Report - ketoleantoday.com/v9/?a=3642&o=433&p=1&s=keto&sub1=admin_clickers_09_08_2022.csv&sub2=&sub3=2540&sub4=261&sub5=tmo&c=tLBUaBZ

Report Overview

Submitted URL
ketoleantoday.com/v9/?a=3642&o=433&p=1&s=keto&sub1=admin_clickers_09_08_2022.csv&sub2=&sub3=2540&sub4=261&sub5=tmo&c=tLBUaBZ
IP
172.67.197.226
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-04 07:26:03
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.131
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	142 kB	216.58.207.227
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	72 kB	34.120.237.76
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.76.226
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.5 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.89.114.252
ketoleantoday.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	553 B	875 B	172.67.197.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	ketoleantoday.com/v9/?a=3642&o=433&p=1&s=keto&sub1=admin_clickers_09_08_2022.csv&sub2=&sub3=2540&sub4=261&sub5=tmo&c=tLBUaBZ	834 B	2023-03-07	2023-05-17
Pretty URL ketoleantoday.com/v9/?a=3642&o=433&p=1&s=keto&sub1=admin_clickers_09_08_2022.csv&sub2=&sub3=2540&sub4=261&sub5=tmo&c=tLBUaBZ IP 172.67.197.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:29:45 Last Seen2023-05-17 23:42:29 Times Seen2 Hash 0367962a490cb1edf26d09eaa587a4c6 1943307999dc9a8a1e68b10560aec613370c64c3 499a624a23ca3abf5004e6eaa67dc0b6efa0c42c074da02755f0101beac98c3f Loading...

	ketoleantoday.com/v9/?a=3642&o=433&p=1&s=keto&sub1=admin_clickers_09_08_2022.csv&sub2=&sub3=2540&sub4=261&sub5=tmo&c=tLBUaBZ	1.1 kB	2023-03-07	2023-05-17
Pretty URL ketoleantoday.com/v9/?a=3642&o=433&p=1&s=keto&sub1=admin_clickers_09_08_2022.csv&sub2=&sub3=2540&sub4=261&sub5=tmo&c=tLBUaBZ IP 172.67.197.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:29:45 Last Seen2023-05-17 23:42:29 Times Seen2 Hash 6822bcac1e555dcc8838739155f0a382 445bf7d2623aa152410111237cebfb5b3f058419 50fa6b60329aa8fe4c45ee9a6c0f87261ccdd6f6a65541bf6850d42f9e4de19b Loading...

		Size	First Seen	Last Seen
	#1 Write - b424d3e05166e17da7f00694ef0520ea	24 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:47:34 Last Seen2023-03-08 16:23:35 Times Seen1 Hash b424d3e05166e17da7f00694ef0520ea fdfde6de77595cc450fcddab950eef45da18b8a0 20a88ec84c59e91c846a20cbbde966f3d9ec8fc8ebebd528a4af8311b0da5729 Loading...

HTTP Transactions (32)

	URL	IP	Response	Size
	e1.o.lencr.org/	23.36.76.226	200 OK	345 B
URL HTTP/1.1 e1.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 345 B (345 bytes) Hash b0f65d1e954b827ae8bcdd75f5bece08 d4b694ee51d1cce18edd337690a1138b98427787 374f6123ce23563509f2bbe7524ea742b421f1ccc16b91d18e0bc59dd1deb50d HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 345 ETag: "374F6123CE23563509F2BBE7524EA742B421F1CCC16B91D18E0BC59DD1DEB50D" Last-Modified: Sat, 03 Dec 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6368 Expires: Sun, 04 Dec 2022 09:12:00 GMT Date: Sun, 04 Dec 2022 07:25:52 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash cfec3d7283a9b66d2be426ce54d210f3 808c1feb1ba918951d1928c1f6bfc0c253262774 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11542 Expires: Sun, 04 Dec 2022 10:38:14 GMT Date: Sun, 04 Dec 2022 07:25:52 GMT Connection: keep-alive`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 67e9370f1bf3e4946a01f346eeae8966 aaab391d1134302d718de7a0d5edbedf884633e6 27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 229 Cache-Control: max-age=97749 Content-Type: application/ocsp-response Date: Sun, 04 Dec 2022 07:25:52 GMT Etag: "638b2570-1d7" Expires: Mon, 05 Dec 2022 10:35:01 GMT Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT Server: ECS (ska/F70E) X-Cache: HIT Content-Length: 471`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1ea206ac3c440825741687351f8c6e4e 2f38dafd8c43dcce2411a0590bc5c02cd6286735 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5886 Expires: Sun, 04 Dec 2022 09:03:58 GMT Date: Sun, 04 Dec 2022 07:25:52 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	34.102.187.140	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 34.102.187.140:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 04 Dec 2022 07:20:05 GMT cache-control: public,max-age=3600 content-type: application/json age: 347 alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: J4eLrm0vA9ervVa/pAc2p47AkuBKkLvvzGsGOdiC6IAuBN9xmmeEvwLzMx8pgk0uFH2M1UQlnlo= x-amz-request-id: XP5YS6X0JR3W6QJM content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 04 Dec 2022 06:47:27 GMT age: 2305 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sun, 04 Dec 2022 07:25:52 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	34.102.187.140	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 34.102.187.140:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 04 Dec 2022 07:11:19 GMT cache-control: public,max-age=3600 age: 873 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json alt-svc: clear X-Firefox-Spdy: h2

	e1.o.lencr.org/	23.36.76.226	200 OK	345 B
URL HTTP/1.1 e1.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 345 B (345 bytes) Hash b0f65d1e954b827ae8bcdd75f5bece08 d4b694ee51d1cce18edd337690a1138b98427787 374f6123ce23563509f2bbe7524ea742b421f1ccc16b91d18e0bc59dd1deb50d HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 345 ETag: "374F6123CE23563509F2BBE7524EA742B421F1CCC16B91D18E0BC59DD1DEB50D" Last-Modified: Sat, 03 Dec 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6368 Expires: Sun, 04 Dec 2022 09:12:00 GMT Date: Sun, 04 Dec 2022 07:25:52 GMT Connection: keep-alive`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash a151c326c67e1abb747847c1427db76f 80885d30ef8ba867bf33c40b861976958a27493a de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 220 Cache-Control: max-age=92679 Content-Type: application/ocsp-response Date: Sun, 04 Dec 2022 07:25:52 GMT Etag: "638b11ab-1d7" Expires: Mon, 05 Dec 2022 09:10:31 GMT Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT Server: ECS (ska/F70E) X-Cache: HIT Content-Length: 471`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash da9700d928847bca71f73dc9ca89bd1c 2f156a1557a7504da776ed9a82dc52563662be6f 428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Dec 2022 07:25:53 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash da9700d928847bca71f73dc9ca89bd1c 2f156a1557a7504da776ed9a82dc52563662be6f 428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Dec 2022 07:25:53 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash da9700d928847bca71f73dc9ca89bd1c 2f156a1557a7504da776ed9a82dc52563662be6f 428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Dec 2022 07:25:53 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash da9700d928847bca71f73dc9ca89bd1c 2f156a1557a7504da776ed9a82dc52563662be6f 428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Dec 2022 07:25:53 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash da9700d928847bca71f73dc9ca89bd1c 2f156a1557a7504da776ed9a82dc52563662be6f 428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Dec 2022 07:25:53 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/droidserif/v13/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2	216.58.207.227	200 OK	22 kB
URL HTTP/2 fonts.gstatic.com/s/droidserif/v13/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 22492, version 1.0\012- data Size 22 kB (22492 bytes) Hash 62b4ed3cb1a22974f1a1b14a45ebb76e 07a8debbe9150c6e979c69dc63e067abb34164f7 9f0624a5f72fa4c0942c21c83960fd1f80b6a49391d27a616a758b098672a00a HTTP Headers `GET /s/droidserif/v13/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://ketoleantoday.com Connection: keep-alive Referer: https://ketoleantoday.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 22492 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 03 Dec 2022 15:34:53 GMT expires: Sun, 03 Dec 2023 15:34:53 GMT cache-control: public, max-age=31536000 age: 57060 last-modified: Thu, 10 Sep 2020 17:03:23 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2	216.58.207.227	200 OK	45 kB
URL HTTP/2 fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 44656, version 1.0\012- data Size 45 kB (44656 bytes) Hash a698723ffb7c306e852d2a2754a41bb1 1ad09d91061336f01ee7bbf0ab6ce011adeef279 88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96 HTTP Headers `GET /s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://ketoleantoday.com Connection: keep-alive Referer: https://ketoleantoday.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 44656 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 28 Nov 2022 21:44:03 GMT expires: Tue, 28 Nov 2023 21:44:03 GMT cache-control: public, max-age=31536000 age: 466910 last-modified: Thu, 28 Oct 2021 00:30:43 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	fonts.gstatic.com/s/droidserif/v13/tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2	216.58.207.227	200 OK	20 kB
URL HTTP/2 fonts.gstatic.com/s/droidserif/v13/tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 20528, version 1.0\012- data Size 20 kB (20528 bytes) Hash 847076af0a2064282724f913e8443124 6ce31ac27491fd4296357f95172e668033dd98e3 629eb98fdc13c8240c7e854c897a9b0ca30127e0ea32fafea172d898398c2d5d HTTP Headers `GET /s/droidserif/v13/tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://ketoleantoday.com Connection: keep-alive Referer: https://ketoleantoday.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 20528 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 02 Dec 2022 17:05:02 GMT expires: Sat, 02 Dec 2023 17:05:02 GMT cache-control: public, max-age=31536000 age: 138051 last-modified: Thu, 10 Sep 2020 17:04:35 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	fonts.gstatic.com/s/droidserif/v13/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2	216.58.207.227	200 OK	26 kB
URL HTTP/2 fonts.gstatic.com/s/droidserif/v13/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 25984, version 1.0\012- data Size 26 kB (25984 bytes) Hash c914631f20a99ca0d322d775090ea4f7 1a095a5fb208c47eb9a01ab2a0336a12044e7977 ad15918ec10a62580864ae3198a9d9545f260fe70e6cb9aa65901a5b02584fec HTTP Headers `GET /s/droidserif/v13/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://ketoleantoday.com Connection: keep-alive Referer: https://ketoleantoday.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 25984 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 29 Nov 2022 20:11:52 GMT expires: Wed, 29 Nov 2023 20:11:52 GMT cache-control: public, max-age=31536000 age: 386041 last-modified: Thu, 10 Sep 2020 17:03:28 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	fonts.gstatic.com/s/droidserif/v13/tDbX2oqRg1oM3QBjjcaDkOr4lLz5CwOnSA.woff2	216.58.207.227	200 OK	24 kB
URL HTTP/2 fonts.gstatic.com/s/droidserif/v13/tDbX2oqRg1oM3QBjjcaDkOr4lLz5CwOnSA.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 23508, version 1.0\012- data Size 24 kB (23508 bytes) Hash 21b7bed43e1c81de0277b6e2e96e9981 3d47ab364f3578b1bc0511ed91a26d87e128e539 e488b6a49159d34d6cd22d7379048db9476b146756cca403b21d3f032b76ac10 HTTP Headers `GET /s/droidserif/v13/tDbX2oqRg1oM3QBjjcaDkOr4lLz5CwOnSA.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://ketoleantoday.com Connection: keep-alive Referer: https://ketoleantoday.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 23508 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 02 Dec 2022 17:05:02 GMT expires: Sat, 02 Dec 2023 17:05:02 GMT cache-control: public, max-age=31536000 age: 138051 last-modified: Thu, 10 Sep 2020 17:03:20 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	push.services.mozilla.com/	52.89.114.252	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 52.89.114.252:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: JvwmGnDLAiPq6RuHDR1cKQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: xdk8+he2CjgPpvUl3X4ARZJaa0I=`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash da9700d928847bca71f73dc9ca89bd1c 2f156a1557a7504da776ed9a82dc52563662be6f 428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Dec 2022 07:25:53 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4879 Expires: Sun, 04 Dec 2022 08:47:13 GMT Date: Sun, 04 Dec 2022 07:25:54 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4879 Expires: Sun, 04 Dec 2022 08:47:13 GMT Date: Sun, 04 Dec 2022 07:25:54 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec2e8dd-0603-4e77-a4c4-d12283344063.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec2e8dd-0603-4e77-a4c4-d12283344063.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11453 bytes) Hash d92ef24fca79a19de35e5f01b787fd01 1428e76ca8acfbf84d17c129df711d04e46e6560 ca68c585d243bcfd901caff5cf426b1bb8039656d1e13a8623d9ca37ef089454 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec2e8dd-0603-4e77-a4c4-d12283344063.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11453 x-amzn-requestid: bef4ead1-065b-44e2-beef-8ada5ed9a3da x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: clsrtEE2oAMFwdA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638bc17d-4743671c3ef34662260246ec;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 21:37:01 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ZBZA_MGk_aEoDH6sRMJuMbim-YZ3FhlxgYt2LMiAxHKIOCOpeMI2gQ== via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google date: Sat, 03 Dec 2022 22:13:00 GMT age: 33174 etag: "1428e76ca8acfbf84d17c129df711d04e46e6560" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp	34.120.237.76	200 OK	5.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.7 kB (5681 bytes) Hash 43309032a892c486f9985ef520df696e 36f4682ca6a33ff80ee02129c77e6f27e996ede0 24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5681 x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cltXnEotIAMFqkA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: vNP2rQwmWTntetjJyjonO8N_YOBqvQuZUm42BWX7c1GoX7jASOIpCg== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google date: Sat, 03 Dec 2022 21:49:42 GMT age: 34572 etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg	34.120.237.76	200 OK	7.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.5 kB (7503 bytes) Hash c1a6f4805f59db44f9d3520d88701a58 6a0258e8c97ce09f1723382c8a16d9682b7dc50c ae120df5e96352c6998c24c69c709dfd2b01a7ff8a7b935d496757fd7661f2f5 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7503 x-amzn-requestid: a4120308-c51e-4cff-99c2-90e86018b05d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cgZjCGkVIAMFpsw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6389a2e0-6fdf362a6d32449239476155;Sampled=0 x-amzn-remapped-date: Fri, 02 Dec 2022 07:01:52 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: dy619jlSTwCjwDhGuLmwTMcmuYj1Kg2oLA7xORyAYX8IHWimhNo6pw== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google date: Sun, 04 Dec 2022 07:23:21 GMT age: 153 etag: "6a0258e8c97ce09f1723382c8a16d9682b7dc50c" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30995615-b061-49b7-a1e1-1d39f60e42a2.jpeg	34.120.237.76	200 OK	7.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30995615-b061-49b7-a1e1-1d39f60e42a2.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.5 kB (7454 bytes) Hash f76ad58139e6d5bf4402d442ed662f3c 0100b4fdd66d254d48395da715dfd6d760ae6cf6 1c1199744e75a69f9eedfec6ecdcc11e67b735f66fc50c8a0c2d60c40920532c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30995615-b061-49b7-a1e1-1d39f60e42a2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7454 x-amzn-requestid: b8250832-ecd8-499b-b292-5110afe2cd84 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cltkWEMroAMFatw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638bc2e8-6d91fc504703cdd5128e5746;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:04 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: S9_U5ZapxEkMRuoSxt2YSGa3zJy7zdGlGK24yRN305GY7qkn3AdKIQ== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google date: Sat, 03 Dec 2022 22:24:09 GMT etag: "0100b4fdd66d254d48395da715dfd6d760ae6cf6" content-type: image/jpeg age: 32505 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png	34.120.237.76	200 OK	16 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 16 kB (16143 bytes) Hash 14dcca2a9c4792d835ee709bcd947402 1d702df3a64258628f4124eafd580695f2d350af da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 16143 x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cdGyLGqmoAMFnaA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google date: Sat, 03 Dec 2022 07:43:43 GMT age: 85331 etag: "1d702df3a64258628f4124eafd580695f2d350af" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50aece01-03ae-4256-8ffa-fceb43e3dd62.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50aece01-03ae-4256-8ffa-fceb43e3dd62.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (11170 bytes) Hash b5047e1b428980b054be8c899ec7bd2a a55e532bd0251ffc78c052a3f8b649e13feafdb7 c7f42eed10d19a983df419556f821a391ca2ece33a72cdef7a367cd7eab0b96a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50aece01-03ae-4256-8ffa-fceb43e3dd62.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11170 x-amzn-requestid: 4925defd-cb3f-4818-a609-c4f2badaf0d4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cltlsGUVoAMFi9w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638bc2f1-46cb22af25d527d016096316;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:13 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: KMhlrg9pjepNii5clmKidbqEqTuUI1gYg8UOC7tVZ-7ZB06481p5ug== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Sat, 03 Dec 2022 22:08:25 GMT age: 33449 etag: "a55e532bd0251ffc78c052a3f8b649e13feafdb7" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg	34.120.237.76	200 OK	4.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.7 kB (4666 bytes) Hash c01fe1cccdb3b672bbade6d98217ffe9 a9a529dc9894827f6243a1bf57f81caa4fe88fc2 c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK server: nginx content-length: 4666 x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: clr_-GiboAMFwww= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ== via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google date: Sat, 03 Dec 2022 21:44:01 GMT age: 34920 etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ketoleantoday.com/v9/?a=3642&o=433&p=1&s=keto&sub1=admin_clickers_09_08_2022.csv&sub2=&sub3=2540&sub4=261&sub5=tmo&c=tLBUaBZ	172.67.197.226	200 OK	0 B
URL HTTP/2 ketoleantoday.com/v9/?a=3642&o=433&p=1&s=keto&sub1=admin_clickers_09_08_2022.csv&sub2=&sub3=2540&sub4=261&sub5=tmo&c=tLBUaBZ IP 172.67.197.226:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /v9/?a=3642&o=433&p=1&s=keto&sub1=admin_clickers_09_08_2022.csv&sub2=&sub3=2540&sub4=261&sub5=tmo&c=tLBUaBZ HTTP/1.1 Host: ketoleantoday.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 200 OK date: Sun, 04 Dec 2022 07:25:52 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding set-cookie: PHPSESSID=cm61762v3l1f9kl5s0d0q7v6ld; path=/ expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPJcyM6VznLjzsC7pERPwQ1CUn17LQ5C6tze5zngxu5rjTVUE2wH5MTgA3ebtWYJkTWXYWbLmDeKQOuuTaPag5AB7iJwbk0IQ9N1QTWZxqdqDQrZgOiGQfTiQOZnuKdDoBIBjA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7742cf81ab05b4fa-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (32)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN