Report - a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=;&affiliateID=44542&source=102412f2ef00eb1180621099056009&subID2=7114&s2=102412f2ef00eb1180621099056009&s3=;&s4=7114&url=1&affsub=&affsource=&aff_click

Report Overview

Submitted URL
a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=;&affiliateID=44542&source=102412f2ef00eb1180621099056009&subID2=7114&s2=102412f2ef00eb1180621099056009&s3=;&s4=7114&url=1&affsub=&affsource=&aff_click_id=102412f2ef00eb1180621099056009
IP
18.192.108.151
ASN
#16509 AMAZON-02
Submitted
2023-03-25 23:00:49
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
a.vfgtf.com	unknown	2020-02-06T08:47:32Z	2023-03-29T06:05:02Z	572 B	926 B	18.192.108.151
a.vfgtc.com	unknown	2019-09-27T14:31:23Z	2023-03-29T05:20:47Z	650 B	978 B	18.192.108.151
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
v2.trckguardlnk.com	unknown	2022-09-26T22:46:28Z	2023-03-28T13:37:21Z	1.7 kB	1.0 kB	35.158.145.93
s.sloffer1.com	unknown	2022-03-23T08:52:34Z	2023-03-29T06:04:56Z	655 B	1.8 kB	3.218.135.42
zzotrack.com	470411	2021-01-12T07:31:38Z	2023-03-29T15:42:03Z	570 B	874 B	18.184.38.55
ocsp.r2m02.amazontrust.com	unknown	2022-10-12T16:01:39Z	2023-03-29T09:11:13Z	350 B	946 B	54.230.80.227
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	53 kB	34.120.237.76
apis.google.com	105	2013-05-06T22:20:21Z	2023-03-29T05:10:52Z	792 B	39 kB	142.250.74.78
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-29T09:13:03Z	1.5 kB	69 kB	142.250.74.35
www.google.com	7	2015-05-10T13:11:19Z	2023-03-29T05:55:56Z	2.1 kB	65 kB	142.250.74.164
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-29T11:19:48Z	409 B	1.3 kB	216.58.207.227
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.7 kB	7.1 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
tracking.t0r4.com	unknown	2022-05-18T22:26:48Z	2023-03-29T15:41:47Z	562 B	993 B	104.21.19.241
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	35.164.132.223
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	2.4 kB	4.9 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-25 23:00:53	medium	Client IP	Internal IP	ET INFO DNS Query for Suspicious .icu Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 06:44:34 Times Seen36953597 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	v2.trckguardlnk.com/click?a=558&sub_id1=w9fuc7jta3u3bvhn2vhjvi5g&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781&o=1206	69 B	2023-03-08	2023-04-05
Pretty URL v2.trckguardlnk.com/click?a=558&sub_id1=w9fuc7jta3u3bvhn2vhjvi5g&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781&o=1206 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:33 Last Seen2023-04-05 01:56:59 Times Seen27 Hash 3b0ef641e9169a1ef777a950a6f4fb5b cfef63c9b78529700b2389f9eb873895a98510fc 297887fb8fd7e52b0e04443f84127f1286e02f07d6aec9ba6df0204f128615a5 Loading...

	www.google.com/	45 kB	2023-03-29	2023-03-29
Pretty URL www.google.com/ IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:39:00 Last Seen2023-03-29 22:39:00 Times Seen1 Hash 182d9117ffd6540b0e5d693a253fb911 5841264a94bc7cfc156f0b44ef5bf001d006fc04 7fd4adb88f5577a3f0a7f3c38b3729cb49cb43a6660d98774bab7de3bb6a49cd Loading...

	www.google.com/	29 kB	2023-03-29	2023-03-29
Pretty URL www.google.com/ IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:55:30 Last Seen2023-03-29 22:40:40 Times Seen67 Hash 3e2923d63ed1441a2f272690751e52ff 36764abe2ef5f37e978fdba8801e46aa8eaf0b06 0ff70eca82dd5de63308449ec18da2b22975728d43d24bc6b871de7c1b25214c Loading...

	www.google.com/	21 kB	2023-03-29	2023-03-29
Pretty URL www.google.com/ IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:39:00 Last Seen2023-03-29 22:39:00 Times Seen1 Hash a457ca9a3a50181181fefe403132c1b5 48f98fa430cbf81d6be3e4a8c2511bbea82c3724 fe91042b6556261dfd87ac70b34517043a04c019489c1a5098f304843f22d7af Loading...

	www.google.com/	3.6 kB	2023-03-29	2023-03-29
Pretty URL www.google.com/ IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:39:00 Last Seen2023-03-29 22:39:00 Times Seen1 Hash a834300b3b3602061f095e732e2535d1 413c249a0f2768d9bede9aba1e7776424ce7de98 90460f0c168abbd8e81345bd974d9e98556d8677bb20e32f2f65b8add67ea4e3 Loading...

	www.google.com/	4.9 kB	2023-03-29	2023-04-05
Pretty URL www.google.com/ IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 20:55:07 Last Seen2023-04-05 11:05:40 Times Seen257 Hash bfc9bbcde8c687351eb3d7dd767a4cc7 c22269201870fb27c7b8e9fd104eb340f0f328fc 1d95f8cbdf016837604d0a78a6910929713499f6559a31b7422b253023c31e51 Loading...

	www.google.com/	108 B	2023-03-29	2023-03-29
Pretty URL www.google.com/ IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:55:30 Last Seen2023-03-29 23:26:24 Times Seen83 Hash 41453c92caff230a2045204d25334c58 a6a926f2cca4f8b50859a0217ef45e7f830b3241 9cc00a209bf11d4c5e20e86a7bda17e760fb39e00be2e35bc3d2a8c978c6bdd0 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.fpEXMBCWMKc.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9SQGHwxhl93I-W5KEIEdf87vGuqQ/cb=gapi.loaded_0	114 kB	2023-03-26	2023-04-24
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.fpEXMBCWMKc.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9SQGHwxhl93I-W5KEIEdf87vGuqQ/cb=gapi.loaded_0 IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:15:06 Last Seen2023-04-24 16:23:22 Times Seen11739 Hash e436620ed2f34d9d3bac3fb328cc5112 480866bd075cbc7259a0d0d603f7929c7f1728da 3441646e0ff7ad87a85f05ac6fd907e8845a7e715aa23ca33937bc3269440172 Loading...

HTTP Transactions (43)

	URL	IP	Response	Size
	a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=;&affiliateID=44542&source=102412f2ef00eb1180621099056009&subID2=7114&s2=102412f2ef00eb1180621099056009&s3=;&s4=7114&url=1&affsub=&affsource=&aff_click_id=102412f2ef00eb1180621099056009	18.192.108.151	302	0 B
URL HTTP/1.1 a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=;&affiliateID=44542&source=102412f2ef00eb1180621099056009&subID2=7114&s2=102412f2ef00eb1180621099056009&s3=;&s4=7114&url=1&affsub=&affsource=&aff_click_id=102412f2ef00eb1180621099056009 IP 18.192.108.151:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /ab267e05-23a0-430a-bac4-772f7f629740?subID1=;&affiliateID=44542&source=102412f2ef00eb1180621099056009&subID2=7114&s2=102412f2ef00eb1180621099056009&s3=;&s4=7114&url=1&affsub=&affsource=&aff_click_id=102412f2ef00eb1180621099056009 HTTP/1.1 Host: a.vfgtf.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1 HTTP/1.1 302 Server: nginx Date: Sat, 25 Mar 2023 23:00:37 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 Expires: Thu, 01 Jan 1970 00:00:00 GMT Location: https://a.vfgtc.com/2349b3dc-3e96-4e45-8415-f572f10bdc39?aff_sub4=_bucket&subID1=%3B&affiliateID=170909&source=102412f2ef00eb1180621099056009&subID2=7114&target=&Site=&Bnr=ALGO&cid=w89cfi22323v9vhnifslndf2&affsource=&source=7114_ Pragma: no-cache Set-Cookie: ab267e05-23a0-430a-bac4-772f7f629740-v4=ptuV118SDnUIpRVJLTPRkXHly1utvH2ztlMCSzgpT0s; Max-Age=86400; Expires=Sun, 26-Mar-2023 23:00:37 GMT; Domain=a.vfgtf.com; Path=/; HttpOnly cc-v4=ZS27GLu6eIcWYk8YMbPjaUbkamIT2X295GoxeT4r4xTv5uEZuORZWx4ideq3T2lq%2BdxmoJ3GHEoi1acWmO%2FRR%2BxbU2nOCzWPyzLDBipbq%2B393oEVdRrq4849oPBfJ0fjF9DCiuR1qMfVpWNpH9K1wA%3D%3D; Max-Age=31536000; Expires=Sun, 24-Mar-2024 23:00:37 GMT; Domain=a.vfgtf.com; Path=/; HttpOnly

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5d9435c884bf4a0777fdf4b57079ae09 7f04b9db47ffeec90ac6397416b7553e5336a550 fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084" Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13044 Expires: Sun, 26 Mar 2023 02:38:02 GMT Date: Sat, 25 Mar 2023 23:00:38 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfd491ebe7381221b3674c2c8bf9e566 d2ac5badf17f348c28a52e9db10e6eb80e5a231a 34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C" Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15083 Expires: Sun, 26 Mar 2023 03:12:01 GMT Date: Sat, 25 Mar 2023 23:00:38 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 84db75194692d4afe13196bda6f22da8 4c1f49bc973a4917f146d93c8d598344edc021f6 a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sat, 25 Mar 2023 22:27:45 GMT content-type: application/json age: 1973 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1313ee2f06606d09c45b06ff9e8e1001 285ca89d1d3ea45d35832bc6d9827f834b3bfe21 63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0" Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2536 Expires: Sat, 25 Mar 2023 23:42:54 GMT Date: Sat, 25 Mar 2023 23:00:38 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: jfadarT9/t/m3YjURJD6B4l3M4pzcYdRmYWO++sZ+X6sX32ggOOFsyBRy7peW6H3BDLRFP9CAUI7VqGXCTeFfA== x-amz-request-id: F050W5HD82HRS4CG x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sat, 25 Mar 2023 22:00:57 GMT age: 3581 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	a.vfgtc.com/2349b3dc-3e96-4e45-8415-f572f10bdc39?aff_sub4=_bucket&subID1=%3B&affiliateID=170909&source=102412f2ef00eb1180621099056009&subID2=7114&target=&Site=&Bnr=ALGO&cid=w89cfi22323v9vhnifslndf2&affsource=&source=7114_	18.192.108.151	302 Found	0 B
URL HTTP/2 a.vfgtc.com/2349b3dc-3e96-4e45-8415-f572f10bdc39?aff_sub4=_bucket&subID1=%3B&affiliateID=170909&source=102412f2ef00eb1180621099056009&subID2=7114&target=&Site=&Bnr=ALGO&cid=w89cfi22323v9vhnifslndf2&affsource=&source=7114_ IP 18.192.108.151:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /2349b3dc-3e96-4e45-8415-f572f10bdc39?aff_sub4=_bucket&subID1=%3B&affiliateID=170909&source=102412f2ef00eb1180621099056009&subID2=7114&target=&Site=&Bnr=ALGO&cid=w89cfi22323v9vhnifslndf2&affsource=&source=7114_ HTTP/1.1 Host: a.vfgtc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found server: nginx date: Sat, 25 Mar 2023 23:00:38 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://s.sloffer1.com/170909/8373/0/?aff_sub4=_bucket&aff_sub=%3B&aff_sub2=7114&aff_sub3=wrlh95kgujnhivhni65a3veq&aff_click_id=102412f2ef00eb1180621099056009&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_&aff_sub4=ALGO_bucket&source=7114_ pragma: no-cache set-cookie: 2349b3dc-3e96-4e45-8415-f572f10bdc39-v4=CqqvbgL-vzmdgO2FnrUmxC4t3qi-lOQR16zZrOWcT5Q; Max-Age=86400; Expires=Sun, 26-Mar-2023 23:00:38 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=%2B271ofoRoqQoOI0aRnx52yib2yKif2%2FCipFPQJVnAb%2BKpJeqZLTF1A1a7A%2B6sgRpI4o0vyydzdvWQWeJCeRCBhz2kZLFqveqAGGyXMS4DVWoGSgPvr7fbFIjllTwmBPNSMVFXm%2F51vClBoDrUi6P%2FA%3D%3D; Max-Age=31536000; Expires=Sun, 24-Mar-2024 23:00:38 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sat, 25 Mar 2023 23:00:38 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 340c284047bcba78c2d938bb457f5c05 686a300e9786f67b271684de8aad088014ee3d68 e17cc091bc1ae5ac9c0715efb9e0dac0048ca8481e5565bfaabb72203febadaf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E17CC091BC1AE5AC9C0715EFB9E0DAC0048CA8481E5565BFAABB72203FEBADAF" Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13186 Expires: Sun, 26 Mar 2023 02:40:24 GMT Date: Sat, 25 Mar 2023 23:00:38 GMT Connection: keep-alive`

	s.sloffer1.com/170909/8373/0/?aff_sub4=_bucket&aff_sub=%3B&aff_sub2=7114&aff_sub3=wrlh95kgujnhivhni65a3veq&aff_click_id=102412f2ef00eb1180621099056009&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_&aff_sub4=ALGO_bucket&source=7114_	3.218.135.42	303 See Other	370 B
URL HTTP/2 s.sloffer1.com/170909/8373/0/?aff_sub4=_bucket&aff_sub=%3B&aff_sub2=7114&aff_sub3=wrlh95kgujnhivhni65a3veq&aff_click_id=102412f2ef00eb1180621099056009&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_&aff_sub4=ALGO_bucket&source=7114_ IP 3.218.135.42:0 ASN #14618 AMAZON-AES File type HTML document, ASCII text, with very long lines (370), with no line terminators Size 370 B (370 bytes) Hash dbbed7cca2ea5a29220a35cb1ad77f3b c6b5e5a8fc2710a86efce2413e1cc1df47ee32ed 20d9983115b60ba182bceee1869ae6b3814a5504301631bb70bc05cd1922a946 HTTP Headers GET /170909/8373/0/?aff_sub4=_bucket&aff_sub=%3B&aff_sub2=7114&aff_sub3=wrlh95kgujnhivhni65a3veq&aff_click_id=102412f2ef00eb1180621099056009&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_&aff_sub4=ALGO_bucket&source=7114_ HTTP/1.1 Host: s.sloffer1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 303 See Other server: nginx/1.19.0 date: Sat, 25 Mar 2023 23:00:38 GMT content-type: text/html; charset=utf-8 content-length: 370 location: https://tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170909&sub2=7114_&sub3=102fae06343799150662d85668a371&bo=2753%2C2754%2C2755%2C2756 set-cookie: enc_aff_session_8373=ENC03a3bdb4ac569ffdefd4aaad07ba5938080817923fbe1a0b5fb32a588012cbd82d06415415ed023e66fe2940d7a16612f15bc666c6fd28dca3af628ced14a951edb4efe6efe9c6c2afcc57bd55819c7b1a01ab18d7d5b5b6297328f5e1c577acfd8b91bbe1e65ef6c53d74345b27f1a2c728b8b00d8b3df82acfc758105d720bc9c0d918f9a150b0232d9628c73a432729cbac4937052ae44e68e83acbbb4c1532bae7fd4794f5c0b8346b93e6ffe6dcbdd95fea36628caba339c6b25406a3519e1faad9b7; Path=/; Expires=Mon, 24 Mar 2025 23:00:38 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Tue, 17 Feb 2026 09:40:38 GMT; Secure tracking_id: 102fae06343799150662d85668a371 vary: Accept strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sat, 25 Mar 2023 22:14:33 GMT age: 2765 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170909&sub2=7114_&sub3=102fae06343799150662d85668a371&bo=2753%2C2754%2C2755%2C2756	104.21.19.241	302 Found	0 B
URL HTTP/2 tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170909&sub2=7114_&sub3=102fae06343799150662d85668a371&bo=2753%2C2754%2C2755%2C2756 IP 104.21.19.241:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /click?pid=781&offer_id=1085&sub1=170909&sub2=7114_&sub3=102fae06343799150662d85668a371&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1 Host: tracking.t0r4.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found date: Sat, 25 Mar 2023 23:00:38 GMT content-length: 0 location: https://zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170909&sub2=7114_&campaign=&sum=&clickid=641f7d16bdb77b000171d8f0 x-adjust-use-original-forwarded-for: 1 set-cookie: afclick=641f7d16bdb77b000171d8f0; expires=Sun, 24 Mar 2024 23:00:38 GMT; secure; SameSite=None afoffers={"1085":1679785238}; expires=Sun, 24 Mar 2024 23:00:38 GMT; secure; SameSite=None access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHHuVOnMOnzeFfc92li%2BncWMnU5%2FeL0KRNVo5QkEhD39GGIRn0QYIIjMsJ67IhbXqKYLSQ6Nf07HK%2FvggycE0UXzb%2FzQTFwTNFAaJtkyQS7AwxvRzG%2BvjCdtygDpzWY%2B2Pr3aQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7adac56edec40b49-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 717ebcc65cb1390c2509851bac7b5878 1e04e3058329f3809bc01022d441172dcacc1aaa 3c8d41efe14dc75e001ce50aae65e133d90bcb2e2f86b2426cefe7abe4c7b588 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "3C8D41EFE14DC75E001CE50AAE65E133D90BCB2E2F86B2426CEFE7ABE4C7B588" Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6473 Expires: Sun, 26 Mar 2023 00:48:31 GMT Date: Sat, 25 Mar 2023 23:00:38 GMT Connection: keep-alive`

	zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170909&sub2=7114_&campaign=&sum=&clickid=641f7d16bdb77b000171d8f0	18.184.38.55	302 Found	0 B
URL HTTP/2 zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170909&sub2=7114_&campaign=&sum=&clickid=641f7d16bdb77b000171d8f0 IP 18.184.38.55:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170909&sub2=7114_&campaign=&sum=&clickid=641f7d16bdb77b000171d8f0 HTTP/1.1 Host: zzotrack.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found server: nginx date: Sat, 25 Mar 2023 23:00:39 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=w9fuc7jta3u3bvhn2vhjvi5g&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781 pragma: no-cache set-cookie: 381f1b1b-7ced-4eef-857b-418b4c176094-v4=50MQrinAyLMgYlFBT0-fZdiKitdTtkztEtr-x23AhWE; Max-Age=86400; Expires=Sun, 26-Mar-2023 23:00:39 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=9mRDwQXyCI8YI0Vqa48bjoI%2B6OueT%2FbMuYV2NZY%2BZ5eBRwCRjMSjFolX%2BHMWGqUIBbg9Ely24JTRM0rSWoU9rhRZJViNlGBMCdcdJsLA%2BTVdTyiCqInEI5hfTNaPpxXEcaXFxxxUkZN%2BSqCGvhihlg%3D%3D; Max-Age=31536000; Expires=Sun, 24-Mar-2024 23:00:39 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	ocsp.r2m02.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 94941fca652db245fe8ac8002999db34 534308bee76fdff6da1ab2249e7c0499bfb9bf11 18b279c5406135aa476f3a39ed68180e8860f953eef254445b078e1e869dbf8d HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Sat, 25 Mar 2023 23:00:39 GMT Last-Modified: Sat, 25 Mar 2023 21:39:14 GMT Server: ECAcc (bsa/EAE4) X-Cache: Miss from cloudfront Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: JXby5HEHbq9N53eIgocCzVofVdsZvypZqEjh48yjiIS4JnxVzwg29Q== Age: 4885`

	push.services.mozilla.com/	35.164.132.223	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.164.132.223:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 3BGI4hxlGJgwJIUrtMre1w== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 56Hrzkl5EUL09VmgTDc8pTBef9w=`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 6bac14ff70f1fb910e47debdd40434da c2ce59c6cae9af589143a911a086f35db830654d 670d54ab31df749a0b913c0d490e3b1cf835aff2df965d7b6522c6e9ad3d6be2 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 25 Mar 2023 23:00:40 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	v2.trckguardlnk.com/favicon.ico	35.158.145.93	404 Not Found	0 B
URL HTTP/2 v2.trckguardlnk.com/favicon.ico IP 35.158.145.93:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /favicon.ico HTTP/1.1 Host: v2.trckguardlnk.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique; U-13111c20aee51aeb480ecbd988cd8cc9=unique; U-144a3f71a03ab7c4f46f9656608efdb2=unique; o_144a3f71a03ab7c4f46f9656608efdb2=2a73c57b-f47d-4da7-b3aa-51fda08e23c5 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 404 Not Found server: awselb/2.0 date: Sat, 25 Mar 2023 23:00:40 GMT content-type: text/plain; charset=utf-8 content-length: 0 X-Firefox-Spdy: h2`

	www.google.com/	142.250.74.164	200 OK	56 kB
URL HTTP/2 www.google.com/ IP 142.250.74.164:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19848) Size 56 kB (55915 bytes) Hash f901b1ba2d6ab31d0433a5268a7d0471 ed934c6c47e6c172432167a891eea8053422544c bcad633adaf5b4f62894f05a1b565547af7a4b834b5fbdce5a24c4cb49770cf3 HTTP Headers GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: __Secure-ENID=5.SE=WgoywoGOUEmJadxoIB0r2lkzXHeKVqth1xGOa4ffzT7dUHt-ZXjx-iHV7oK7BCuj96T6WcNdOxtcPrvT6hvt4NQxsLWhAuRLpweU30AweJoV-BgqMIIyysdeq33RUY6ph26qQ9jBKSd0XSV6yoBSxOS9PmgWEsI53hUDjv_5qeI; CONSENT=PENDING+883 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK date: Sat, 25 Mar 2023 23:00:40 GMT expires: -1 cache-control: private, max-age=0 content-type: text/html; charset=UTF-8 strict-transport-security: max-age=31536000 content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-Bd_h8dE84o1nI-aKSsx6Nw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." content-encoding: br server: gws content-length: 55915 x-xss-protection: 0 x-frame-options: SAMEORIGIN set-cookie: AEC=AUEFqZdRGQlPGt6QdN4CMxl1A8ZIyFXglqzJdNfZLQ3CloCcfyG-XLO64w; expires=Thu, 21-Sep-2023 23:00:40 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax __Secure-ENID=11.SE=HgOOEvf1NYXHTDtf0jbd_JqqTD6WU-286M-PjxF_SlhgHPfffSNAnpKBCH5nBTIROSo5mQOfLKrbdAIRrKK7T-btcQqwM54wbNCZGnuUR_pS-BBgTnUYPtMjsNDZDk9VeAJhLVcw6VNEtMSylMix1ZI8bFcS9YcXoDRGYp442lQ; expires=Wed, 24-Apr-2024 15:18:58 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 7e3ff6b78faf64b75d13e5e4c390f7c5 1ec395988633a280be5876ea74b91b994ca88bda 470501dd8e4cb351f2b3effe7507b9582758ecf492d587545f740c13527289d4 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 25 Mar 2023 23:00:40 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/tia/tia.png	142.250.74.164	200 OK	258 B
URL HTTP/2 www.google.com/tia/tia.png IP 142.250.74.164:0 ASN #15169 GOOGLE File type PNG image data, 27 x 23, 8-bit/color RGB, non-interlaced\012- data Size 258 B (258 bytes) Hash 201e50d8dd7a30c0a918213686ca43b7 6678592120e899f0d2245c8afeaf9d4a3043c41b c532312eea8020a0370685b222a02b11becd58cd394b509029dff5956127dd81 HTTP Headers GET /tia/tia.png HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Cookie: __Secure-ENID=11.SE=HgOOEvf1NYXHTDtf0jbd_JqqTD6WU-286M-PjxF_SlhgHPfffSNAnpKBCH5nBTIROSo5mQOfLKrbdAIRrKK7T-btcQqwM54wbNCZGnuUR_pS-BBgTnUYPtMjsNDZDk9VeAJhLVcw6VNEtMSylMix1ZI8bFcS9YcXoDRGYp442lQ; CONSENT=PENDING+883; AEC=AUEFqZdRGQlPGt6QdN4CMxl1A8ZIyFXglqzJdNfZLQ3CloCcfyG-XLO64w Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK accept-ranges: bytes cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 258 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 22 Mar 2023 18:05:11 GMT expires: Thu, 21 Mar 2024 18:05:11 GMT cache-control: public, max-age=31536000 last-modified: Fri, 27 Sep 2019 01:00:00 GMT content-type: image/png age: 276929 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png	142.250.74.164	200 OK	6.0 kB
URL HTTP/2 www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png IP 142.250.74.164:0 ASN #15169 GOOGLE File type PNG image data, 272 x 92, 8-bit/color RGBA, non-interlaced\012- data Size 6.0 kB (5969 bytes) Hash 8f9327db2597fa57d2f42b4a6c5a9855 1737d3dfb411c07b86ed8bd30f5987a4dc397cc1 5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826 HTTP Headers GET /images/branding/googlelogo/1x/googlelogo_color_272x92dp.png HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Cookie: __Secure-ENID=11.SE=HgOOEvf1NYXHTDtf0jbd_JqqTD6WU-286M-PjxF_SlhgHPfffSNAnpKBCH5nBTIROSo5mQOfLKrbdAIRrKK7T-btcQqwM54wbNCZGnuUR_pS-BBgTnUYPtMjsNDZDk9VeAJhLVcw6VNEtMSylMix1ZI8bFcS9YcXoDRGYp442lQ; CONSENT=PENDING+883; AEC=AUEFqZdRGQlPGt6QdN4CMxl1A8ZIyFXglqzJdNfZLQ3CloCcfyG-XLO64w Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK accept-ranges: bytes content-type: image/png cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 5969 date: Sat, 25 Mar 2023 23:00:40 GMT expires: Sat, 25 Mar 2023 23:00:40 GMT cache-control: private, max-age=31536000 last-modified: Tue, 22 Oct 2019 18:30:00 GMT x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash b644abd1d83faa6f0327486dae33b18d cb745aa55db6976159ef31ff8835e2b26fd32109 784e1b0a41a50629890a6fd6f58beb9f3a6eb5ba56aa35c671e5217d839aeeac HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 25 Mar 2023 23:00:40 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/i/productlogos/googleg/v6/24px.svg	216.58.207.227	200 OK	438 B
URL HTTP/2 fonts.gstatic.com/s/i/productlogos/googleg/v6/24px.svg IP 216.58.207.227:0 ASN #15169 GOOGLE File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (742), with no line terminators Size 438 B (438 bytes) Hash 55034acc07f2e9996714f3a26001a021 466900a397cef93422a85bd415fa47101e1f6832 d7e3613dad665c5681aa7d2896f9f840e117b0275db09e16070ed6e06fb5ea0c HTTP Headers `GET /s/i/productlogos/googleg/v6/24px.svg HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-length: 438 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 10:26:43 GMT expires: Sat, 23 Mar 2024 10:26:43 GMT cache-control: public, max-age=31536000 last-modified: Wed, 20 Apr 2022 17:17:30 GMT content-type: image/svg+xml vary: Accept-Encoding age: 131637 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash b644abd1d83faa6f0327486dae33b18d cb745aa55db6976159ef31ff8835e2b26fd32109 784e1b0a41a50629890a6fd6f58beb9f3a6eb5ba56aa35c671e5217d839aeeac HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 25 Mar 2023 23:00:40 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.gstatic.com/og/_/js/k=og.qtm.en_US.ODCNLawGeLk.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTvkbJWV1adPbuzYq0DsgPYnetf7Bg	142.250.74.35	200 OK	66 kB
URL HTTP/2 www.gstatic.com/og/_/js/k=og.qtm.en_US.ODCNLawGeLk.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTvkbJWV1adPbuzYq0DsgPYnetf7Bg IP 142.250.74.35:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (2119) Size 66 kB (66360 bytes) Hash 775fb4570b6e499cbae9d65d695c1de5 b13c8f28ae425e96347a39effb90f80269b853bc 2a8e9fa1a85b286fd085cee3c24161bf4b94012c937377c29b59441c9277a7ad HTTP Headers GET /og/_/js/k=og.qtm.en_US.ODCNLawGeLk.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTvkbJWV1adPbuzYq0DsgPYnetf7Bg HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="one-google-eng" report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]} content-length: 66360 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 23 Mar 2023 08:00:30 GMT expires: Fri, 22 Mar 2024 08:00:30 GMT cache-control: public, max-age=31536000 last-modified: Mon, 20 Mar 2023 01:41:00 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding, Origin age: 226810 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.gstatic.com/og/_/ss/k=og.qtm._w-zyUPsPZw.L.F4.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/ct=zgms/rs=AA2YrTvmtKM57xcbKdJeX3djH0NMhQr_Nw	142.250.74.35	200 OK	273 B
URL HTTP/2 www.gstatic.com/og/_/ss/k=og.qtm._w-zyUPsPZw.L.F4.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/ct=zgms/rs=AA2YrTvmtKM57xcbKdJeX3djH0NMhQr_Nw IP 142.250.74.35:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (386), with no line terminators Size 273 B (273 bytes) Hash 2a1bf977b13c5f91c9dc23e52de924e5 cc4e7d1f18c409c61cb63afa21c21dfe7c01dd28 72e237dce16d88b812bbbab2e4d098ea9aadeae5194504c1447af177bf294792 HTTP Headers GET /og/_/ss/k=og.qtm._w-zyUPsPZw.L.F4.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/ct=zgms/rs=AA2YrTvmtKM57xcbKdJeX3djH0NMhQr_Nw HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="one-google-eng" report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]} content-length: 273 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 23 Mar 2023 08:00:29 GMT expires: Fri, 22 Mar 2024 08:00:29 GMT cache-control: public, max-age=31536000 last-modified: Thu, 16 Mar 2023 01:39:16 GMT content-type: text/css; charset=UTF-8 vary: Accept-Encoding, Origin age: 226811 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash b62c9b9530dd66bb7f03ba2ce3d835da bf8560766de78dd925e395f59610ab2f1335e565 62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D" Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9008 Expires: Sun, 26 Mar 2023 01:30:48 GMT Date: Sat, 25 Mar 2023 23:00:40 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash b62c9b9530dd66bb7f03ba2ce3d835da bf8560766de78dd925e395f59610ab2f1335e565 62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D" Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9008 Expires: Sun, 26 Mar 2023 01:30:48 GMT Date: Sat, 25 Mar 2023 23:00:40 GMT Connection: keep-alive`

	www.gstatic.com/inputtools/images/tia.png	142.250.74.35	200 OK	151 B
URL HTTP/2 www.gstatic.com/inputtools/images/tia.png IP 142.250.74.35:0 ASN #15169 GOOGLE File type PNG image data, 19 x 11, 8-bit/color RGBA, non-interlaced\012- data Size 151 B (151 bytes) Hash 0667c2bf932c77b80ef533c5dc1bd7ff 18015c76d9b6861d576841652e6963dad26a3e35 4ebecfbb2c9cff1741b805876370db38d862a037f652d6f647ce51995e03df2c HTTP Headers `GET /inputtools/images/tia.png HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/inputtools cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="inputtools" report-to: {"group":"inputtools","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/inputtools"}]} content-length: 151 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 09:07:44 GMT expires: Sat, 23 Mar 2024 09:07:44 GMT cache-control: public, max-age=31536000 age: 136376 last-modified: Tue, 03 Mar 2020 20:15:00 GMT content-type: image/png vary: Origin alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash b62c9b9530dd66bb7f03ba2ce3d835da bf8560766de78dd925e395f59610ab2f1335e565 62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D" Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9008 Expires: Sun, 26 Mar 2023 01:30:48 GMT Date: Sat, 25 Mar 2023 23:00:40 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg	34.120.237.76	200 OK	3.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.6 kB (3589 bytes) Hash 1ec08d4bd079a92161fc80f41281b5a9 bf61369962342cce85de8f48942b4b150fd2721e 8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3589 x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CW1uyE2joAMF50g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0 x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: pjRA439kqSg5daR_Zuvsf2l45R4oqv3AMWNiMCGQ_C5o2KA8kEd3TQ== via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Mar 2023 21:37:21 GMT etag: "bf61369962342cce85de8f48942b4b150fd2721e" content-type: image/jpeg age: 4999 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg	34.120.237.76	200 OK	4.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.0 kB (4000 bytes) Hash 85351059b67b0a42eda7e69a31b3b4b4 b798268806dc2f79f033e5872676019faf0e0cc1 86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4000 x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJpraEqyoAMFgNQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: I3GuoZ4ZxAtz0sKe3wrW67aitLlCAbaZkiPw23fl0F3FoumJDEnXiQ== via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Mar 2023 05:56:24 GMT age: 61456 etag: "b798268806dc2f79f033e5872676019faf0e0cc1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash b644abd1d83faa6f0327486dae33b18d cb745aa55db6976159ef31ff8835e2b26fd32109 784e1b0a41a50629890a6fd6f58beb9f3a6eb5ba56aa35c671e5217d839aeeac HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 25 Mar 2023 23:00:40 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc872b459-32b1-4ecb-a595-95cee4c53ca4.jpeg	34.120.237.76	200 OK	13 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc872b459-32b1-4ecb-a595-95cee4c53ca4.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 13 kB (12991 bytes) Hash 8e19767dbe464134f0ab81b0eadb98fa 007758853c1d1605db69131eb50ff433a4da5f8c 63f1f08cd038e7b6d3316bbdc59a598b01c3bedd1ef04ba1986152e239fa128c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc872b459-32b1-4ecb-a595-95cee4c53ca4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 12991 x-amzn-requestid: 16bc16bf-b87e-4ed7-a559-3e900595928e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CW1smH_kIAMF5oA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641f6983-21e7ce61788315866c752f28;Sampled=0 x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:07 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: MOu16Tzq-SiBg8abwfGrqkmSgxnr_WMJO0wSoVcNfIW-xgIPC1MWYQ== via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Mar 2023 21:37:07 GMT etag: "007758853c1d1605db69131eb50ff433a4da5f8c" content-type: image/jpeg age: 5013 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb3b49ab-f78e-4860-8aae-369eacfe43e3.jpeg	34.120.237.76	200 OK	9.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb3b49ab-f78e-4860-8aae-369eacfe43e3.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.5 kB (9486 bytes) Hash 6530dbbc16d84b7047fa4bc66364fbf4 a53e0919923151e009e12010c60acb5a9175d37e e64a2699e763d75a068ee6ceafd4eb2a1922488dc2e052699fb4242f0bf20524 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb3b49ab-f78e-4860-8aae-369eacfe43e3.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9486 x-amzn-requestid: b0324b5e-303e-485a-ae57-c001378aa401 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CW2eRHjaoAMF74w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641f6ac1-27f002da252bd7ee19802f3d;Sampled=0 x-amzn-remapped-date: Sat, 25 Mar 2023 21:42:25 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: V-lhHgr1lyxVF9XaxHQ6abgEwVC_llAl8opmQ8qKJ7Ee76HWSP1ZoA== via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Mar 2023 22:08:53 GMT age: 3107 etag: "a53e0919923151e009e12010c60acb5a9175d37e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08d32734-eed8-49a0-b130-4b792c0776a7.jpeg	34.120.237.76	200 OK	9.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08d32734-eed8-49a0-b130-4b792c0776a7.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.2 kB (9192 bytes) Hash 073d7b39a5d1d400fce97accc61209ea 83e31c1bda5551eb05d926bc4b16b7a2f5920ab0 3336340f79556f7effd3a56536e49d4951bc40447c4ef549af185d13900ec9cf HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08d32734-eed8-49a0-b130-4b792c0776a7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9192 x-amzn-requestid: 973b7d1d-0726-4b07-bf31-f17f700950cc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CW1uKHYOoAMFrkQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641f698d-079fc061602811d02e9fa3a5;Sampled=0 x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:17 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: ffod7RhQg11m1d4Sani8kcGpsg7JUPIcd_BBjNmSS2ggIPXf8SugwA== via: 1.1 0a166b53605851fe961f5a2952e5a748.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Mar 2023 21:37:17 GMT etag: "83e31c1bda5551eb05d926bc4b16b7a2f5920ab0" content-type: image/jpeg age: 5003 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa47e8d1c-6343-48dc-966b-71e83875b350.jpeg	34.120.237.76	200 OK	7.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa47e8d1c-6343-48dc-966b-71e83875b350.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.8 kB (7778 bytes) Hash 1782dd235045315ec9b8d127a4a61dfd 4242d3ff0a1ca9f76166585532a815c4b1f15175 c404e097daf50098edf2d46b1d314fb2ab95f1d655293f0a9e123867fc11a982 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa47e8d1c-6343-48dc-966b-71e83875b350.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7778 x-amzn-requestid: 5794fe13-ddf8-4a4d-86e3-53da34af0c98 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CW2QAF91IAMFoNg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641f6a66-1f6247aa2651e9a35dbccec7;Sampled=0 x-amzn-remapped-date: Sat, 25 Mar 2023 21:40:54 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: ym5ku830id9iQl1QzIRpIo1jrMq7KILCx91VgOKApAkkDpEdLi_lug== via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Mar 2023 22:11:26 GMT age: 2954 etag: "4242d3ff0a1ca9f76166585532a815c4b1f15175" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash b644abd1d83faa6f0327486dae33b18d cb745aa55db6976159ef31ff8835e2b26fd32109 784e1b0a41a50629890a6fd6f58beb9f3a6eb5ba56aa35c671e5217d839aeeac HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 25 Mar 2023 23:00:40 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 2c96f66770c65a338e519ceb9c405c1e e41b77c8080644a48b82f22aba5e43a34b51bc7c 8f7a9e49f30588d1a0d22b4cc7bc1d47c2809d9967f35ed432e37708f18f4a93 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 25 Mar 2023 23:00:40 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.fpEXMBCWMKc.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9SQGHwxhl93I-W5KEIEdf87vGuqQ/cb=gapi.loaded_0	142.250.74.78	200 OK	38 kB
URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.fpEXMBCWMKc.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9SQGHwxhl93I-W5KEIEdf87vGuqQ/cb=gapi.loaded_0 IP 142.250.74.78:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1530) Size 38 kB (38398 bytes) Hash 47ae9b25af86702d77c7895ac6f6b57c f56f78729b99247a975620a1103cac3ee9f313a5 9bde79a1b0866f68d6baa43f920e971b5feb35a8e0af7ffadc114366f8538224 HTTP Headers GET /_/scs/abc-static/_/js/k=gapi.gapi.en.fpEXMBCWMKc.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9SQGHwxhl93I-W5KEIEdf87vGuqQ/cb=gapi.loaded_0 HTTP/1.1 Host: apis.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Cookie: __Secure-ENID=11.SE=HgOOEvf1NYXHTDtf0jbd_JqqTD6WU-286M-PjxF_SlhgHPfffSNAnpKBCH5nBTIROSo5mQOfLKrbdAIRrKK7T-btcQqwM54wbNCZGnuUR_pS-BBgTnUYPtMjsNDZDk9VeAJhLVcw6VNEtMSylMix1ZI8bFcS9YcXoDRGYp442lQ; CONSENT=PENDING+883; AEC=AUEFqZdRGQlPGt6QdN4CMxl1A8ZIyFXglqzJdNfZLQ3CloCcfyG-XLO64w Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access" report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-length: 38398 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 23 Mar 2023 21:26:36 GMT expires: Fri, 22 Mar 2024 21:26:36 GMT cache-control: public, max-age=31536000 last-modified: Thu, 09 Mar 2023 15:42:16 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding age: 178444 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=w9fuc7jta3u3bvhn2vhjvi5g&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781	35.158.145.93	302 Found	0 B
URL HTTP/2 v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=w9fuc7jta3u3bvhn2vhjvi5g&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781 IP 35.158.145.93:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers GET /click?a=558&o=2892&sub_id1=w9fuc7jta3u3bvhn2vhjvi5g&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781 HTTP/1.1 Host: v2.trckguardlnk.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 `HTTP/2 302 Found date: Sat, 25 Mar 2023 23:00:39 GMT content-type: text/html; charset=UTF-8 location: https://v2.trckguardlnk.com/click?a=558&sub_id1=w9fuc7jta3u3bvhn2vhjvi5g&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781&o=2219 server: nginx/1.20.0 x-powered-by: PHP/7.4.21 set-cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique; expires=Mon, 24-Apr-2023 23:00:39 GMT; Max-Age=2592000; path=/; secure; SameSite=None X-Firefox-Spdy: h2`

	v2.trckguardlnk.com/click?a=558&sub_id1=w9fuc7jta3u3bvhn2vhjvi5g&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781&o=2219	35.158.145.93	302 Found	0 B
URL HTTP/2 v2.trckguardlnk.com/click?a=558&sub_id1=w9fuc7jta3u3bvhn2vhjvi5g&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781&o=2219 IP 35.158.145.93:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers GET /click?a=558&sub_id1=w9fuc7jta3u3bvhn2vhjvi5g&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781&o=2219 HTTP/1.1 Host: v2.trckguardlnk.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers `HTTP/2 302 Found date: Sat, 25 Mar 2023 23:00:39 GMT content-type: text/html; charset=UTF-8 location: https://v2.trckguardlnk.com/click?a=558&sub_id1=w9fuc7jta3u3bvhn2vhjvi5g&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781&o=1206 server: nginx/1.20.0 x-powered-by: PHP/7.4.21 set-cookie: U-13111c20aee51aeb480ecbd988cd8cc9=unique; expires=Mon, 24-Apr-2023 23:00:39 GMT; Max-Age=2592000; path=/; secure; SameSite=None X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL