(U,v,A,x,e,C,J,r){return(v=[60,32,-94,21,71,(J=U&(r=er,7),74),v,90,56,20],C=V[A.Z](A.Px),C[A.Z]=function(N){J+=6+7*(e=N,U),J&=7},C).concat=function(N){return(e=(N=(N=(N=x%16+1,+v[J+43&7]*x*N-1184*x*e+J+37*e*e+(r()|0)*N)+3*x*x*N-111*x*x*e-N*e-3589*e,v[N]),void 0),v)[(J+21&7)+(U&2)]=N,v[J+(U&2)]=32,N},C},kc=function(U,v,A,x,e){for(e=(x=(U.Px=(U.lG=U[U.Mx=(U.pf=nw,OK),W],lX)(U.Z,{get:function(){return this.concat()}}),U.Hx=V[U.Z](U.Px,{value:{value:{}}}),0),[]);128>x;x++)e[x]=String.fromCharCode(x);I(true,true,(L((L((F(260,function(C,J,r,N,O,l,z,k,a,m,y,f){function u(D,b){for(;l<D;)r|=Q(C)<<l,l+=8;return b=r&(l-=D,(1<<D)-1),r>>=D,b}for(k=((l=(a=S(C),r=0),u(3))|0)+1,O=u(5),J=[],z=m=0;z<O;z++)y=u(1),J.push(y),m+=y?0:1;for(z=(m=((m|0)-1).toString(2).length,N=[],0);z<O;z++)J[z]||(N[z]=u(m));for(m=0;m<O;m++)J[m]&&(N[m]=S(C));for(f=[];k--;)f.push(E(S(C),C));F(a,function(D,b,w,T,t){for(w=(T=[],0),b=[];w<O;w++){if(!J[t=N[w],w]){for(;t>=T.length;)T.push(S(D));t=T[t]}b.push(t)}D.g=mv((D.i=mv(f.slice(),D),b),D)},C)},(U.zk=(X(39,(F(153,function(C,J){J4((J=E(S(C),C),J),C.P)},(F(76,((X(23,U,((F(257,(X(220,(F(203,function(C,J,r,N){J=(r=S(C),N=S(C),S(C)),C.P==C&&(J=E(J,C),N=E(N,C),E(r,C)[N]=J,495==r&&(C.l=void 0,2==N&&(C.v=Z(C,32,false),C.l=void 0)))},(F(77,function(C,J,r,N,O,l,z){for(r=(O=(l=E((N=(z=qn((J=S(C),C)),""),48),C),l.length),0);z--;)r=((r|0)+(qn(C)|0))%O,N+=e[l[r]];X(J,C,N)},(F(197,function(C,J){(J=S(C),C=E(J,C.P),C[0]).removeEventListener(C[1],C[2],q)},(F(145,function(C,J,r,N,O,l){if(!G(C,true,J,true)){if("object"==(r=(l=(r=S((O=S((J=(l=S(C),S(C)),C)),C)),J=E(J,C),E(l,C)),E(r,C)),C=E(O,C),zh(l))){for(N in O=[],l)O.push(N);l=O}for(O=(N=0,C=0<C?C:1,l).length;N<O;N+=C)J(l.slice(N,(N|0)+(C|0)),r)}},(F(204,(X(4,(F(146,(F(319,(F(247,function(C,J,r,N,O){X((J=(O=E((N=E((N=(J=(O=S((r=S(C),C)),S(C)),S(C)),N),C),O),C),E)(J,C),r),C,oh(J,C,N,O))},(X(109,U,((X(368,U,(F(42,(X(217,(F(486,(F(55,(F(226,function(C,J,r,N){!G(C,true,J,false)&&(J=Ih(C),N=J.Bx,r=J.I,C.P==C||r==C.nf&&N==C)&&(X(J.Al,C,r.apply(N,J.S)),C.Y=C.G())},(F(308,(F(436,(U.Y5=(F(483,function(C,J,r,N){if(J=C.a1.pop()){for(N=Q(C);0<N;N--)r=S(C),J[r]=C.B[r];C.B=(J[4]=C.B[J[52]=C.B[52],4],J)}else X(403,C,C.H)},(F(405,function(C){jr(4,C)},(F(475,(X(52,(F(64,function(C,J,r){(r=(r=(J=S(C),S)(C),E)(r,C),0)!=E(J,C)&&X(403,C,r)},(X(491,U,(F(460,(F(131,(X(51,U,(X(((X(403,(((U.H=0,U.V8=(U.o=[],U.B=[],U.g=(U.a1=[],U.O=(U.D=0,false),U.N=void 0,void 0),((U.i=void 0,U).A=(x=window.performance||{},void 0),U).U=(U.X=((U.uG=(U.l=void 0,U.j=false,!(U.R=0,1)),U).h=(U.P=U,U.V=(U.J=(U.W=1,null),[]),U.F=[],0),U.C=void 0,8001),U.K=(U.v=void 0,25),U.Y=0,0),0),U).nf=function(C){this.P=C},U.u=[],U).Gk=x.timeOrigin||(x.timing||{}).navigationStart||0,U),0),X)(105,U,0),208),U,U),[])),function(C,J,r,N){(r=E((N=(J=S((r=(N=S(C),S(C)),C)),E(N,C)),r),C),X)(J,C,N[r])}),U),function(C,J,r,N){r=E((J=S((N=S(C),r=S(C),C)),r),C),N=E(N,C)==r,X(J,C,+N)}),U),R(4))),F(478,function(C,J,r,N){X((r=E((J=E((r=S((J=S(C),C)),N=S(C),J),C),r),C),N),C,J in r|0)},U),U)),U),[]),function(C){Lw(C,4)}),U),U)),U)),0),function(){}),U),function(C,J,r,N,O,l){G(C,true,J,false)||(l=Ih(C.P),N=l.Bx,O=l.I,J=l.Al,l=l.S,r=l.length,N=0==r?new N[O]:1==r?new N[O](l[0]):2==r?new N[O](l[0],l[1]):3==r?new N[O](l[0],l[1],l[2]):4==r?new N[O](l[0],l[1],l[2],l[3]):2(),X(J,C,N))}),U),U)),function(C,J,r,N){X((r=S((N=(J=S(C),Q)(C),C)),r),C,E(J,C)>>>N)}),U),function(C){jr(1,C)}),U),U),[0,0,0]),function(C,J,r,N,O){0!==(J=E((N=(r=E((O=(J=(r=(N=(O=S(C),S(C)),S(C)),S)(C),E(O,C.P)),r),C),E)(N,C),J),C),O)&&(J=oh(J,C,1,r,O,N),O.addEventListener(N,J,q),X(39,C,[O,N,J]))}),U),{})),X)(16,U,n),0)),U)),function(C,J,r,N){r=(J=S(C),N=S(C),S)(C),X(r,C,E(J,C)||E(N,C))}),U),function(C,J,r){X((r=(J=(r=S(C),S(C)),r=E(r,C),zh)(r),J),C,r)}),U),U),2048),function(C,J,r){G(C,true,J,false)||(J=S(C),r=S(C),X(r,C,function(N){return eval(N)}(Mn(E(J,C.P)))))}),U),U)),U)),U)),U)),U),[160,0,0]),function(C){ah(4,C)}),U),F)(366,function(C,J,r){X((r=S(C),J=S(C),J),C,""+E(r,C))},U),426)),F)(395,function(C,J,r,N,O){for(r=(O=qn((J=S(C),C)),N=0,[]);N<O;N++)r.push(Q(C));X(J,C,r)},U),F(341,function(C){ah(3,C)},U),U.dh=0,function(C,J,r,N){r=(J=E((N=(J=S(C),S(C)),J),C),E)(N,C),X(N,C,r+J)}),U),U)),U),0),0),U)),[EK]),U),L([c,v],U),[XV,A]),U),U))},Q=function(U){return U.i?Vg(U.g,U):Z(U,8,true)},lX=function(U,v){return V[U](V.prototype,{call:v,floor:v,length:v,document:v,stack:v,replace:v,console:v,splice:v,prototype:v,pop:v,parent:v,propertyIsEnumerable:v})},R=function(U,v){for(v=[];U--;)v.push(255*Math.random()|0);return v},Cw=function(U,v,A,x,e){if(x=v[0],x==p)U.K=25,U.T(v);else if(x==W){A=v[1];try{e=U.A||U.T(v)}catch(C){K(U,C),e=U.A}A(e)}else if(x==fw)U.T(v);else if(x==c)U.T(v);else if(x==XV){try{for(e=0;e<U.o.length;e++)try{A=U.o[e],A[0][A[1]](A[2])}catch(C){}}catch(C){}(0,v[1])(function(C,J){U.s(C,true,J)},(U.o=[],function(C){L([(C=!U.u.length,D_)],U),C&&I(false,true,U)}))}else{if(x==M)return e=v[2],X(345,U,v[6]),X(368,U,e),U.T(v);x==D_?(U.F=[],U.B=null,U.V=[]):x==EK&&"loading"===n.document.readyState&&(U.J=function(C,J){function r(){J||(J=true,C())}(n.document.addEventListener("DOMContentLoaded",(J=false,r),q),n).addEventListener("load",r,q)})}},jr=function(U,v,A,x){h((A=(x=S(v),S(v)),A),v,H(U,E(x,v)))},I=function(U,v,A,x,e,C){if(A.u.length){A.uG=(A.j=!(A.j&&0(),0),v);try{x=A.G(),A.Y=x,A.N=0,A.U=x,C=yg(A,v),e=A.G()-A.U,A.R+=e,e<(U?0:10)||0>=A.K--||(e=Math.floor(e),A.F.push(254>=e?e:254))}finally{A.j=false}return C}},g,WF=function(U,v,A){if(3==U.length){for(A=0;3>A;A++)v[A]+=U[A];for(A=(U=0,[13,8,13,12,16,5,3,10,15]);9>U;U++)v[3](v,U%3,A[U])}},zh=function(U,v,A){if("object"==(v=typeof U,v))if(U){if(U instanceof Array)return"array";if(U instanceof Object)return v;if("[object Window]"==(A=Object.prototype.toString.call(U),A))return"object";if("[object Array]"==A||"number"==typeof U.length&&"undefined"!=typeof U.splice&&"undefined"!=typeof U.propertyIsEnumerable&&!U.propertyIsEnumerable("splice"))return"array";if("[object Function]"==A||"undefined"!=typeof U.call&&"undefined"!=typeof U.propertyIsEnumerable&&!U.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==v&&"undefined"==typeof U.call)return"object";return v},Vg=function(U,v){return(U=U.create().shift(),v.i.create()).length||v.g.create().length||(v.g=void 0,v.i=void 0),U},Lw=function(U,v,A,x){for(A=(x=S(U),0);0<v;v--)A=A<<8|Q(U);X(x,U,A)},Y=function(U,v,A){A=this;try{kc(this,U,v)}catch(x){K(this,x),v(function(e){e(A.A)})}},F=function(U,v,A){v[X(U,A,v),EK]=2796},J4=function(U,v){X(403,v,(v.a1.push(v.B.slice()),v.B[403]=void 0,U))},xc=function(U,v,A,x,e,C){if(!v.A){v.h++;try{for(x=(e=0,A=v.H,void 0);--U;)try{if((C=void 0,v).i)x=Vg(v.i,v);else{if(e=E(403,v),e>=A)break;x=(C=(X(105,v,e),S(v)),E)(C,v)}G(v,(x&&x[D_]&2048?x(v,U):d(0,v,[P,21,C]),false),U,false)}catch(J){E(23,v)?d(22,v,J):X(23,v,J)}if(!U){if(v.Zr){xc(335982656583,(v.h--,v));return}d(0,v,[P,33])}}catch(J){try{d(22,v,J)}catch(r){K(v,r)}}v.h--}},G=function(U,v,A,x,e,C,J,r,N){if(U.W+=(U.P=((e=(r=(J=(C=(N=(v||U.N++,0<U.D&&U.j&&U.uG&&1>=U.h&&!U.i&&!U.J&&(!v||1<U.X-A)&&0==document.hidden),4==U.N))||N?U.G():U.Y,J)-U.Y,r>>14),U).v&&(U.v^=e*(r<<2)),e)||U.P,e),C||N)U.Y=J,U.N=0;if(!N||J-U.U<U.D-(x?255:v?5:2))return false;return!(((X(403,(x=E(v?105:403,(U.X=A,U)),U),U.H),U).u.push([fw,x,v?A+1:A]),U).J=FV,0)},Sr=function(U,v,A,x,e){for(v=(e=v[3]|0,v[2]|0),x=0;14>x;x++)U=U>>>8|U<<24,U+=A|0,U^=v+3462,A=A<<3|A>>>29,A^=U,e=e>>>8|e<<24,e+=v|0,e^=x+3462,v=v<<3|v>>>29,v^=e;return[A>>>24&255,A>>>16&255,A>>>8&255,A>>>0&255,U>>>24&255,U>>>16&255,U>>>8&255,U>>>0&255]},Rh=function(U,v,A,x){try{x=U[((v|0)+2)%3],U[v]=(U[v]|0)-(U[((v|0)+1)%3]|0)-(x|0)^(1==v?x<<A:x>>>A)}catch(e){throw e;}},Qg=function(U,v){return U(function(A){A(v)}),[function(){return v}]},K=function(U,v){U.A=((U.A?U.A+"~":"E:")+v.message+":"+v.stack).slice(0,2048)},bX=function(U,v,A,x){function e(){}return x=uX(U,function(C){e&&(v&&FV(v),A=C,e(),e=void 0)},(A=void 0,!!v))[0],{invoke:function(C,J,r,N){function O(){A(function(l){FV(function(){C(l)})},r)}if(!J)return J=x(r),C&&C(J),J;A?O():(N=e,e=function(){(N(),FV)(O)})}}},E=function(U,v){if((v=v.B[U],void 0)===v)throw[P,30,U];if(v.value)return v.create();return v.create(3*U*U+32*U+97),v.prototype},UK=function(U){return U},n=this||self,Ih=function(U,v,A,x,e,C){for(x=(v=(((A=(C=U[Gh]||{},S)(U),C).Al=S(U),C).S=[],U.P)==U?(Q(U)|0)-1:1,S)(U),e=0;e<v;e++)C.S.push(S(U));for(C.Bx=E(x,U);v--;)C.S[v]=E(C.S[v],U);return C.I=E(A,U),C},Z_=function(U,v){((v.push(U[0]<<24|U[1]<<16|U[2]<<8|U[3]),v).push(U[4]<<24|U[5]<<16|U[6]<<8|U[7]),v).push(U[8]<<24|U[9]<<16|U[10]<<8|U[11])},cF=function(U,v,A){return U.s(function(x){A=x},false,v),A},h=function(U,v,A,x,e,C){if(v.P==v)for(e=E(U,v),491==U?(U=function(J,r,N,O){if(e.k5!=(r=(O=e.length,(O|0)-4>>3),r)){r=(r<<(N=[0,0,C[1],(e.k5=r,C[2])],3))-4;try{e.Q8=Sr(A4(e,(r|0)+4),N,A4(e,r))}catch(l){throw l;}}e.push(e.Q8[O&7]^J)},C=E(217,v)):U=function(J){e.push(J)},x&&U(x&255),v=0,x=A.length;v<x;v++)U(A[v])},X=function(U,v,A){if(403==U||105==U)v.B[U]?v.B[U].concat(A):v.B[U]=mv(A,v);else{if(v.O&&495!=U)return;220==U||491==U||51==U||52==U||217==U?v.B[U]||(v.B[U]=Nn(62,A,v,U)):v.B[U]=Nn(97,A,v,U)}495==U&&(v.v=Z(v,32,false),v.l=void 0)},L=function(U,v){v.u.splice(0,0,U)},qn=function(U,v){return(v=Q(U),v)&128&&(v=v&127|Q(U)<<7),v},FV=n.requestIdleCallback?function(U){requestIdleCallback(function(){U()},{timeout:4})}:n.setImmediate?function(U){setImmediate(U)}:function(U){setTimeout(U,0)},yg=function(U,v,A,x){for(;U.u.length;){U.J=null,x=U.u.pop();try{A=Cw(U,x)}catch(e){K(U,e)}if(v&&U.J){(v=U.J,v)(function(){I(true,true,U)});break}}return A},B,ah=function(U,v,A,x,e){h(((A=E((A=S((e=U&4,U&=3,v)),x=S(v),A),v),e&&(A=pw(""+A)),U)&&h(x,v,H(2,A.length)),x),v,A)},d=function(U,v,A,x,e,C){if(!v.O){if((U=(0==(x=E(52,((C=void 0,A)&&A[0]===P&&(U=A[1],C=A[2],A=void 0),v)),x.length)&&(e=E(105,v)>>3,x.push(U,e>>8&255,e&255),void 0!=C&&x.push(C&255)),""),A&&(A.message&&(U+=A.message),A.stack&&(U+=":"+A.stack)),A=E(4,v),3)<A){v.P=(C=(U=(A-=((U=U.slice(0,(A|0)-3),U).length|0)+3,pw)(U),v.P),v);try{h(491,v,H(2,U.length).concat(U),9)}finally{v.P=C}}X(4,v,A)}},H=function(U,v,A,x){for(x=(U|0)-(A=[],1);0<=x;x--)A[(U|0)-1-(x|0)]=v>>8*x&255;return A},S=function(U,v){if(U.i)return Vg(U.g,U);return(v=Z(U,8,true),v&128)&&(v^=128,U=Z(U,2,true),v=(v<<2)+(U|0)),v},q={passive:true,capture:true},uX=function(U,v,A,x){return(x=g[U.substring(0,3)+"_"])?x(U.substring(3),v,A):Qg(v,U)},pw=function(U,v,A,x,e){for(e=(U=U.replace(/\\r\\n/g,"\\n"),A=v=0,[]);A<U.length;A++)x=U.charCodeAt(A),128>x?e[v++]=x:(2048>x?e[v++]=x>>6|192:(55296==(x&64512)&&A+1<U.length&&56320==(U.charCodeAt(A+1)&64512)?(x=65536+((x&1023)<<10)+(U.charCodeAt(++A)&1023),e[v++]=x>>18|240,e[v++]=x>>12&63|128):e[v++]=x>>12|224,e[v++]=x>>6&63|128),e[v++]=x&63|128);return e},mv=function(U,v,A){return((A=V[v.Z](v.Hx),A)[v.Z]=function(){return U},A).concat=function(x){U=x},A},Z=function(U,v,A,x,e,C,J,r,N,O,l,z,k,a){if(N=E(403,U),N>=U.H)throw[P,31];for(l=(z=(r=v,x=U.lG.length,0),N);0<r;)J=l%8,a=8-(J|0),O=l>>3,a=a<r?a:r,k=U.V[O],A&&(e=U,e.l!=l>>6&&(e.l=l>>6,C=E(495,e),e.C=Sr(e.l,[0,0,C[1],C[2]],e.v)),k^=U.C[O&x]),l+=a,z|=(k>>8-(J|0)-(a|0)&(1<<a)-1)<<(r|0)-(a|0),r-=a;return X(403,(A=z,U),(N|0)+(v|0)),A},Gh=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),p=((Y.prototype.mN=void 0,Y.prototype).U3=void 0,Y.prototype.Zr=false,[]),M=(Y.prototype.L="toString",[]),fw=[],P={},XV=[],EK=[],c=[],D_=[],W=[],er=((((((((Z_,function(){})(R),Rh,function(){})(WF),B=Y.prototype,B.vx=function(U,v,A){return U^((v=(v^=v<<13,v^=v>>17,(v^v<<5)&A))||(v=1),v)},B).Tk=function(U,v,A,x,e){for(e=x=0;x<U.length;x++)e+=U.charCodeAt(x),e+=e<<10,e^=e>>6;return(U=(e+=e<<3,e^=e>>11,e+(e<<15))>>>0,x=new Number(U&(1<<v)-1),x)[0]=(U>>>v)%A,x},Y.prototype).Z="create",B.s=function(U,v,A,x,e){if((A="array"===zh(A)?A:[A],this).A)U(this.A);else try{x=[],e=!this.u.length,L([p,x,A],this),L([W,U,x],this),v&&!e||I(true,v,this)}catch(C){K(this,C),U(this.A)}},B).y8=function(){return Math.floor(this.R+(this.G()-this.U))},B).ff=function(U,v,A,x,e,C){for(A=(e=C=0,[]);C<U.length;C++)for(x=x<<v|U[C],e+=v;7<e;)e-=8,A.push(x>>e&255);return A},B).G=(window.performance||{}).now?function(){return this.Gk+window.performance.now()}:function(){return+new Date},void 0),V=P.constructor;(B.gh=function(){return Math.floor(this.G())},Y.prototype).T=function(U,v){return U={},er=function(){return v==U?97:61},v={},function(A,x,e,C,J,r,N,O,l,z,k,a,m,y,f){v=(C=v,U);try{if(f=A[0],f==c){a=A[1];try{for(r=atob((x=[],a)),l=O=0;O<r.length;O++)y=r.charCodeAt(O),255<y&&(x[l++]=y&255,y>>=8),x[l++]=y;X(495,(this.H=(this.V=x,this.V.length<<3),this),[0,0,0])}catch(u){d(17,this,u);return}xc(8001,this)}else if(f==p)A[1].push(E(220,this).length,E(51,this).length,E(4,this),E(491,this).length),X(368,this,A[2]),this.B[458]&&r0(8001,E(458,this),this);else{if(f==W){this.P=(m=H(2,(E(220,(O=A[2],this)).length|0)+2),J=this.P,this);try{N=E(52,this),0<N.length&&h(220,this,H(2,N.length).concat(N),10),h(220,this,H(1,this.W),109),h(220,this,H(1,this[W].length)),r=0,r-=(E(220,this).length|0)+5,r+=E(109,this)&2047,z=E(491,this),4<z.length&&(r-=(z.length|0)+3),0<r&&h(220,this,H(2,r).concat(R(r)),15),4<z.length&&h(220,this,H(2,z.length).concat(z),156)}finally{this.P=J}if(e=(l=R(2).concat(E(220,this)),l[1]=l[0]^6,l[3]=l[1]^m[0],l[4]=l[1]^m[1],this).iG(l))e="!"+e;else for(r=0,e="";r<l.length;r++)k=l[r][this.L](16),1==k.length&&(k="0"+k),e+=k;return E(491,(E((x=e,220),this).length=O.shift(),E(51,this).length=O.shift(),X(4,this,O.shift()),this)).length=O.shift(),x}if(f==fw)r0(A[2],A[1],this);else if(f==M)return r0(8001,A[1],this)}}finally{v=C}}}();var nw,OK=(Y.prototype.hl=(Y.prototype[XV]=[0,0,1,1,0,1,1],Y.prototype.iG=function(U,v,A,x){if(x=window.btoa){for(A=(v=0,"");v<U.length;v+=8192)A+=String.fromCharCode.apply(null,U.slice(v,v+8192));U=x(A).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else U=void 0;return U},Y.prototype.Jl=0,0),/./),Kw=c.pop.bind(Y.prototype[p]),Mn=(nw=lX(Y.prototype.Z,{get:(OK[Y.prototype.L]=Kw,Kw)}),Y.prototype.Su=void 0,function(U,v){return(v=vF())&&1===U.eval(v.createScript("1"))?function(A){return v.createScript(A)}:function(A){return""+A}})(n);40<(g=n.botguard||(n.botguard={}),g.m)||(g.m=41,g.bg=bX,g.a=uX),g.qBf_=function(U,v,A){return A=new Y(U,v),[function(x){return cF(A,x)}]};}).call(this);'));
}).call(this);
                                    

#5 JavaScript::Eval (size: 64, repeated: 1) - SHA256: 87c99b9a88a42ee46bbe6ce447b600a1653142b3ebb7b9ed96bc786f7a99d488

                                        0,
function(C, J, r) {
    X((J = (r = (J = S(C), S)(C), C.B[J]) && E(J, C), r), C, J)
}
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 96, repeated: 1) - SHA256: 63fbe184fbb505dfd393d0292e5d1ee5f55922728fe59eef5b3d73818d6a9384

                                        < script type = 'text/javascript'
src = 'https://secure.statcounter.com/counter/counter.js' > < /script>
                                    


HTTP Transactions (49)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: ncpine.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         3.19.116.195
HTTP/1.1 302 Found
                                        
content-length: 0
date: Tue, 04 Oct 2022 14:45:27 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=ncpine.com


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 13:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WwSgvyq3iKVMFDXCv1tlWSm1VOvsRVXRsLqaWe5o1ZqWdq_p974HTw==
Age: 3504


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8413
Expires: Tue, 04 Oct 2022 17:05:41 GMT
Date: Tue, 04 Oct 2022 14:45:28 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _1GbGV1xCjk0L9kbCAerZRqPkulUSVXDweTEaG90QcS_iyCvDX3HHQ==
age: 33421
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 14:45:28 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /images/hdv3-img/escrow.png HTTP/1.1 
Host: static.hugedomains.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; _gid=GA1.2.1796505141.1664894452; sc_is_visitor_unique=rx5694535.1664894552.A6FC6F7B0E844FA056AA6FAA902E9B06.3.3.3.3.3.3.2.2.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.7.37
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 04 Oct 2022 14:45:28 GMT
content-length: 2799
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=5589
etag: "ece634d6b75ed61:0"
last-modified: Mon, 20 Jul 2020 17:04:31 GMT
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 1140
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvgFqln4loZ776VrGqEajM%2F5nIElVSOL5V5q4v5RDTwiZnjWGFKUDPEibGaGRAZqKqcw%2FbfUp0mgPVlb1Xl4gLqpddzK9HkuWx0IGoqDiwvstedSYqsy5kdS1pWPC93CgofDQNFYV%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754eb3956b96b51d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 196 x 47, 8-bit gray+alpha, non-interlaced\012- data
Size:   2799
Md5:    5e3fff838a9aa2ef46e2e4d9fe13ab85
Sha1:   a6ea4b142dd129e28d02ecc0dc59edade1976376
Sha256: bbb3555394a1e45cb61c59281716bf177f29a026efef4750eed9c8a21b838765
                                        
                                            GET /images/hdv3-img/phone-icon.png HTTP/1.1 
Host: static.hugedomains.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; _gid=GA1.2.1796505141.1664894452; sc_is_visitor_unique=rx5694535.1664894552.A6FC6F7B0E844FA056AA6FAA902E9B06.3.3.3.3.3.3.2.2.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.7.37
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 04 Oct 2022 14:45:28 GMT
content-length: 743
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=2415
etag: "524238d6b75ed61:0"
last-modified: Mon, 20 Jul 2020 17:04:32 GMT
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6357
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ooky%2BZus%2BrgkBTf%2B8wHaOlSeIDD1T75GJcHyg0nWU%2FB6H3TXQTpgs6%2B5Tta5e4IrIJuiRcXxWAHW04caUGjvGYywEeHVGQctEU5jUKpMS7C56F5pHWMkN6DVLlN%2FqSZdIqP9AoVtCiU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754eb3956b87b51d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 22 x 22, 8-bit gray+alpha, non-interlaced\012- data
Size:   743
Md5:    bd361461dbc83db995e644e42e59dca9
Sha1:   7d3d5350646382e10d1fd84a3489d2eec7f1c651
Sha256: 4e5d6e60573346e0eb3e8368ca629af38d0d59f4e51f750724e7f95f8be5917e
                                        
                                            GET /images/hdv3-img/logo.png HTTP/1.1 
Host: static.hugedomains.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; _gid=GA1.2.1796505141.1664894452; sc_is_visitor_unique=rx5694535.1664894552.A6FC6F7B0E844FA056AA6FAA902E9B06.3.3.3.3.3.3.2.2.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.7.37
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 04 Oct 2022 14:45:28 GMT
content-length: 4310
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=6473
etag: "32f437d6b75ed61:0"
last-modified: Mon, 20 Jul 2020 17:04:32 GMT
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 1140
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TX%2BCMu%2FHFOXV%2FGc5zqgI4ko6wVV5J2haWhlPRuBRMPUJP4t928OFg%2FttyQ0Phfi3lU2Xevx6nRN0QqRwqMyA5mMYFr25B3MAOHusSEhNW2e0%2Ba%2F5kaEGzodpIj3GDtJKEvE14p2dctg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754eb3956b79b51d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 237 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size:   4310
Md5:    c6585d35dbe66427d2971405193e3420
Sha1:   88f0c9cc830f31e475aa5040a44c959b6e5b309a
Sha256: b7538e415e50685e667d23705f5513c5770ae627e849bd1ea3c98f5abaf336c8
                                        
                                            GET /images/hdv3-img/geo.png HTTP/1.1 
Host: static.hugedomains.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; _gid=GA1.2.1796505141.1664894452; sc_is_visitor_unique=rx5694535.1664894552.A6FC6F7B0E844FA056AA6FAA902E9B06.3.3.3.3.3.3.2.2.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.7.37
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 04 Oct 2022 14:45:28 GMT
content-length: 2578
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=5035
etag: "741f36d6b75ed61:0"
last-modified: Mon, 20 Jul 2020 17:04:31 GMT
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 1140
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cw%2BT8KahKLXHblNK2BAzUzK499jJ3LljH%2BTGvKQhpJGFYYr6pJghYz%2B6JvK2EWflHdM0QV5yZY4me752etI2L4MmJMRtlJ8fQ2a1r60a9XrSbPGSOtO0EOiQC%2BXs4GgNcRtE3r4a2ow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754eb3957b9bb51d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 166 x 36, 8-bit gray+alpha, non-interlaced\012- data
Size:   2578
Md5:    1aceace0b63ef3e4cf3a349b83f5725b
Sha1:   fede44a511cbb7a94be77c6a3fbaf05c0ac735e9
Sha256: 7185ad18f6d3ea3d12c0a64a084a4bc570ba2e79ed46a1fb3427a4c29ca9bb20
                                        
                                            GET /images/hdv3-img/care.png HTTP/1.1 
Host: static.hugedomains.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; _gid=GA1.2.1796505141.1664894452; sc_is_visitor_unique=rx5694535.1664894552.A6FC6F7B0E844FA056AA6FAA902E9B06.3.3.3.3.3.3.2.2.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.7.37
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 04 Oct 2022 14:45:28 GMT
content-length: 708
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=1906
etag: "a9c92cd6b75ed61:0"
last-modified: Mon, 20 Jul 2020 17:04:31 GMT
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 1140
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTlyha4dVROEeKPYc1C6xozt1w0cS7g4wvz3e11pv4TyhKPN%2FNXfdtufbw%2F%2B3v4or9NMadW45nl3Xn0HG5otDZL8DryTr9JZH%2BCaR%2FqvFINV%2FLXddKbT%2BEvt9FanP5uQRqfgYPTzFg4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754eb3956b8cb51d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 46 x 47, 8-bit gray+alpha, non-interlaced\012- data
Size:   708
Md5:    3ceb91c3c875ca5750c7aadf7e4ece6c
Sha1:   041a428a64ee9d32d6da4befacf6d8e5e3f5e436
Sha256: 3ec2212fc76e58ec342024869548e63c5a954162535572610a184aa0690577c8
                                        
                                            GET /images/hdv3-img/guarant-footer.png HTTP/1.1 
Host: static.hugedomains.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; _gid=GA1.2.1796505141.1664894452; sc_is_visitor_unique=rx5694535.1664894552.A6FC6F7B0E844FA056AA6FAA902E9B06.3.3.3.3.3.3.2.2.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.7.37
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 04 Oct 2022 14:45:28 GMT
content-length: 1507
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=3413
etag: "8d4636d6b75ed61:0"
last-modified: Mon, 20 Jul 2020 17:04:31 GMT
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 1140
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcaEh8YrtBUJhjfbusaw1g3wEKbo6SxxkFUs0qW5qR6kCKycSiEw7Fa8SO7nyjmxGTwZDTBO2ftPoVFuR8tLxCzI%2BZIXFVj0BaFZCqetrs%2Bn%2B2tzO8PT74cu6CMn89dPqGPS5vXdsfY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754eb3956b91b51d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 37 x 47, 8-bit gray+alpha, non-interlaced\012- data
Size:   1507
Md5:    e527bd653c6ab12a65243ea7b6090d60
Sha1:   6f4cecd8c8d38e340a81295606d4faa28d34d0a7
Sha256: 397380d4c94183937f67dc28fc89697fadef075f66e637080ec71545b07d65f1
                                        
                                            GET /gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 3.5.7
x-jsd-version-type: version
etag: W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 04 Oct 2022 14:45:28 GMT
age: 13880234
x-served-by: cache-fra19160-FRA, cache-bma1650-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3096
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12795), with no line terminators
Size:   3096
Md5:    18b46dae08e98971b16123ea48913d23
Sha1:   e0a1aa82445a38538413b488924613c44861c59d
Sha256: 62c06f2ea24cfdf0003164fca05560cc8b5333f6ef312016458e05ecbb7c8f62
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 14:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 14:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 14:45:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "0DA95D29A28D78107E5635B303E309271976CA34"
Expires: Wed, 05 Oct 2022 01:00:00 GMT
Last-Modified: Tue, 04 Oct 2022 13:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2957
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb396285b0afe-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    41e325a363d4bad6e4f0c4d32f859923
Sha1:   57fb161f3b61a8b33aae94c4d43d54889c210f81
Sha256: 3e7d6c8d16338202f4736cd5e578f23e5f1cb7d9f849514a98e5212d43911bb4
                                        
                                            GET /recaptcha/api.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Tue, 04 Oct 2022 14:45:28 GMT
date: Tue, 04 Oct 2022 14:45:28 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (850), with no line terminators
Size:   555
Md5:    e75e7b4c9bf71c4a14d5e1d1946b161a
Sha1:   36148f31ea702a23a3f0dafd907a9069234021e7
Sha256: e43b40968f165ec7b121020103aa40529d891aa2d03ead26ed47adefc4d6ab6d
                                        
                                            GET /gtag/js?id=UA-7117339-4 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 14:45:28 GMT
expires: Tue, 04 Oct 2022 14:45:28 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42409
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   42409
Md5:    5c12f197841c8aa06bc144d633a805a1
Sha1:   1cd20ba01152240bb6bb529d004b5883c4f6afbe
Sha256: 11d8a4406da4cd71d9714660aa045d9ded2501488178095e57bdc95ed8cc00e0
                                        
                                            GET /zyw6mds.css HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.hugedomains.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.186
HTTP/2 200 OK
content-type: text/css;charset=utf-8
                                        
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 588
date: Tue, 04 Oct 2022 14:45:28 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (516)
Size:   588
Md5:    79acdfd15125acfe766f860f0685b52f
Sha1:   05ff60088da4d12ca19317d6c20a2c700f24e1b3
Sha256: e517920dfc67f60d71fabf6eabe1af66fd1e303dc4f161f1f14fe2190936826d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 14:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /p.css?s=1&k=zyw6mds&ht=tk&f=40411&a=11744788&app=typekit&e=css HTTP/1.1 
Host: p.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         23.36.76.186
HTTP/2 200 OK
content-type: text/css
                                        
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Tue, 04 Oct 2022 14:45:28 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   5
Md5:    83d24d4b43cc7eef2b61e66c95f3d158
Sha1:   f0cafc285ee23bb6c28c5166f305493c4331c84d
Sha256: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 14:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 14:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 14:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /af/a91117/00000000000000003b9b257c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hugedomains.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.186
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 19608
etag: "98e73879b397d0b98b8a96538c3271fce677cf5c"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 04 Oct 2022 14:45:28 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 19608, version 1.0\012- data
Size:   19608
Md5:    067422192cbb34922cab0a5cf0614816
Sha1:   f019792c33d128b074a639935cba0b585f5beb0e
Sha256: cfa0e92aa58452201274b8ef57ba1066a5465809a6937a24ee224052ca6d71e0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 14:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664884800 HTTP/1.1 
Host: www.hugedomains.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: site_version_phase=108; site_version=HDv3; HD=5AF5169D45CF49129DAECA323D08C2B0050; _ga=GA1.2.1987687633.1654109076; HDS=CF007C19EBF336E7781E2D34C1192F5621074E6A28B450787663CB58260A1DED191BFFEE1D7EDE0DAF670BED68273848; _gid=GA1.2.1796505141.1664894452; sc_is_visitor_unique=rx5694535.1664894728.A6FC6F7B0E844FA056AA6FAA902E9B06.3.3.3.3.3.3.2.2.2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.7.37
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Tue, 04 Oct 2022 14:45:28 GMT
cache-control: max-age=14400, public
x-control-type-options: nosniff
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gAx2uSJWCylKRF7ABgW8O52RQ%2FjEpr8IW%2FfWLsA7yjop7KZR%2BGv2w%2BT6HVmCTmDkBCNez4tQZPJjDM0MJ6qbXmfdgpF23fdxU0HsMiIu8myoRxYp%2BiWuc9%2B6a6shL7dT%2BCvrdmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754eb3975effb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47089), with no line terminators
Size:   15865
Md5:    df62ed6d13932cee1cad669d42ecef58
Sha1:   089308b6501a3f084cc4254ba5250dbfbfa665d4
Sha256: 33054783b883411ecbfda1b8289e37bcc7fba5f4284adcb1fbcf0a04a0f8d411
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5200
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 14:45:29 GMT
Last-Modified: Tue, 04 Oct 2022 13:18:49 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 14:45:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2/YgCLZ8kqcz0l+cp/KrIg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.43.61.95
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FCFPTjDqYwXTdQ9OX8Xh7crd9nc=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 14:45:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8877
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:45:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8877
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:45:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8877
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:45:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8877
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:45:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8877
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:45:30 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 61270
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4858
Md5:    6779181f9c06975f2a662da743893939
Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2
Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 61270
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:51 GMT
age: 36159
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bf68975-a099-4d4b-9abd-6e684653439d.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10878
x-amzn-requestid: a849d918-ec40-47d4-93cb-e938b010bd50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpJKGAPIAMFSiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556d-242a8d2208b6574c34063c1f;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7ZaoEBhn_F_zDvoalcEpb4PtdGMuU9stAktSCviy5SsaaBaxYUJ6Fg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 61270
etag: "d893d8035379e06e53e365b9f47f5da40bff932b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10878
Md5:    f62719b24a32198c6f462a0a0412ac98
Sha1:   d893d8035379e06e53e365b9f47f5da40bff932b
Sha256: ca863affca1559e92e415a4de2e78e4b4c1ec4cf8e8549693499c6f79bd27975
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 61257
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5504
Md5:    6c6882c60d7ca6f918c77104e3ad1d52
Sha1:   20ef861be49c652a938e0145e4ca3a60159367e2
Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 44jC1Ww19YUJjZHw9_3cSSR5Y7nw5df412G-RxWFTcbRz1XDKaT3zQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:35 GMT
age: 61255
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11955
Md5:    54b3ef7aa50273b78b59c24511b0c1f9
Sha1:   e2ea2ef6805e391c497e62e101e76a0bdecfce64
Sha256: 296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.hugedomains.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/domain_profile.cfm?d=ncpine.com
Cookie: site_version_phase=108; site_version=HDv3; HD=5AF5169D45CF49129DAECA323D08C2B0050; _ga=GA1.2.1987687633.1654109076; HDS=CF007C19EBF336E7781E2D34C1192F5621074E6A28B450787663CB58260A1DED191BFFEE1D7EDE0DAF670BED68273848; _gid=GA1.2.1796505141.1664894452; sc_is_visitor_unique=rx5694535.1664894728.A6FC6F7B0E844FA056AA6FAA902E9B06.3.3.3.3.3.3.2.2.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.7.37
HTTP/2 200 OK
content-type: image/x-icon
                                        
date: Tue, 04 Oct 2022 14:45:29 GMT
cache-control: private
last-modified: Mon, 20 Jul 2020 17:04:28 GMT
etag: W/"036d5d3b75ed61:0"
access-control-allow-origin: *
x-lbdetail: nonimg 1150 ctimage/x-icon
x-powered-by: ASP.NET
lb: TclPrdLbHd1
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2I1mTbgI4ylkhr06K%2BTv6sERBafwRskJvxeEHrz4UCt0Pktf7LI9R9PkU6JdWodS%2FumnvpQWfMoeYks1WpKRrbTlgnvqLqWSMp4UKTjjSfDCpKQpYiGVKJ7fiwdWmigJXKQMD0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754eb3976f12b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /domain_profile.cfm?d=ncpine.com HTTP/1.1 
Host: www.hugedomains.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: site_version_phase=108; site_version=HDv3; HD=5AF5169D45CF49129DAECA323D08C2B0050; _ga=GA1.2.1987687633.1654109076; HDS=CF007C19EBF336E7781E2D34C1192F5621074E6A28B450787663CB58260A1DED191BFFEE1D7EDE0DAF670BED68273848; _gid=GA1.2.1796505141.1664894452; sc_is_visitor_unique=rx5694535.1664894552.A6FC6F7B0E844FA056AA6FAA902E9B06.3.3.3.3.3.3.2.2.2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.26.7.37
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Tue, 04 Oct 2022 14:45:28 GMT
cache-control: private
vary: Accept-Encoding
set-cookie: captcha-tracker=; expires=Mon, 03-Oct-2022 14:45:28 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTmbDvis1iFKrsEjJqKJA8kdUQtgU%2B7zAOiMCh2QPhbnDBLTx%2FjcUKksSKnZz3Qnweew7OtRIGQzX1OL30m0gTO%2Bib5Daa6N4yK6zNNIkhBMGDZ%2FYerFGjahRCF%2FngdxESr%2B8tY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754eb39398b4b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/hdv3-js/jquery.min.js HTTP/1.1 
Host: static.hugedomains.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; _gid=GA1.2.1796505141.1664894452; sc_is_visitor_unique=rx5694535.1664894552.A6FC6F7B0E844FA056AA6FAA902E9B06.3.3.3.3.3.3.2.2.2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.7.37
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 14:45:28 GMT
last-modified: Mon, 20 Jul 2020 17:04:33 GMT
etag: W/"8026d0d6b75ed61:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 516
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlQv%2Fr3aEXMbuva1KzTrCyKku6QfMK3%2FV9phGMKf%2Ff3T6pa7wEKH6gVQBiQAoY1FM%2BeHBQT3kBnettrv%2ByOhCkV4k8MZMOjSrbrF%2Bu9%2BmHIkyMCL77gG3rrlCtAAG95dF201R62nRT4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754eb3957ba4b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css/hdv3-css/style.css?r=20201105a HTTP/1.1 
Host: static.hugedomains.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; _gid=GA1.2.1796505141.1664894452; sc_is_visitor_unique=rx5694535.1664894552.A6FC6F7B0E844FA056AA6FAA902E9B06.3.3.3.3.3.3.2.2.2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.7.37
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 04 Oct 2022 14:45:28 GMT
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=220140
etag: W/"803a6d05a80d81:0"
last-modified: Wed, 15 Jun 2022 01:48:25 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 1522
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Bklv2ONizjbRoAaS%2FZmDW%2Fe32cx9UDv1o4sNCEVSsV64xlQEBVNpEsALgAl5n04ZjhKxt37oGxOVzxt%2FOirN%2F9B1jzLyAsdjGK9lWDoyNU%2FdzsNZW6rkpjZp%2B5JFtJb5rXrIvBHqnw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754eb3955b21b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css/hdv3-css/reboot.min.css HTTP/1.1 
Host: static.hugedomains.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; _gid=GA1.2.1796505141.1664894452; sc_is_visitor_unique=rx5694535.1664894552.A6FC6F7B0E844FA056AA6FAA902E9B06.3.3.3.3.3.3.2.2.2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.7.37
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 04 Oct 2022 14:45:28 GMT
last-modified: Mon, 20 Jul 2020 17:04:26 GMT
etag: W/"09a4d2b75ed61:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 516
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLn1z3Cz0lHBYbHoi8f%2BIERj2dN2p8Isys7HDWg5iYPZQQOLjtsgMN90YMgNRVgZvt3gzrt7XwuYzZEVbmD14utMbInWgIXDYnkQDtKgFMx5CAzAmWeuoeZ5U40xdjYYCNwZHCk73Io%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754eb3955b1bb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css/hdv3-css/responsive.css?r=20201105a HTTP/1.1 
Host: static.hugedomains.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; _gid=GA1.2.1796505141.1664894452; sc_is_visitor_unique=rx5694535.1664894552.A6FC6F7B0E844FA056AA6FAA902E9B06.3.3.3.3.3.3.2.2.2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.7.37
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 04 Oct 2022 14:45:28 GMT
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=86637
etag: W/"8017f8114580d81:0"
last-modified: Tue, 14 Jun 2022 23:18:35 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 1522
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJTnKXTv0hPrv1GLmhjT3FUauebOwRcPH9XpOojQIgyWjdAi0fK%2BkiZI8JWaGatV7DzMELesNZvXH%2FNjldukSpVRJuNP2gQOGvti26YktUgAc5U9Xf6%2F16fScCIKzNZrmyUjpp75M0k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754eb3956b6cb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Noto+Sans:400,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.hugedomains.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 14:45:28 GMT
date: Tue, 04 Oct 2022 14:45:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /counter/counter.js HTTP/1.1 
Host: secure.statcounter.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.20.228.67
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 14:45:28 GMT
vary: Accept-Encoding
last-modified: Mon, 03 Oct 2022 14:33:33 GMT
etag: W/"633af2bd-aa70"
expires: Tue, 04 Oct 2022 17:42:50 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 32558
server: cloudflare
cf-ray: 754eb3970f7f1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---