Report - lifanacg.cc/dxb/536

Report Overview

Submitted URL
lifanacg.cc/dxb/536_37.html
IP
5.79.79.210
ASN
#60781 LeaseWeb Netherlands B.V.
Submitted
2023-04-04 04:08:08
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-04-04T18:12:09Z	3.0 kB	8.0 kB	23.36.77.32
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-04-04T18:13:50Z	333 B	391 B	34.117.237.239
ww1.lifanacg.cc	unknown	2023-03-07T04:00:35Z	2023-03-09T03:37:18Z	2.5 kB	8.5 kB	13.248.148.254
d38psrni17bvxu.cloudfront.net	unknown	2022-09-22T18:48:38Z	2023-04-04T04:38:38Z	356 B	12 kB	54.230.245.8
afs.googleusercontent.com	12123	2013-05-06T21:11:00Z	2023-04-04T02:03:48Z	885 B	2.1 kB	142.250.74.97
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-04-04T18:13:55Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-04-04T18:20:05Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-04-04T18:12:04Z	2.4 kB	4.9 kB	142.250.74.131
partner.googleadservices.com	798	2012-10-03T03:04:21Z	2023-04-04T18:15:08Z	464 B	787 B	216.58.207.226
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-04-04T13:13:40Z	3.2 kB	56 kB	34.120.237.76
lifanacg.cc	unknown	2018-12-14T22:09:47Z	2023-04-04T03:19:36Z	358 B	405 B	5.79.79.210
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-04-04T18:19:16Z	606 B	127 B	44.238.73.182
c.parkingcrew.net	70582	2017-01-29T20:17:16Z	2023-04-04T05:34:18Z	291 B	1.0 kB	185.53.178.30
www.google.com	7	2015-05-10T13:11:19Z	2023-04-04T21:32:30Z	2.1 kB	59 kB	142.250.74.164

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-04-04 04:07:57	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-04-04 04:07:57	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-04-04 04:07:58	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-04-04 04:07:58	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	partner.googleadservices.com/gampad/cookie.js?domain=ww1.lifanacg.cc&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie	362 B	2023-04-05	2023-04-05
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=ww1.lifanacg.cc&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie IP 216.58.207.226 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 01:41:34 Last Seen2023-04-05 01:41:34 Times Seen1 Hash afaddf199fa5bf7912342065241021d5 5cbaeb77be7197b6826930e85b274d59897ebb11 3159d8d00b21870d2cabb91eddd7eb9c261ec0e8c22dc2d0317f2525bf2221b0 Loading...

	www.google.com/adsense/domains/caf.js?abp=1	148 kB	2023-04-05	2023-04-06
Pretty URL www.google.com/adsense/domains/caf.js?abp=1 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 01:39:15 Last Seen2023-04-06 15:28:45 Times Seen15 Hash 3a3d88c505f9ea977bc5a75cf09c5587 8c2bb801a3fc8da5bf25caa42a67f21c51c82fa7 a69569a201a195064a2ede30cc8bc8006482fe8eb1c48f18e7773f60d3d3a183 Loading...

	ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e	669 B	2023-04-05	2023-04-05
Pretty URL ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 01:41:34 Last Seen2023-04-05 01:41:34 Times Seen1 Hash 1c2e127a36e8a0c130bee96529c6cd3a df52bfcf30869f12e28e4072709c9e3e60d01d9e ba7e81dd7323dad8cdde423e9f9db2c0851c70e432d0ce2f35a009c461b8f24a Loading...

	ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e	20 B	2023-03-12	2024-01-03
Pretty URL ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:00:05 Last Seen2024-01-03 14:22:39 Times Seen13851 Hash bb9472ed191ad69435d630c50e139a17 4efa10c70dbfe37ec4c8bb5a04b907c549de7e3d eec645c8d410f4d6accc5c4c3326bbff80fdd9d105e423ad50c5c87b22845492 Loading...

	www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww1.lifanacg.cc%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDJiYTI5ZWI2YTdjfHx8MTY4MDU4MTI3OC43NTM4fDM1NjNkYTRhYjdjNGZhODExNTdlNmQ1NTE2NzVjYmRjMzljNTkyYjN8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5ZTkxOTdmMjE1NWFlMDUyZWVkNmFkYTAzYjhlZmZhNDk0YmU4M2EzfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2907159485326888&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300964&format=r3%7Cs&nocache=8191680581279028&num=0&output=afd_ads&domain_name=ww1.lifanacg.cc&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1680581279030&u_w=1280&u_h=1024&biw=1152&bih=836&psw=1152&psh=795&frm=0&cl=520018305&uio=--&cont=tc&jsid=caf&jsv=520018305&rurl=http%3A%2F%2Fww1.lifanacg.cc%2F%3Fsubid1%3D484bb948-d29e-11ed-be30-6cad4dd74c9e&adbw=master-1%3A530	6.3 kB	2023-04-05	2023-04-05
Pretty URL www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww1.lifanacg.cc%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDJiYTI5ZWI2YTdjfHx8MTY4MDU4MTI3OC43NTM4fDM1NjNkYTRhYjdjNGZhODExNTdlNmQ1NTE2NzVjYmRjMzljNTkyYjN8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5ZTkxOTdmMjE1NWFlMDUyZWVkNmFkYTAzYjhlZmZhNDk0YmU4M2EzfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2907159485326888&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300964&format=r3%7Cs&nocache=8191680581279028&num=0&output=afd_ads&domain_name=ww1.lifanacg.cc&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1680581279030&u_w=1280&u_h=1024&biw=1152&bih=836&psw=1152&psh=795&frm=0&cl=520018305&uio=--&cont=tc&jsid=caf&jsv=520018305&rurl=http%3A%2F%2Fww1.lifanacg.cc%2F%3Fsubid1%3D484bb948-d29e-11ed-be30-6cad4dd74c9e&adbw=master-1%3A530 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 01:41:34 Last Seen2023-04-05 01:41:34 Times Seen1 Hash 1aaddffb9d7e8d53db0ddf34a9bfdc63 90c738b4786a2df1a7285aba5d5a845dcc0e2b39 02fd2b178f558f5a590c52e8bd907b5062bf7ad1bf0fb4f4805782b64bf2aa80 Loading...

	c.parkingcrew.net/scripts/sale_form.js	761 B	2023-03-07	2024-05-04
Pretty URL c.parkingcrew.net/scripts/sale_form.js IP 185.53.178.30 ASN #19905 NEUSTAR-AS6 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:27 Last Seen2024-05-04 19:05:15 Times Seen10997 Hash 64f809e06446647e192fce8d1ec34e09 5b7ced07da42e205067afa88615317a277a4a82c f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3 Loading...

	ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e	1.1 kB	2023-04-05	2023-04-05
Pretty URL ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 01:41:34 Last Seen2023-04-05 01:41:34 Times Seen1 Hash 5599f7eb408bea410855677ea9cdc790 ccd71ddf427c25c85e10f04136dfbf55c44eff45 993daa3ee99335bf31d9df4035232650a62a9484849d5f9a49997449e301e8b7 Loading...

	ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e	246 B	2023-04-05	2023-04-05
Pretty URL ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 01:41:34 Last Seen2023-04-05 01:41:34 Times Seen1 Hash adca67a3215614664065cc39986cf6f8 d616578c61e0ccd2a95a9f6be86b081d446a9703 480922c49ec21dd0c10ab58a89e049135af04966fdf9717df3c6dfffe62c3c3a Loading...

	ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e	7.0 kB	2023-03-13	2024-01-03
Pretty URL ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:10:31 Last Seen2024-01-03 14:22:39 Times Seen25920 Hash 04b2b624f94797c26d17a57f399d9356 3143986e839c47a5c1eff03bd9df63ecc54dca9c 233b1cbfb295a0629bcf68a2a4198a62132f02ee1f061ada2ce7143bd5d2dabb Loading...

	ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e	65 B	2023-03-12	2023-05-29
Pretty URL ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:35:17 Last Seen2023-05-29 13:26:57 Times Seen101 Hash e61d3b68d4faced8dcaa798197e2631f 6d000b7d3611fed3a088c150f8b358afad266c55 95edf0b46894390dcb9ac16b3177993fcf42d7c44b988b14a0ef847199a40c35 Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-04-03	2023-04-06
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-03 23:58:33 Last Seen2023-04-06 15:31:35 Times Seen131 Hash 9eae59f084daf0a3d5180e3705064ea7 9e910a3ee2db924107967fd326287f8ab90fe97b 71e1c0f29c82d73f5cd93f65fff656adb7f36197567d78b7ce514357ec452c69 Loading...

	ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e	968 B	2023-03-08	2024-05-04
Pretty URL ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:24:08 Last Seen2024-05-04 14:03:19 Times Seen27861 Hash c77554570ae0fa8e4fb31747dc213058 e989fbde07e6a68975c7a31e1d4df76afd90b96f c3f831fe1717c6d76a8950ac5e7dc88ceee7440d079b11584be5c6c5b3269e77 Loading...

	ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e	647 B	2023-04-05	2023-04-05
Pretty URL ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 01:41:34 Last Seen2023-04-05 01:41:34 Times Seen1 Hash 2a8892bcdccbd33e255db753aaffdaf1 54448bbc7f60fed5c3fd876ba2bf2c2485af1a24 bed2197148848f667c07703f011f4bc5988767aa6a5e5233a84b6b19ba7498a8 Loading...

	ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e	71 B	2023-03-08	2024-01-04
Pretty URL ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:23:53 Last Seen2024-01-04 08:38:22 Times Seen25410 Hash 1a5a5e1b6a26f57b95e3dd42f60612f4 b62a27e55a59b49084e682bd3c1588f6a40881ab 4066da16910907c7962da8e7011bf0cd62b6f2dcddb1911e3ea2de03ce3e1dc7 Loading...

	ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e	472 B	2023-03-13	2024-01-03
Pretty URL ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:13:46 Last Seen2024-01-03 14:22:39 Times Seen25251 Hash d31eefc1e54bdae9204297e4ae5b9cce fc49bf319586a623670a81c01d43bbd93b477fbb 2683a6247a15433dd269eaefbc7131b1326c7bc0146361913ea10ad8fa23bb14 Loading...

	ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e	40 B	2023-03-08	2023-05-23
Pretty URL ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:24:08 Last Seen2023-05-23 17:14:04 Times Seen4695 Hash bbf1d9896eb3544c767d965a657e142c 5df55c7669b87f414501ffc91de02e4756141a83 f73cb6aef53ef853b780335ddf7d4cb319edcf02c8c050f270639a91226a09bc Loading...

HTTP Transactions (41)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1965860f5630f7dda817a236cb72ea24 beec8147d48911a007287014564ce544d296a5fd 00b4aafe530f6ceb3d6d4de42fffdaee0cb4e0a60834c85b1d21e42e5db2ef91 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "00B4AAFE530F6CEB3D6D4DE42FFFDAEE0CB4E0A60834C85B1D21E42E5DB2EF91" Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7783 Expires: Tue, 04 Apr 2023 06:17:40 GMT Date: Tue, 04 Apr 2023 04:07:57 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 0c17f530e6db706fa5f9eb36a6cca4a4 446b60a425aae47b0adf5abd7e18e9f90f52c0bc ccf1a90e945a18fb951654d29f128acdb3916d4dca315b0fad44ae8cc95be48e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "CCF1A90E945A18FB951654D29F128ACDB3916D4DCA315B0FAD44AE8CC95BE48E" Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11445 Expires: Tue, 04 Apr 2023 07:18:42 GMT Date: Tue, 04 Apr 2023 04:07:57 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 903ed2d58f1f33d069b70c4b53f1cb1f 0ef89cd6eb79a2ddd74434f9233cf486fffc1142 d8c984b50f04fcdb1ebc99d982502d85193302c85239ee7497666247edfc0061 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D8C984B50F04FCDB1EBC99D982502D85193302C85239EE7497666247EDFC0061" Last-Modified: Sun, 02 Apr 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11375 Expires: Tue, 04 Apr 2023 07:17:32 GMT Date: Tue, 04 Apr 2023 04:07:57 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 4ad6984a756720fbfff47b37a75513a2 355e35258114452af8b9638985ed9d8ef3bf0aca 43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Alert, Backoff, Retry-After, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 04 Apr 2023 03:28:43 GMT content-type: application/json age: 2354 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 95f61d351f5fc9533cc78e255ce9bc06 fba284117f347782ac23c51d141d7e3ec15a867e 7fcc5f9e52e389d8d7c6df7f1f2a1291ae0aaae8e554f3022239ab092b2ef3c3 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: Dn0y0L6PV9ax6PUNeiZPqhOU1s1T/0Ta+PeLNascNqru71SZd9MtayQSKakrxPzHnSWURUuTyLE= x-amz-request-id: C4YNCG7NZCW1BHBK x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 04 Apr 2023 03:53:00 GMT age: 897 last-modified: Fri, 31 Mar 2023 17:04:39 GMT etag: "95f61d351f5fc9533cc78e255ce9bc06" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Tue, 04 Apr 2023 04:07:58 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: ETag, Last-Modified, Expires, Retry-After, Cache-Control, Alert, Backoff, Pragma, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 04 Apr 2023 03:17:29 GMT age: 3029 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5a4e63ad4a4c68269ab2144a7eba16b3 077d9d18481cca0a72c5daca41e9e7bbe21fdb1a 2723d135b26dc00409018c7e347017e6896c61077ad93df7144e7f9be3a448e5 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2723D135B26DC00409018C7E347017E6896C61077AD93DF7144E7F9BE3A448E5" Last-Modified: Mon, 03 Apr 2023 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10096 Expires: Tue, 04 Apr 2023 06:56:14 GMT Date: Tue, 04 Apr 2023 04:07:58 GMT Connection: keep-alive`

	lifanacg.cc/dxb/536_37.html	5.79.79.210	302 Found	11 B
URL HTTP/1.1 lifanacg.cc/dxb/536_37.html IP 5.79.79.210:0 ASN #60781 LeaseWeb Netherlands B.V. File type ASCII text, with no line terminators Size 11 B (11 bytes) Hash 32682312d17c7cbf18e73594f5570319 60e22121bdd0bc71cdb2bae2a3aa577006b2eae9 e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47 HTTP Headers `GET /dxb/536_37.html HTTP/1.1 Host: lifanacg.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 302 Found cache-control: max-age=0, private, must-revalidate connection: close content-length: 11 date: Tue, 04 Apr 2023 04:07:58 GMT location: http://ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e server: nginx set-cookie: sid=484bb948-d29e-11ed-be30-6cad4dd74c9e; path=/; domain=.lifanacg.cc; expires=Sun, 22 Apr 2091 07:22:05 GMT; max-age=2147483647; HttpOnly`

	ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e	13.248.148.254	200 OK	5.8 kB
URL HTTP/1.1 ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e IP 13.248.148.254:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1166) Size 5.8 kB (5815 bytes) Hash 5b7f38a89ba1865b2a28fcc653906643 0ff389ccc5be3240359fe8e40469716227d28c96 ee77bb9b94c72f8b365593facb7213e28c27db00f4fdab946645a2c6b2c81a10 HTTP Headers `GET /?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e HTTP/1.1 Host: ww1.lifanacg.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Cookie: sid=484bb948-d29e-11ed-be30-6cad4dd74c9e Upgrade-Insecure-Requests: 1` HTTP/1.1 200 OK Date: Tue, 04 Apr 2023 04:07:58 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Buckets: bucket102 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_MYxMeaE6YCaPnPY0UuDc32yod1pWXrOhWBa+X814EeJi6onVlz3IFphChzxk/FwT7UrxE44ywTcza+5mGh5iqg== X-Template: tpl_CleanPeppermintBlack_twoclick X-Language: norwegian Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 X-Domain: lifanacg.cc X-Subdomain: ww1 Content-Encoding: gzip

	www.google.com/adsense/domains/caf.js?abp=1	142.250.74.164	200 OK	54 kB
URL HTTP/1.1 www.google.com/adsense/domains/caf.js?abp=1 IP 142.250.74.164:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (2193) Size 54 kB (53946 bytes) Hash 6f162fb7c6cd297e097d201d3bd4d20f 394be8211039f03783d57c900d15d3d5e852cd7b f0ea80030775d3661a0bb7de6cd9e0013f5331142c1aae102c720f27ae195a54 HTTP Headers `GET /adsense/domains/caf.js?abp=1 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww1.lifanacg.cc/` HTTP/1.1 200 OK Accept-Ranges: bytes Vary: Accept-Encoding Content-Type: text/javascript; charset=UTF-8 Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui" Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} Date: Tue, 04 Apr 2023 04:07:58 GMT Expires: Tue, 04 Apr 2023 04:07:58 GMT Cache-Control: private, max-age=3600 ETag: "1556139095296533197" X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Server: sffe X-XSS-Protection: 0

	push.services.mozilla.com/	44.238.73.182	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 44.238.73.182:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: yrYb+RT/3WYDk1d+SF0Qig== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: NlY30tsLwWx8ck5UWfDDym4ZkWw=`

	c.parkingcrew.net/scripts/sale_form.js	185.53.178.30	200 OK	761 B
URL HTTP/1.1 c.parkingcrew.net/scripts/sale_form.js IP 185.53.178.30:0 ASN #19905 NEUSTAR-AS6 File type ASCII text Size 761 B (761 bytes) Hash 64f809e06446647e192fce8d1ec34e09 5b7ced07da42e205067afa88615317a277a4a82c f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3 HTTP Headers `GET /scripts/sale_form.js HTTP/1.1 Host: c.parkingcrew.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww1.lifanacg.cc/` `HTTP/1.1 200 OK Server: nginx Date: Tue, 04 Apr 2023 04:07:58 GMT Content-Type: application/javascript Content-Length: 761 Connection: keep-alive Last-Modified: Tue, 12 May 2020 14:25:52 GMT ETag: "5ebab1f0-2f9" Accept-Ranges: bytes`

	ww1.lifanacg.cc/track.php?domain=lifanacg.cc&toggle=browserjs&uid=MTY4MDU4MTI3OC43NDgyOmU0MmFiMDQ3MjZiNmY5ZWQzZTgwYjYyZjU4YTFlM2NlM2UyMGZlOGI3M2MyMzgyY2JlNmRmY2EwZDFlNjA2NjE6NjQyYmEyOWViNmE5MQ%3D%3D	13.248.148.254	200 OK	20 B
URL HTTP/1.1 ww1.lifanacg.cc/track.php?domain=lifanacg.cc&toggle=browserjs&uid=MTY4MDU4MTI3OC43NDgyOmU0MmFiMDQ3MjZiNmY5ZWQzZTgwYjYyZjU4YTFlM2NlM2UyMGZlOGI3M2MyMzgyY2JlNmRmY2EwZDFlNjA2NjE6NjQyYmEyOWViNmE5MQ%3D%3D IP 13.248.148.254:0 ASN #16509 AMAZON-02 File type data Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers GET /track.php?domain=lifanacg.cc&toggle=browserjs&uid=MTY4MDU4MTI3OC43NDgyOmU0MmFiMDQ3MjZiNmY5ZWQzZTgwYjYyZjU4YTFlM2NlM2UyMGZlOGI3M2MyMzgyY2JlNmRmY2EwZDFlNjA2NjE6NjQyYmEyOWViNmE5MQ%3D%3D HTTP/1.1 Host: ww1.lifanacg.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e Cookie: sid=484bb948-d29e-11ed-be30-6cad4dd74c9e `HTTP/1.1 200 OK Date: Tue, 04 Apr 2023 04:07:59 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Custom-Track: browserjs Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip`

	ww1.lifanacg.cc/ls.php?t=642ba29e&token=9e9197f2155ae052eed6ada03b8effa494be83a3	13.248.148.254	201 Created	16 B
URL HTTP/1.1 ww1.lifanacg.cc/ls.php?t=642ba29e&token=9e9197f2155ae052eed6ada03b8effa494be83a3 IP 13.248.148.254:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with no line terminators Size 16 B (16 bytes) Hash 7363e85fe9edee6f053a4b319588c086 a15e2127145548437173fc17f3e980e3f3dee2d0 c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 HTTP Headers `GET /ls.php?t=642ba29e&token=9e9197f2155ae052eed6ada03b8effa494be83a3 HTTP/1.1 Host: ww1.lifanacg.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e Cookie: sid=484bb948-d29e-11ed-be30-6cad4dd74c9e` HTTP/1.1 201 Created Date: Tue, 04 Apr 2023 04:07:59 GMT Content-Type: text/javascript;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 X-Log-Success: 642ba29fec33be353007f348 Charset: utf-8 Access-Control-Allow-Origin: Access-Control-Allow-Methods: POST, OPTIONS Access-Control-Max-Age: 86400 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_rt+B8wBfQywFYHP3+nfY7J33t0UELWqKGgH43Mex+qAOTAGrF2IH0HcdCKJeA4ybvOyOJONHdiqIL8TZZfZCuQ==

	d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png	54.230.245.8	200 OK	11 kB
URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png IP 54.230.245.8:0 ASN #16509 AMAZON-02 File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data Size 11 kB (11375 bytes) Hash 0cb2e5165dc9324eb462199f04e1ffa9 9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8 67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865 HTTP Headers `GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1 Host: d38psrni17bvxu.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww1.lifanacg.cc/` `HTTP/1.1 200 OK Content-Type: image/png Content-Length: 11375 Connection: keep-alive Server: nginx Date: Tue, 04 Apr 2023 01:22:14 GMT Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT Accept-Ranges: bytes ETag: "62b4441b-2c6f" X-Cache: Hit from cloudfront Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: bQC3Nz4HRpiE4WQT5Q18UtJa2UsTchAelKVFjVDIDU4wSIIiLVJcJQ== Age: 9945`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 3e18ab4ca97f7339957b43db660cfd1a 762deec33262d66e27a74faa8e4c894f56204559 492dc3540f5c32f203158d75df28bf7da92b30f650307d6756ad11a44126752a HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 04 Apr 2023 04:07:59 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ww1.lifanacg.cc/favicon.ico	13.248.148.254	200 OK	0 B
URL HTTP/1.1 ww1.lifanacg.cc/favicon.ico IP 13.248.148.254:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: ww1.lifanacg.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e Cookie: sid=484bb948-d29e-11ed-be30-6cad4dd74c9e` `HTTP/1.1 200 OK Date: Tue, 04 Apr 2023 04:07:59 GMT Content-Type: image/x-icon Content-Length: 0 Connection: keep-alive Server: nginx Last-Modified: Tue, 12 May 2020 14:25:52 GMT ETag: "5ebab1f0-0" Accept-Ranges: bytes`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 26a6b4d1c4426572a6d10e512c0a5175 3fb584f8f39bd671a01e62997aca215a15972807 be2f9213d9b0dfbb11a54bedb5ede11248b2405e2e2874c7ad44a9b1ab8034e9 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 04 Apr 2023 04:07:59 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	partner.googleadservices.com/gampad/cookie.js?domain=ww1.lifanacg.cc&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie	216.58.207.226	200 OK	240 B
URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=ww1.lifanacg.cc&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie IP 216.58.207.226:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (362), with no line terminators Size 240 B (240 bytes) Hash a04dec178aefec326b4db27dc4ef97a9 1062b88f2a36f16a4fb581c9af0e194e0eda58c4 178b211ce6ea9481bba0f3881c84fdc145a826697b0fd315ebc7c9ebef590c7a HTTP Headers `GET /gampad/cookie.js?domain=ww1.lifanacg.cc&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie HTTP/1.1 Host: partner.googleadservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://ww1.lifanacg.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin content-type: text/javascript; charset=UTF-8 x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: gzip date: Tue, 04 Apr 2023 04:07:59 GMT server: cafe cache-control: private content-length: 240 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 26a6b4d1c4426572a6d10e512c0a5175 3fb584f8f39bd671a01e62997aca215a15972807 be2f9213d9b0dfbb11a54bedb5ede11248b2405e2e2874c7ad44a9b1ab8034e9 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 04 Apr 2023 04:07:59 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww1.lifanacg.cc%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDJiYTI5ZWI2YTdjfHx8MTY4MDU4MTI3OC43NTM4fDM1NjNkYTRhYjdjNGZhODExNTdlNmQ1NTE2NzVjYmRjMzljNTkyYjN8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5ZTkxOTdmMjE1NWFlMDUyZWVkNmFkYTAzYjhlZmZhNDk0YmU4M2EzfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2907159485326888&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300964&format=r3%7Cs&nocache=8191680581279028&num=0&output=afd_ads&domain_name=ww1.lifanacg.cc&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1680581279030&u_w=1280&u_h=1024&biw=1152&bih=836&psw=1152&psh=795&frm=0&cl=520018305&uio=--&cont=tc&jsid=caf&jsv=520018305&rurl=http%3A%2F%2Fww1.lifanacg.cc%2F%3Fsubid1%3D484bb948-d29e-11ed-be30-6cad4dd74c9e&adbw=master-1%3A530	142.250.74.164	200 OK	2.5 kB
URL HTTP/2 www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww1.lifanacg.cc%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDJiYTI5ZWI2YTdjfHx8MTY4MDU4MTI3OC43NTM4fDM1NjNkYTRhYjdjNGZhODExNTdlNmQ1NTE2NzVjYmRjMzljNTkyYjN8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5ZTkxOTdmMjE1NWFlMDUyZWVkNmFkYTAzYjhlZmZhNDk0YmU4M2EzfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2907159485326888&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300964&format=r3%7Cs&nocache=8191680581279028&num=0&output=afd_ads&domain_name=ww1.lifanacg.cc&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1680581279030&u_w=1280&u_h=1024&biw=1152&bih=836&psw=1152&psh=795&frm=0&cl=520018305&uio=--&cont=tc&jsid=caf&jsv=520018305&rurl=http%3A%2F%2Fww1.lifanacg.cc%2F%3Fsubid1%3D484bb948-d29e-11ed-be30-6cad4dd74c9e&adbw=master-1%3A530 IP 142.250.74.164:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6154) Size 2.5 kB (2493 bytes) Hash 4ed504eac793c172de5e04620382d9e3 c44077ed256e8dcbc5617dc158ca8c5450e93b3f 3c503de2cff73851fdf99694d77fade96af33866fe0da27a1eff662349f2b920 HTTP Headers GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww1.lifanacg.cc%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDJiYTI5ZWI2YTdjfHx8MTY4MDU4MTI3OC43NTM4fDM1NjNkYTRhYjdjNGZhODExNTdlNmQ1NTE2NzVjYmRjMzljNTkyYjN8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5ZTkxOTdmMjE1NWFlMDUyZWVkNmFkYTAzYjhlZmZhNDk0YmU4M2EzfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2907159485326888&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300964&format=r3%7Cs&nocache=8191680581279028&num=0&output=afd_ads&domain_name=ww1.lifanacg.cc&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1680581279030&u_w=1280&u_h=1024&biw=1152&bih=836&psw=1152&psh=795&frm=0&cl=520018305&uio=--&cont=tc&jsid=caf&jsv=520018305&rurl=http%3A%2F%2Fww1.lifanacg.cc%2F%3Fsubid1%3D484bb948-d29e-11ed-be30-6cad4dd74c9e&adbw=master-1%3A530 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://ww1.lifanacg.cc/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK content-type: text/html; charset=UTF-8 content-disposition: inline date: Tue, 04 Apr 2023 04:07:59 GMT expires: Tue, 04 Apr 2023 04:07:59 GMT cache-control: private, max-age=3600 content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-A5bMuFtF0VFxDUd6Ix21xg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." content-encoding: br server: gws content-length: 2493 x-xss-protection: 0 set-cookie: NID=511=cyZMxagEy4uJOI_Y5Omf2s96fhyQsPwDiAdI83rZ-5u-1bvrP3_OlJiZT89g9hTuxIKu34wkB2sCKJralcb4bYdeNL4A9F12M4WSI-RnnEvcwV96LpxS2rUIClJbW_5LbfdlkktfUIqm_jVYEoCkHfYPT7YESgFd192JhP6phoI; expires=Wed, 04-Oct-2023 04:07:59 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=PENDING+318; expires=Thu, 03-Apr-2025 04:07:59 GMT; path=/; domain=.google.com; Secure alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash d5ba0d24586872fbb887f9ace5b204a6 748b10c9a747a90adf10b8f8dedefe59a22ed072 5d50fe5859a98b867ef22fd65c4ab3652d46188813256d43ba7ac61e2b7c9a18 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 04 Apr 2023 04:07:59 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ad0970bda143f5191af476e9e6035a4b f6160142d7ad88fef33c43105e70e845b492c8a0 14be07158cf3f6773ce5c647a642439b5d911d5ad419129bf26c11b02dde849e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 04 Apr 2023 04:07:59 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ad0970bda143f5191af476e9e6035a4b f6160142d7ad88fef33c43105e70e845b492c8a0 14be07158cf3f6773ce5c647a642439b5d911d5ad419129bf26c11b02dde849e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 04 Apr 2023 04:07:59 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff	142.250.74.97	200 OK	270 B
URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff IP 142.250.74.97:0 ASN #15169 GOOGLE File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390) Size 270 B (270 bytes) Hash 5100391430a00e10ce60aa159f525b5c 231a4492d73b225f441b1e9028dc33c89862e498 52b1432a6e3002e41ed1d8f4c84b258fdc4c6dac863e3c0e5c06360c81be6067 HTTP Headers `GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 270 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Mon, 03 Apr 2023 13:07:39 GMT expires: Tue, 04 Apr 2023 12:07:39 GMT cache-control: public, max-age=82800 age: 54020 last-modified: Thu, 19 Dec 2019 14:15:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff	142.250.74.97	200 OK	174 B
URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff IP 142.250.74.97:0 ASN #15169 GOOGLE File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size 174 B (174 bytes) Hash 4de8b85c8915995b571bde50e231be7c 29c226ca7b9cbe1d44e5480ce95bbb42727b2d99 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a HTTP Headers `GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Mon, 03 Apr 2023 10:27:19 GMT expires: Tue, 04 Apr 2023 09:27:19 GMT cache-control: public, max-age=82800 age: 63640 last-modified: Thu, 22 Oct 2020 21:45:00 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ww1.lifanacg.cc/track.php?domain=lifanacg.cc&caf=1&toggle=answercheck&answer=yes&uid=MTY4MDU4MTI3OC43NDgyOmU0MmFiMDQ3MjZiNmY5ZWQzZTgwYjYyZjU4YTFlM2NlM2UyMGZlOGI3M2MyMzgyY2JlNmRmY2EwZDFlNjA2NjE6NjQyYmEyOWViNmE5MQ%3D%3D	13.248.148.254	200 OK	20 B
URL HTTP/1.1 ww1.lifanacg.cc/track.php?domain=lifanacg.cc&caf=1&toggle=answercheck&answer=yes&uid=MTY4MDU4MTI3OC43NDgyOmU0MmFiMDQ3MjZiNmY5ZWQzZTgwYjYyZjU4YTFlM2NlM2UyMGZlOGI3M2MyMzgyY2JlNmRmY2EwZDFlNjA2NjE6NjQyYmEyOWViNmE5MQ%3D%3D IP 13.248.148.254:0 ASN #16509 AMAZON-02 File type data Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers GET /track.php?domain=lifanacg.cc&caf=1&toggle=answercheck&answer=yes&uid=MTY4MDU4MTI3OC43NDgyOmU0MmFiMDQ3MjZiNmY5ZWQzZTgwYjYyZjU4YTFlM2NlM2UyMGZlOGI3M2MyMzgyY2JlNmRmY2EwZDFlNjA2NjE6NjQyYmEyOWViNmE5MQ%3D%3D HTTP/1.1 Host: ww1.lifanacg.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww1.lifanacg.cc/?subid1=484bb948-d29e-11ed-be30-6cad4dd74c9e Cookie: sid=484bb948-d29e-11ed-be30-6cad4dd74c9e; __gsas=ID=9e88a7ed58e0160f:T=1680581279:S=ALNI_Mb9Up_lPa9JAav5sAO0WDWYmIQ-RA `HTTP/1.1 200 OK Date: Tue, 04 Apr 2023 04:07:59 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Custom-Track: answercheck Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ad0970bda143f5191af476e9e6035a4b f6160142d7ad88fef33c43105e70e845b492c8a0 14be07158cf3f6773ce5c647a642439b5d911d5ad419129bf26c11b02dde849e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 04 Apr 2023 04:07:59 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash f06399875b2b1c6a0afe8a1d791f5a4a f2ce36c5d6599e57e4df8f08a030e8cb00ebe830 2eef24cc1ae135e7e1687c3e56cd7be21530e2aa7612e686a829d2c204ab532e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2EEF24CC1AE135E7E1687C3E56CD7BE21530E2AA7612E686A829D2C204AB532E" Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8107 Expires: Tue, 04 Apr 2023 06:23:07 GMT Date: Tue, 04 Apr 2023 04:08:00 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash f06399875b2b1c6a0afe8a1d791f5a4a f2ce36c5d6599e57e4df8f08a030e8cb00ebe830 2eef24cc1ae135e7e1687c3e56cd7be21530e2aa7612e686a829d2c204ab532e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2EEF24CC1AE135E7E1687C3E56CD7BE21530E2AA7612E686A829D2C204AB532E" Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8107 Expires: Tue, 04 Apr 2023 06:23:07 GMT Date: Tue, 04 Apr 2023 04:08:00 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash f06399875b2b1c6a0afe8a1d791f5a4a f2ce36c5d6599e57e4df8f08a030e8cb00ebe830 2eef24cc1ae135e7e1687c3e56cd7be21530e2aa7612e686a829d2c204ab532e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2EEF24CC1AE135E7E1687C3E56CD7BE21530E2AA7612E686A829D2C204AB532E" Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8107 Expires: Tue, 04 Apr 2023 06:23:07 GMT Date: Tue, 04 Apr 2023 04:08:00 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash f06399875b2b1c6a0afe8a1d791f5a4a f2ce36c5d6599e57e4df8f08a030e8cb00ebe830 2eef24cc1ae135e7e1687c3e56cd7be21530e2aa7612e686a829d2c204ab532e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2EEF24CC1AE135E7E1687C3E56CD7BE21530E2AA7612E686A829D2C204AB532E" Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8107 Expires: Tue, 04 Apr 2023 06:23:07 GMT Date: Tue, 04 Apr 2023 04:08:00 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash f06399875b2b1c6a0afe8a1d791f5a4a f2ce36c5d6599e57e4df8f08a030e8cb00ebe830 2eef24cc1ae135e7e1687c3e56cd7be21530e2aa7612e686a829d2c204ab532e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2EEF24CC1AE135E7E1687C3E56CD7BE21530E2AA7612E686A829D2C204AB532E" Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8107 Expires: Tue, 04 Apr 2023 06:23:07 GMT Date: Tue, 04 Apr 2023 04:08:00 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8d04fa2-362e-439d-98ed-32fc1bfad2f9.jpeg	34.120.237.76	200 OK	6.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8d04fa2-362e-439d-98ed-32fc1bfad2f9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.8 kB (6837 bytes) Hash e343d51715740211a5baec9b5616bc7b 465c405dd3e752086efe0128615088883e4c2f1e eef22aa63409ed9240323b8cd930db700bb727257a3d33bb84192766549d76b4 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8d04fa2-362e-439d-98ed-32fc1bfad2f9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6837 x-amzn-requestid: 1b2cce9c-d474-4cf2-b6f2-9683c6861488 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CvNwDFKHIAMFxUA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64292999-719e5afc2803d1ab6eb02668;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Sun, 02 Apr 2023 07:07:05 GMT x-amz-cf-pop: SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: fAp0vCKaqOXqpAAVYbeLVwPpd6B7QbqIypili86TyyK7Y0yrmiEz7g== via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Apr 2023 07:13:51 GMT age: 75249 etag: "465c405dd3e752086efe0128615088883e4c2f1e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09d7bfe8-bfa6-4d25-aa3f-159254f09bfa.jpeg	34.120.237.76	200 OK	8.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09d7bfe8-bfa6-4d25-aa3f-159254f09bfa.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.7 kB (8658 bytes) Hash ad137bebd56918d96431d867ae123332 8572417b762ea2b1dccc3d4236336456be6be1cf 92a575b8055174a83ac1066e2ff931525760c9b96f3e588077ce0ce24a0a7b46 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09d7bfe8-bfa6-4d25-aa3f-159254f09bfa.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8658 x-amzn-requestid: 36fb7671-bd9a-43fc-8920-c5948711d560 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CvNkNGjHIAMFsBw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6429294d-5e753ae346a583ac5cbb42f4;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Sun, 02 Apr 2023 07:05:49 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: UPNt2yE-_295UTjOFpgSxhrl1XjSOSgQVJoEf__wc0y5btcJ9dIT1w== via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Apr 2023 07:22:47 GMT age: 74713 etag: "8572417b762ea2b1dccc3d4236336456be6be1cf" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c50bcf2-f67d-44d5-8950-54829246ea45.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c50bcf2-f67d-44d5-8950-54829246ea45.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11867 bytes) Hash e2e8ae8f53aa3f184375ddca3677b795 37303b23d4d5b129d036309099ddd52e72e9cffc 97a4813a2d4bd0eeefc65540f7f6b1a043ab00221dbdd8e174f567fe8b17e848 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c50bcf2-f67d-44d5-8950-54829246ea45.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11867 x-amzn-requestid: b92787ec-1596-4ee8-aa80-a684295dedf5 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Cyg_0EzBoAMFSuw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-642a7b98-2c5ee10c617a9af2516a87fe;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Mon, 03 Apr 2023 07:09:12 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: ps6n_G4BkOcxJObWAeVqlqrCn6DyrgVAy7oemucUiSdTmELIs8V4cQ== via: 1.1 5502255f9557c1e2c098b94110b6151c.cloudfront.net (CloudFront), 1.1 58b8655e3ea662bad02cac6b9d4c88ba.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Apr 2023 07:22:20 GMT age: 74740 etag: "37303b23d4d5b129d036309099ddd52e72e9cffc" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a30869-4bc1-497b-b949-b28e531a1fc2.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a30869-4bc1-497b-b949-b28e531a1fc2.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10232 bytes) Hash 184bae5c0b52b7950ab5cf51e0dc1396 fd33e06ea59e0b19e6a0fc8ddfc36cbd7b794fd4 7ce65b19168f88b0927d873211bf387f84daea614e8b1a17228917e0908c82d0 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a30869-4bc1-497b-b949-b28e531a1fc2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10232 x-amzn-requestid: a24d45b2-133d-4b4d-9ed4-a2231c638919 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: C0f8gExvIAMFh2w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-642b46b6-3641e9da5874e4984ce403c7;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Mon, 03 Apr 2023 21:35:50 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: sxXTxkEutlg3oU0M6xr2xh9D52jPgLVpULgCPNWokzWukrCYPqVgMQ== via: 1.1 0a166b53605851fe961f5a2952e5a748.cloudfront.net (CloudFront), 1.1 f958a3846d80a3925f664b320dfad9c8.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Apr 2023 21:58:14 GMT age: 22186 etag: "fd33e06ea59e0b19e6a0fc8ddfc36cbd7b794fd4" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dba6af8-3425-4b12-b798-3c7e9ccf60c9.jpeg	34.120.237.76	200 OK	7.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dba6af8-3425-4b12-b798-3c7e9ccf60c9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.5 kB (7529 bytes) Hash 7e5863430f4688c096c17a8e645dfe26 7f20e49fd8e392bd99eed0a1562c73fc2be289c0 80c91853392ff4aeb9692edbd219c358b90a0dcf2298d0a1fb390994085980dd HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dba6af8-3425-4b12-b798-3c7e9ccf60c9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7529 x-amzn-requestid: 9048c8b8-21fb-41e3-9aed-7b9d8854c75b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: C0fpsGsNoAMF9Gg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-642b463d-1be2283f585377fa6e18b02c;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Mon, 03 Apr 2023 21:33:49 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: QFUj-D9QaD6NVIsLaC95AZ83CJN3Zi87DujdrSRCnlpTfxa1DTyKyw== via: 1.1 5502255f9557c1e2c098b94110b6151c.cloudfront.net (CloudFront), 1.1 ea699166e6ec77aa410ff505b0a8ce18.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Apr 2023 21:53:51 GMT age: 22449 etag: "7f20e49fd8e392bd99eed0a1562c73fc2be289c0" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59f4c3da-c33f-44e6-8deb-eb7674fc7bb5.jpeg	34.120.237.76	200 OK	4.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59f4c3da-c33f-44e6-8deb-eb7674fc7bb5.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.9 kB (4939 bytes) Hash f7ceebf2eccd4d6061fb93eb844efbe8 d99c79d4cad47caa809909a8aff0e0992fb50ec1 214ad3948e19d8723b0ce11b6a892b1badf67ee1eaada0c7c3194a26c61c5971 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59f4c3da-c33f-44e6-8deb-eb7674fc7bb5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4939 x-amzn-requestid: e0563c56-9cb1-43fd-9414-a10105c2500a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CyhOHEF1IAMFVcQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-642a7bf3-4acdd5ed3fac5c8353ff46f2;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Mon, 03 Apr 2023 07:10:43 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: r9wNqYxDVnefqQXUUfLGNzLOfqFC6ySKQ3T3nQh37JbYlWioZKf0EQ== via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Apr 2023 07:15:24 GMT age: 75156 etag: "d99c79d4cad47caa809909a8aff0e0992fb50ec1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	www.google.com/adsense/domains/caf.js	142.250.74.164	200 OK	0 B
URL HTTP/2 www.google.com/adsense/domains/caf.js IP 142.250.74.164:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /adsense/domains/caf.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/javascript; charset=UTF-8 content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Tue, 04 Apr 2023 04:07:59 GMT expires: Tue, 04 Apr 2023 04:07:59 GMT cache-control: private, max-age=3600 etag: "8876056366401766527" x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML