Report - reurl.cc/e6mqzK

Report Overview

Submitted URL
reurl.cc/e6mqzK
IP
35.185.130.121
ASN
#15169 GOOGLE
Submitted
2022-12-20 07:56:32
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-09T05:09:57Z	366 B	29 kB	31.13.72.12
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	5.8 kB	12 kB	142.250.74.131
ssl.gstatic.com	unknown	2012-05-23T08:57:57Z	2023-03-09T13:58:14Z	834 B	3.3 kB	142.250.74.99
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	578 B	349 B	31.13.72.36
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	53 kB	34.120.237.76
drive.google.com	321	2012-10-03T09:10:02Z	2023-03-09T13:39:31Z	984 B	914 B	142.250.74.142
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	782 B	2.4 kB	35.241.9.150
reurl.cc	115186	2017-10-13T03:32:26Z	2023-03-09T05:51:10Z	1.9 kB	1.7 kB	35.185.130.121
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-09T12:13:09Z	935 B	648 kB	142.250.74.3
play.google.com	34	2013-05-31T01:24:35Z	2023-03-09T08:57:15Z	993 B	737 B	216.58.207.238
blobcomments-pa.clients6.google.com	5190	2017-03-08T13:00:25Z	2023-03-09T14:53:13Z	1.9 kB	2.1 kB	142.250.74.106
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	1.0 kB	2.3 kB	93.184.220.29
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-09T13:53:17Z	1.2 kB	21 kB	216.239.38.178
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T10:01:47Z	1.0 kB	46 kB	216.58.207.227
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T12:17:45Z	409 B	746 B	142.250.74.106
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.4 kB	6.2 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	606 B	127 B	35.164.56.167
apis.google.com	105	2013-05-06T22:20:21Z	2023-03-09T05:09:33Z	975 B	38 kB	172.217.21.174
lh3.googleusercontent.com	66	2012-05-22T09:35:05Z	2023-03-09T05:09:35Z	907 B	558 kB	172.217.21.161
peoplestackwebexperiments-pa.clients6.google.com	316	2019-12-11T03:15:39Z	2023-03-09T14:50:19Z	2.6 kB	3.7 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2022-12-20 07:56:30	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2022-12-20 07:56:30	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2022-12-20 07:56:31	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	drive.google.com/file/d/1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1/view?usp=sharing	2.0 kB	2023-03-09	2023-03-12
Pretty URL drive.google.com/file/d/1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1/view?usp=sharing IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:40:04 Last Seen2023-03-12 17:54:13 Times Seen1 Hash c5b7cf6d17560ee4d9c2b8a41279904d dab637ed37bd46d10728c98db9bc52b8d60ed17b ff48f156113cff95d5f81563b8286787f8dbc4002312a28225d07d967d6dea16 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 14:30:37 Times Seen37093163 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.no.rLNu74Zoo1c.O/am=ABA/d=0/rs=AO0039tCSF6Te-U8iImz9omMG3SCVdbpTQ/m=syc,sy5,syl,syw,syt,syu,syp,syy,gypOCd	62 kB	2023-03-09	2023-03-12
Pretty URL www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.no.rLNu74Zoo1c.O/am=ABA/d=0/rs=AO0039tCSF6Te-U8iImz9omMG3SCVdbpTQ/m=syc,sy5,syl,syw,syt,syu,syp,syy,gypOCd IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:40:04 Last Seen2023-03-12 13:07:25 Times Seen1 Hash bae27627ec5d15cdf6fc53c9fb4abaeb 77afab6a241349d1fda91aaca2cbffb6a49e6fd3 d042666269d4af4de87b0b457fb474b501a88ab05bd0db1825d9975ac67a963e Loading...

	content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.WEPncdil2Uw.O%2Fd%3D1%2Frs%3DAHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA%2Fm%3D__features__#parent=https%3A%2F%2Fdrive.google.com&rpctoken=1446666173	71 B	2023-03-07	2023-04-05
Pretty URL content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.WEPncdil2Uw.O%2Fd%3D1%2Frs%3DAHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA%2Fm%3D__features__#parent=https%3A%2F%2Fdrive.google.com&rpctoken=1446666173 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:49 Last Seen2023-04-05 02:11:17 Times Seen65 Hash 4cb932da0f92ef918dbeb885268891be 5836540c0e59fa3af5a395f69ffe99a07b355bd0 9ccd099b5047f017c81d60433e9d3de6ccfbd5fc27addc83d472cdfc07b4c704 Loading...

	apis.google.com/js/googleapis.proxy.js?onload=startup	18 kB	2023-03-09	2023-03-13
Pretty URL apis.google.com/js/googleapis.proxy.js?onload=startup IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:46:11 Last Seen2023-03-13 05:54:41 Times Seen1 Hash 7263e6fb65ccaade1f0d7402d9710d13 8c8a93134b87532c203da98efe8e85fa3597bd8c 44d3066dc794908786066395990a4d208572a5e78eb2bbc963d5ea1e18468f8f Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-09	2024-02-19
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:12:38 Last Seen2024-02-19 23:40:48 Times Seen21 Hash 8923a23f541784b67eece6aa2fa0a66f f2cad61f4ec65b3792e1295219a36c1f94fce6af 55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9 Loading...

	connect.facebook.net/signals/config/1675200226052423?v=2.9.90&r=stable	26 kB	2023-03-09	2023-03-09
Pretty URL connect.facebook.net/signals/config/1675200226052423?v=2.9.90&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:21:05 Last Seen2023-03-09 22:21:06 Times Seen1 Hash ff4bf6b1ad84aa91338492d6da837a7c db539c2d74bcf53c41bc6397810eb5badd1dcfb4 b52972259d9ae81ce9095e9bbe054b418a95dc6b374f17d6c3ed0e67430e48a7 Loading...

	drive.google.com/file/d/1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1/view?usp=sharing	34 kB	2023-03-09	2023-03-09
Pretty URL drive.google.com/file/d/1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1/view?usp=sharing IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:21:06 Last Seen2023-03-09 22:21:06 Times Seen1 Hash 0e1cf08d4bc5dced79c2ab97d6f22770 4158eaefee9a40b9d6c09986ef2afdd5e8dc21e1 9fbb5d6e18d803600a7479a640b35bf900aefa210c3b81c69c3a3120fa653918 Loading...

	www.gstatic.com/feedback/js/help/prod/service/lazy.min.js	95 kB	2023-03-08	2023-03-12
Pretty URL www.gstatic.com/feedback/js/help/prod/service/lazy.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:04:30 Last Seen2023-03-12 15:23:27 Times Seen1 Hash f9b1fa15f46bc0fad017faeede79eb8e cadb992561ebb0afe79a1ba90a77d1c4a6f9af8c 9f1156d5b20b426cce9788ccb489a2592fb36bb7971628e544198fc493794357 Loading...

	reurl.cc/javascripts/redirect.js	112 B	2023-03-07	2024-04-18
Pretty URL reurl.cc/javascripts/redirect.js IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:39:12 Last Seen2024-04-18 08:53:21 Times Seen101 Hash b8d1b83cdeb3fc39033d345ee45fdea0 4bb7e64cd67345e8e60613c2f6c45c096706854f 0a01cd2c51200f878b658e08c0f37b095cb3ed34e61133f377632b29df9abdaa Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 216.239.38.178 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 05:50:27 Times Seen1534 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.WEPncdil2Uw.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA/cb=gapi.loaded_0?le=scs	69 kB	2023-03-09	2023-03-13
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.WEPncdil2Uw.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA/cb=gapi.loaded_0?le=scs IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:40:04 Last Seen2023-03-13 05:17:32 Times Seen1 Hash 277929942359ef11b4e3ffb28e0dcf8f 5c16d826a489f490343f370d005ac48f6bb1b84c 22e6612a0af34ec29a41afbd5bb64b04b39101affd1995bfc61b8a6e7d8aa2ff Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.WEPncdil2Uw.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA/cb=gapi.loaded_1	208 kB	2023-03-09	2023-03-13
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.WEPncdil2Uw.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA/cb=gapi.loaded_1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:40:04 Last Seen2023-03-13 06:10:47 Times Seen1 Hash 885614ad2f32a3e9b0e11c0c113a6e61 a0001ab850a56f024843ce7b551daf4b6d03a570 8668f83f6f1888b3a0c71d89e02fed33e13c86dce7aefa36d6ff4944e00ce82c Loading...

	reurl.cc/javascripts/ga.js	368 B	2023-03-07	2023-10-01
Pretty URL reurl.cc/javascripts/ga.js IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:39:12 Last Seen2023-10-01 02:49:59 Times Seen15 Hash 0a120f46798be153c7e35d2079611553 0eacad1ecb25762b666080939a7e851809fb02bd fe7f57fde36dcc853aa6efe2b520aedf611b6f1fe3617d2f184d1b2470255185 Loading...

	drive.google.com/file/d/1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1/view?usp=sharing	3.3 kB	2023-03-09	2023-03-09
Pretty URL drive.google.com/file/d/1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1/view?usp=sharing IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:21:06 Last Seen2023-03-09 22:21:06 Times Seen1 Hash 5994ab5107a240a4f7d5329f37c3c49d 8c63027b71cbad667b9ce8f08b8d530be21d8283 80ce26c490560b0da64cb2e33889d836a7c9fbffe1573168a36f0d29e9929fd1 Loading...

	www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.no.rLNu74Zoo1c.O/am=ABA/d=0/rs=AO0039tCSF6Te-U8iImz9omMG3SCVdbpTQ/m=MpJwZc,UUJqVe,syh,sy1r,sy25,s39S4,syi,sy1t,pw70Gc	11 kB	2023-03-09	2023-03-12
Pretty URL www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.no.rLNu74Zoo1c.O/am=ABA/d=0/rs=AO0039tCSF6Te-U8iImz9omMG3SCVdbpTQ/m=MpJwZc,UUJqVe,syh,sy1r,sy25,s39S4,syi,sy1t,pw70Gc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:40:04 Last Seen2023-03-12 15:35:44 Times Seen1 Hash 20d687e9b8281e6b2811e5cbc27d8db0 3a34ea32fecf917fdd132a6afe8e55e1eef53b71 c9f43078a863fa51933e9cc120b79f7884f4beaae752e2ed39a5848cd2794387 Loading...

	www.gstatic.com/og/_/js/k=og.qtm.en_US.OsyHHRpFvlk.es5.O/rt=j/m=qabr,q_dnp,qapid/exm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTvROJRIUHNXRGvxagmQNrIBf8h-LQ	93 kB	2023-03-09	2023-03-12
Pretty URL www.gstatic.com/og/_/js/k=og.qtm.en_US.OsyHHRpFvlk.es5.O/rt=j/m=qabr,q_dnp,qapid/exm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTvROJRIUHNXRGvxagmQNrIBf8h-LQ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:40:04 Last Seen2023-03-12 17:54:13 Times Seen1 Hash af7068f6c73d87cdd7f3049ed224bae3 06d99069be2ed3f5f53ef43535fec4e714a2ab6c a738ad63595487e91479d33d797abe44cc1f8932517e1d79a7b2f85b2b6c5cae Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.WEPncdil2Uw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA/cb=gapi.loaded_0	110 kB	2023-03-09	2023-03-13
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.WEPncdil2Uw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA/cb=gapi.loaded_0 IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:25:16 Last Seen2023-03-13 07:10:08 Times Seen1 Hash 585b3d76131819534583879cf5373a43 d08e75d1c48c5a19209ceae741fe4efc74fc6d7c 06a9455f7ee4a19a06a1a1ae13977113779c1cd70bf1d4744a3316ae5a5e9423 Loading...

	www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.no.rLNu74Zoo1c.O/am=ABA/d=0/rs=AO0039tCSF6Te-U8iImz9omMG3SCVdbpTQ/m=sy4,b96Luc,dflQFd,HyHasc,E7aOmb,sy8,sy9,Yfyhhd,sy6,sy7,sya,syb,syd,sye,syf,syg,syj,AtsVYc	752 kB	2023-03-09	2023-03-12
Pretty URL www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.no.rLNu74Zoo1c.O/am=ABA/d=0/rs=AO0039tCSF6Te-U8iImz9omMG3SCVdbpTQ/m=sy4,b96Luc,dflQFd,HyHasc,E7aOmb,sy8,sy9,Yfyhhd,sy6,sy7,sya,syb,syd,sye,syf,syg,syj,AtsVYc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:40:04 Last Seen2023-03-12 15:35:44 Times Seen1 Hash 7efb4f9e6fe00822adae76e1bfd60bce d7d185abfe0e6175e10b3fa3d468ce6dac53dae9 8c106708d0b066f77778f65dab48804bb461452c473b0eb0d32f70b12cf58a26 Loading...

	reurl.cc/javascripts/pixel.js	429 B	2023-03-07	2024-04-18
Pretty URL reurl.cc/javascripts/pixel.js IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:39:12 Last Seen2024-04-18 08:53:21 Times Seen135 Hash 8db606ffbc89a5a15fab90b7aeb7a2e7 1ccf32ca6dbb1fdbc1b049246c08e9e5ddb8bf6f 3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698 Loading...

	drive.google.com/file/d/1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1/view?usp=sharing	5.7 kB	2023-03-09	2023-03-09
Pretty URL drive.google.com/file/d/1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1/view?usp=sharing IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:21:06 Last Seen2023-03-09 22:21:06 Times Seen1 Hash 7cb775af09d6be577c0822f750e75a37 2a74c0ecac23e9d42b9c6ad00c1dcf8a30d11fa5 ae6be69f00acd42fb7f8483dba6dff1ea60350abbef26fe715ef4b798f0f8924 Loading...

	drive.google.com/file/d/1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1/view?usp=sharing	4.7 kB	2023-03-09	2023-03-12
Pretty URL drive.google.com/file/d/1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1/view?usp=sharing IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:40:04 Last Seen2023-03-12 17:54:13 Times Seen1 Hash 9d0e218d4df2cf9f769befd03c137988 e55f41087eb808ac1232939cf808feb1c44ef7f2 11ca945eb8a3de5a544c4be03e2f1914eaf81cdcc1f9ed77cdd9585466f8690c Loading...

HTTP Transactions (65)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 9f3cf7e36f17a535e53e5213c02cf2b4 e65acbc03135ce135b9e91b4f74b3e1439faa6f6 a2317476862acd0a92fe523454c3991752b07ba14e7667f421dd9624e0233758 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A2317476862ACD0A92FE523454C3991752B07BA14E7667F421DD9624E0233758" Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2166 Expires: Tue, 20 Dec 2022 08:32:26 GMT Date: Tue, 20 Dec 2022 07:56:20 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 2039a1dda99e075b82840608771d2326 e89713a35b312f3b87fbeaad98f03fddecbf77ce aae78c754635e9833fa6c231d775bddc82add02f9ce3197a0b260a0806e708c3 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "AAE78C754635E9833FA6C231D775BDDC82ADD02F9CE3197A0B260A0806E708C3" Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10892 Expires: Tue, 20 Dec 2022 10:57:52 GMT Date: Tue, 20 Dec 2022 07:56:20 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash bf0c602d32b3c14606f22a86183b5e3c 6eabd8d83475eba731968abe1a05a8bfd272f160 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 20 Dec 2022 07:45:44 GMT content-type: application/json age: 636 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash bcade8542361774f13ecd22557ff8fb8 5e67a3753b0856c765f3b17f1742d3ed684ffb6d 647f8d9d3d1170e60a60e15fdfd9b59445feb56a6ce9d9bb2fa4720f0bfc3a14 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "647F8D9D3D1170E60A60E15FDFD9B59445FEB56A6CE9D9BB2FA4720F0BFC3A14" Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9421 Expires: Tue, 20 Dec 2022 10:33:21 GMT Date: Tue, 20 Dec 2022 07:56:20 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 53341dea33f4f3d9b4966f80589f429a 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: l4zLE6duYp7zgdWmhlqELiw3j93iws6xQI3r5qwQYvk0ucTD1I0LiaIvwd0r/eN1NdKq9FYW5AM= x-amz-request-id: M3S99P1YS3XV6BJK content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 20 Dec 2022 07:54:54 GMT age: 86 last-modified: Wed, 30 Nov 2022 10:06:34 GMT etag: "53341dea33f4f3d9b4966f80589f429a" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Tue, 20 Dec 2022 07:56:20 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	reurl.cc/e6mqzK	35.185.130.121	301 Moved Permanently	178 B
URL HTTP/1.1 reurl.cc/e6mqzK IP 35.185.130.121:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 178 B (178 bytes) Hash bd2695f4b079c71dbddde3436286fb9c 733c05da132193d6cf1d8e242d12e2525c03bab4 2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b HTTP Headers `GET /e6mqzK HTTP/1.1 Host: reurl.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Dec 2022 07:56:20 GMT Content-Type: text/html Content-Length: 178 Connection: keep-alive Location: https://reurl.cc/e6mqzK`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 20 Dec 2022 07:08:02 GMT age: 2899 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 4df678b16094ceafefdbbd55707f4dbe 39a68e051456a8ab6c782502a94e8b95ccb0a71d 00561de9683c69a89e084b685df25c6ea4d3a38654a40554f127814200aadf6a HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 5003 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:21 GMT Last-Modified: Tue, 20 Dec 2022 06:32:58 GMT Server: ECS (ska/F70C) X-Cache: HIT Content-Length: 471`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1d35c0e2140ab9ce472f9fc06e1d5c6d d945cb45a61649c4a51808514e5581cde727e5a7 c849dc6438199d7624a2126051f554fcfe73e270ada1c545cbc36caeb7fe4a7b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C849DC6438199D7624A2126051F554FCFE73E270ADA1C545CBC36CAEB7FE4A7B" Last-Modified: Tue, 20 Dec 2022 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12298 Expires: Tue, 20 Dec 2022 11:21:19 GMT Date: Tue, 20 Dec 2022 07:56:21 GMT Connection: keep-alive`

	push.services.mozilla.com/	35.164.56.167	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.164.56.167:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: LoEQpNekZvFjdPBvWmtT0A== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: YIXyun5jPyiL0uR/rjiwmhDW1fs=`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash dc42e8888911b1f352cc281c26b44e1e 6b4d3cec2daaec21b6af172283cdfd398394c251 22d9f36ba4e1b3932f8e0a1349f144054e5b9765282a2083d96cc91760520923 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 2255 Cache-Control: max-age=131798 Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:22 GMT Etag: "63a0c1ad-1d7" Expires: Wed, 21 Dec 2022 20:33:00 GMT Last-Modified: Mon, 19 Dec 2022 19:55:25 GMT Server: ECS (ska/F70C) X-Cache: HIT Content-Length: 471`

	connect.facebook.net/en_US/fbevents.js	31.13.72.12	200 OK	27 kB
URL HTTP/2 connect.facebook.net/en_US/fbevents.js IP 31.13.72.12:0 ASN #32934 FACEBOOK File type ASCII text, with very long lines (64348) Size 27 kB (27298 bytes) Hash 8b26cd4609e2025e51e90573a0fbd6f7 efc2006ae5297ad5ae5e064188b9fba73f6b868f e288b6a1e220f5fb781cfbb0b739b36c6acfdceccff8f0278fc151c241b0b50b HTTP Headers `GET /en_US/fbevents.js HTTP/1.1 Host: connect.facebook.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://reurl.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK vary: Accept-Encoding content-encoding: gzip content-type: application/x-javascript; charset=utf-8 content-security-policy: default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups pragma: public cache-control: public, max-age=1200 expires: Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options: nosniff x-xss-protection: 0 x-frame-options: DENY strict-transport-security: max-age=31536000; preload; includeSubDomains x-fb-debug: rPMh94ZeQJWqznD7/BykzjzvV3q+tQq5ff45m+AQxxc3+qTUs/65/SnlZLD9rqL4kd3LTL17sCvafgNMDI8Hwg== content-length: 27298 x-fb-trip-id: 1904183273 date: Tue, 20 Dec 2022 07:56:22 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 33b3e9caf6728c5b916ec1ffee5ce0b3 06dccffaf379bc6709ca42d408ae530d8a14ef83 2ed45ebc478006d7657cd42f5779635c871a5919efa7a6d7ed3a3fa344089360 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash dc42e8888911b1f352cc281c26b44e1e 6b4d3cec2daaec21b6af172283cdfd398394c251 22d9f36ba4e1b3932f8e0a1349f144054e5b9765282a2083d96cc91760520923 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 2255 Cache-Control: max-age=131798 Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:22 GMT Etag: "63a0c1ad-1d7" Expires: Wed, 21 Dec 2022 20:33:00 GMT Last-Modified: Mon, 19 Dec 2022 19:55:25 GMT Server: ECS (ska/F70C) X-Cache: HIT Content-Length: 471`

	www.google-analytics.com/analytics.js	216.239.38.178	200 OK	20 kB
URL HTTP/2 www.google-analytics.com/analytics.js IP 216.239.38.178:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1325) Size 20 kB (20039 bytes) Hash 47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e HTTP Headers `GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://reurl.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20039 date: Tue, 20 Dec 2022 07:34:02 GMT expires: Tue, 20 Dec 2022 09:34:02 GMT cache-control: public, max-age=7200 age: 1340 last-modified: Tue, 27 Sep 2022 22:01:05 GMT content-type: text/javascript alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 384a2b2f97397ee2741922068da5bdcd 256bcaf0f153a739623feb917ad1c8745b7a3651 541c129fcb8391e0516ad5f1ee19da5c060ce54cabedfdc7cb65d2af2b4410e0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ssl.gstatic.com/images/branding/product/1x/drive_2020q4_32dp.png	142.250.74.99	200 OK	831 B
URL HTTP/2 ssl.gstatic.com/images/branding/product/1x/drive_2020q4_32dp.png IP 142.250.74.99:0 ASN #15169 GOOGLE File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size 831 B (831 bytes) Hash 916c9bcccf19525ad9d3cd1514008746 9ccce6978d2417927b5150ffaac22f907ff27b6e 358e814139d3ed8469b36935a071be6696ccad7dd9bdbfdb80c052b068ae2a50 HTTP Headers `GET /images/branding/product/1x/drive_2020q4_32dp.png HTTP/1.1 Host: ssl.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://reurl.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Origin cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 831 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 15 Dec 2022 20:55:50 GMT expires: Fri, 15 Dec 2023 20:55:50 GMT cache-control: public, max-age=31536000 last-modified: Fri, 21 Aug 2020 00:15:00 GMT content-type: image/png age: 385232 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 33b3e9caf6728c5b916ec1ffee5ce0b3 06dccffaf379bc6709ca42d408ae530d8a14ef83 2ed45ebc478006d7657cd42f5779635c871a5919efa7a6d7ed3a3fa344089360 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 384a2b2f97397ee2741922068da5bdcd 256bcaf0f153a739623feb917ad1c8745b7a3651 541c129fcb8391e0516ad5f1ee19da5c060ce54cabedfdc7cb65d2af2b4410e0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google-analytics.com/j/collect?v=1&_v=j98&a=1491996999&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fe6mqzK&ul=en-us&de=UTF-8&dt=%E5%AD%B8%E5%93%A1%E8%AA%B2%E7%A8%8B%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB.pdf&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=607704351&gjid=551162403&cid=2121257213.1671522992&tid=UA-102456694-1&_gid=1213670558.1671522992&_r=1&_slc=1&z=1374862046	216.239.38.178	200 OK	4 B
URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1491996999&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fe6mqzK&ul=en-us&de=UTF-8&dt=%E5%AD%B8%E5%93%A1%E8%AA%B2%E7%A8%8B%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB.pdf&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=607704351&gjid=551162403&cid=2121257213.1671522992&tid=UA-102456694-1&_gid=1213670558.1671522992&_r=1&_slc=1&z=1374862046 IP 216.239.38.178:0 ASN #15169 GOOGLE File type ASCII text, with no line terminators Size 4 B (4 bytes) Hash 9e92e190700c1af4539b40c2171320a9 209bcdb79e6067b51091ce8586d4b977f25b67d8 aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 HTTP Headers POST /j/collect?v=1&_v=j98&a=1491996999&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fe6mqzK&ul=en-us&de=UTF-8&dt=%E5%AD%B8%E5%93%A1%E8%AA%B2%E7%A8%8B%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB.pdf&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=607704351&gjid=551162403&cid=2121257213.1671522992&tid=UA-102456694-1&_gid=1213670558.1671522992&_r=1&_slc=1&z=1374862046 HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://reurl.cc Connection: keep-alive Referer: https://reurl.cc/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK access-control-allow-origin: https://reurl.cc date: Tue, 20 Dec 2022 07:56:22 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 4 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2Fe6mqzK&rl=&if=false&ts=1671522992499&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=28&fbp=fb.1.1671522992498.418125299&it=1671522992455&coo=false&rqm=GET	31.13.72.36	200 OK	0 B
URL HTTP/2 www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2Fe6mqzK&rl=&if=false&ts=1671522992499&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=28&fbp=fb.1.1671522992498.418125299&it=1671522992455&coo=false&rqm=GET IP 31.13.72.36:0 ASN #32934 FACEBOOK File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2Fe6mqzK&rl=&if=false&ts=1671522992499&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=28&fbp=fb.1.1671522992498.418125299&it=1671522992455&coo=false&rqm=GET HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://reurl.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site `HTTP/2 200 OK content-type: text/plain access-control-allow-origin: access-control-allow-credentials: true strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-length: 0 server: proxygen-bolt alt-svc: h3=":443"; ma=86400 date: Tue, 20 Dec 2022 07:56:22 GMT X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 4f05977a009dd740d1f82894bb649d6f a6e1a419deff5fc86ffa4fc7991435ec1578233a 6cc36a336c232d9d1823ea0bec9acaf4744f0f1b9648cdd21ce44d294e9cb576 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 74619c8a7d32d46fc91cc86f793f107c 3f2b1390ef4f7cd385f513d57297fa482f7dd43c 6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457" Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11354 Expires: Tue, 20 Dec 2022 11:05:37 GMT Date: Tue, 20 Dec 2022 07:56:23 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 74619c8a7d32d46fc91cc86f793f107c 3f2b1390ef4f7cd385f513d57297fa482f7dd43c 6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457" Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11354 Expires: Tue, 20 Dec 2022 11:05:37 GMT Date: Tue, 20 Dec 2022 07:56:23 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 74619c8a7d32d46fc91cc86f793f107c 3f2b1390ef4f7cd385f513d57297fa482f7dd43c 6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457" Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11354 Expires: Tue, 20 Dec 2022 11:05:37 GMT Date: Tue, 20 Dec 2022 07:56:23 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf13d30b-168d-4075-96df-955f428ae325.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf13d30b-168d-4075-96df-955f428ae325.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (11314 bytes) Hash 35a588f727cbb53c2cf495e5736ef7aa bae4be57801e820925fdb3dcb2378ed2bfa6dc38 0e9e1acd1c7195f6ec9eabb3937d8bd611bc67c5ef96dffcc3325dee30683295 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf13d30b-168d-4075-96df-955f428ae325.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11314 x-amzn-requestid: bff05f9e-5ac2-49ec-afbd-fefd6a558535 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: da271FMNIAMFtNA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63a10518-6f3b84fb0fdb11fd04ecc5b2;Sampled=0 x-amzn-remapped-date: Tue, 20 Dec 2022 00:43:04 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: tmeYmTw37jSgSHwYnptPQFD3ZtZV1gh8HCVB0fsPyMVL8zciyvgXLg== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google date: Tue, 20 Dec 2022 01:14:40 GMT age: 24103 etag: "bae4be57801e820925fdb3dcb2378ed2bfa6dc38" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4017f13d-fc40-4034-9f27-d4af3c2f16f8.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4017f13d-fc40-4034-9f27-d4af3c2f16f8.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10533 bytes) Hash 4535f00ed3710172a5f7debc715cb36f b176b458d20465245409f5b442fd4ad50c6a11f9 ad0fbd8a82b0859dc9c36053d8190bc20b3759ffa5971f55b0faedf8ba7ec001 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4017f13d-fc40-4034-9f27-d4af3c2f16f8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10533 x-amzn-requestid: 31f0445f-d7e5-4d9d-98c7-60441253c2be x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: da6p9EVToAMFoBA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63a10b0c-5e2b65513b791ea728b8e2a0;Sampled=0 x-amzn-remapped-date: Tue, 20 Dec 2022 01:08:28 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: lT2jpFhPw531E8UQ9y7rjzPSqFR84sANjFhhfHmB_Xz4PfksWQ0xEA== via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ac463f3377446e4c603deca30feb744a.cloudfront.net (CloudFront), 1.1 google date: Tue, 20 Dec 2022 01:08:28 GMT age: 24475 etag: "b176b458d20465245409f5b442fd4ad50c6a11f9" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35d10a39-d4a4-4dab-a6c5-b26190cd8d9c.jpeg	34.120.237.76	200 OK	5.3 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35d10a39-d4a4-4dab-a6c5-b26190cd8d9c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.3 kB (5325 bytes) Hash 7954c03ff4f2bade4a70f50c5aa46b14 576056e8336ae400a1652be8073a2a20e41cec85 00803b3df8b4b876b7fd205008a407f08c40519c32dcb07b3b99b30528d1215f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35d10a39-d4a4-4dab-a6c5-b26190cd8d9c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5325 x-amzn-requestid: 1b391874-5da9-44eb-ad08-d8fc05a5e709 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: da4QKEceIAMF4fg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63a10734-2b19a25a181c2c1b25f00952;Sampled=0 x-amzn-remapped-date: Tue, 20 Dec 2022 00:52:04 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: ETmN2B5G6I9L0h8hPOXmrc3fyhoFhQku70GBHt-p9uy9DNOqiPl3aA== via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 5292c0d5844327feadb38f1efe42ebc6.cloudfront.net (CloudFront), 1.1 google date: Tue, 20 Dec 2022 01:24:17 GMT age: 23526 etag: "576056e8336ae400a1652be8073a2a20e41cec85" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82b028aa-d0e3-4082-a385-1385bc5c6e06.jpeg	34.120.237.76	200 OK	9.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82b028aa-d0e3-4082-a385-1385bc5c6e06.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.2 kB (9216 bytes) Hash 045f016fb66e6e0d1da1fb742d9b19a7 8f98bf2cedfccfce71464a733e2fd37482fd71c2 593cf38d1c2c315ff23fcda60e41141caa0266874f36a0c517554ca01ea51f12 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82b028aa-d0e3-4082-a385-1385bc5c6e06.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9216 x-amzn-requestid: 460a95bf-5724-4bea-b6c1-f6ce263da5e7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: dabq8FXboAMFwCQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63a0d979-70340469247cdcf952a98c3e;Sampled=0 x-amzn-remapped-date: Mon, 19 Dec 2022 21:36:57 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: 7yYJKslDn22-iL_OH_VIiZdrTMJ-9c-DyORpGZ4d2MZLDoX5PpekRw== via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google date: Mon, 19 Dec 2022 21:48:32 GMT age: 36471 etag: "8f98bf2cedfccfce71464a733e2fd37482fd71c2" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg	34.120.237.76	200 OK	8.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.5 kB (8450 bytes) Hash c7ac0b5738bab6b4ed770c26ca922250 e56fd4ee2f5354a54a6271db2be528f98eecd3d7 5997d5be6bbeb189ef08af2f6c6dd5bb0cfa70ad7b40daab8712efe5adc2c6e1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8450 x-amzn-requestid: a9f11c68-8327-46ba-9075-e316a2f9fdbb x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: dabr3FoSIAMFdtQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63a0d97e-61b788f5675fe0e815e1e967;Sampled=0 x-amzn-remapped-date: Mon, 19 Dec 2022 21:37:02 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: EFtrPmVeBdwlINxF0wQq0671EksYsi6nsyFd5E4SCSH4_bQyGaNQHQ== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google date: Mon, 19 Dec 2022 21:48:36 GMT age: 36467 etag: "e56fd4ee2f5354a54a6271db2be528f98eecd3d7" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee1dbf08-d046-4d26-8221-af352c7c7eba.jpeg	34.120.237.76	200 OK	2.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee1dbf08-d046-4d26-8221-af352c7c7eba.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 2.1 kB (2054 bytes) Hash ac396f580b50a626abbeb37c0ec5f005 626262a7313aeb54bcdbcaf682f73d9ff4a4cfcb 3546f7a2be3f578ad9d8b8f57b89a69b6ece9b08da63fb9448e5e6dde4d3332c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee1dbf08-d046-4d26-8221-af352c7c7eba.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 2054 x-amzn-requestid: 5072b75c-7455-45cc-a35e-be7e0ed77496 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: dabqhHE6IAMFrxw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63a0d976-026c95822615b2550edb00e7;Sampled=0 x-amzn-remapped-date: Mon, 19 Dec 2022 21:36:54 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: uJwyFukmL1DoqJnY-yzKVBLtnEITiYMDkVoZoXm46QGdni9vkzUTMA== via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google date: Mon, 19 Dec 2022 21:48:32 GMT age: 36471 etag: "626262a7313aeb54bcdbcaf682f73d9ff4a4cfcb" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 4f05977a009dd740d1f82894bb649d6f a6e1a419deff5fc86ffa4fc7991435ec1578233a 6cc36a336c232d9d1823ea0bec9acaf4744f0f1b9648cdd21ce44d294e9cb576 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 0dc23a845daadd984dd46924d80efb81 8b6ac466ee633c3a3a2eff65bd60dcb6097e5c75 3f3ebc1214709374a862beef3041aec51861f5fa7377f12710853bf31c772c58 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 384a2b2f97397ee2741922068da5bdcd 256bcaf0f153a739623feb917ad1c8745b7a3651 541c129fcb8391e0516ad5f1ee19da5c060ce54cabedfdc7cb65d2af2b4410e0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 384a2b2f97397ee2741922068da5bdcd 256bcaf0f153a739623feb917ad1c8745b7a3651 541c129fcb8391e0516ad5f1ee19da5c060ce54cabedfdc7cb65d2af2b4410e0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.no.rLNu74Zoo1c.O/am=ABA/d=1/rs=AO0039tCSF6Te-U8iImz9omMG3SCVdbpTQ/m=v,wb	142.250.74.3	200 OK	455 kB
URL HTTP/2 www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.no.rLNu74Zoo1c.O/am=ABA/d=1/rs=AO0039tCSF6Te-U8iImz9omMG3SCVdbpTQ/m=v,wb IP 142.250.74.3:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (738) Size 455 kB (454917 bytes) Hash 4cfa649f652ccab78fb8acfb80decd3c 693ce9d447c9d55c885771a43893a21b94a5273b 01d3d608201bab891aa73c79640c72663d0e7e35b4e660e87c73e4dc3c3d569c HTTP Headers `GET /_/apps-fileview/_/js/k=apps-fileview.v.no.rLNu74Zoo1c.O/am=ABA/d=1/rs=AO0039tCSF6Te-U8iImz9omMG3SCVdbpTQ/m=v,wb HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.google.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding, Origin content-encoding: gzip content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-fileview" report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]} content-length: 454917 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 17 Dec 2022 05:48:07 GMT expires: Sun, 17 Dec 2023 05:48:07 GMT cache-control: public, max-age=31536000 last-modified: Thu, 08 Dec 2022 20:08:03 GMT content-type: text/javascript; charset=UTF-8 age: 266896 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.gVYykqhFbb0.L.F4.O/am=ABA/d=0/rs=AO0039tjTDMC_0_NZq09ydA3Ie_jJkM_dQ	142.250.74.3	200 OK	192 kB
URL HTTP/2 www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.gVYykqhFbb0.L.F4.O/am=ABA/d=0/rs=AO0039tjTDMC_0_NZq09ydA3Ie_jJkM_dQ IP 142.250.74.3:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (65536), with no line terminators Size 192 kB (191628 bytes) Hash f95d4512caa55fb6d43b59e245222f66 70ecab957d8eb388e24d55a4b96d7ea644291f4d 48fd342a3915fea612ea96f7ec95b6325942db19b6bcc2017bb1d10ee569fb19 HTTP Headers `GET /_/apps-fileview/_/ss/k=apps-fileview.v.gVYykqhFbb0.L.F4.O/am=ABA/d=0/rs=AO0039tjTDMC_0_NZq09ydA3Ie_jJkM_dQ HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.google.com/ Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding, Origin content-encoding: gzip content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-fileview" report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]} content-length: 191628 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 18 Dec 2022 03:21:04 GMT expires: Mon, 18 Dec 2023 03:21:04 GMT cache-control: public, max-age=31536000 last-modified: Thu, 08 Dec 2022 20:08:03 GMT content-type: text/css; charset=UTF-8 age: 189319 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 0dc23a845daadd984dd46924d80efb81 8b6ac466ee633c3a3a2eff65bd60dcb6097e5c75 3f3ebc1214709374a862beef3041aec51861f5fa7377f12710853bf31c772c58 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2	216.58.207.227	200 OK	15 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Size 15 kB (15344 bytes) Hash 5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc HTTP Headers `GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Referer: https://drive.google.com/ Origin: https://drive.google.com Connection: keep-alive Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15344 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 15 Dec 2022 21:48:03 GMT expires: Fri, 15 Dec 2023 21:48:03 GMT cache-control: public, max-age=31536000 age: 382100 last-modified: Mon, 16 Oct 2017 17:32:55 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 42871d38374a706e30997d1d3d546c73 8b77dd7cd129bcda9f189857b786e23d57d8f8ba 724be18cc5deac8f02cb61b024e86d249168f42ab50d3c2e6933b0bd53553e73 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:23 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.WEPncdil2Uw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA/cb=gapi.loaded_0	172.217.21.174	200 OK	37 kB
URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.WEPncdil2Uw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA/cb=gapi.loaded_0 IP 172.217.21.174:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (580) Size 37 kB (36630 bytes) Hash 3dc6b3c0bb1af8db47bd8cdd43543aa7 9af4fcc16ff6b8ab30e398c07ef54e1df07768a3 f68d1793e65c52c4fd9578e7ffabd7af2d186838787ae9c50665f92a2b17ec25 HTTP Headers GET /_/scs/abc-static/_/js/k=gapi.gapi.en.WEPncdil2Uw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-eOecLLtOXEl3I3kIuMsKXRkDMmA/cb=gapi.loaded_0 HTTP/1.1 Host: apis.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.google.com/ Connection: keep-alive Cookie: __Secure-ENID=9.SE=kdsZHQErupNlv_ovaPWW_6ryiVf5bbe4HLXiu-2BIg1ZYfYGzOTLQ5YdvZzRs3kz--2VeGP0W8LmTgo2LOXDm2BFyWB1UTg0ba6ZGPlyOnzH7pw_JUvdzi_npeS3ezii6HXfwEJxvJ7OGHvKyd5fYxBIY0u0a9hmWKRXlozagQ8; CONSENT=PENDING+883; NID=511=I-NGtMCS4_T0Q6JyY47B9L_7d9dwOQGYYW_htY2fw1BfJpCNwuPCWMp6D852J_50UIT7r6WqbrVA6i2s7_p0pH9TK151TenUfGkmj0EAxnIcm7GSv7xUV8beyWAnqRmd2sez7_Qzwe2ZEgY9NudMhOBE4K12PuTx41XsTNMBJTQ; AEC=AakniGMAILtAayGs2A8MzAZEuIPZ0ARUKTB9a9BsWEMeZb9KNyNHl4BtzfQ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access" report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-length: 36630 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 19 Dec 2022 15:01:04 GMT expires: Tue, 19 Dec 2023 15:01:04 GMT cache-control: public, max-age=31536000 last-modified: Tue, 06 Dec 2022 15:19:36 GMT content-type: text/javascript; charset=UTF-8 age: 60919 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ssl.gstatic.com/images/branding/product/1x/drive_2020q4_32dp.png	142.250.74.99	200 OK	831 B
URL HTTP/2 ssl.gstatic.com/images/branding/product/1x/drive_2020q4_32dp.png IP 142.250.74.99:0 ASN #15169 GOOGLE File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size 831 B (831 bytes) Hash 916c9bcccf19525ad9d3cd1514008746 9ccce6978d2417927b5150ffaac22f907ff27b6e 358e814139d3ed8469b36935a071be6696ccad7dd9bdbfdb80c052b068ae2a50 HTTP Headers `GET /images/branding/product/1x/drive_2020q4_32dp.png HTTP/1.1 Host: ssl.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Origin cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 831 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 15 Dec 2022 20:55:50 GMT expires: Fri, 15 Dec 2023 20:55:50 GMT cache-control: public, max-age=31536000 last-modified: Fri, 21 Aug 2020 00:15:00 GMT content-type: image/png age: 385233 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	play.google.com/log?format=json&hasfast=true	216.58.207.238	200 OK	131 B
URL HTTP/2 play.google.com/log?format=json&hasfast=true IP 216.58.207.238:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 131 B (131 bytes) Hash babb6f090aeebc6f421624475b4aefff 06079b7547949822c118224e51604f4c5ebf80c8 b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd HTTP Headers POST /log?format=json&hasfast=true HTTP/1.1 Host: play.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.google.com/ Content-Type: application/x-www-form-urlencoded;charset=utf-8 Content-Length: 633 Origin: https://drive.google.com Connection: keep-alive Cookie: __Secure-ENID=9.SE=kdsZHQErupNlv_ovaPWW_6ryiVf5bbe4HLXiu-2BIg1ZYfYGzOTLQ5YdvZzRs3kz--2VeGP0W8LmTgo2LOXDm2BFyWB1UTg0ba6ZGPlyOnzH7pw_JUvdzi_npeS3ezii6HXfwEJxvJ7OGHvKyd5fYxBIY0u0a9hmWKRXlozagQ8; CONSENT=PENDING+883; _ga=GA1.3.374087793.1654401397; NID=511=I-NGtMCS4_T0Q6JyY47B9L_7d9dwOQGYYW_htY2fw1BfJpCNwuPCWMp6D852J_50UIT7r6WqbrVA6i2s7_p0pH9TK151TenUfGkmj0EAxnIcm7GSv7xUV8beyWAnqRmd2sez7_Qzwe2ZEgY9NudMhOBE4K12PuTx41XsTNMBJTQ; AEC=AakniGMAILtAayGs2A8MzAZEuIPZ0ARUKTB9a9BsWEMeZb9KNyNHl4BtzfQ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site HTTP/2 200 OK access-control-allow-origin: https://drive.google.com cross-origin-resource-policy: cross-origin access-control-allow-credentials: true access-control-allow-headers: X-Playlog-Web content-type: text/plain; charset=UTF-8 content-encoding: gzip date: Tue, 20 Dec 2022 07:56:23 GMT server: Playlog cache-control: private content-length: 131 x-xss-protection: 0 x-frame-options: SAMEORIGIN alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2	216.58.207.227	200 OK	28 kB
URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data Size 28 kB (28288 bytes) Hash 53b5e785dfdca21fa7adf7119fa1f8cc a3a86dfd216ad29183ba5493ae39d45b62f9d8b8 4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08 HTTP Headers GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://drive.google.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 28288 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 14 Dec 2022 20:35:00 GMT expires: Thu, 14 Dec 2023 20:35:00 GMT cache-control: public, max-age=31536000 age: 472883 last-modified: Wed, 01 Jun 2022 19:05:56 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 91dd972f981279a7c8a027e217893c0d 7c23a5e58952f88127fe326b72353fd97ab1ff81 78a82a53742d29e053adc16e1f6534bab1a6105b12c28aca609639e13643d6f2 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 91dd972f981279a7c8a027e217893c0d 7c23a5e58952f88127fe326b72353fd97ab1ff81 78a82a53742d29e053adc16e1f6534bab1a6105b12c28aca609639e13643d6f2 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash a5a8ed6010d80bdd605c7fd591c5bf4f a27b9151346035a00d583f1cf4e3d094295e15ac e8acbac759eb827ee00315957a90352f3e249ca13f3e15fbb7a1d5ce49ef9835 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash a5a8ed6010d80bdd605c7fd591c5bf4f a27b9151346035a00d583f1cf4e3d094295e15ac e8acbac759eb827ee00315957a90352f3e249ca13f3e15fbb7a1d5ce49ef9835 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	lh3.googleusercontent.com/a/default-user=s64	172.217.21.161	200 OK	364 B
URL HTTP/2 lh3.googleusercontent.com/a/default-user=s64 IP 172.217.21.161:0 ASN #15169 GOOGLE File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data Size 364 B (364 bytes) Hash b5568ce6976422a48be274caa091a8de dbee365cb1588459cb68159d0e75b43fa47b2df8 ff54dca7160a92c016cbe61e9f13b5b4e7f503598f1f066d28da701f55bd6b18 HTTP Headers `GET /a/default-user=s64 HTTP/1.1 Host: lh3.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-expose-headers: Content-Length content-disposition: inline;filename="unnamed.png" vary: Origin access-control-allow-origin: * timing-allow-origin: * x-content-type-options: nosniff server: fife content-length: 364 x-xss-protection: 0 date: Tue, 20 Dec 2022 06:17:09 GMT expires: Mon, 19 Dec 2022 06:17:02 GMT cache-control: public, max-age=86400, no-transform age: 5955 etag: "v0" content-type: image/png alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash a5a8ed6010d80bdd605c7fd591c5bf4f a27b9151346035a00d583f1cf4e3d094295e15ac e8acbac759eb827ee00315957a90352f3e249ca13f3e15fbb7a1d5ce49ef9835 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	blobcomments-pa.clients6.google.com/v1/metadata?docId=1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1&revisionId=0B0xle5FxR5UgblUvbndxbzl1MnozT0lVc3lwTFg2WSt1dldjPQ&userLocale=no&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797	142.250.74.106	200 OK	0 B
URL HTTP/2 blobcomments-pa.clients6.google.com/v1/metadata?docId=1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1&revisionId=0B0xle5FxR5UgblUvbndxbzl1MnozT0lVc3lwTFg2WSt1dldjPQ&userLocale=no&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797 IP 142.250.74.106:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /v1/metadata?docId=1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1&revisionId=0B0xle5FxR5UgblUvbndxbzl1MnozT0lVc3lwTFg2WSt1dldjPQ&userLocale=no&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797 HTTP/1.1 Host: blobcomments-pa.clients6.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: GET Access-Control-Request-Headers: x-clientdetails,x-goog-authuser,x-goog-encode-response-if-executable,x-javascript-user-agent,x-requested-with Referer: https://drive.google.com/ Origin: https://drive.google.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site HTTP/2 200 OK access-control-allow-origin: https://drive.google.com vary: origin, referer, x-origin access-control-allow-credentials: true access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-headers: x-clientdetails,x-goog-authuser,x-goog-encode-response-if-executable,x-javascript-user-agent,x-requested-with access-control-max-age: 3600 date: Tue, 20 Dec 2022 07:56:24 GMT content-type: text/html server: ESF content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 91dd972f981279a7c8a027e217893c0d 7c23a5e58952f88127fe326b72353fd97ab1ff81 78a82a53742d29e053adc16e1f6534bab1a6105b12c28aca609639e13643d6f2 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 20 Dec 2022 07:56:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	blobcomments-pa.clients6.google.com/v1/metadata?docId=1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1&revisionId=0B0xle5FxR5UgblUvbndxbzl1MnozT0lVc3lwTFg2WSt1dldjPQ&userLocale=no&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797	142.250.74.106	200 OK	577 B
URL HTTP/2 blobcomments-pa.clients6.google.com/v1/metadata?docId=1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1&revisionId=0B0xle5FxR5UgblUvbndxbzl1MnozT0lVc3lwTFg2WSt1dldjPQ&userLocale=no&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797 IP 142.250.74.106:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (1327) Size 577 B (577 bytes) Hash 7a953b3549a1ee550de1e4ba6e9cdc3a 4e45e75cf176751c3271f26826077ed0c947a779 17659e1f29a0eece36c9951166c6880bc1f26e227692497f6cf58315f2e7019c HTTP Headers GET /v1/metadata?docId=1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1&revisionId=0B0xle5FxR5UgblUvbndxbzl1MnozT0lVc3lwTFg2WSt1dldjPQ&userLocale=no&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797 HTTP/1.1 Host: blobcomments-pa.clients6.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.google.com/ X-Goog-AuthUser: 0 X-JavaScript-User-Agent: google-api-javascript-client/1.1.0 X-Requested-With: XMLHttpRequest X-Goog-Encode-Response-If-Executable: base64 X-ClientDetails: appVersion=5.0%20(X11)&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0 Origin: https://drive.google.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 200 OK content-type: application/json; charset=UTF-8 strict-transport-security: max-age=10886400; includeSubdomains vary: Origin, X-Origin, Referer content-encoding: gzip date: Tue, 20 Dec 2022 07:56:25 GMT server: ESF cache-control: private content-length: 577 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff access-control-allow-origin: https://drive.google.com access-control-allow-credentials: true access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	lh3.googleusercontent.com/drive-viewer/AFDK6gMMqpfFUwkKUCwB7mizQsuRdk4LWiB61vf2Kr0PPxU7Onh96xAklqH6NkBt2jBEJLyVkdC4VMjAS8baAeqYVRN5Iycz=w800	172.217.21.161	200 OK	556 kB
URL HTTP/2 lh3.googleusercontent.com/drive-viewer/AFDK6gMMqpfFUwkKUCwB7mizQsuRdk4LWiB61vf2Kr0PPxU7Onh96xAklqH6NkBt2jBEJLyVkdC4VMjAS8baAeqYVRN5Iycz=w800 IP 172.217.21.161:0 ASN #15169 GOOGLE File type PNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced\012- data Size 556 kB (556529 bytes) Hash 6085afd964ff5133093e10f357d56cf6 1ee66e7df11f72868e751c07d281185e71732301 2558dcca5d1916d2c95f09f6b2d1aec2a0e33ffcd917748942d6efb5feba3a1a HTTP Headers `GET /drive-viewer/AFDK6gMMqpfFUwkKUCwB7mizQsuRdk4LWiB61vf2Kr0PPxU7Onh96xAklqH6NkBt2jBEJLyVkdC4VMjAS8baAeqYVRN5Iycz=w800 HTTP/1.1 Host: lh3.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.google.com/ Origin: https://drive.google.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-expose-headers: Content-Length etag: "v1" expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: private, max-age=86400, no-transform content-disposition: inline;filename="________.pdf.png";filename*=UTF-8''%E5%AD%B8%E5%93%A1%E8%AA%B2%E7%A8%8B%E5%BF%83%E5%BE%97%E5%88%86%E4%BA%AB.pdf.png content-type: image/png vary: Origin access-control-allow-credentials: true access-control-allow-origin: https://drive.google.com timing-allow-origin: https://drive.google.com x-content-type-options: nosniff date: Tue, 20 Dec 2022 07:56:25 GMT server: fife content-length: 556529 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	peoplestackwebexperiments-pa.clients6.google.com/$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags	142.250.74.106	200 OK	0 B
URL HTTP/2 peoplestackwebexperiments-pa.clients6.google.com/$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags IP 142.250.74.106:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags HTTP/1.1 Host: peoplestackwebexperiments-pa.clients6.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent Referer: https://drive.google.com/ Origin: https://drive.google.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 200 OK access-control-allow-origin: https://drive.google.com vary: origin, referer, x-origin access-control-allow-credentials: true access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-headers: content-type,x-goog-api-key,x-user-agent access-control-max-age: 3600 date: Tue, 20 Dec 2022 07:56:25 GMT content-type: text/html server: scaffolding on HTTPServer2 content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	peoplestackwebexperiments-pa.clients6.google.com/$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags	142.250.74.106	200 OK	0 B
URL HTTP/2 peoplestackwebexperiments-pa.clients6.google.com/$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags IP 142.250.74.106:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags HTTP/1.1 Host: peoplestackwebexperiments-pa.clients6.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent Referer: https://drive.google.com/ Origin: https://drive.google.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 200 OK access-control-allow-origin: https://drive.google.com vary: origin, referer, x-origin access-control-allow-credentials: true access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-headers: content-type,x-goog-api-key,x-user-agent access-control-max-age: 3600 date: Tue, 20 Dec 2022 07:56:25 GMT content-type: text/html server: scaffolding on HTTPServer2 content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	peoplestackwebexperiments-pa.clients6.google.com/$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags	142.250.74.106	401 Unauthorized	273 B
URL HTTP/2 peoplestackwebexperiments-pa.clients6.google.com/$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags IP 142.250.74.106:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (421), with no line terminators Size 273 B (273 bytes) Hash fa5770427dd81581d3262bba95c9ed48 c68a1c6dc3d959333ae46636ede8ad9672423952 615d3e4953d92283527cba7c635437cec489dfa7f6cc8299b04316656f358456 HTTP Headers POST /$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags HTTP/1.1 Host: peoplestackwebexperiments-pa.clients6.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.google.com/ X-Goog-Api-Key: AIzaSyABqJ85_R2irnKzMtGBL0iHuyFBi6Efk1w Content-Type: application/json+protobuf X-User-Agent: grpc-web-javascript/0.1 Content-Length: 39 Origin: https://drive.google.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 401 Unauthorized www-authenticate: Bearer realm="https://accounts.google.com/" strict-transport-security: max-age=10886400; includeSubdomains vary: Origin, X-Origin, Referer content-type: application/json+protobuf; charset=UTF-8 content-encoding: gzip date: Tue, 20 Dec 2022 07:56:25 GMT server: scaffolding on HTTPServer2 cache-control: private content-length: 273 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff access-control-allow-origin: https://drive.google.com access-control-allow-credentials: true access-control-expose-headers: www-authenticate,vary,vary,vary,content-encoding,date,server,content-length alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	peoplestackwebexperiments-pa.clients6.google.com/$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags	142.250.74.106	401 Unauthorized	273 B
URL HTTP/2 peoplestackwebexperiments-pa.clients6.google.com/$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags IP 142.250.74.106:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (421), with no line terminators Size 273 B (273 bytes) Hash fa5770427dd81581d3262bba95c9ed48 c68a1c6dc3d959333ae46636ede8ad9672423952 615d3e4953d92283527cba7c635437cec489dfa7f6cc8299b04316656f358456 HTTP Headers POST /$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags HTTP/1.1 Host: peoplestackwebexperiments-pa.clients6.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.google.com/ X-Goog-Api-Key: AIzaSyABqJ85_R2irnKzMtGBL0iHuyFBi6Efk1w Content-Type: application/json+protobuf X-User-Agent: grpc-web-javascript/0.1 Content-Length: 39 Origin: https://drive.google.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 401 Unauthorized www-authenticate: Bearer realm="https://accounts.google.com/" strict-transport-security: max-age=10886400; includeSubdomains vary: Origin, X-Origin, Referer content-type: application/json+protobuf; charset=UTF-8 content-encoding: gzip date: Tue, 20 Dec 2022 07:56:25 GMT server: scaffolding on HTTPServer2 cache-control: private content-length: 273 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff access-control-allow-origin: https://drive.google.com access-control-allow-credentials: true access-control-expose-headers: www-authenticate,vary,vary,vary,content-encoding,date,server,content-length alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	reurl.cc/e6mqzK	35.185.130.121	200 OK	0 B
URL HTTP/2 reurl.cc/e6mqzK IP 35.185.130.121:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /e6mqzK HTTP/1.1 Host: reurl.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` `HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Tue, 20 Dec 2022 07:56:21 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding target: https://drive.google.com/file/d/1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1/view?usp=sharing content-encoding: gzip X-Firefox-Spdy: h2`

	reurl.cc/javascripts/ga.js	35.185.130.121	200 OK	0 B
URL HTTP/2 reurl.cc/javascripts/ga.js IP 35.185.130.121:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /javascripts/ga.js HTTP/1.1 Host: reurl.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://reurl.cc/e6mqzK Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Tue, 20 Dec 2022 07:56:22 GMT content-type: application/javascript last-modified: Thu, 29 Sep 2022 09:52:31 GMT vary: Accept-Encoding etag: W/"63356adf-170" expires: Wed, 20 Dec 2023 07:56:22 GMT cache-control: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	reurl.cc/javascripts/pixel.js	35.185.130.121	200 OK	0 B
URL HTTP/2 reurl.cc/javascripts/pixel.js IP 35.185.130.121:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /javascripts/pixel.js HTTP/1.1 Host: reurl.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://reurl.cc/e6mqzK Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Tue, 20 Dec 2022 07:56:22 GMT content-type: application/javascript last-modified: Thu, 29 Sep 2022 09:52:31 GMT vary: Accept-Encoding etag: W/"63356adf-1ad" expires: Wed, 20 Dec 2023 07:56:22 GMT cache-control: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	reurl.cc/javascripts/redirect.js	35.185.130.121	200 OK	0 B
URL HTTP/2 reurl.cc/javascripts/redirect.js IP 35.185.130.121:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /javascripts/redirect.js HTTP/1.1 Host: reurl.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://reurl.cc/e6mqzK Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Tue, 20 Dec 2022 07:56:22 GMT content-type: application/javascript last-modified: Thu, 29 Sep 2022 09:52:31 GMT vary: Accept-Encoding etag: W/"63356adf-70" expires: Wed, 20 Dec 2023 07:56:22 GMT cache-control: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	drive.google.com/file/d/1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1/view?usp=sharing	142.250.74.142	200 OK	0 B
URL HTTP/2 drive.google.com/file/d/1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1/view?usp=sharing IP 142.250.74.142:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers GET /file/d/1RdX3yxRlvwn-_z1qTJ8Ssd7mQXDOj6v1/view?usp=sharing HTTP/1.1 Host: drive.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://reurl.cc/ Cookie: __Secure-ENID=9.SE=kdsZHQErupNlv_ovaPWW_6ryiVf5bbe4HLXiu-2BIg1ZYfYGzOTLQ5YdvZzRs3kz--2VeGP0W8LmTgo2LOXDm2BFyWB1UTg0ba6ZGPlyOnzH7pw_JUvdzi_npeS3ezii6HXfwEJxvJ7OGHvKyd5fYxBIY0u0a9hmWKRXlozagQ8; CONSENT=PENDING+883; NID=511=I-NGtMCS4_T0Q6JyY47B9L_7d9dwOQGYYW_htY2fw1BfJpCNwuPCWMp6D852J_50UIT7r6WqbrVA6i2s7_p0pH9TK151TenUfGkmj0EAxnIcm7GSv7xUV8beyWAnqRmd2sez7_Qzwe2ZEgY9NudMhOBE4K12PuTx41XsTNMBJTQ; AEC=AakniGMAILtAayGs2A8MzAZEuIPZ0ARUKTB9a9BsWEMeZb9KNyNHl4BtzfQ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK content-type: text/html; charset=utf-8 vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-robots-tag: noindex, nofollow, nosnippet cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Tue, 20 Dec 2022 07:56:23 GMT content-encoding: gzip content-security-policy: script-src 'report-sample' 'nonce-wSnKRlU6J8c-khLph-tjeA' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/viewer/ referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Google+Sans:300,400,500,700	142.250.74.106	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Google+Sans:300,400,500,700 IP 142.250.74.106:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Google+Sans:300,400,500,700 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://drive.google.com/ Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 20 Dec 2022 07:56:23 GMT date: Tue, 20 Dec 2022 07:56:23 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP