Report - www.cibra.org/

Report Overview

Submitted URL
www.cibra.org/
IP
209.99.40.222
ASN
#40034 CONFLUENCE-NETWORK-INC
Submitted
2022-11-10 01:26:31
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.9 kB	34.160.144.191
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	978 B	18 kB	216.58.207.195
js.parkingcrew.net	94546	2017-01-29T18:23:38Z	2023-03-09T23:29:08Z	2.0 kB	10 kB	185.53.178.30
partner.googleadservices.com	798	2012-10-03T03:04:21Z	2023-03-10T06:40:47Z	460 B	844 B	172.217.21.162
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
www.cibra.org	unknown			1.2 kB	4.7 kB	209.99.40.222
i.cdnpark.com	93792	2014-04-23T00:29:22Z	2019-03-24T18:17:58Z	594 B	3.8 kB	54.230.111.43
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	52.39.126.109
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	682 B	1.6 kB	93.184.220.29
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	4.1 kB	8.4 kB	142.250.74.3
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	389 B	2.3 kB	142.250.74.10
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	1.7 kB	59 kB	142.250.74.132
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.4 kB	6.2 kB	23.36.76.226
d38psrni17bvxu.cloudfront.net	unknown	2022-09-22T18:48:38Z	2023-03-10T13:32:17Z	646 B	22 kB	54.230.245.130
afs.googleusercontent.com	12123	2013-05-06T21:11:00Z	2023-03-10T11:12:37Z	885 B	2.3 kB	142.250.74.33
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	54 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-10	medium	d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	js.parkingcrew.net/jsparkcaf.php?_v=3&regcn=982822&_h=www.cibra.org&_t=1668043577504&_qs=	5.5 kB	2023-03-11	2023-03-11
Pretty URL js.parkingcrew.net/jsparkcaf.php?_v=3&regcn=982822&_h=www.cibra.org&_t=1668043577504&_qs= IP 185.53.178.30 ASN #19905 NEUSTAR-AS6 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:00:44 Last Seen2023-03-11 10:00:44 Times Seen1 Hash df8a8acd8a97784a6acb56fe8a9a52e9 f9e1a4192b6e79d4f5a02a5c490f470ed1111961 fc26071ca7bcf38198d7312f0b35d5ea591af4e7ed635127e11dd9e096ac06b4 Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=www.cibra.org&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie	186 B	2023-03-11	2023-03-11
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=www.cibra.org&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie IP 172.217.21.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:00:44 Last Seen2023-03-11 10:00:44 Times Seen1 Hash 5cd067dab4a65d15a4540bd170a335e0 26ff51a18281281c315079c9e0b9ca461085e5cd 5fbe6da8dc31ae8ac3fe63e40ac8dc010dfd5ce910391aa539fcb489b6a52147 Loading...

	www.cibra.org/px.js?ch=1	346 B	2023-03-07	2024-04-25
Pretty URL www.cibra.org/px.js?ch=1 IP 209.99.40.222 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 10:32:01 Times Seen43501 Hash f84f931c0dd37448e03f0dabf4e4ca9f 9c2c50edcf576453ccc07bf65668bd23c76e8663 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584 Loading...

	d38psrni17bvxu.cloudfront.net/registrar/v3/content/982822	1.2 kB	2023-03-07	2023-09-27
Pretty URL d38psrni17bvxu.cloudfront.net/registrar/v3/content/982822 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:23 Last Seen2023-09-27 00:44:23 Times Seen336 Hash 00dc1dc294fef8a23485fa3fcf12fc15 79a8e3e07a2f16f97707d34b3fb3cea297e879ca 194b90b425a41d350bd88f17bcbbbe604e3283a614db79cdeb6faf42e89576cf Loading...

	www.cibra.org/	77 B	2023-03-07	2024-04-25
Pretty URL www.cibra.org/ IP 209.99.40.222 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:26 Last Seen2024-04-25 07:53:35 Times Seen347 Hash d5630c59e7893a1368ebb34a973c8956 fdb0bc9c507522a0b946c99bae6bda6fa96a690e 01d9b1f2503cb005dbd83ba5643ca5ab30c7c6a2abe967ab704873d62aabc0e3 Loading...

	www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2351474211894928&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301099&format=r5%7Cs&nocache=4531668043578518&num=0&output=afd_ads&domain_name=www.cibra.org&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1668043578525&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=683&frm=0&cl=486644749&uio=--&cont=tc&jsid=caf&jsv=486644749&rurl=http%3A%2F%2Fwww.cibra.org%2F&adbw=slave-1-1%3A515%2Cmaster-1%3A530	5.6 kB	2023-03-11	2023-03-11
Pretty URL www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2351474211894928&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301099&format=r5%7Cs&nocache=4531668043578518&num=0&output=afd_ads&domain_name=www.cibra.org&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1668043578525&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=683&frm=0&cl=486644749&uio=--&cont=tc&jsid=caf&jsv=486644749&rurl=http%3A%2F%2Fwww.cibra.org%2F&adbw=slave-1-1%3A515%2Cmaster-1%3A530 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:00:44 Last Seen2023-03-11 10:00:44 Times Seen1 Hash 965357557c5a761a5a2e2512df33591b 6bb164c30952ae43fa1be596c5c6b7dda1650ded d16d2860f7afbad7d490f2ca2996dc6bc46ca2971dbaa4ff9ba1ff84c2000d72 Loading...

	www.cibra.org/	8 B	2023-03-07	2024-04-25
Pretty URL www.cibra.org/ IP 209.99.40.222 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-25 10:32:01 Times Seen10786 Hash 883fa82f6169ed5ddd95e0c34cf36450 52fcfe1e375b542d4847a9c963bff266b98bfbc2 dca6253c1f2bdadb922b559c83bee52fbe1411e3a159adcb922ff3b45c623185 Loading...

	www.cibra.org/	200 B	2023-03-07	2023-04-05
Pretty URL www.cibra.org/ IP 209.99.40.222 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:23 Last Seen2023-04-05 02:03:50 Times Seen166 Hash c429efc5787431634ecb929d6e4b8602 59b6c748ad6bfd673ea5a50542a7f1849ead0700 5c04aa5569f70ca0c1c9a1bcad0146729297cf2dbac755415c04576e7b95faad Loading...

	www.google.com/adsense/domains/caf.js	147 kB	2023-03-11	2023-03-11
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:00:44 Last Seen2023-03-11 12:42:33 Times Seen1 Hash d894ce38b5e9f9195c87cdc180f83cb8 83cfc5af4e73111aedb55ff00d82b62765814ed8 d5b666307a2e762795ca981d8cfc7535873405ce9173bc8fb85ba5ac8fc92d27 Loading...

	js.parkingcrew.net/assets/scripts/registrar-caf/982822.js	2.7 kB	2023-03-07	2023-04-15
Pretty URL js.parkingcrew.net/assets/scripts/registrar-caf/982822.js IP 185.53.178.30 ASN #19905 NEUSTAR-AS6 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:23 Last Seen2023-04-15 04:41:05 Times Seen67 Hash 002050aee57fabf8c4bb87a8d902a857 b700c0e6e9b627cdbb0af6ef96098eec882a0a24 2411e7a5d57de60b1deeccd4aa6590b777f720331681919ad5c96865233d8e0e Loading...

	www.google.com/afs/ads/i/iframe.html	1.3 kB	2023-03-07	2023-04-05
Pretty URL www.google.com/afs/ads/i/iframe.html IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2023-04-05 02:11:22 Times Seen1911 Hash 53a557946308585635eb80aec5326b9e 544b125203bfbb516566a63c9ef3dc57e9c06df9 eff95f5e15f8aa8c8b8c0f3aaeedba0091c1ec9732d78b6594c9ceb26c8eff28 Loading...

	www.cibra.org/	338 B	2023-03-11	2023-03-11
Pretty URL www.cibra.org/ IP 209.99.40.222 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:00:44 Last Seen2023-03-11 10:00:44 Times Seen1 Hash 439a64f4d7aec0ac5671dd97fcbcda7b f58b4f1460d7ccbde7495206aab016a0657957bb f053b6001d011687528ca43dfc576e479e72e98273388cc3bc80a6f0fbd5b3aa Loading...

	i.cdnpark.com/registrar/v3/loader.js	2.2 kB	2023-03-07	2023-09-27
Pretty URL i.cdnpark.com/registrar/v3/loader.js IP 54.230.111.43 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:34:15 Last Seen2023-09-27 00:44:23 Times Seen918 Hash 6a8a5ac701875e082ba567dc1e31dc47 270e11322a98d1f93377df4da2db08e3907db01c ccc86bccd7817aaa981c28c56fa002ec8f305d81433312e8299ce70fc8d70c7e Loading...

	www.google.com/adsense/domains/caf.js	147 kB	2023-03-11	2023-03-11
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:56:06 Last Seen2023-03-11 12:49:19 Times Seen1 Hash 2b91e9190a774f49ab8f92b34af8d638 0a849f72e34c706bc6b90a6b803b2ca56eb686ad db5e40933806911aa3ab980c1b348f410528011389f292396edf93201813dc24 Loading...

	www.cibra.org/	505 B	2023-03-11	2023-03-11
Pretty URL www.cibra.org/ IP 209.99.40.222 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:00:44 Last Seen2023-03-11 10:00:44 Times Seen1 Hash 56d920df6cdb2f9163409b752fdbd608 c77b7cf874c68548274f8a64c97f18153c96a33b 5a7105b4f381ccffd8fe556844dbff149e945363ee6dee0099390f2b3b73cd26 Loading...

	d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js	5.6 kB	2023-03-07	2023-09-26
Pretty URL d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js IP 54.230.245.130 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:07 Last Seen2023-09-26 11:43:53 Times Seen10069 Hash 6f95d346f97b06c2d81a5cb147d35de0 c591eaa19ed0d227b4555f5e699b668b05aa40b0 35ca990c39f9194a5a17ff664a0fdcc7dfb6cb433ea6844e2960d9744bd9b9b6 Loading...

		Size	First Seen	Last Seen
	#1 Write - 30c7f287fb1540f9c7bfe7c30a079c55	120 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 10:00:44 Last Seen2023-03-11 10:00:44 Times Seen1 Hash 30c7f287fb1540f9c7bfe7c30a079c55 a316d6ff1e89f1d37e0ad1e2d421516f14677c73 e6f34eb30405de613b7d4a5449816231ce0263d3fa6919daa33f6cafb16a7ac5 Loading...

	#2 Write - 8d75fb8b5a3c1ad8e32389bda30b2684	1.1 kB	2023-03-07	2023-09-27
Pretty Observations First Seen2023-03-07 12:59:23 Last Seen2023-09-27 00:44:23 Times Seen193 Hash 8d75fb8b5a3c1ad8e32389bda30b2684 ee132084982b8d7ece4342b8450585fc5ec63929 b143cabcdbb5a07356b40507ce4a11ed7094079adcd62d024cb3ff8bc5727117 Loading...

	#3 Write - 82a8b760663bb9276c20e6e2fef34570	63 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:07:07 Last Seen2023-03-17 12:55:38 Times Seen1 Hash 82a8b760663bb9276c20e6e2fef34570 a705f58c061610bec84d2473b30012d8f58e382b 5d09a3a9ce42629afa1801c2b93b2074999848ef1a950422a05c9a6173a06b00 Loading...

	#4 Write - 38cd9463cfd81c97218fd596f4a5ede1	76 B	2023-03-07	2023-09-26
Pretty Observations First Seen2023-03-07 18:52:18 Last Seen2023-09-26 11:43:53 Times Seen5434 Hash 38cd9463cfd81c97218fd596f4a5ede1 7e4a49ebcc195fc07468badbee81aea7d4c14c8f 6f9c01bfa9404b8a13f98b0befe67694ae9e479f6b1066c1779d1c737af78231 Loading...

	#5 Write - 94cb518f69da0c0580c4dbcc3785199e	88 B	2023-03-07	2023-09-19
Pretty Observations First Seen2023-03-07 12:59:23 Last Seen2023-09-19 22:26:26 Times Seen31 Hash 94cb518f69da0c0580c4dbcc3785199e b4970102f55137abab5885f1f4213707263c27bf 38d7f5c3373b0a5dc729f8aadb9c299c07b6f373849d6253642446eea98ed813 Loading...

	#6 Write - c806f8e30c5694985b88525812486b46	83 B	2023-03-07	2023-09-27
Pretty Observations First Seen2023-03-07 21:35:46 Last Seen2023-09-27 00:44:23 Times Seen32 Hash c806f8e30c5694985b88525812486b46 3122c814298eac34dad0ba28bc8f234de2e13db8 676bb01dd4ac661aaf48b7370191176177fea84759d0d6381526ed1530a803fa Loading...

HTTP Transactions (52)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11623
Expires: Thu, 10 Nov 2022 04:40:03 GMT
Date: Thu, 10 Nov 2022 01:26:20 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2971
Cache-Control: max-age=122055
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 01:26:20 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 11:20:35 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14792
Expires: Thu, 10 Nov 2022 05:32:52 GMT
Date: Thu, 10 Nov 2022 01:26:20 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: MJ+8OBZE1wrh83JYQPMRQyXWQ0aKmu2EUv9P3X6LBTrbuwAouDAN4zc7WrCKhU6NjXV8YLja8VUPjcBWx07nHw==
x-amz-request-id: ZGXEGQKP0A6RK43A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 00:49:11 GMT
age: 2229
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 01:26:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.cibra.org/

209.99.40.222

200 OK

1.3 kB

URL HTTP/1.1
www.cibra.org/
IP
209.99.40.222:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (760), with CRLF, LF line terminators
Size
1.3 kB (1305 bytes)
Hash
33481f615c35f32d3d85a0e3625d5103
fc13880743c0f3cd8f3a6c38d9c43b33fd489671
e40066bf3ef75744b164a88062fa54f971cfd7eeda77f3e7920b84f0d98a7f34

HTTP Headers

GET / HTTP/1.1
Host: www.cibra.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 01:26:20 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_bVQa10UfM076mWGxVhXrTz9iG5FIsAbG2J3TbHKBvbNM5uSDPsf2BwqmhojAb3sXklpsbkVPNlDjlyj5Zgragw==
Cteonnt-Length: 2280
Keep-Alive: timeout=5, max=116
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Cache-Control: private
Content-Encoding: gzip
Content-Length: 1305

i.cdnpark.com/themes/registrar/982822.css

54.230.111.43

200 OK

788 B

URL HTTP/1.1
i.cdnpark.com/themes/registrar/982822.css
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
788 B (788 bytes)
Hash
741d67de24a0a76f7db514eb6e4b1bee
3187fd97affded85bf8d2d5bdcd36353366ca492
79ab31a25a19cf535ccac2500fa42d204246b6a931739d80db93a36f413b573e

HTTP Headers

GET /themes/registrar/982822.css HTTP/1.1
Host: i.cdnpark.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cibra.org/

HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 19 Sep 2022 09:30:27 GMT
Content-Encoding: gzip
Date: Wed, 09 Nov 2022 06:41:25 GMT
ETag: W/"632836b3-795"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: V7njw70Mo9lqJR-wZy04L45RZz_tOmKhQyensQwJ1wXqnacxQwH0aA==
Age: 67495

i.cdnpark.com/registrar/v3/loader.js

54.230.111.43

200 OK

2.2 kB

URL HTTP/1.1
i.cdnpark.com/registrar/v3/loader.js
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text
Size
2.2 kB (2195 bytes)
Hash
6a8a5ac701875e082ba567dc1e31dc47
270e11322a98d1f93377df4da2db08e3907db01c
ccc86bccd7817aaa981c28c56fa002ec8f305d81433312e8299ce70fc8d70c7e

HTTP Headers

GET /registrar/v3/loader.js HTTP/1.1
Host: i.cdnpark.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cibra.org/

HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Thu, 10 Nov 2022 01:14:36 GMT
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lKbVw1yFt-dQxSMpLOMJvV2AxSuDfgRky5ISZxBx9_wBmeeK5r_LUA==
Age: 704

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2cc2a9c89cbd9d2da1fd4a79a7d8b1d8
b2a4971855e26ff842f71d5dd4fff2596a83bd59
3bdf6aea6d003d0b087c13a74034f422cb09a59fd5c97b2b48ce590dfca6109a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 01:26:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.cibra.org/px.js?ch=1

209.99.40.222

200 OK

346 B

URL HTTP/1.1
www.cibra.org/px.js?ch=1
IP
209.99.40.222:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
ASCII text, with very long lines (346), with no line terminators
Size
346 B (346 bytes)
Hash
f84f931c0dd37448e03f0dabf4e4ca9f
9c2c50edcf576453ccc07bf65668bd23c76e8663
5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584

HTTP Headers

GET /px.js?ch=1 HTTP/1.1
Host: www.cibra.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.cibra.org/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 01:26:21 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=(self https://dts.gnpge.com), ch-ua-model=(self https://dts.gnpge.com)
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: application/javascript

www.cibra.org/px.js?ch=2

209.99.40.222

200 OK

346 B

URL HTTP/1.1
www.cibra.org/px.js?ch=2
IP
209.99.40.222:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
ASCII text, with very long lines (346), with no line terminators
Size
346 B (346 bytes)
Hash
f84f931c0dd37448e03f0dabf4e4ca9f
9c2c50edcf576453ccc07bf65668bd23c76e8663
5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584

HTTP Headers

GET /px.js?ch=2 HTTP/1.1
Host: www.cibra.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.cibra.org/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 01:26:21 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=115
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2cc2a9c89cbd9d2da1fd4a79a7d8b1d8
b2a4971855e26ff842f71d5dd4fff2596a83bd59
3bdf6aea6d003d0b087c13a74034f422cb09a59fd5c97b2b48ce590dfca6109a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 01:26:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Poppins:300

142.250.74.10

200 OK

1.6 kB

URL HTTP/2
fonts.googleapis.com/css?family=Poppins:300
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.6 kB (1602 bytes)
Hash
9a5f1879f22f4c059782b761ef74f5b5
02bbd668f4c6e44ac1507403cb9e6fb00a7a6673
bb5f47da6ee37e9a9085edb496361b25a2e045a9af893f37f3a9f063f02a25c9

HTTP Headers

GET /css?family=Poppins:300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cibra.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 10 Nov 2022 01:26:21 GMT
date: Thu, 10 Nov 2022 01:26:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c59d06092401e375df491b06ee8e6dbc
2e27b8ff7c08a5349e27969bc2a08e5e19d0c1da
23ee4ab633fcf67dc5d4d1931450e365cec8d436ef1f9ba5f46b6bab974724c4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 230
Cache-Control: max-age=114258
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 01:26:21 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 09:10:39 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f0c1ba8782042e64d296c64158811a67
ae25bf491e6f7381e4eecfead2a61e95489c850f
eb70540a2e2a591edb02abefb7ba5e08d35fe532db6469c1df9e45e5c4bb9983

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 01:26:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

216.58.207.195

200 OK

7.8 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Size
7.8 kB (7840 bytes)
Hash
8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.cibra.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:31:05 GMT
expires: Thu, 09 Nov 2023 19:31:05 GMT
cache-control: public, max-age=31536000
age: 21316
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

js.parkingcrew.net/jsparkcaf.php?_v=3&regcn=982822&_h=www.cibra.org&_t=1668043577504&_qs=

185.53.178.30

200 OK

5.5 kB

URL HTTP/1.1
js.parkingcrew.net/jsparkcaf.php?_v=3&regcn=982822&_h=www.cibra.org&_t=1668043577504&_qs=
IP
185.53.178.30:0
ASN
#19905 NEUSTAR-AS6

File type
HTML document, ASCII text, with very long lines (3076)
Size
5.5 kB (5508 bytes)
Hash
df8a8acd8a97784a6acb56fe8a9a52e9
f9e1a4192b6e79d4f5a02a5c490f470ed1111961
fc26071ca7bcf38198d7312f0b35d5ea591af4e7ed635127e11dd9e096ac06b4

HTTP Headers

GET /jsparkcaf.php?_v=3&regcn=982822&_h=www.cibra.org&_t=1668043577504&_qs= HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cibra.org/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 01:26:21 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Language: norwegian
X-Template: tpl_CleanPeppermintBlack_twoclick

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f0c1ba8782042e64d296c64158811a67
ae25bf491e6f7381e4eecfead2a61e95489c850f
eb70540a2e2a591edb02abefb7ba5e08d35fe532db6469c1df9e45e5c4bb9983

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 01:26:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js

54.230.245.130

200 OK

5.6 kB

URL HTTP/1.1
d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js
IP
54.230.245.130:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
5.6 kB (5638 bytes)
Hash
6f95d346f97b06c2d81a5cb147d35de0
c591eaa19ed0d227b4555f5e699b668b05aa40b0
35ca990c39f9194a5a17ff664a0fdcc7dfb6cb433ea6844e2960d9744bd9b9b6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /scripts/jsparkcaf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cibra.org/

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 5638
Connection: keep-alive
Server: nginx
Date: Wed, 09 Nov 2022 02:11:37 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Accept-Ranges: bytes
ETag: "5ebab1f0-1606"
X-Cache: Hit from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7gHHZoo_V5Mg-GfrlwL3oFBGLF34_h5tigEv1ieAe3dVt2bBHc-_Iw==
Age: 83684

www.google.com/adsense/domains/caf.js

142.250.74.132

200 OK

54 kB

URL HTTP/1.1
www.google.com/adsense/domains/caf.js
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1885)
Size
54 kB (53481 bytes)
Hash
94d2454726c9d5dd99a9add216d9334f
4e797d021cf6bd18c537beda7caa66d79fe5c5d3
55537da2e387b9c065165158fcbc9e85c708e97d6ec15e6cc2899cb0b12cf56d

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cibra.org/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Thu, 10 Nov 2022 01:26:21 GMT
Expires: Thu, 10 Nov 2022 01:26:21 GMT
Cache-Control: private, max-age=3600
ETag: "4311817906160556985"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0

js.parkingcrew.net/ls.php

185.53.178.30

201 Created

0 B

URL HTTP/1.1
js.parkingcrew.net/ls.php
IP
185.53.178.30:0
ASN
#19905 NEUSTAR-AS6

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ls.php HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 2214
Origin: http://www.cibra.org
Connection: keep-alive
Referer: http://www.cibra.org/

HTTP/1.1 201 Created
Server: nginx
Date: Thu, 10 Nov 2022 01:26:21 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 636c533d2ced6873971d6a27
Charset: utf-8
Access-Control-Allow-Origin: http://www.cibra.org
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_qIcRaOf8tXaSjtnmOLzpSTpIqkRSo7lxRRD7rfXN3nDDxPnr3Dyd3yJGJmvEqVyORpde3NXQPZ/xwADw4p7fsA==

push.services.mozilla.com/

52.39.126.109

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.126.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: n0djDgjVwOnpwQT/o1Xt4Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YTFE3C87E5GzGPT4O7qBKGz5pbQ=

js.parkingcrew.net/track.php?domain=cibra.org&toggle=browserjs&uid=MTY2ODA0MzU4MS4yNTk5OmI5OTVkM2E4NTc3ZmI4ZjJhODRmZGZlZDM0ZTJhY2JhNmU4MDEyNGRjYTgwYjFjN2MwZWZiYmMwODc2YzVkYTg6NjM2YzUzM2QzZjcyYw%3D%3D

185.53.178.30

200 OK

20 B

URL HTTP/1.1
js.parkingcrew.net/track.php?domain=cibra.org&toggle=browserjs&uid=MTY2ODA0MzU4MS4yNTk5OmI5OTVkM2E4NTc3ZmI4ZjJhODRmZGZlZDM0ZTJhY2JhNmU4MDEyNGRjYTgwYjFjN2MwZWZiYmMwODc2YzVkYTg6NjM2YzUzM2QzZjcyYw%3D%3D
IP
185.53.178.30:0
ASN
#19905 NEUSTAR-AS6

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /track.php?domain=cibra.org&toggle=browserjs&uid=MTY2ODA0MzU4MS4yNTk5OmI5OTVkM2E4NTc3ZmI4ZjJhODRmZGZlZDM0ZTJhY2JhNmU4MDEyNGRjYTgwYjFjN2MwZWZiYmMwODc2YzVkYTg6NjM2YzUzM2QzZjcyYw%3D%3D HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.cibra.org
Connection: keep-alive
Referer: http://www.cibra.org/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 01:26:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

js.parkingcrew.net/assets/scripts/registrar-caf/982822.js

185.53.178.30

200 OK

2.7 kB

URL HTTP/1.1
js.parkingcrew.net/assets/scripts/registrar-caf/982822.js
IP
185.53.178.30:0
ASN
#19905 NEUSTAR-AS6

File type
ASCII text
Size
2.7 kB (2667 bytes)
Hash
002050aee57fabf8c4bb87a8d902a857
b700c0e6e9b627cdbb0af6ef96098eec882a0a24
2411e7a5d57de60b1deeccd4aa6590b777f720331681919ad5c96865233d8e0e

HTTP Headers

GET /assets/scripts/registrar-caf/982822.js HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cibra.org/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 01:26:22 GMT
Content-Type: application/javascript
Content-Length: 2667
Connection: keep-alive
Last-Modified: Thu, 14 Jan 2021 10:54:01 GMT
ETag: "600022c9-a6b"
Accept-Ranges: bytes

d38psrni17bvxu.cloudfront.net/themes/registrar/images/cp_arrows_dark.png

54.230.245.130

200 OK

16 kB

URL HTTP/1.1
d38psrni17bvxu.cloudfront.net/themes/registrar/images/cp_arrows_dark.png
IP
54.230.245.130:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Size
16 kB (15544 bytes)
Hash
72a92898f1dd7ea307ce6f2890d165f4
cf167ff00875385b08356a9e3b82c8930f019107
8fceb564c059d6ffad5c8f3a5e5617a57d501c1e10de1874357505831e2fdb4c

HTTP Headers

GET /themes/registrar/images/cp_arrows_dark.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://i.cdnpark.com/

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 15544
Connection: keep-alive
Server: nginx
Date: Wed, 09 Nov 2022 02:01:33 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Accept-Ranges: bytes
ETag: "5ebab1f0-3cb8"
X-Cache: Hit from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MwmYgTRpsOQXOsWxZQlmvokV7xKFMDLN66R_rsF1vbIIx4gGhs1Q3w==
Age: 84289

www.cibra.org/favicon.ico

209.99.40.222

404 Not Found

30 B

URL HTTP/1.1
www.cibra.org/favicon.ico
IP
209.99.40.222:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
c4609c83d6054d974c265b208bdc2a21
7e963e7185900347babd1f2797312c0ca21fa4ae
6cd85e3008758f2e06eeff9efdf9b4ad2981f6654f87918d155b0aced68d959a

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.cibra.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.cibra.org/
Connection: keep-alive

HTTP/1.1 404 Not Found
Date: Thu, 10 Nov 2022 01:26:22 GMT
Server: Apache
Cteonnt-Length: 10
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Cache-Control: private
Content-Encoding: gzip
Content-Length: 30

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
98d2dcb84a37daa2fb23c827ff88b340
0044d5f3939f68f1dd840bf8fcc0a136beda6ae3
7eb6cb22996da7036eb151d07a2fcc0df7018d5111f19e84a911e7edefe3e327

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 01:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
952f908d8283855a70460d2f6bbcaf22
be97447f1f50f0ad67d15aa07425979da1a12694
6337d6ace429d0bc53cfebab8592c92c449ae969d92545d87f432321b4b494c3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 01:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

partner.googleadservices.com/gampad/cookie.js?domain=www.cibra.org&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie

172.217.21.162

200 OK

181 B

URL HTTP/2
partner.googleadservices.com/gampad/cookie.js?domain=www.cibra.org&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
181 B (181 bytes)
Hash
d7510a8af8a99e05474e7434f8f0f290
ffeaa9e028d22c77e13b94c64984954f6ec350dc
52c721ef8c4ae24e27934e7e706be873482ff399281e1fd460f501bf123685ff

HTTP Headers

GET /gampad/cookie.js?domain=www.cibra.org&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cibra.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 10 Nov 2022 01:26:22 GMT
server: cafe
cache-control: private
content-length: 181
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/afs/ads/i/iframe.html

142.250.74.132

200 OK

730 B

URL HTTP/2
www.google.com/afs/ads/i/iframe.html
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1559)
Size
730 B (730 bytes)
Hash
06f49fd2d01fe2ba85c8947215b0d71c
77eddebb396a092e3009eb1a30e7445bd952652a
a75fd2c3d2656d75c75b16a491a49af83904cd93387476726720dddbc666e755

HTTP Headers

GET /afs/ads/i/iframe.html HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cibra.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-ZDCANUXv8tN2V6ZyhZqBPw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-length: 730
date: Thu, 10 Nov 2022 01:26:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 18 Oct 2021 14:30:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
952f908d8283855a70460d2f6bbcaf22
be97447f1f50f0ad67d15aa07425979da1a12694
6337d6ace429d0bc53cfebab8592c92c449ae969d92545d87f432321b4b494c3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 01:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
182f8aecb00a9b97401d839e1e7f5629
05e5f7d37f06fbf503d139746300f2dcf22616ce
8e15a57041c72ef89daa376d714d4f8ec8139c164e5286fff51766b159a0df40

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 01:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bc576df12b61c9f920027c2aceb222eb
5f0dae8bff170339152888be7c8f15bc5a12a300
ec659bea707181e6f6527bd6e52e8f434fe6df7b2c22e8b75b8dcf37c764361f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 01:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2351474211894928&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301099&format=r5%7Cs&nocache=4531668043578518&num=0&output=afd_ads&domain_name=www.cibra.org&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1668043578525&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=683&frm=0&cl=486644749&uio=--&cont=tc&jsid=caf&jsv=486644749&rurl=http%3A%2F%2Fwww.cibra.org%2F&adbw=slave-1-1%3A515%2Cmaster-1%3A530

142.250.74.132

200 OK

2.0 kB

URL HTTP/2
www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2351474211894928&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301099&format=r5%7Cs&nocache=4531668043578518&num=0&output=afd_ads&domain_name=www.cibra.org&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1668043578525&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=683&frm=0&cl=486644749&uio=--&cont=tc&jsid=caf&jsv=486644749&rurl=http%3A%2F%2Fwww.cibra.org%2F&adbw=slave-1-1%3A515%2Cmaster-1%3A530
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5500)
Size
2.0 kB (2036 bytes)
Hash
d420ea5bf1fe981e58c09af9031c93ff
04fd4d60f96a4b94c047a27821eee9b365d8b315
eacaa65bd8021bb84e8a700c0ed7aaac82a4538c22b6387df6b43200804ef4a0

HTTP Headers

GET /afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2351474211894928&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301099&format=r5%7Cs&nocache=4531668043578518&num=0&output=afd_ads&domain_name=www.cibra.org&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1668043578525&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=683&frm=0&cl=486644749&uio=--&cont=tc&jsid=caf&jsv=486644749&rurl=http%3A%2F%2Fwww.cibra.org%2F&adbw=slave-1-1%3A515%2Cmaster-1%3A530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cibra.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Thu, 10 Nov 2022 01:26:22 GMT
expires: Thu, 10 Nov 2022 01:26:22 GMT
cache-control: private, max-age=3600
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 2036
x-xss-protection: 0
set-cookie: NID=511=ORi6Dhgg-ZJvnBqu7Hfp3C-lRx0GuQFH4HqAkC_ENcZZO24HRAu1SN2MgbPOj3UBWNHE6ZEb7nXyjQHoa1UN3u_Sun2s464_jn8SH5h4II1Zv5jA3hbHNChdI1-LrXZ1f9k2KnrnSGlzDnUnFqOu5xY8XRLey7kNyGTK3n7X5cE; expires=Fri, 12-May-2023 01:26:22 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+461; expires=Sat, 09-Nov-2024 01:26:22 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

js.parkingcrew.net/track.php?domain=cibra.org&caf=1&toggle=answercheck&answer=yes&uid=MTY2ODA0MzU4MS4yNTk5OmI5OTVkM2E4NTc3ZmI4ZjJhODRmZGZlZDM0ZTJhY2JhNmU4MDEyNGRjYTgwYjFjN2MwZWZiYmMwODc2YzVkYTg6NjM2YzUzM2QzZjcyYw%3D%3D

185.53.178.30

200 OK

20 B

URL HTTP/1.1
js.parkingcrew.net/track.php?domain=cibra.org&caf=1&toggle=answercheck&answer=yes&uid=MTY2ODA0MzU4MS4yNTk5OmI5OTVkM2E4NTc3ZmI4ZjJhODRmZGZlZDM0ZTJhY2JhNmU4MDEyNGRjYTgwYjFjN2MwZWZiYmMwODc2YzVkYTg6NjM2YzUzM2QzZjcyYw%3D%3D
IP
185.53.178.30:0
ASN
#19905 NEUSTAR-AS6

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /track.php?domain=cibra.org&caf=1&toggle=answercheck&answer=yes&uid=MTY2ODA0MzU4MS4yNTk5OmI5OTVkM2E4NTc3ZmI4ZjJhODRmZGZlZDM0ZTJhY2JhNmU4MDEyNGRjYTgwYjFjN2MwZWZiYmMwODc2YzVkYTg6NjM2YzUzM2QzZjcyYw%3D%3D HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.cibra.org
Connection: keep-alive
Referer: http://www.cibra.org/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 01:26:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.195

200 OK

8.3 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
8.3 kB (8276 bytes)
Hash
d545b4beba1cc04ff09f942fe7389bd5
2e00a90b1ffb5ec596efb6db761620a16d924454
55a784055901e4e4251629ca47c08b40b4eb5a0c60440d23efee257f9799f9fd

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 21:48:50 GMT
expires: Thu, 09 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 13052
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f9746abd865e363c8ec59d1ce415d671
269ab2a272319239e3140c87b015d3fe553285ca
c28c2ea2fd722c4f05b13b83e74b578be4b0aeed251a37dd7553d8d2927da31e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 01:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f9746abd865e363c8ec59d1ce415d671
269ab2a272319239e3140c87b015d3fe553285ca
c28c2ea2fd722c4f05b13b83e74b578be4b0aeed251a37dd7553d8d2927da31e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 01:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2

142.250.74.33

200 OK

273 B

URL HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Size
273 B (273 bytes)
Hash
4879b4bfc581cab5b5c803866211a36e
e1705c1fa9103a1a9f82a1bb5cd44c8e45bd520a
6ad1ffb79c80d41ec978dd45defe97ee70d0e2efd01bfe678198248819d1b98a

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 273
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 02:55:43 GMT
expires: Thu, 10 Nov 2022 01:55:43 GMT
cache-control: public, max-age=82800
age: 81039
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2

142.250.74.33

200 OK

174 B

URL HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
174 B (174 bytes)
Hash
aa3a2f86d22121bff6d29639ccf1a157
bb7bbcdc7c5391dd50b78233fefd3216df8b452e
867d889f103b1a4ce8d5d9dc67d027656ecb34002ca254a290e8ff7d64c8ee6d

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 09:18:31 GMT
expires: Thu, 10 Nov 2022 08:18:31 GMT
cache-control: public, max-age=82800
age: 58071
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f9746abd865e363c8ec59d1ce415d671
269ab2a272319239e3140c87b015d3fe553285ca
c28c2ea2fd722c4f05b13b83e74b578be4b0aeed251a37dd7553d8d2927da31e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 01:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3380
Expires: Thu, 10 Nov 2022 02:22:42 GMT
Date: Thu, 10 Nov 2022 01:26:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3380
Expires: Thu, 10 Nov 2022 02:22:42 GMT
Date: Thu, 10 Nov 2022 01:26:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3380
Expires: Thu, 10 Nov 2022 02:22:42 GMT
Date: Thu, 10 Nov 2022 01:26:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3380
Expires: Thu, 10 Nov 2022 02:22:42 GMT
Date: Thu, 10 Nov 2022 01:26:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3380
Expires: Thu, 10 Nov 2022 02:22:42 GMT
Date: Thu, 10 Nov 2022 01:26:22 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F209aa2c7-5455-4bcc-a570-020a64d657cc.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F209aa2c7-5455-4bcc-a570-020a64d657cc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10006 bytes)
Hash
899d03c61f3b79a2176e6cdbaa7441f0
afc8ee4a5b899e95c4b229d48494ae058bfa4c33
62b52d966cd4216513a0c0cc12f9faa9c2fbb0d4707a458c247047c455b2b6e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F209aa2c7-5455-4bcc-a570-020a64d657cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10006
x-amzn-requestid: 322dbafd-30b5-43b5-a077-aa729ffbc91f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWl_1EKfoAMFS6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1d31-242c7c5c5f670e7332c2fa36;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6moD3qGG4N5Cd7Q75CUld7Fhowwsr4v4AsPumhI6BCdL9KlP83tuRg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:49:15 GMT
age: 13027
etag: "afc8ee4a5b899e95c4b229d48494ae058bfa4c33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e56265e-d6d4-44c5-9a3e-19cd4a194fac.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5947 bytes)
Hash
49fc636f2fd6c21b7bb012c0d93e101d
de6e1f022de8a2c6749f381c2d8c3f27a3f2c11b
06201c860a44c552f2b10628e4189df194829a3901f7fc263610a5cf6824ffad

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e56265e-d6d4-44c5-9a3e-19cd4a194fac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5947
x-amzn-requestid: 3af515a7-7c49-42e1-a2f8-5689cffa3fbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKuDdGCFIAMF3Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63675d49-46935ab231e3e36a4c3b29cc;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 07:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6oYVuUJkpDw41ezMsWONZTALM38eToqt8NQbweVmOTyr11f6EknpLw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 14:43:45 GMT
age: 38557
etag: "de6e1f022de8a2c6749f381c2d8c3f27a3f2c11b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11316 bytes)
Hash
848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y5MD-207EEHTD7hC8z0SzYCHA0JdOpYRrUhYDwo0cQ9ITGRbtQ-McA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:46:28 GMT
age: 13194
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d37511-5958-42ab-acd0-aed0c04a0e2c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9360 bytes)
Hash
61e58563ce83ab22c1604920db81f8e5
71dc8a32634a72c2092ef90a4f46250599b523f6
ddbb9d12368a95d38b94398274524862a28da41f22062d0096ac0c7052e2ca3b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d37511-5958-42ab-acd0-aed0c04a0e2c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9360
x-amzn-requestid: ab27926c-6cd1-4817-a5ff-aa47f666f337
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpOGmjoAMFU4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca1-5835f3a814659500346d44e8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kr6uTOkWhcF7u0oUSM4SJSomIPdx6cnVNYQrGqcui8c65fr-soPOuQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:45:34 GMT
age: 13248
etag: "71dc8a32634a72c2092ef90a4f46250599b523f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3445 bytes)
Hash
178b1b5efcd0c5997d0e5b820193abe2
460630852800c0304295c78df268bfec64416f98
9822d2ef4199dcc01f81a8e6d3a91d9545466c17abfca4eb30e0a49ca8301da6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3445
x-amzn-requestid: 92b5ba7a-e45a-495c-89ae-9738fd5644bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWloyHMpoAMF-Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9e-5508b96c349a34537809ef0e;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3-XU3AO60wbMDZcPshBPHvxEFAQHVs7-dlg52BfbxkSlDAEx9kaeeg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:58:41 GMT
age: 12461
etag: "460630852800c0304295c78df268bfec64416f98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7723 bytes)
Hash
8c2db9097ad95b726c65a3130483daf7
2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79
1da5e63e7a3e837c758bb365e5e99e6dfb6c54e9b2fe038c3eb1334a86dc4d74

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7723
x-amzn-requestid: 1e07419e-8cd6-43d6-b0bb-61183502ee40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpGHFKIAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca0-751c8b152ea5c28f5a78bf46;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BXdwO74rhbF9575IFRz-DNbcEFNiX7JiCtsvghmUE8zOju0eyuFjow==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:45:34 GMT
age: 13248
etag: "2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations