Report - blood.copemiss.shop/hvdmhkchg/ttcgv1378saxje/ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP

Report Overview

Submitted URL
blood.copemiss.shop/hvdmhkchg/ttcgv1378saxje/ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-18 15:15:29
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.4 kB	6.2 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	2.7 kB	5.6 kB	142.250.74.131
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	341 B	797 B	93.184.220.29
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-09T13:53:17Z	375 B	21 kB	142.250.74.46
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	63 kB	34.120.237.76
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	333 B	391 B	34.117.237.239
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-09T13:40:16Z	387 B	44 kB	142.250.74.168
blood.copemiss.shop	unknown	2022-12-18T04:17:23Z	2022-12-22T10:40:04Z	11 kB	204 kB	188.114.96.1
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	606 B	127 B	54.148.70.121
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-09T07:43:12Z	612 B	713 B	209.85.233.154
www.google.com	7	2015-05-10T13:11:19Z	2023-03-09T13:38:50Z	519 B	694 B	216.58.211.4
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-09T09:24:51Z	518 B	694 B	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-18	medium	blood.copemiss.shop/hvdmhkchg/ttcgv1378saxje/ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	blood.copemiss.shop/jquery-1.11.0.min.js	96 kB	2023-03-07	2024-05-10
Pretty URL blood.copemiss.shop/jquery-1.11.0.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 22:40:05 Times Seen18781 Hash 8fc25e27d42774aeae6edbc0a18b72aa b66ed708717bf0b4a005a4d0113af8843ef3b8ff b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Loading...

	blood.copemiss.shop/hvdmhkchg/ttcgv1378saxje/ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ	319 B	2023-03-09	2023-03-09
Pretty URL blood.copemiss.shop/hvdmhkchg/ttcgv1378saxje/ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 15:07:56 Last Seen2023-03-09 15:07:56 Times Seen1 Hash aa6e93bdd5a50b523d21b124030c3984 46a97eeabadda550e0945fc59fa9d8df0f00fb90 599bae396b8a3d3900f4da5f8d6004b6afb6701a89f6be27039fdab3d5478478 Loading...

	www.googletagmanager.com/gtag/js?id=UA-22484186-3	112 kB	2023-03-09	2023-03-09
Pretty URL www.googletagmanager.com/gtag/js?id=UA-22484186-3 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 15:07:56 Last Seen2023-03-09 16:47:40 Times Seen1 Hash 6628e2db21d0d48379f7f99bcbcfcb5c 4735739623583a903fe1de1c0a5e1eb1f69dfc7a 547ab013ce14fafc586066224f91e500b71620f78273be4d5f63c242434c2879 Loading...

	blood.copemiss.shop/clicks/SonusCompletetinnitus.php?sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ	154 B	2023-03-07	2024-04-30
Pretty URL blood.copemiss.shop/clicks/SonusCompletetinnitus.php?sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:24 Last Seen2024-04-30 19:23:37 Times Seen55 Hash ea6fb5829b8b3345ad595b21c0eaedb0 2c6c4609804f99e09ad777a308eaf4f26ec04474 5be5ed06f4b849d7af02562365acb798fac639c00cf9e2e2dd1fbb0df5068cad Loading...

	blood.copemiss.shop/clicks/SonusCompletetinnitus_files/jquery.js	87 kB	2023-03-07	2024-05-10
Pretty URL blood.copemiss.shop/clicks/SonusCompletetinnitus_files/jquery.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-10 23:58:32 Times Seen110535 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-05-10
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-05-10 19:48:26 Times Seen1646 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

HTTP Transactions (52)

URL IP Response Size

blood.copemiss.shop/hvdmhkchg/ttcgv1378saxje/ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ

188.114.96.1

200 OK

562 B

URL HTTP/1.1
blood.copemiss.shop/hvdmhkchg/ttcgv1378saxje/ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
562 B (562 bytes)
Hash
d7da92069f8dbfc34f59932102db263e
db20c565208a321d503e8b525c906d5bbb913e06
e42b381cbc4a22b3296e33bcd50feb994fb56db2ea0c545e561ebff031337349

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /hvdmhkchg/ttcgv1378saxje/ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 15:15:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EiLApi3yOnefdBiMFhEHh8cS5Koqt3ANy4NczhwwvvDVuhs0%2B9V0hyNxl2o3lLOBdf3cci5EiMhoXnxQacqX7n3TYsbP%2Blyk7SQmb3gnMU88S7pHwS276il8HieMBoCCF48S8l3R"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77b8da683fcfb51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
460af93786e1eaa666f135e6c3fdc634
bc8aeba36225c79718f5de73d79928fe817c5490
471f4e7ae29bcf6ba1f749c0f5d4ab446cebfac5aa80c3e19c6edf21be456eb5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "471F4E7AE29BCF6BA1F749C0F5D4AB446CEBFAC5AA80C3E19C6EDF21BE456EB5"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11915
Expires: Sun, 18 Dec 2022 18:33:53 GMT
Date: Sun, 18 Dec 2022 15:15:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4cbb89840b57466fcbc0b31305c9dc47
c2c08a7a243a3f7972e8068c448488cac6d2519f
5f871ffd142470f132fed1c93f5f1a7fe6a5ecc3b4311d3d47555fce1d9a35f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F871FFD142470F132FED1C93F5F1A7FE6A5ECC3B4311D3D47555FCE1D9A35F1"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3223
Expires: Sun, 18 Dec 2022 16:09:01 GMT
Date: Sun, 18 Dec 2022 15:15:18 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 18 Dec 2022 14:45:28 GMT
content-type: application/json
age: 1790
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
555fc6e99ad3bf077d1c4b9b805e428d
4e800fc8e809a950288df0e94992084647762561
fac00cada519279717e2a13528cb202d292fc92ed5eb42782c41f8e7b9509eaf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC00CADA519279717E2A13528CB202D292FC92ED5EB42782C41F8E7B9509EAF"
Last-Modified: Fri, 16 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9797
Expires: Sun, 18 Dec 2022 17:58:35 GMT
Date: Sun, 18 Dec 2022 15:15:18 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: AfvCMmduhj3qfEkj57pHDt74R2C41LeDaZ6eJ80mTlu5d4o8lzlHVfeI+hBcoW7B0WmN5O28vWw=
x-amz-request-id: GZ1B7CMVBP70PJV1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 18 Dec 2022 14:54:09 GMT
age: 1269
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 15:15:18 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

blood.copemiss.shop/jquery-1.11.0.min.js

188.114.96.1

200 OK

33 kB

URL HTTP/1.1
blood.copemiss.shop/jquery-1.11.0.min.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32341)
Size
33 kB (33436 bytes)
Hash
95fe3f4dd117c33f6015e1c3d6df1d0d
d5b8856932d1ea63f51824de0bb50670d2e960bc
e6945ac3f1927f242a9fd7a5cf67720f7763888127a7427eb24ffc52019d4b16

HTTP Headers

GET /jquery-1.11.0.min.js HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blood.copemiss.shop/hvdmhkchg/ttcgv1378saxje/ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ

HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 15:15:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:20 GMT
ETag: W/"6388f8d4-1787d"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1717
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uds2hFJkrLHAAwJ%2B%2F4DEZKvhWPmcJTx61Xdi6MBoufHmlEsbvWRc4ZCuzC17O6rCZYcAtUd36Uf83VmkO01Idwv0xmhg4f1RvUkORy6rRd5%2F6fN7K6SW%2FhENzqqlX5o%2Fu887Qogg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b8da6b9c4cb51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
10a3a852ef62dc4d4ccbbf6ff396688b
953e40775326102f6c3fc09a18a7039239df656f
30872c631302c914fc93b789892b200beb6284a3ba6753e1ee7f909a1231f2dd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 15:15:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

blood.copemiss.shop/offer.php?id=289&sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ

188.114.96.1

200 OK

357 B

URL HTTP/1.1
blood.copemiss.shop/offer.php?id=289&sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (324)
Size
357 B (357 bytes)
Hash
783ca05d2e4469be738f35fdcb10a05f
ec6e13ad9b833084760738f110f307d0ec9c9b17
377553db54c025c1951aed8ca413e9ae314b4ee632b574eed2e532e538405725

HTTP Headers

GET /offer.php?id=289&sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blood.copemiss.shop/hvdmhkchg/ttcgv1378saxje/ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 15:15:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FELAMDAz%2FxICri5BZ6Z7Wqgd68Eoi4QkGWenTb6I4N2Rif9Y9aXJu%2BIEoPQ2wH%2FD0W7pZMVMdA7ZP1xxE8kQi4h23B%2FnK3%2FCLaChfqwavuzhOhurRrrnsLOEzAPkC4qZ2rOS%2FS7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77b8da6c2cd6b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 18 Dec 2022 14:33:23 GMT
age: 2516
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

blood.copemiss.shop/clicks/SonusCompletetinnitus.php?sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ

188.114.96.1

200 OK

5.2 kB

URL HTTP/1.1
blood.copemiss.shop/clicks/SonusCompletetinnitus.php?sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (15370), with CRLF line terminators
Size
5.2 kB (5226 bytes)
Hash
ead47becbe9120335ed546514a62401f
128d96d26f9753a8cf13a6380dc18c1ae157051a
124c7e2bf84adb450e8bf8975b5837172b9aeda5023bbc48c9ee10962b90892a

HTTP Headers

GET /clicks/SonusCompletetinnitus.php?sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 15:15:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJ%2BHGZE6j6NPvpM75%2BJRudLMkDmyd8y30AHTmPAtq16AWVRLlGJZjPjCAMmsXZ4LXlZWB9jzZYaE%2FpfbAuc%2FDlLeybAr0%2Btpio9xbMwrXkj47UBPQUu%2Fe2fJ4xChqzFSrBtB8%2FcK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77b8da6e3f28b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0bc27cdcd6c42d7f8eece6c074bc452f
ff1234b58f7381f51f9082c1ef4894b1ac5700ff
672fc3b7ba7ee7a8b376c73a86a5bab00b1a1aead54c3ca64c0bff83d831348e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3742
Cache-Control: max-age=154434
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 15:15:19 GMT
Etag: "639ed82b-1d7"
Expires: Tue, 20 Dec 2022 10:09:13 GMT
Last-Modified: Sun, 18 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

www.googletagmanager.com/gtag/js?id=UA-22484186-3

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-22484186-3
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43595 bytes)
Hash
6e3e3db384f8e7756762554ffd0ea62d
f4caa8b84810a1b178c0457a99bf35017ba18fc2
95aa3d6d156ff7b1a61e59d14805d2e9f7c32ba5f40b60e075001d07d70077a1

HTTP Headers

GET /gtag/js?id=UA-22484186-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://blood.copemiss.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Dec 2022 15:15:19 GMT
expires: Sun, 18 Dec 2022 15:15:19 GMT
cache-control: private, max-age=900
last-modified: Sun, 18 Dec 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43595
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d62c4eea8ea4b9e5545fc952781c3b1d
47ca338b2d6be9d8a22c052d0838bce364463dce
75f6054477e9c699a1ee189cc77b20c5696ec306db93af0396a98b3b5b49bbc4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 15:15:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

blood.copemiss.shop/clicks/SonusCompletetinnitus_files/frontend.css

188.114.96.1

200 OK

21 kB

URL HTTP/1.1
blood.copemiss.shop/clicks/SonusCompletetinnitus_files/frontend.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65493)
Size
21 kB (21439 bytes)
Hash
ac968c2953375f9544c2e75d78073b80
23bbcefc9f81bc5978770f3d6da64b89b99aacf8
d2952a13da8eeaafdbf2918b348b035ec6c0e6a0183cff707ac89c9c7f0ed01b

HTTP Headers

GET /clicks/SonusCompletetinnitus_files/frontend.css HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blood.copemiss.shop/clicks/SonusCompletetinnitus.php?sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ

HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 15:15:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: W/"6388f8ca-307cc"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIShse7Iy%2FrmNNdaYj3o6TmUGdWhJ6XWp4v8DUz%2FiFHl6BcCzDLiQKMs1lRfN8QFI2JuCRchKSuglRkwVxZdZPvsEKCNci9YCRovj6q6rLe4xxwO%2FzcOCOisDW4h7Kwjrtz1oa2d"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b8da6fb9ebfac4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

push.services.mozilla.com/

54.148.70.121

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.70.121:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: P0KXRY/J0+sTLpiaLskRpw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mwhHfdwDI6jE391V9lRcjA/2PNg=

blood.copemiss.shop/clicks/SonusCompletetinnitus_files/frontend_002.css

188.114.96.1

200 OK

14 kB

URL HTTP/1.1
blood.copemiss.shop/clicks/SonusCompletetinnitus_files/frontend_002.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65497)
Size
14 kB (14223 bytes)
Hash
7906ef86d55e7df783d8eec8a21a14fd
37b90b7dcf42702d1dc8f2929dbab282f633fb8e
0937deb44b9a144b05a71b7c1d7110e07bab4dc5db08dbc677db97a6f0f1fe43

HTTP Headers

GET /clicks/SonusCompletetinnitus_files/frontend_002.css HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blood.copemiss.shop/clicks/SonusCompletetinnitus.php?sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ

HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 15:15:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: W/"6388f8ca-1973f"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25XO%2BnrH1GHDrYZMN1vEhFS8UKeUWSLUrNWKvu28H7qQmOHOar0JcD22OINpZ4uAwp8hzPKq6BxSyVSukbTpsZpfS1Ux5JSa%2B64uJupluJ9N%2F4RkQqqNgFQR1PMpcl6Q%2Bds74u2e"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b8da6fb9e8fac4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

blood.copemiss.shop/clicks/SonusCompletetinnitus_files/css.css

188.114.96.1

200 OK

254 B

URL HTTP/1.1
blood.copemiss.shop/clicks/SonusCompletetinnitus_files/css.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
254 B (254 bytes)
Hash
eed301ee3d1a49ec24b370be2af26b19
fdf2b75ebefa138ae3f1432f21d398cf16a80bcf
ecb8b31df57b425a60eb3f7e1b4445f2ee8318956028b1f5c41c5955f0bef638

HTTP Headers

GET /clicks/SonusCompletetinnitus_files/css.css HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blood.copemiss.shop/clicks/SonusCompletetinnitus.php?sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ

HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 15:15:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: W/"6388f8ca-38b"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlT10kezzJzDYF63cBIvFPWohY7NOq7EAv25VEOnaAlfDC8hRqWHNR%2BgBt3gPDm0%2BtHPmVAl7thc7Q75MfvpUo5Sh%2FSo%2FQHMqflxHsNOgAlAE3DumOt5mp2SuQB6SPf9uUX2ZkAU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b8da6fb8b8b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

blood.copemiss.shop/clicks/SonusCompletetinnitus_files/post-519.css

188.114.96.1

200 OK

1.3 kB

URL HTTP/1.1
blood.copemiss.shop/clicks/SonusCompletetinnitus_files/post-519.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (4592)
Size
1.3 kB (1329 bytes)
Hash
8635c40916d198f3dde81fede870d2e0
f60af836ee03ad82344c7f1eb1ed8ce3b3f24508
e0481cce9872e490caf2573a61d7e9c1466a620c90416833d0e8ad905d0999ee

HTTP Headers

GET /clicks/SonusCompletetinnitus_files/post-519.css HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blood.copemiss.shop/clicks/SonusCompletetinnitus.php?sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ

HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 15:15:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: W/"6388f8ca-23bf"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTUoZSFKaJsgS1EklWKM%2Blh3UIhU2ZKEvJnH9xWKH2H%2F6MpdZUUAx98cxMsQRKW45SBQpKXy6LKWElTCu5b5ni8O0HlC4zt7GT20I66nT2N5OsII%2BQ1bkaxhhkao8sqGPw8V9kpQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b8da6fb8eb0b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

blood.copemiss.shop/clicks/SonusCompletetinnitus_files/global.css

188.114.96.1

200 OK

2.1 kB

URL HTTP/1.1
blood.copemiss.shop/clicks/SonusCompletetinnitus_files/global.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (9194)
Size
2.1 kB (2073 bytes)
Hash
7253308f9817d03f4279ba81d462ab20
7b4a488c3b26579751ddd72ee4eeddd6785391d6
3b3a9c7d49a3d715b6febf95adb409982293e5f3bb602ccef9f84a75d0a68a9d

HTTP Headers

GET /clicks/SonusCompletetinnitus_files/global.css HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blood.copemiss.shop/clicks/SonusCompletetinnitus.php?sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ

HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 15:15:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: W/"6388f8ca-519f"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N26%2F3vDfXVoFsda0wqDiV%2FQjS6WQ5C0tHHqLWJ28HMLxAF%2FBGlbUP5J50bxu9LitzdvGuF3%2F8FoeFAi3YgoWyFVyWwoqIVpc4ILnhqSJvBULyCnzJyUISbWL8ijEfJ1gYTcjPVBS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b8da6fbc0c1c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

blood.copemiss.shop/clicks/SonusCompletetinnitus_files/style.css

188.114.96.1

200 OK

15 kB

URL HTTP/1.1
blood.copemiss.shop/clicks/SonusCompletetinnitus_files/style.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (855)
Size
15 kB (14695 bytes)
Hash
dcd06935a495012b76e5d75d7d159c2e
d2dd2d7dc6557fe8e593dbeba95163341c7dc74f
f2bf9db1ef940bd0bef4541a3d7d6a8dbc634000f4caef4603a03bddfb9dad24

HTTP Headers

GET /clicks/SonusCompletetinnitus_files/style.css HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blood.copemiss.shop/clicks/SonusCompletetinnitus.php?sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ

HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 15:15:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: W/"6388f8ca-18baa"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rA0DZL4G7%2F8EcCZgKjXw37I7mnHgqZ2AwgfxkyeiZmUG3tasxC8oE4NwCITOtGfzC%2FkJXDrKW2BzqYYbaT%2F%2BmyqqloKFZU8pkS0q6DHjD13WFsxhOUc83mXyNceQyB%2BeMFPP5apl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b8da6fba65fab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

blood.copemiss.shop/clicks/SonusCompletetinnitus_files/jquery.js

188.114.96.1

200 OK

30 kB

URL HTTP/1.1
blood.copemiss.shop/clicks/SonusCompletetinnitus_files/jquery.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
30 kB (30289 bytes)
Hash
ca9d617a98c509cd24e10eae39ea15d3
1a9197526a13967413a4bba8e5a2446eea4fd4ea
a95d26bd14a6aade75c9a263f28d7fc0effce309a114781e6abc89b7c0c0fdae

HTTP Headers

GET /clicks/SonusCompletetinnitus_files/jquery.js HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blood.copemiss.shop/clicks/SonusCompletetinnitus.php?sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ

HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 15:15:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: W/"6388f8ca-1538f"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRWuGIyQIn%2Fm0RIxBZkJe%2FFL3jYWdsVdLJ0iElhOPimAyjy9QjTNcJ1fPFk7slsV5zjOoSHFY%2ByQD68PL4dsV4xn72W1ra9uZlSv5Bw%2FWmei2bKFGKAUuLxkCFz8T0%2BRiiDMk5DG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b8da70ca5cfac4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

blood.copemiss.shop/clicks/SonusCompletetinnitus_files/prostate-1.jpg

188.114.96.1

200 OK

58 kB

URL HTTP/1.1
blood.copemiss.shop/clicks/SonusCompletetinnitus_files/prostate-1.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x525, components 3\012- data
Size
58 kB (57930 bytes)
Hash
4312030b1540bf4adb326bc468d82782
096530e02a0d0eadabeca8cadb8a055e6bc8442a
a1b1b90b1726ff072f4b1e157269ca74cb7e89c412e60525ac364bc7c0e9278b

HTTP Headers

GET /clicks/SonusCompletetinnitus_files/prostate-1.jpg HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blood.copemiss.shop/clicks/SonusCompletetinnitus.php?sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ

HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 15:15:20 GMT
Content-Type: image/jpeg
Content-Length: 57930
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: "6388f8ca-e24a"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zEakfOjlFV4cg5WogL9iyeM1XpN5rU1TrYmBpuA1lkwqim%2F83PZbDnxIA7is6mUkAvq8veJczTX1w1sddjbn06m8aOeYLjT1uaFTD8hYZ3o9lXjzHzBA2FqgMT2vdSpB4weBNZo"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b8da71bd9a1c0e-OSL
alt-svc: h2=":443"; ma=60

blood.copemiss.shop/clicks/fonts/S6u9w4BMUTPHh6UVSwiPHA.ttf

188.114.96.1

404 Not Found

131 B

URL HTTP/1.1
blood.copemiss.shop/clicks/fonts/S6u9w4BMUTPHh6UVSwiPHA.ttf
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
131 B (131 bytes)
Hash
f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10

HTTP Headers

GET /clicks/fonts/S6u9w4BMUTPHh6UVSwiPHA.ttf HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blood.copemiss.shop/clicks/SonusCompletetinnitus_files/css.css

HTTP/1.1 404 Not Found
Date: Sun, 18 Dec 2022 15:15:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJLebAA6vkjiXwggfVM2KOB%2FuKjxCOLIu9ZXpbQPqNSzyjkOaSthmk6rgfTJnT5a2%2BnpBWRKl4bP5v5csW6h05l5lst2uU21BOkRQYUlIYWhYvyw%2BMbc9HlproxcJr39I1tnKypg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b8da720be7fab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

blood.copemiss.shop/clicks/fonts/S6uyw4BMUTPHjx4wWw.ttf

188.114.96.1

404 Not Found

131 B

URL HTTP/1.1
blood.copemiss.shop/clicks/fonts/S6uyw4BMUTPHjx4wWw.ttf
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
131 B (131 bytes)
Hash
f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10

HTTP Headers

GET /clicks/fonts/S6uyw4BMUTPHjx4wWw.ttf HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blood.copemiss.shop/clicks/SonusCompletetinnitus_files/css.css

HTTP/1.1 404 Not Found
Date: Sun, 18 Dec 2022 15:15:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwmxxoEuhb4I4y76wAdkn3imgHSJxNL3m0OE9iXbZmpslMhps3HENa5z5lrtmovdeiGdMeF7FLpYKJ1JxNn4K4QOlI3Dfp8ytHu%2Bq1kHITrI6%2FcWySqTWNSqSrEFG5AhunDALqhE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b8da728ba7fac4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

blood.copemiss.shop/clicks/SonusCompletetinnitus_files/3c74d4a9e0d1665351f749d5bda254778cb8c2b39d3af9f7feb426b0cb3f.png

188.114.96.1

200 OK

6.7 kB

URL HTTP/1.1
blood.copemiss.shop/clicks/SonusCompletetinnitus_files/3c74d4a9e0d1665351f749d5bda254778cb8c2b39d3af9f7feb426b0cb3f.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
6.7 kB (6693 bytes)
Hash
3fc866dd424beaf246da4671122aa5cc
01867e9939dea33d74abf8603200d3afa0965ec9
db3bf27182a095ce8eb5721b4547730034b6cf3751c11a32e43e3c0864424813

HTTP Headers

GET /clicks/SonusCompletetinnitus_files/3c74d4a9e0d1665351f749d5bda254778cb8c2b39d3af9f7feb426b0cb3f.png HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blood.copemiss.shop/clicks/SonusCompletetinnitus.php?sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ

HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 15:15:20 GMT
Content-Type: image/png
Content-Length: 6693
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: "6388f8ca-1a25"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptKodPzuDzQKfJJjUqG4kJzIPJgZBOoYGQsJSk4ZajkxWN%2F4DVAQYg6QZtlsaiXce5YyzfyxRlZeoe1Xv%2F34uNku%2B2rHJ8aKSNeqHp74Z0ObzJKnd1zxUtgfGg46UWVZgPmQCzF3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b8da71bad3fac4-OSL
alt-svc: h2=":443"; ma=60

blood.copemiss.shop/clicks/SonusCompletetinnitus_files/blank.html

188.114.96.1

200 OK

548 B

URL HTTP/1.1
blood.copemiss.shop/clicks/SonusCompletetinnitus_files/blank.html
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1254), with CRLF line terminators
Size
548 B (548 bytes)
Hash
0a16aec008013f053a922381dee71f9d
13a69b2e43a426ce54f9a47146955ec0bb169172
4686bf42f5ae452ed851ee0e084ece44ceccef9bc2fde5eee10a33a6c92461ae

HTTP Headers

GET /clicks/SonusCompletetinnitus_files/blank.html HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blood.copemiss.shop/clicks/SonusCompletetinnitus.php?sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 15:15:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJE3bvRe2GPNB%2Bf91cGGztDMVoTzh%2BWKD0B7SdEkdVseL6%2Br16W3Wbbj1YooC6XFabeQ%2BkN2NOQArVuZFpu3Gcpf1Fj3i1Ikpdw1W2ABnhL6r0d0G45KveNCoih8H84VAb3Np1Ar"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77b8da72de801c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

blood.copemiss.shop/clicks/fonts/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDH7alwg.ttf

188.114.96.1

404 Not Found

131 B

URL HTTP/1.1
blood.copemiss.shop/clicks/fonts/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDH7alwg.ttf
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
131 B (131 bytes)
Hash
f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10

HTTP Headers

GET /clicks/fonts/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDH7alwg.ttf HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blood.copemiss.shop/clicks/SonusCompletetinnitus_files/css.css

HTTP/1.1 404 Not Found
Date: Sun, 18 Dec 2022 15:15:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIcTVF%2BcnCAnLTwG1IjUDqrC9YRF7kWPAaT7a%2BJLnPBkomwduts4kXnxTGFhTCnzp1zl2qLO6%2FhrO5YLN5F3l3N1XHcdHtp%2FtIrRP0bgkOD679F6COSeBtQ%2BaRrpcWdRnMbSRZ5y"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b8da720b210b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

blood.copemiss.shop/clicks/fonts/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alwg.ttf

188.114.96.1

404 Not Found

131 B

URL HTTP/1.1
blood.copemiss.shop/clicks/fonts/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alwg.ttf
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
131 B (131 bytes)
Hash
f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10

HTTP Headers

GET /clicks/fonts/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alwg.ttf HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blood.copemiss.shop/clicks/SonusCompletetinnitus_files/css.css

HTTP/1.1 404 Not Found
Date: Sun, 18 Dec 2022 15:15:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3ESn2gzac%2BjWeUhfVgXJLuZOIgC5lSQRWf12vJP8h95akR37dyJvQb6w7N9fOkIteWB%2Ffn5BC67ESzWD7WucsDset%2FgSVm%2BA72wvYGYOi4zlRQot7RzNnNLqM9HwL%2FKx2jGJ%2Ff7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b8da721b22b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

blood.copemiss.shop/favicon.ico

188.114.96.1

200 OK

69 B

URL HTTP/1.1
blood.copemiss.shop/favicon.ico
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 1 icon, 16x16\012- data
Size
69 B (69 bytes)
Hash
f12fb6edbda074603f749a028770f49a
419983c6073469bac7fb8535a847b8f78c2040ce
8aec3412c7c37feacec2dc9d7b2f3560a2e0af0af573085665a57e1d09ab397d

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blood.copemiss.shop/clicks/SonusCompletetinnitus.php?sid=1001294&h=ky4gjPJo0bRRVrmc2JeemHrQDkw0w93q18SDVQCSyzE/9JysFU7JGhv36LBZCCkaFpLDNt9L_Xf8pY7H8wfcrh199WaY71vfn9o2U_5Fw1sOQE0ituPsFmXASZl6d7N6BqtZ12q6XKV7aHLRwx8K0McqNtzWKqWeK4CyNgicZdUh-Bn-vBP_omjUroAXmTHXCQ

HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 15:15:20 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:52:31 GMT
ETag: W/"6388f7ef-57e"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1718
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFhgwyysRn06D386z1zY6itl7%2B3nf%2BYySUnF8ISZRizJZxDDOMg6ofz94rYS1CvSDx98e65tR96InbjtzJaNhP4o8cdhTaCw4CCavifFkTDaacIZIHu3tQaCaFz2ha%2Bgcm7KD%2BC%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b8da73fc6efac4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://blood.copemiss.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 18 Dec 2022 13:34:02 GMT
expires: Sun, 18 Dec 2022 15:34:02 GMT
cache-control: public, max-age=7200
age: 6078
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0973dd05c36d5b21a858d6a6bec71334
e5bc1af376e6cd71fe3be45b393ceb1f61434891
e46922306d68a94ce397d96c12c5ddfd0341e139369cab988a6c57b57a9bd0ad

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 15:15:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=2009641742.1671376520&jid=226583569&gjid=2083399122&_gid=2114243895.1671376520&_u=YEBAAUAAAAAAACAAI~&z=1443034643

209.85.233.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=2009641742.1671376520&jid=226583569&gjid=2083399122&_gid=2114243895.1671376520&_u=YEBAAUAAAAAAACAAI~&z=1443034643
IP
209.85.233.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=2009641742.1671376520&jid=226583569&gjid=2083399122&_gid=2114243895.1671376520&_u=YEBAAUAAAAAAACAAI~&z=1443034643 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://blood.copemiss.shop
Connection: keep-alive
Referer: http://blood.copemiss.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: http://blood.copemiss.shop
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 18 Dec 2022 15:15:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

blood.copemiss.shop/clicks/SonusCompletetinnitus_files/blank_data/inject.css

188.114.96.1

200 OK

928 B

URL HTTP/1.1
blood.copemiss.shop/clicks/SonusCompletetinnitus_files/blank_data/inject.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
928 B (928 bytes)
Hash
e1c22e631b7cce42e3ef13cd9bb02ff5
6c6c2b15c56e776d9eac10babf3a6c4a2bd964ae
93950a736308fe62073a44a76b8ec05b9a651062f6ecee4782059d0718aab6dc

HTTP Headers

GET /clicks/SonusCompletetinnitus_files/blank_data/inject.css HTTP/1.1
Host: blood.copemiss.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://blood.copemiss.shop/clicks/SonusCompletetinnitus_files/blank.html

HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 15:15:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: W/"6388f8ca-f28"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYL0sCIFbTSK1%2BauQp2AmLvrTUJ5ObfS4ksahjDnqRnJixen70yGfMJSNAYIwLBGdXo7rrezrtIyqKW6oymkPtY4tEGf1iFEfWTEc4v9Gx4T6MLkqE%2BIbU2PjvC2EH9gJE4nbZI2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b8da73df471c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0973dd05c36d5b21a858d6a6bec71334
e5bc1af376e6cd71fe3be45b393ceb1f61434891
e46922306d68a94ce397d96c12c5ddfd0341e139369cab988a6c57b57a9bd0ad

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 15:15:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
953635cff82596ecfcbd7ff83474031a
5ea2fa051d49d203df6582bc273639a90348f8d2
bb63f27f12c917fccddd13680972fc6e12a8e0e4dcb9b9340f7f911c8b1db9ae

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 15:15:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7b18428df832332e2f89ca51203de4ba
8272451b056b54992cfa05e70c53adde8b744299
c9bdf42b2f8b0cf614cd4821bce48a719d284c836eb98959dce1802dea20e617

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 15:15:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=2009641742.1671376520&jid=226583569&_u=YEBAAUAAAAAAACAAI~&z=1681086818

216.58.211.4

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=2009641742.1671376520&jid=226583569&_u=YEBAAUAAAAAAACAAI~&z=1681086818
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=2009641742.1671376520&jid=226583569&_u=YEBAAUAAAAAAACAAI~&z=1681086818 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://blood.copemiss.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 15:15:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=2009641742.1671376520&jid=226583569&_u=YEBAAUAAAAAAACAAI~&z=1681086818

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=2009641742.1671376520&jid=226583569&_u=YEBAAUAAAAAAACAAI~&z=1681086818
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=2009641742.1671376520&jid=226583569&_u=YEBAAUAAAAAAACAAI~&z=1681086818 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://blood.copemiss.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 15:15:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2f3dbc33499e42ecb967c87f0df23a85
96a87c596ae880eb482b0e8a5fdb6e09bb728895
aee03631139a47dfbb4dbbfd4257d10afc3b814b5f70366759bdff153e9e2bd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 15:15:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
157b62091fad279063f540564a4c72e6
9db33b844db31eed03695c97daf4c84a4d7d265f
92904432175c023613dea4d660d2c9098e00b7f3b628c8519bf5b404cad450a8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 15:15:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4658
Expires: Sun, 18 Dec 2022 16:32:59 GMT
Date: Sun, 18 Dec 2022 15:15:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4658
Expires: Sun, 18 Dec 2022 16:32:59 GMT
Date: Sun, 18 Dec 2022 15:15:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4658
Expires: Sun, 18 Dec 2022 16:32:59 GMT
Date: Sun, 18 Dec 2022 15:15:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4658
Expires: Sun, 18 Dec 2022 16:32:59 GMT
Date: Sun, 18 Dec 2022 15:15:21 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6b04bcc-ed1e-40f8-81f9-587f3470d5fe.jpeg

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6b04bcc-ed1e-40f8-81f9-587f3470d5fe.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9925 bytes)
Hash
578392bee48563d778885698790a124b
597892da925c3a363878e81ff02032a316303512
d30fe2470e1f63c5249fd42d7cd804bbf326cf9a703c61e31b5322ebdb26fca6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6b04bcc-ed1e-40f8-81f9-587f3470d5fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9925
x-amzn-requestid: 15eb2112-b947-458a-8544-51bac721773d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2k9HNjIAMFTTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e37b9-7c5b94866d266af252f133b3;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:42:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0nlTTVMgZIa6HUmL4bx0L-menIA1szAYPKbL-2p3jcX9XDGOAHL5eg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:51:24 GMT
etag: "597892da925c3a363878e81ff02032a316303512"
content-type: image/jpeg
age: 62637
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12125 bytes)
Hash
ed374d0c34e8b2e15f08a6479a4f45e7
5db9e59699048998f0685e940640eae19ef11c8e
9933854830be796a87cfe44b6b8336294e2d3dbbe3205f267720aca6968c3a21

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12125
x-amzn-requestid: e44faa15-1dfd-4bc0-bdfb-307c3de2755d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2QPFZAIAMFf5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3734-33d636210a1e24742ee71187;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JHDfcd35b-bHZm6oayBIN5NDt6ZeGygBfvu7IKU18wFiLHMGEPQPkQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 22:02:19 GMT
etag: "5db9e59699048998f0685e940640eae19ef11c8e"
content-type: image/jpeg
age: 61982
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8696 bytes)
Hash
ada04738696f861648635c9ba98841e4
ce644cd4349d88aa7c24b2503b0b18b444061639
e5cee777efbf1d8a0f95f6cce71199e5f016a91f90cf0afe38bc86654b9d730d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8696
x-amzn-requestid: c897aeed-a082-46a1-965f-39e8c763cb05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10ZH3jIAMF0gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-548ac80840737a20743980f5;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xFbmIbrDz7MnhaF8tqHeTDzjrwbsP7SbmYb_OLLWZPb7poAmecfDew==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:39:05 GMT
age: 63376
etag: "ce644cd4349d88aa7c24b2503b0b18b444061639"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F674a9d4b-a924-4e51-a3c5-bb301e0b7ed5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9611 bytes)
Hash
97c6ae61df47375ed2a71e6551fa0848
dd39c349fb102a382c860f7094643aec6887e238
cab3f3183edba50cf856000c247e625d31c136c3ff0e552341db8a2fc5bc681c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F674a9d4b-a924-4e51-a3c5-bb301e0b7ed5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9611
x-amzn-requestid: 28a9e04c-352d-4492-aea9-84d0c1d6a13f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT11TEGhIAMF7CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3688-4b8d904e0c57d3344826e057;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sbJw3KaUMn12iNrtG5XiNy3PcmiRsNE_idCcqUndgzGFq1yNptUvQA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:39:05 GMT
age: 63376
etag: "dd39c349fb102a382c860f7094643aec6887e238"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10670 bytes)
Hash
12c4c2232b6d09e9085f0214b3260c1e
a24f8e949a2f2a973fe2dd5af994cd970d37f13a
000475ed7d0aab9a7dab3e25f0a29f82552739fea99f98cbf5131282d0db7d63

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10670
x-amzn-requestid: d72e1904-caf4-4c72-a811-d1bde023f4b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT11JGCsIAMFRDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3687-7789040d71253d00378f9162;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NWh-ecaQXJITj6VyK4qutXz95L557E8kCDxs-fNBRmkjUk_ZG0Oygg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:39:05 GMT
age: 63376
etag: "a24f8e949a2f2a973fe2dd5af994cd970d37f13a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5185 bytes)
Hash
bfd0e913579b4ff2f511223d70cb01fb
497e0ffef816e100e6ddc221ec17d5f389c1142a
bee68ae1a938a5111a32dab4ec4f6964994e6c39143eac9ab94d6c5e29999372

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5185
x-amzn-requestid: 3087af97-3f2d-4848-b297-eba8d84f10c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10YHv8oAMF2sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-7527022d4bd9c15518fe75cc;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Dg3c2lWr1FbFUalH5QB05VrQIkpt3LNuUM-VxJZiaXy3nJu-cfd5jg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:39:05 GMT
age: 63376
etag: "497e0ffef816e100e6ddc221ec17d5f389c1142a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (52)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type