Report - cd.leadmobc.com/?a=167385&c=160654&co=217044&mt=21&s2=3udi5ih2mmspp

Report Overview

Submitted URL
cd.leadmobc.com/?a=167385&c=160654&co=217044&mt=21&s2=3udi5ih2mmspp
IP
34.252.98.23
ASN
#16509 AMAZON-02
Submitted
2022-11-03 15:16:49
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
partner.googleadservices.com	798	2012-10-03T03:04:21Z	2023-03-10T06:40:47Z	454 B	844 B	172.217.21.162
cd.leadmobc.com	unknown	2022-06-29T03:49:28Z	2023-03-10T13:15:43Z	398 B	4.4 kB	34.252.98.23
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.0 kB	5.3 kB	23.36.76.249
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	682 B	1.6 kB	93.184.220.29
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	3.4 kB	7.0 kB	142.250.74.35
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	337 B	1.5 kB	34.102.187.140
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	52.42.148.177
monktraff.com	171770	2019-12-30T23:18:39Z	2023-03-04T21:34:43Z	3.5 kB	2.3 kB	199.59.243.222
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	370 B	55 kB	142.250.74.164
port13.govisibl.com	unknown	2020-09-24T04:42:19Z	2023-02-02T12:10:54Z	922 B	992 B	107.170.154.51
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	483 B	18 kB	216.58.207.195
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	63 kB	34.120.237.76
afs.googleusercontent.com	12123	2013-05-06T21:11:00Z	2023-03-10T11:12:37Z	456 B	1.2 kB	142.250.74.33
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-10T14:35:32Z	340 B	964 B	104.18.32.68
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	401 B	1.3 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-03	medium	leadmobc.com	Sinkholed

JavaScript (8)

	URL	Size	First Seen	Last Seen
	www.google.com/adsense/domains/caf.js	147 kB	2023-03-10	2023-03-10
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 19:41:55 Last Seen2023-03-10 20:04:30 Times Seen1 Hash 98717a20fd23911b4157aa1a0f598ffd d573c2ad5ca9f32c9aacc6195c4fc52b41a62054 ccee4426106d056b47b051305bfb870a83acf66721f1824297f658257a193a39 Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=monktraff.com&client=dp-bodis31_3ph&product=SAS&callback=__sasCookie	190 B	2023-03-10	2023-03-10
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=monktraff.com&client=dp-bodis31_3ph&product=SAS&callback=__sasCookie IP 172.217.21.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 19:41:55 Last Seen2023-03-10 19:41:55 Times Seen1 Hash d4ff732149ee942370c4f1357159ec68 c6cd5c3dd5fabfd4bea9f843536f600c330fac0b fb7c09425bfdb0af046a40cf45a58b517cabe2891cc784e8f4f992c01113ee61 Loading...

	www.google.com/afs/ads?adtest=off&psid=7049491253&pcsa=false&channel=pid-bodis-gcontrol85%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol315%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol461&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2708093962197658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301094%2C17301097&format=r3&nocache=5391667488599424&num=0&output=afd_ads&domain_name=monktraff.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1667488599425&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1264&psh=141&frm=0&cl=485586056&uio=-&cont=rs&jsid=caf&jsv=485586056&rurl=https%3A%2F%2Fmonktraff.com%2Fl%2F26590535e3809b41c6cd%3Fsub%3D0212055700003305743803204618739852f1720292%26source%3D57438&referer=https%3A%2F%2Fport13.govisibl.com%2F&adbw=master-1%3A1264	5.6 kB	2023-03-10	2023-03-10
Pretty URL www.google.com/afs/ads?adtest=off&psid=7049491253&pcsa=false&channel=pid-bodis-gcontrol85%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol315%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol461&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2708093962197658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301094%2C17301097&format=r3&nocache=5391667488599424&num=0&output=afd_ads&domain_name=monktraff.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1667488599425&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1264&psh=141&frm=0&cl=485586056&uio=-&cont=rs&jsid=caf&jsv=485586056&rurl=https%3A%2F%2Fmonktraff.com%2Fl%2F26590535e3809b41c6cd%3Fsub%3D0212055700003305743803204618739852f1720292%26source%3D57438&referer=https%3A%2F%2Fport13.govisibl.com%2F&adbw=master-1%3A1264 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 19:41:55 Last Seen2023-03-10 19:41:55 Times Seen1 Hash e3b4a7fcd993b0bbae283903198f7529 285a4a5bb87e5333e175f06f3c836fba467b44b8 39264227c580de1d194a95e0a286104e2beed1389ddd338fb107459df3a97036 Loading...

	port13.govisibl.com/dlv/c.php?cca=57438&ccz=1873&r=75060fae7cce465c8f326d8a754a994ebe72&siteid=167385	441 B	2023-03-10	2023-03-10
Pretty URL port13.govisibl.com/dlv/c.php?cca=57438&ccz=1873&r=75060fae7cce465c8f326d8a754a994ebe72&siteid=167385 IP 107.170.154.51 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 19:41:55 Last Seen2023-03-10 19:41:55 Times Seen1 Hash e407d5a8d541838bacdbc42caa7e0cf0 fb38e9544f02be6373668d72010029219d4881ad 8778e77bae908863a144e9b35a132aefba195f546082225af3031fefacdba51a Loading...

	monktraff.com/l/26590535e3809b41c6cd?sub=0212055700003305743803204618739852f1720292&source=57438	1.2 kB	2023-03-10	2023-03-10
Pretty URL monktraff.com/l/26590535e3809b41c6cd?sub=0212055700003305743803204618739852f1720292&source=57438 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 19:41:55 Last Seen2023-03-10 19:41:55 Times Seen1 Hash 9c13fd6a7d6cac35a3a472b9b579201a 67afcbc323734955760f7ff69c765a2293bf8025 0790db62d474753c4ae5d36b014a9714d9a6358a684c76edf5b7c4df7ef2d290 Loading...

	monktraff.com/js/parking.2.100.0.js	69 kB	2023-03-10	2023-03-11
Pretty URL monktraff.com/js/parking.2.100.0.js IP 199.59.243.222 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 19:29:13 Last Seen2023-03-11 08:30:32 Times Seen1 Hash 5be6da47de1edde59bfed616faa53f09 5c32cf18c29a4ade05ad480ad2fc286349e7a748 0b12bcc06ba1752bb8442f223955c67e5c8c3eabce9b340fe2d05d2f991ac084 Loading...

		Size	First Seen	Last Seen
	#1 Eval - b9a635f2466e01a7794b8ce7a8ccf959	1.1 kB	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:11:24 Last Seen2023-03-17 12:43:02 Times Seen1 Hash b9a635f2466e01a7794b8ce7a8ccf959 d7fcee61337a33b528cb5114b33b7427376f6e54 5561dc8cce5afb82997a3e2f8174668f9b8123fa59c87eae80798173c6c5e717 Loading...

		Size	First Seen	Last Seen
	#1 Write - 9acf5427c0193ef960072ced72c93ae4	172 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 12:23:43 Last Seen2023-03-17 10:39:42 Times Seen1 Hash 9acf5427c0193ef960072ced72c93ae4 bfc1c6acd8ec8222272f3fdb43df70c462d1ac7a 9501c9889a0c2771c77ca8d2b5c2f82d4202806e87a13ba9b1a005fd975d7ccd Loading...

HTTP Transactions (43)

URL IP Response Size

cd.leadmobc.com/?a=167385&c=160654&co=217044&mt=21&s2=3udi5ih2mmspp

34.252.98.23

302 Found

271 B

URL HTTP/1.1
cd.leadmobc.com/?a=167385&c=160654&co=217044&mt=21&s2=3udi5ih2mmspp
IP
34.252.98.23:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
271 B (271 bytes)
Hash
53ba02a19d4e5ac18b65b59127308a6b
c78fbd67769e45dc02687607a8dd59aa228c4eaa
8a609b7d34415a6531fcfb668f25e8ffb3e6c152cc956cf56b47e96e6b29b366

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?a=167385&c=160654&co=217044&mt=21&s2=3udi5ih2mmspp HTTP/1.1
Host: cd.leadmobc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Thu, 03 Nov 2022 15:16:38 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Set-Cookie: gdm_uid_v1_1_001=+04Gyzfnzos+JqEIdzYucdfn0BHSfNTZ6Pohfwf5JyUcnmBG2ZyoaJgz1Txq4Vi7; Domain=.leadmobc.com; Expires=Wed, 01-Feb-2023 15:16:38 GMT; Path=/
gdm_sid_v1_3_001=np+gBEC04bDR8I5cM9eNJDWvIfOjVErA+XZu6HjprZCDN/YGXBxH/I48BNEVOuenc0ehccGPwEzfEh2AUsh8spxUuP2cBTPpE7zO43wTxmVZc8pxoCUNdUd/a0rddau8S/UJ9TSh6UUJiRboGuah/U6oFzhES0cmYhsvS6l4kmf1Gy0FBcC9ZDFC/NHmRV2VAGiJQNEy8DEYe+NSFYQ+RJaxgDL5ofwZCWoVOvUmJyRa2OokCrVF/SG6CUXhbviyhmuXTXoyxiWQNm/H2kijO9Q8MbgWO8xQyRIFjujrnl4GzIa4CVbxpZ1v1aVeBd0b7VmXtB9jwcUWib/D2E8lp/bAhu7H8BH++3daxKl1Z0qN5W827z2kWkSbLXbzuPyqmJZ6oRECgZMdZwJkmUjFuQysBQ5vrmEDc2LeHVynC3H4nBEozqVbf6VREK20VNTaeGx1heyGtyFviVP3GoX2HLK9GgfXsXPzSjHqkNWyfVqzREIiF3JCIH5hSjGgWOpPddl0qIUZ5SwkHzp8icIq82LxdCrBYh4Bdh8puDxO0b/jJOmHVzijYnNUApramjEqgYycuM/ACO3otvndO++vbziCjo7z6JmJH7/R9y0uSPZ/Lw1qCTxNvPlZvKwNQfqMzLItLZbEG9N5l7rYhlz6XYDR+vtk/ifstnehM9yVjxgEmqC72ddRgdYUwAPLYUzaitsJS9/LqVop00W1gRI6QqBTs5AB882RgOfKSor+cYNZgyRtC6P+8X4Wn49fMgPeUySmrm8uls+kpDNq8y+u3xGUYy0uPjstvAXdo49WJyDFs7v9GE4j1oPneC34U5yg0JKqsseEzm3MPe2kEPfZh9LotYH3Gf2AkyMzCMh1eIze7dFd+QbqKkM6j1+92qKvbSyOKnKiUzswuayX4vgv+W+FElCikCA66FMgHxUCW2rezAGII+h1atqdQX/UTblizmoWSCCFvj9eSvqFF8XKoW0xMpO6OBc0hk5Y33HoEFl4j9B2lK6iaeSZt4GZ6YB4r9FchwmO9OyPZNYzpUHibw==; Domain=.leadmobc.com; Expires=Wed, 01-Feb-2023 15:16:38 GMT; Path=/
gdm_click_adv_freq_v1_1_001=Hd/k4mfUbY5nMUCFT8dqJAvOTv/h3H3sQS0ej87oCbWvcUx6YvvXBKT+8yjWRn+q; Domain=.leadmobc.com; Expires=Wed, 01-Feb-2023 15:16:38 GMT; Path=/
gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.leadmobc.com; Expires=Wed, 01-Feb-2023 15:16:38 GMT; Path=/
gdm_sid_v2_3_001=np+gBEC04bDR8I5cM9eNJDWvIfOjVErA+XZu6HjprZCDN/YGXBxH/I48BNEVOuenc0ehccGPwEzfEh2AUsh8spxUuP2cBTPpE7zO43wTxmVZc8pxoCUNdUd/a0rddau8S/UJ9TSh6UUJiRboGuah/U6oFzhES0cmYhsvS6l4kmf1Gy0FBcC9ZDFC/NHmRV2VAGiJQNEy8DEYe+NSFYQ+RJaxgDL5ofwZCWoVOvUmJyRa2OokCrVF/SG6CUXhbviyhmuXTXoyxiWQNm/H2kijO9Q8MbgWO8xQyRIFjujrnl4GzIa4CVbxpZ1v1aVeBd0b7VmXtB9jwcUWib/D2E8lp/bAhu7H8BH++3daxKl1Z0qN5W827z2kWkSbLXbzuPyqmJZ6oRECgZMdZwJkmUjFuQysBQ5vrmEDc2LeHVynC3H4nBEozqVbf6VREK20VNTaeGx1heyGtyFviVP3GoX2HLK9GgfXsXPzSjHqkNWyfVqzREIiF3JCIH5hSjGgWOpPddl0qIUZ5SwkHzp8icIq82LxdCrBYh4Bdh8puDxO0b/jJOmHVzijYnNUApramjEqgYycuM/ACO3otvndO++vbziCjo7z6JmJH7/R9y0uSPZ/Lw1qCTxNvPlZvKwNQfqMzLItLZbEG9N5l7rYhlz6XYDR+vtk/ifstnehM9yVjxgEmqC72ddRgdYUwAPLYUzaitsJS9/LqVop00W1gRI6QqBTs5AB882RgOfKSor+cYNZgyRtC6P+8X4Wn49fMgPeUySmrm8uls+kpDNq8y+u3xGUYy0uPjstvAXdo49WJyDFs7v9GE4j1oPneC34U5yg0JKqsseEzm3MPe2kEPfZh9LotYH3Gf2AkyMzCMh1eIze7dFd+QbqKkM6j1+92qKvbSyOKnKiUzswuayX4vgv+W+FElCikCA66FMgHxUCW2rezAGII+h1atqdQX/UTblizmoWSCCFvj9eSvqFF8XKoW0xMpO6OBc0hk5Y33HoEFl4j9B2lK6iaeSZt4GZ6YB4r9FchwmO9OyPZNYzpUHibw==; Domain=.leadmobc.com; Expires=Wed, 01-Feb-2023 15:16:38 GMT; Path=/; Secure; SameSite=None
gdm_click_freq_v1_1_001=xhGiS4NyMUmOfQKdVwUkQ3qPK4GGapc14kzXc96SoZJI3jogPH4ZACUTvvj9Y9i4; Domain=.leadmobc.com; Expires=Wed, 01-Feb-2023 15:16:38 GMT; Path=/
gdm_click_freq_v2_1_001=xhGiS4NyMUmOfQKdVwUkQ3qPK4GGapc14kzXc96SoZJI3jogPH4ZACUTvvj9Y9i4; Domain=.leadmobc.com; Expires=Wed, 01-Feb-2023 15:16:37 GMT; Path=/; Secure; SameSite=None
gdm_click_adv_freq_v2_1_001=Hd/k4mfUbY5nMUCFT8dqJAvOTv/h3H3sQS0ej87oCbWvcUx6YvvXBKT+8yjWRn+q; Domain=.leadmobc.com; Expires=Wed, 01-Feb-2023 15:16:37 GMT; Path=/; Secure; SameSite=None
gdm_uid_v2_1_001=+04Gyzfnzos+JqEIdzYucdfn0BHSfNTZ6Pohfwf5JyUcnmBG2ZyoaJgz1Txq4Vi7; Domain=.leadmobc.com; Expires=Wed, 01-Feb-2023 15:16:38 GMT; Path=/; Secure; SameSite=None
gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.leadmobc.com; Expires=Wed, 01-Feb-2023 15:16:38 GMT; Path=/; Secure; SameSite=None
Location: https://port13.govisibl.com/dlv/c.php?cca=57438&ccz=1873&r=75060fae7cce465c8f326d8a754a994ebe72&siteid=167385
Content-Language: en-US
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b7be8442ec1e518ccc80739495f6d047
7a9d24b9d4046262c7753c49afaf9c19f4840626
b93410a9d62da3f219796d753b61a0f730cc272c13596724aa9d20efba298b44

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B93410A9D62DA3F219796D753B61A0F730CC272C13596724AA9D20EFBA298B44"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12958
Expires: Thu, 03 Nov 2022 18:52:36 GMT
Date: Thu, 03 Nov 2022 15:16:38 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2842f538168981f07b56e2c69379841a
0cc4ad0a78c1407bc9b7850eb0fb1a02130e3b22
3f9e8fb02409a19ceb54fee3f0f7f73eeed9e0ad63fa778eac7b3e4633d7d682

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6555
Cache-Control: max-age=158625
Content-Type: application/ocsp-response
Date: Thu, 03 Nov 2022 15:16:38 GMT
Etag: "63638a5c-1d7"
Expires: Sat, 05 Nov 2022 11:20:23 GMT
Last-Modified: Thu, 03 Nov 2022 09:31:08 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 03 Nov 2022 14:42:54 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43ea74d83493710eb8b64a74046ff569
74dee6d9e8b796d34f2788a472b90b3f7fc79ecd
f62eff2ad4d64d785a48e2761d7f2bda9171f1e60b0e9dc525d8f589f9ef7c60

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F62EFF2AD4D64D785A48E2761D7F2BDA9171F1E60B0E9DC525D8F589F9EF7C60"
Last-Modified: Tue, 01 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7990
Expires: Thu, 03 Nov 2022 17:29:48 GMT
Date: Thu, 03 Nov 2022 15:16:38 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: m2jF0sWHyMP7t4N/o9VdULx34iIBJ7JDK901wP/qklhEganwkNoIXufbPOmGF14QcpT8R/kf5MU=
x-amz-request-id: TZV186RT526XDFBX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 03 Nov 2022 15:09:13 GMT
age: 445
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 03 Nov 2022 15:16:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
9221408b2242985505a99f8d78184834
c3fe2cf91e113974a3cf5d621393a003cfdf410d
e8c7f9d69c56a393bbdd433f4cf4c2bbafffe74b8929b33a9fe8914515a64efb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 03 Nov 2022 15:16:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 01 Nov 2022 23:18:32 GMT
Expires: Tue, 08 Nov 2022 23:18:31 GMT
Etag: "c3fe2cf91e113974a3cf5d621393a003cfdf410d"
Cache-Control: max-age=460312,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7646127d9a64b527-OSL

port13.govisibl.com/dlv/c.php?cca=57438&ccz=1873&r=75060fae7cce465c8f326d8a754a994ebe72&siteid=167385

107.170.154.51

200 OK

620 B

URL HTTP/1.1
port13.govisibl.com/dlv/c.php?cca=57438&ccz=1873&r=75060fae7cce465c8f326d8a754a994ebe72&siteid=167385
IP
107.170.154.51:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
620 B (620 bytes)
Hash
dce62d944ce26a16324235a315634e3c
ee1d13b428efdad76c0be4d3bb8f26ff32cc448b
fc186a74e7826eadb24ea3dc58ffeac46f1496964fcdfbeaaf6a62219b19cf95

HTTP Headers

GET /dlv/c.php?cca=57438&ccz=1873&r=75060fae7cce465c8f326d8a754a994ebe72&siteid=167385 HTTP/1.1
Host: port13.govisibl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Content-Length: 620
Date: Thu, 03 Nov 2022 15:16:37 GMT

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
670d0b2f341e8ff1e4ee9fe4fe21e210
dcd277daebf63623b985a81a96bcdc6a6f67c518
75029ab8db44811ac539aa3e2f1f8e015a45b80cb5a1099cec7d64e55e2a72a6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6255
Cache-Control: max-age=153264
Content-Type: application/ocsp-response
Date: Thu, 03 Nov 2022 15:16:39 GMT
Etag: "63637698-1d7"
Expires: Sat, 05 Nov 2022 09:51:03 GMT
Last-Modified: Thu, 03 Nov 2022 08:06:48 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.42.148.177

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.148.177:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vnzm2K1uuPreMV/Yp+Jvlg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zKQfcRYnh2heUzd+krPQIqv/XJk=

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1fe5c735e76f8fd26cba5c6c04e5db51
d95593cb6a97c96c1c65191b789ec1eb100aaced
2833ae1223071f7e98aea7de2f3ec93e4b60273e0179b974eedbf224a398d6f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2833AE1223071F7E98AEA7DE2F3EC93E4B60273E0179B974EEDBF224A398D6F1"
Last-Modified: Thu, 03 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17288
Expires: Thu, 03 Nov 2022 20:04:47 GMT
Date: Thu, 03 Nov 2022 15:16:39 GMT
Connection: keep-alive

monktraff.com/px.gif?ch=1&rn=2.892044290225453

199.59.243.222

200 OK

42 B

URL HTTP/2
monktraff.com/px.gif?ch=1&rn=2.892044290225453
IP
199.59.243.222:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /px.gif?ch=1&rn=2.892044290225453 HTTP/1.1
Host: monktraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monktraff.com/l/26590535e3809b41c6cd?sub=0212055700003305743803204618739852f1720292&source=57438
Cookie: parking_session=39f59f7f-55b8-c82b-bc65-12db54f9b72b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 03 Nov 2022 15:16:39 GMT
content-type: image/gif
content-length: 42
last-modified: Wed, 15 Sep 2021 19:38:30 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ranges: bytes
X-Firefox-Spdy: h2

monktraff.com/px.gif?ch=2&rn=2.892044290225453

199.59.243.222

200 OK

42 B

URL HTTP/2
monktraff.com/px.gif?ch=2&rn=2.892044290225453
IP
199.59.243.222:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /px.gif?ch=2&rn=2.892044290225453 HTTP/1.1
Host: monktraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monktraff.com/l/26590535e3809b41c6cd?sub=0212055700003305743803204618739852f1720292&source=57438
Cookie: parking_session=39f59f7f-55b8-c82b-bc65-12db54f9b72b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 03 Nov 2022 15:16:39 GMT
content-type: image/gif
content-length: 42
last-modified: Wed, 15 Sep 2021 19:38:30 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
89685bab62bbea15308bbeadafd21e77
dfa59c391b1fe4985c018e8a96897fe06a8ff20d
93326694b57c9251ad143020103f5c40c24e52d710676424fad84704894624e2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 03 Nov 2022 15:16:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

monktraff.com/favicon.ico

199.59.243.222

200 OK

0 B

URL HTTP/2
monktraff.com/favicon.ico
IP
199.59.243.222:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: monktraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monktraff.com/l/26590535e3809b41c6cd?sub=0212055700003305743803204618739852f1720292&source=57438
Cookie: parking_session=39f59f7f-55b8-c82b-bc65-12db54f9b72b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 03 Nov 2022 15:16:39 GMT
content-type: image/x-icon
content-length: 0
last-modified: Wed, 15 Sep 2021 19:38:30 GMT
etag: "61424bb6-0"
x-backend-server: ip-10-201-16-136.ec2.internal
accept-ranges: bytes
X-Firefox-Spdy: h2

www.google.com/adsense/domains/caf.js

142.250.74.164

200 OK

54 kB

URL HTTP/2
www.google.com/adsense/domains/caf.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
data
Size
54 kB (54004 bytes)
Hash
7f1d5d0da41e22f5eeb6e1ef880e9b20
2ff4bd575db56fc2bda3043223d462efa1a7de62
987ac8e35331ccc0a7f14d3e051f4062ff67e35ad7da7e6a9143f1b27b6cca9a

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monktraff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 03 Nov 2022 15:16:39 GMT
expires: Thu, 03 Nov 2022 15:16:39 GMT
cache-control: private, max-age=3600
etag: "127718081337035729"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e095d82bd2a12734c45af554442ec777
ae00879b4039665093f0e5a42e9449e1772f6221
aa0517066c31621f8360b8b32aab5d6b3cd309dc2dd7adbf527370cfb4a9563b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 03 Nov 2022 15:16:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

partner.googleadservices.com/gampad/cookie.js?domain=monktraff.com&client=dp-bodis31_3ph&product=SAS&callback=__sasCookie

172.217.21.162

200 OK

181 B

URL HTTP/2
partner.googleadservices.com/gampad/cookie.js?domain=monktraff.com&client=dp-bodis31_3ph&product=SAS&callback=__sasCookie
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
181 B (181 bytes)
Hash
af0e5a0149d3e7313412e8cf92f488e3
5f3416a145c5a9b3dff5d8b2bd7e1ff132cb2882
9a43c8d67675ffd21ab8933a3c84c4bf5210358d7718f20792e878a9d7a53ec4

HTTP Headers

GET /gampad/cookie.js?domain=monktraff.com&client=dp-bodis31_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monktraff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 03 Nov 2022 15:16:40 GMT
server: cafe
cache-control: private
content-length: 181
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e095d82bd2a12734c45af554442ec777
ae00879b4039665093f0e5a42e9449e1772f6221
aa0517066c31621f8360b8b32aab5d6b3cd309dc2dd7adbf527370cfb4a9563b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 03 Nov 2022 15:16:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e539fa08ddc0ce1396c84ecc16c2bec7
69414e0693690cc9cc14b48b2f952efe942198d5
b6609b24198f2c6c9eefaa3b1cb2f2db9dd8b81c6a7135a5b46c3a9a165c8266

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 03 Nov 2022 15:16:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e539fa08ddc0ce1396c84ecc16c2bec7
69414e0693690cc9cc14b48b2f952efe942198d5
b6609b24198f2c6c9eefaa3b1cb2f2db9dd8b81c6a7135a5b46c3a9a165c8266

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 03 Nov 2022 15:16:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b95dd22a317e6c28df8bc7bc194798ee
24b3b1de591239d8ff34975f5109c15e911b42c8
5721b7519b8900c7797e24e4e5bb757a95ace8a0050a0fe0912990b51b0efb1f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 03 Nov 2022 15:16:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Michroma&display=swap

142.250.74.10

200 OK

552 B

URL HTTP/2
fonts.googleapis.com/css?family=Michroma&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (390)
Size
552 B (552 bytes)
Hash
3ae821533645aa6e503e21990703c050
7f98fde15e93e75afad6c3b8738e9d6ae7e53e46
2cad3d8109f565218b15713f3c3992b8301f949fc73dd8b28b8bb2a41887350f

HTTP Headers

GET /css?family=Michroma&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 03 Nov 2022 15:16:40 GMT
date: Thu, 03 Nov 2022 15:16:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b95dd22a317e6c28df8bc7bc194798ee
24b3b1de591239d8ff34975f5109c15e911b42c8
5721b7519b8900c7797e24e4e5bb757a95ace8a0050a0fe0912990b51b0efb1f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 03 Nov 2022 15:16:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b15f7682b457e5834de92ef3c85ea1ea
cc5387f279481cc0d3269922912add491abfc0e8
33b00b3c9f71cd2df7127c04aef4e4477c5007e615125b5a1331643954dbee93

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 03 Nov 2022 15:16:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff

142.250.74.33

200 OK

278 B

URL HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (306)
Size
278 B (278 bytes)
Hash
bb7fc36f627255dd4783f849dca0932e
80e89ef8f3c2c8ee982523757fce214ea7323a69
735f48c2876099e6a731c65fc46ec1ec133c316e0997d04eb0ee246741bee647

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 278
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 04:43:14 GMT
expires: Fri, 04 Nov 2022 03:43:14 GMT
cache-control: public, max-age=82800
age: 38006
last-modified: Tue, 09 Feb 2021 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\012- data
Size
17 kB (17156 bytes)
Hash
402cbe860d64ae2e13145e34cbc7889c
7af4691dc306b7583365b9ff2ead0c1f6db017c5
da748253b458c5fc9c9a5e3c108b1cda280f52df4008702b9cea695ec23332aa

HTTP Headers

GET /s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Oct 2022 21:54:03 GMT
expires: Fri, 27 Oct 2023 21:54:03 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 14:38:29 GMT
content-type: font/woff2
age: 580957
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b95dd22a317e6c28df8bc7bc194798ee
24b3b1de591239d8ff34975f5109c15e911b42c8
5721b7519b8900c7797e24e4e5bb757a95ace8a0050a0fe0912990b51b0efb1f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 03 Nov 2022 15:16:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b15f7682b457e5834de92ef3c85ea1ea
cc5387f279481cc0d3269922912add491abfc0e8
33b00b3c9f71cd2df7127c04aef4e4477c5007e615125b5a1331643954dbee93

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 03 Nov 2022 15:16:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10352
Expires: Thu, 03 Nov 2022 18:09:12 GMT
Date: Thu, 03 Nov 2022 15:16:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10352
Expires: Thu, 03 Nov 2022 18:09:12 GMT
Date: Thu, 03 Nov 2022 15:16:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10352
Expires: Thu, 03 Nov 2022 18:09:12 GMT
Date: Thu, 03 Nov 2022 15:16:40 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c1f0aa-9ef9-468e-9e11-7a02b7969f7f.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c1f0aa-9ef9-468e-9e11-7a02b7969f7f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10411 bytes)
Hash
f6a0b42162a59f85f6ddb149bbb09517
107817da1e00f629351ebbeb62caf795a6a8393b
0e6094306076439f0aaa893d8a4f4188a9ded69f4dca19b47d4762a19b5fc8fa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c1f0aa-9ef9-468e-9e11-7a02b7969f7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10411
x-amzn-requestid: 21836619-61da-4d22-811c-f605f5d41170
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avzazF_zoAMFgOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c9911-4678c6272cf91c3d0f4827b8;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 03:08:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ryG7GxtXQArs5_FPS9qnofnflm9PE427b3AkPGbmhiq_rPU2LxLiZg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 19:23:26 GMT
age: 71594
etag: "107817da1e00f629351ebbeb62caf795a6a8393b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F116416c7-b158-4c98-af55-3027f9bfbd6c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7044 bytes)
Hash
cc615bd01e1ac97fec7bf47b18f0e999
ee2c892adba5d3e12ac8443065c38317752f3e4a
ca41974691496f2629f45cba9bb21b84e7dbb9cefbf7e8e3348c98b101002269

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F116416c7-b158-4c98-af55-3027f9bfbd6c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7044
x-amzn-requestid: 6ed2687f-f478-4206-a9b7-fc63428966bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a5sd1GcvIAMFYew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63608df1-79ada3087098484923a3b64d;Sampled=0
x-amzn-remapped-date: Tue, 01 Nov 2022 03:09:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HsnvvNU6huvFGVXW-AypNd0J5_Hwv-bQbpJ0g6JVrjUt6a_cy3vAUA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 04:05:07 GMT
age: 40293
etag: "ee2c892adba5d3e12ac8443065c38317752f3e4a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11421 bytes)
Hash
2ae2b8d827fb2c8bef64febcd36f1645
f7705fcd2d91ce90c58e79324cce1e3abba6c1c8
2dc55e97ef3a85fccb104b80161a8bac16b12d37527c336563677432584c7ad5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11421
x-amzn-requestid: 4496dcf9-82a8-4321-99bd-0007970fbcfe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ayUiRGlaIAMFv1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635d9adb-3a316f577aae13f14f42115d;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 21:27:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QTXI_o8XNya_nGWUf9f6DSAhDTfls7WQ_NEF7pSA-o0orL1sZLXOaw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 23:36:29 GMT
age: 56411
etag: "f7705fcd2d91ce90c58e79324cce1e3abba6c1c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68776550-80bb-42be-9be2-eb62bcccccc1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11437 bytes)
Hash
3fe3ed0509ad6dbbf9e911a1154a3bc0
221b2d7a48090242bffda933cfa9f7ff3932d92a
415b3782419e0157a9a522f98bfc32dd133a374546ab1b57954e2cb37ec6554d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68776550-80bb-42be-9be2-eb62bcccccc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11437
x-amzn-requestid: 52f99e39-e3f4-450c-ac61-e613cb1e7a08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a_iCaHvYoAMFRmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6362e3a8-3b8d8f595238263410e90feb;Sampled=0
x-amzn-remapped-date: Wed, 02 Nov 2022 21:39:52 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: aQKU76PrqkATLgKUwqzwHBdRusLwAnx_DmNHvtHOkkM7IzG_lopE3w==
via: 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 21:40:08 GMT
etag: "221b2d7a48090242bffda933cfa9f7ff3932d92a"
content-type: image/jpeg
age: 63392
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb158669e-8bf1-47dd-afff-d12ea7777cff.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7068 bytes)
Hash
7374ceacc76dbef905a58f1bd3788f0a
a6214182c5a1dabee4051247de0068b774bfd555
459f07eece770ab33c0fa2b3d5c2592c524ebc7f02a5123dc551f19562bf327c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb158669e-8bf1-47dd-afff-d12ea7777cff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7068
x-amzn-requestid: 4f808d20-12db-400f-952f-13f5641deb98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: atDhrHq3IAMFgpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635b7fa4-19a05fe3542d51927907bb8b;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 07:07:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: s5-XAea6Kxpn0aTdLLMYXKDpdBFLWa9flb0ZgOVIAwnRO1k6sON3Qg==
via: 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 01:05:26 GMT
age: 51074
etag: "a6214182c5a1dabee4051247de0068b774bfd555"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F623cd169-7ed9-42a3-aa0b-e5d3053dad6c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9464 bytes)
Hash
f22f82690184549a27cacc59906590bd
f387ae7704ac36d6a3e20da098cb9f75829d1e0f
a9804db6a2263ed8d70634921ac39079c2a803f180a3347eeb92d7bbede66b67

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F623cd169-7ed9-42a3-aa0b-e5d3053dad6c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9464
x-amzn-requestid: 63126894-cf2b-4b97-9115-4782d4418e52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a2ZVpFtqoAMFZdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635f3c23-766a430e679848b74e1f7d06;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 03:08:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JTGuMhMakZRq-O_UQRPJ4cE5pjk-hu36b1S8miRUpsnwXM9GPLtk2A==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 04:46:43 GMT
age: 37797
etag: "f387ae7704ac36d6a3e20da098cb9f75829d1e0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

port13.govisibl.com/favicon.ico

107.170.154.51

200 OK

0 B

URL HTTP/1.1
port13.govisibl.com/favicon.ico
IP
107.170.154.51:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: port13.govisibl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://port13.govisibl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"21630-1465191654000"
Last-Modified: Mon, 06 Jun 2016 05:40:54 GMT
Content-Type: image/x-icon
Content-Length: 21630
Date: Thu, 03 Nov 2022 15:16:38 GMT

monktraff.com/js/parking.2.100.0.js

199.59.243.222

200 OK

0 B

URL HTTP/2
monktraff.com/js/parking.2.100.0.js
IP
199.59.243.222:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/parking.2.100.0.js HTTP/1.1
Host: monktraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monktraff.com/l/26590535e3809b41c6cd?sub=0212055700003305743803204618739852f1720292&source=57438
Cookie: parking_session=39f59f7f-55b8-c82b-bc65-12db54f9b72b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 03 Nov 2022 15:16:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 02 Nov 2022 15:24:22 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

monktraff.com/_fd?sub=0212055700003305743803204618739852f1720292&source=57438

199.59.243.222

200 OK

0 B

URL HTTP/2
monktraff.com/_fd?sub=0212055700003305743803204618739852f1720292&source=57438
IP
199.59.243.222:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /_fd?sub=0212055700003305743803204618739852f1720292&source=57438 HTTP/1.1
Host: monktraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://monktraff.com/l/26590535e3809b41c6cd?sub=0212055700003305743803204618739852f1720292&source=57438
Content-Type: application/json
Origin: https://monktraff.com
Connection: keep-alive
Cookie: parking_session=39f59f7f-55b8-c82b-bc65-12db54f9b72b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: openresty
content-type: text/html; charset=UTF-8
date: Thu, 03 Nov 2022 15:16:39 GMT
x-version: 2.100.0
set-cookie: parking_session=39f59f7f-55b8-c82b-bc65-12db54f9b72b; expires=Thu, 03-Nov-2022 15:31:39 GMT; Max-Age=900; path=/; httponly
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

monktraff.com/_tr

199.59.243.222

200 OK

0 B

URL HTTP/2
monktraff.com/_tr
IP
199.59.243.222:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /_tr HTTP/1.1
Host: monktraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://monktraff.com/l/26590535e3809b41c6cd?sub=0212055700003305743803204618739852f1720292&source=57438
Content-Type: application/json
Origin: https://monktraff.com
Content-Length: 2429
Connection: keep-alive
Cookie: parking_session=39f59f7f-55b8-c82b-bc65-12db54f9b72b; __gsas=ID=f527884e637048c6:T=1667488600:S=ALNI_MZiwvNOH4cW-DQE-OafD6I0gQ9Gdg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
content-type: text/html; charset=UTF-8
date: Thu, 03 Nov 2022 15:16:40 GMT
x-version: 2.100.0
set-cookie: parking_session=39f59f7f-55b8-c82b-bc65-12db54f9b72b; expires=Thu, 03-Nov-2022 15:31:40 GMT; Max-Age=900; path=/; httponly
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (43)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers