vc.com/url?a=3Dwww.ptoexchange.com/%C2%A0&c=3DE,1,KE9h2kpi3=
72.14.185.43200 OK 4.8 kB URL HTTP/1.1 vc.com/url?a=3Dwww.ptoexchange.com/%C2%A0&c=3DE,1,KE9h2kpi3=
IP 72.14.185.43:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (340)
Hash 3871242e45ea207286cfd94320a94964
f89410f96eaf13065cbb69c63388bc759ca13f95
3f6477c9652db0bc7ed9e47015c714d3de6aaa1456fdda1b5fe563312fa471c7
GET /url?a=3Dwww.ptoexchange.com/%C2%A0&c=3DE,1,KE9h2kpi3= HTTP/1.1
Host: vc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sat, 31 Dec 2022 01:19:44 GMT
content-type: text/html; charset=utf-8
content-length: 4806
vary: Accept-Language
content-language: en
connection: close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e93d32de9bcebd3483b40a8fed30718
7e1fe5db1f08b75a079780717e4f18ad76767212
4f0aaacfefd27c89225a1a0d2fbe778ec4f3369b5e4e1599255bf12866196cd4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F0AAACFEFD27C89225A1A0D2FBE778EC4F3369B5E4E1599255BF12866196CD4"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6387
Expires: Sat, 31 Dec 2022 03:06:11 GMT
Date: Sat, 31 Dec 2022 01:19:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5c6a87f6d6b5c54dcb1b630ae6001c73
e0315c9936d6f2f58ff7d078e74a8ec7802265a8
d88ef07b9fcfb42d27a490cb57df4adaf3261efc7d0b38246db387da3ca32a8d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D88EF07B9FCFB42D27A490CB57DF4ADAF3261EFC7D0B38246DB387DA3CA32A8D"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9168
Expires: Sat, 31 Dec 2022 03:52:32 GMT
Date: Sat, 31 Dec 2022 01:19:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 31 Dec 2022 00:47:04 GMT
content-type: application/json
age: 1960
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d6d99cd1201f65eeb7d437b62bad1f3
6d5e41d7a2786ccaad7c7276ecdd9411f8cbd6ba
db2b42007fc4ad126c8af8d7cce27af88947231d09ded56da33cfee3d2594e23
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB2B42007FC4AD126C8AF8D7CCE27AF88947231D09DED56DA33CFEE3D2594E23"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11070
Expires: Sat, 31 Dec 2022 04:24:14 GMT
Date: Sat, 31 Dec 2022 01:19:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZxA3giHDXHFDEhGal2ELMiAckxWvt375oCEDu5d6AWIlbXz7ZX+byLJASRbV0qbApje6+kCDg8rusJPLUImjDg==
x-amz-request-id: ZBDVXW8WBZF1ME5D
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 31 Dec 2022 00:59:24 GMT
age: 1220
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 31 Dec 2022 01:19:44 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
vc.com/mtm/async/.eJxdjM0OwiAQBt-Fg4dKCtqL1fRmT76CiVnJthD5k9JCYnx3qfHkbWe-zL7IHBQ5EjYHTSiBME6FoGvOKaXaR4dZSLAj1sIZdp05B74RZe7pjl76Vu4fXjVdSQMOGDCUuoB0U7xZMFhwEWu7PhcCfSwmYo5MRqMpeK-VgKicZXk12_xvjT49O163VBkYkcGiht-Z8O5pxarvfiDvD4bvQ04:1pBQXI:kGdpTOO8jCrGOrMWAsTdOpWID6Q/1/
72.14.185.43200 OK 223 B URL HTTP/1.1 vc.com/mtm/async/.eJxdjM0OwiAQBt-Fg4dKCtqL1fRmT76CiVnJthD5k9JCYnx3qfHkbWe-zL7IHBQ5EjYHTSiBME6FoGvOKaXaR4dZSLAj1sIZdp05B74RZe7pjl76Vu4fXjVdSQMOGDCUuoB0U7xZMFhwEWu7PhcCfSwmYo5MRqMpeK-VgKicZXk12_xvjT49O163VBkYkcGiht-Z8O5pxarvfiDvD4bvQ04:1pBQXI:kGdpTOO8jCrGOrMWAsTdOpWID6Q/1/
IP 72.14.185.43:0
File type ASCII text, with no line terminators
Hash ab99be28d23cb0a5ef370af5e205f65f
97e0d4bdd3ac8c91e95e197f8a22bb8af022e6a6
c85cb074148f2b0e6a07ad9ceaad6ace7350b768f9046114f8756d9d384d5226
Analyzer Verdict Alert fortinet Malware
GET /mtm/async/.eJxdjM0OwiAQBt-Fg4dKCtqL1fRmT76CiVnJthD5k9JCYnx3qfHkbWe-zL7IHBQ5EjYHTSiBME6FoGvOKaXaR4dZSLAj1sIZdp05B74RZe7pjl76Vu4fXjVdSQMOGDCUuoB0U7xZMFhwEWu7PhcCfSwmYo5MRqMpeK-VgKicZXk12_xvjT49O163VBkYkcGiht-Z8O5pxarvfiDvD4bvQ04:1pBQXI:kGdpTOO8jCrGOrMWAsTdOpWID6Q/1/ HTTP/1.1
Host: vc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://vc.com/url?a=3Dwww.ptoexchange.com/%C2%A0&c=3DE,1,KE9h2kpi3=
Connection: keep-alive
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sat, 31 Dec 2022 01:19:44 GMT
content-type: text/html; charset=utf-8
content-length: 223
x-mtm-path: 0
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJ2Yy5jb20iLCJodHRwOi8vd3d3MS52Yy5jb20vP3RtPTEmc3ViaWQ0PTE2NzI0NDk1ODQuMDM3ODQyMDAwMCZrdz1jb25uZWN0K3ZwbiZLVzE9Tm9yd2F5JTIwRW50ZXJwcmlzZSUyMFZQTiZLVzI9U29jaWFsJTIwTWVkaWElMjBBbmFseXRpY3MlMjBTb2Z0d2FyZSZLVzM9Tm9yd2F5JTIwTmV3cyUyME1lZGlhJTIwTW9uaXRvcmluZyUyMFRvb2xzJnNlYXJjaGJveD0wJmRvbWFpbm5hbWU9MCZiYWNrZmlsbD0wIiwxLCIyMDIyLTEyLTMxIDAxOjE5OjQ0IiwxLCIxNjcyNDQ5NTg0LjAzNzg0MjAwMDAiLDI0MSxudWxsLG51bGxd:1pBQXI:c0DdhQ6WJLk_fka2f9q0RILkNaQ; expires=Sat, 31-Dec-2022 02:19:44 GMT; Max-Age=3600; Path=/
connection: close
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 31 Dec 2022 00:33:31 GMT
age: 2774
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www1.vc.com/?tm=1&subid4=1672449584.0378420000&kw=connect+vpn&KW1=Norway%20Enterprise%20VPN&KW2=Social%20Media%20Analytics%20Software&KW3=Norway%20News%20Media%20Monitoring%20Tools&searchbox=0&domainname=0&backfill=0
75.2.73.197200 OK 5.7 kB URL HTTP/1.1 www1.vc.com/?tm=1&subid4=1672449584.0378420000&kw=connect+vpn&KW1=Norway%20Enterprise%20VPN&KW2=Social%20Media%20Analytics%20Software&KW3=Norway%20News%20Media%20Monitoring%20Tools&searchbox=0&domainname=0&backfill=0
IP 75.2.73.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2814)
Hash 3e90f03916d1c09b482a96d4b64f6467
aabc52b5fe8e87057cb36940f07757cf0b02905f
8a55f84dcbab4a740e8cdb4ab473806b05c6f17926a17385c9b92eb5cac54eaa
GET /?tm=1&subid4=1672449584.0378420000&kw=connect+vpn&KW1=Norway%20Enterprise%20VPN&KW2=Social%20Media%20Analytics%20Software&KW3=Norway%20News%20Media%20Monitoring%20Tools&searchbox=0&domainname=0&backfill=0 HTTP/1.1
Host: www1.vc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vc.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 01:19:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_UqtODznK/1HF9Ry5pKejtc4eXLr+p4/czXyuSSbO11ApTk09o4dK6wD55HRZkB+oNRhqAnkIG9/XXwYAzOOxJA==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 553f97ab8a2c2f1abe4ee932cf6dab42
9e9433075523efb0cf7d13b6811d237c4b48f099
8a7c26f298fb34ec9d5cbd977a2677118b9360ad3134bb56171c13d4d13da540
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 964
Cache-Control: max-age=115386
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 01:19:45 GMT
Etag: "63aeaa27-1d7"
Expires: Sun, 01 Jan 2023 09:22:51 GMT
Last-Modified: Fri, 30 Dec 2022 09:06:47 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
54.230.245.130200 OK 7.0 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
IP 54.230.245.130:0
File type ASCII text, with very long lines (316)
Hash 3c7567521347bf95b105ffa7fdc7da86
08739adacbf1300c74d8ae1cf100d00d9fbd0e5f
0e32bca6b67dfdeed3f9b988ddcec1adf0502549a130a78c4ace64c318a7ea29
GET /scripts/maincaf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.vc.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7006
Connection: keep-alive
Server: nginx
Date: Fri, 30 Dec 2022 02:42:01 GMT
Last-Modified: Tue, 15 Nov 2022 15:10:24 GMT
Accept-Ranges: bytes
ETag: "6373abe0-1b5e"
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ADP7viwX2Br9ugZy_0ovPdUlzqxdxpzvzryVXgAwAXqlxYlgx23ygQ==
Age: 81464
www.google.com/adsense/domains/caf.js
142.250.74.132200 OK 54 kB URL HTTP/1.1 www.google.com/adsense/domains/caf.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (1885)
Hash d61d5848e781103065d5bca54bb2f5d3
0c1410cc40187c59ff57497a601bc5a0914b94ba
f07be716e8073ec4f47c14978e5bb3d2ab7905d9f012131dd848e158fb41df78
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.vc.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Sat, 31 Dec 2022 01:19:45 GMT
Expires: Sat, 31 Dec 2022 01:19:45 GMT
Cache-Control: private, max-age=3600
ETag: "9096543464630205400"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
push.services.mozilla.com/
52.89.20.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.20.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4QzNVd6jp/Q4/WXN+HDqcA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bA1hZHXv6QxaUbt9vEZiUGu9LqE=
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
54.230.245.130200 OK 11 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
IP 54.230.245.130:0
File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Hash 0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.vc.com/
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11375
Connection: keep-alive
Server: nginx
Date: Fri, 30 Dec 2022 02:14:47 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Accept-Ranges: bytes
ETag: "62b4441b-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8mn1p26FHW2A0qVy809re_ufD5UgcIVUJzwt0Lsp2lhdbNrEbzDFNw==
Age: 83099
www1.vc.com/track.php?domain=vc.com&toggle=browserjs&uid=MTY3MjQ0OTU4NS4yNTk0OmM5OTViNGVjZTIxYmFmMzE0Zjc0ZDdjNmIxYzEzYjU5NzQ5YmU4YzRlOWEzYTlmY2MxMmVmNjMzYThjYTg3MWU6NjNhZjhlMzEzZjU2OA%3D%3D
75.2.73.197200 OK 20 B URL HTTP/1.1 www1.vc.com/track.php?domain=vc.com&toggle=browserjs&uid=MTY3MjQ0OTU4NS4yNTk0OmM5OTViNGVjZTIxYmFmMzE0Zjc0ZDdjNmIxYzEzYjU5NzQ5YmU4YzRlOWEzYTlmY2MxMmVmNjMzYThjYTg3MWU6NjNhZjhlMzEzZjU2OA%3D%3D
IP 75.2.73.197:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=vc.com&toggle=browserjs&uid=MTY3MjQ0OTU4NS4yNTk0OmM5OTViNGVjZTIxYmFmMzE0Zjc0ZDdjNmIxYzEzYjU5NzQ5YmU4YzRlOWEzYTlmY2MxMmVmNjMzYThjYTg3MWU6NjNhZjhlMzEzZjU2OA%3D%3D HTTP/1.1
Host: www1.vc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.vc.com/?tm=1&subid4=1672449584.0378420000&kw=connect+vpn&KW1=Norway%20Enterprise%20VPN&KW2=Social%20Media%20Analytics%20Software&KW3=Norway%20News%20Media%20Monitoring%20Tools&searchbox=0&domainname=0&backfill=0
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 01:19:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www1.vc.com/favicon.ico
75.2.73.197200 OK 0 B IP 75.2.73.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www1.vc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.vc.com/?tm=1&subid4=1672449584.0378420000&kw=connect+vpn&KW1=Norway%20Enterprise%20VPN&KW2=Social%20Media%20Analytics%20Software&KW3=Norway%20News%20Media%20Monitoring%20Tools&searchbox=0&domainname=0&backfill=0
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 01:19:46 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ee3578369e7f711b440d7bfcb6f612ef
53b4e4113472c355154f1be36918952a8ae56f14
a5784782a853d49a26231d16b5254c9641cbd5c324265e4ec6019c1ba1c856da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 01:19:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket103&client=dp-teaminternet12_3ph&r=m&hl=en&terms=Norway%20Enterprise%20VPN%2CSocial%20Media%20Analytics%20Software%2CNorway%20News%20Media%20Monitoring%20Tools&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2130206018502088&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3%7Cs&nocache=3311672449579773&num=0&output=afd_ads&domain_name=www1.vc.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1672449579774&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=493016327&uio=--&cont=tc&jsid=caf&jsv=493016327&rurl=http%3A%2F%2Fwww1.vc.com%2F%3Ftm%3D1%26subid4%3D1672449584.0378420000%26kw%3Dconnect%2Bvpn%26KW1%3DNorway%2520Enterprise%2520VPN%26KW2%3DSocial%2520Media%2520Analytics%2520Software%26KW3%3DNorway%2520News%2520Media%2520Monitoring%2520Tools%26searchbox%3D0%26domainname%3D0%26backfill%3D0&referer=http%3A%2F%2Fvc.com%2F&adbw=master-1%3A530
142.250.74.132200 OK 2.2 kB URL HTTP/2 www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket103&client=dp-teaminternet12_3ph&r=m&hl=en&terms=Norway%20Enterprise%20VPN%2CSocial%20Media%20Analytics%20Software%2CNorway%20News%20Media%20Monitoring%20Tools&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2130206018502088&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3%7Cs&nocache=3311672449579773&num=0&output=afd_ads&domain_name=www1.vc.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1672449579774&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=493016327&uio=--&cont=tc&jsid=caf&jsv=493016327&rurl=http%3A%2F%2Fwww1.vc.com%2F%3Ftm%3D1%26subid4%3D1672449584.0378420000%26kw%3Dconnect%2Bvpn%26KW1%3DNorway%2520Enterprise%2520VPN%26KW2%3DSocial%2520Media%2520Analytics%2520Software%26KW3%3DNorway%2520News%2520Media%2520Monitoring%2520Tools%26searchbox%3D0%26domainname%3D0%26backfill%3D0&referer=http%3A%2F%2Fvc.com%2F&adbw=master-1%3A530
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6226)
Hash 053139a25136ce57aa4ae211e68486ac
327bea72021167409fbe248f32c92f08a7acd453
cdfc73c79299e3ebe7f2a2e41a86fd7a0b0234902d3fc49654f311e29f0a89ae
GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket103&client=dp-teaminternet12_3ph&r=m&hl=en&terms=Norway%20Enterprise%20VPN%2CSocial%20Media%20Analytics%20Software%2CNorway%20News%20Media%20Monitoring%20Tools&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2130206018502088&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3%7Cs&nocache=3311672449579773&num=0&output=afd_ads&domain_name=www1.vc.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1672449579774&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=493016327&uio=--&cont=tc&jsid=caf&jsv=493016327&rurl=http%3A%2F%2Fwww1.vc.com%2F%3Ftm%3D1%26subid4%3D1672449584.0378420000%26kw%3Dconnect%2Bvpn%26KW1%3DNorway%2520Enterprise%2520VPN%26KW2%3DSocial%2520Media%2520Analytics%2520Software%26KW3%3DNorway%2520News%2520Media%2520Monitoring%2520Tools%26searchbox%3D0%26domainname%3D0%26backfill%3D0&referer=http%3A%2F%2Fvc.com%2F&adbw=master-1%3A530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.vc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Sat, 31 Dec 2022 01:19:46 GMT
expires: Sat, 31 Dec 2022 01:19:46 GMT
cache-control: private, max-age=3600
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2175
x-xss-protection: 0
set-cookie: CONSENT=PENDING+049; expires=Mon, 30-Dec-2024 01:19:46 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash fee239151318c903705b5472c682fa8c
c6e83f1a37c2aad6daa1bbb9c08e1f617c2ab21b
9857a335d5306e08c05761ba2f7688d49bbe1cf11a8227a8f7f921d38970060c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 01:19:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www1.vc.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie
142.250.74.34200 OK 235 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www1.vc.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie
IP 142.250.74.34:0
File type ASCII text, with very long lines (352), with no line terminators
Hash 8b2600ff76fe92fd98e55f673a9b3b64
30723381f53780bce44d3522a41f062e6416f0db
dee179299aa5e01a640399895c560aad0d4eef6079a5ad2c263608687784d71b
GET /gampad/cookie.js?domain=www1.vc.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.vc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 31 Dec 2022 01:19:46 GMT
server: cafe
cache-control: private
content-length: 235
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3e81af3903c1ab8d3ca86e884ed4911f
8f6603230b3a178c101515a7d9c26c60c59085bb
b35d6540fc5a01ad99b53d222ee3977a6cf544d481f162431a9dd28f590c66bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 01:19:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash fee239151318c903705b5472c682fa8c
c6e83f1a37c2aad6daa1bbb9c08e1f617c2ab21b
9857a335d5306e08c05761ba2f7688d49bbe1cf11a8227a8f7f921d38970060c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 01:19:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ff8d18cc18169303e11891b0312ca445
c2a6016769d54486c2192be51cbe96f2a7d1cdeb
f112fd45e8178b50e5ac62aa0bc3202c288ff571856311f32020b20315751671
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 01:19:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ff8d18cc18169303e11891b0312ca445
c2a6016769d54486c2192be51cbe96f2a7d1cdeb
f112fd45e8178b50e5ac62aa0bc3202c288ff571856311f32020b20315751671
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 01:19:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
172.217.21.161200 OK 270 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
IP 172.217.21.161:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash 5100391430a00e10ce60aa159f525b5c
231a4492d73b225f441b1e9028dc33c89862e498
52b1432a6e3002e41ed1d8f4c84b258fdc4c6dac863e3c0e5c06360c81be6067
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 30 Dec 2022 13:17:53 GMT
expires: Sat, 31 Dec 2022 12:17:53 GMT
cache-control: public, max-age=82800
age: 43313
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
172.217.21.161200 OK 174 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP 172.217.21.161:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 30 Dec 2022 09:08:41 GMT
expires: Sat, 31 Dec 2022 08:08:41 GMT
cache-control: public, max-age=82800
age: 58265
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/adsense/domains/caf.js
142.250.74.132200 OK 54 kB URL HTTP/2 www.google.com/adsense/domains/caf.js
IP 142.250.74.132:0
Hash 6ea2a651ef509b7bb3d6f366245b047a
c9115983cb317712898129b9db6f96f6d59cd712
9652a58c7c21314132b8b4f216a00f3c62e17bda766885ebced7d7239221a030
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 31 Dec 2022 01:19:46 GMT
expires: Sat, 31 Dec 2022 01:19:46 GMT
cache-control: private, max-age=3600
etag: "93330671341707853"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www1.vc.com/?tm=1&subid4=1672449584.0378420000&kw=connect+vpn&KW1=Norway%20Enterprise%20VPN&KW2=Social%20Media%20Analytics%20Software&KW3=Norway%20News%20Media%20Monitoring%20Tools&searchbox=0&domainname=0&backfill=0
75.2.73.197200 OK 5.8 kB URL HTTP/1.1 www1.vc.com/?tm=1&subid4=1672449584.0378420000&kw=connect+vpn&KW1=Norway%20Enterprise%20VPN&KW2=Social%20Media%20Analytics%20Software&KW3=Norway%20News%20Media%20Monitoring%20Tools&searchbox=0&domainname=0&backfill=0
IP 75.2.73.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2798)
Hash 95a138251dcda0517ce66e36f3f38019
9b81defe7827eca9ff47ce100b8b401db9ea6aa9
e605526d26cba80766bf8c445c932ea7d451f2f3ea5c0166bbd30b58d3e12b9c
GET /?tm=1&subid4=1672449584.0378420000&kw=connect+vpn&KW1=Norway%20Enterprise%20VPN&KW2=Social%20Media%20Analytics%20Software&KW3=Norway%20News%20Media%20Monitoring%20Tools&searchbox=0&domainname=0&backfill=0 HTTP/1.1
Host: www1.vc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __gsas=ID=ca19a053c069b0ca:T=1672449586:S=ALNI_MY_-7UN4iki0N5anYt1j_q3n4ialg
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 01:19:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_UqtODznK/1HF9Ry5pKejtc4eXLr+p4/czXyuSSbO11ApTk09o4dK6wD55HRZkB+oNRhqAnkIG9/XXwYAzOOxJA==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
54.230.245.130304 Not Modified 0 B URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
IP 54.230.245.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/maincaf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.vc.com/
If-Modified-Since: Tue, 15 Nov 2022 15:10:24 GMT
If-None-Match: "6373abe0-1b5e"
Cache-Control: max-age=0
HTTP/1.1 304 Not Modified
Connection: keep-alive
Server: nginx
Date: Fri, 30 Dec 2022 02:42:01 GMT
Last-Modified: Tue, 15 Nov 2022 15:10:24 GMT
ETag: "6373abe0-1b5e"
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eIQNssqUPCKy34CH4QQOzGP1j4EI-pfKRgyyd_n4HIjM92F-nb7D0g==
Age: 81465
www.google.com/adsense/domains/caf.js
142.250.74.132200 OK 54 kB URL HTTP/1.1 www.google.com/adsense/domains/caf.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (1885)
Hash 3caf7ec4dc4407dd26c23c27e2ee8441
b78a33cd365345328c1e85616ef3d86f9e52604b
243f55134830ee5256888d500b0f764452eef944911c7fb0a64a9ded6605e8d3
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.vc.com/
If-None-Match: "9096543464630205400"
Cache-Control: max-age=0
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Sat, 31 Dec 2022 01:19:46 GMT
Expires: Sat, 31 Dec 2022 01:19:46 GMT
Cache-Control: private, max-age=3600
ETag: "14181701328128387770"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3694
Expires: Sat, 31 Dec 2022 02:21:20 GMT
Date: Sat, 31 Dec 2022 01:19:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3694
Expires: Sat, 31 Dec 2022 02:21:20 GMT
Date: Sat, 31 Dec 2022 01:19:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3694
Expires: Sat, 31 Dec 2022 02:21:20 GMT
Date: Sat, 31 Dec 2022 01:19:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3694
Expires: Sat, 31 Dec 2022 02:21:20 GMT
Date: Sat, 31 Dec 2022 01:19:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde926226-13b8-4452-bbc5-153ee4791261.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde926226-13b8-4452-bbc5-153ee4791261.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 35f6e0b255f57ba129be3abe99878805
fd5738dd10f74e884b06a235d938427fee641ead
38c1d333fb42e3f83f378e44703295cc70fec5871517267f313edba53dc55342
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde926226-13b8-4452-bbc5-153ee4791261.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4999
x-amzn-requestid: 542ef534-fffa-453a-b6b2-3efff3de19fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d42PhH7RoAMFZ4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ad03fc-59d4a6c971ea337f1e4c9899;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 03:05:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ljtb9-jyX2dHM2R9EI4h0o0lvzVAT3jnaYDPhUImuQknWZ6KzkFNfw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 03:33:44 GMT
age: 78362
etag: "fd5738dd10f74e884b06a235d938427fee641ead"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc62c3ca8bc387a91c7d4711b5bc2409
7a984b459227e11984faa2539569a90875a58d29
e14a0e22b58fc1f3f392b842573e3abff7b24eb66db6b351046a186acc3b2954
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7660
x-amzn-requestid: 9338abf2-1191-47da-95ff-0a201604fbc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-sKCEDhoAMFZ4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af5a40-433f4ba9780dbc7a485ccbe9;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 21:38:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yR6kZT7use-SXKKXM3rRmo56EFDJN9VUcRSlzb0cG7nn_pblH0uL6g==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:47:12 GMT
etag: "7a984b459227e11984faa2539569a90875a58d29"
content-type: image/jpeg
age: 12754
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf3a0189-6c58-44bf-88ec-0ebcae08c1df.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf3a0189-6c58-44bf-88ec-0ebcae08c1df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 988c9ff1a2776bc9ae8746b3ddaecac4
5b4d828eae49a9928efaf4a22a607897cee8da41
cbe3968b4fb564200d38e54e6e54ff4fc3467d907185aeefde47d96567b2eb76
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf3a0189-6c58-44bf-88ec-0ebcae08c1df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7354
x-amzn-requestid: 976d0978-6f84-4b19-9bc4-262d1e6e1045
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dy0IoHmPoAMF8DA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa9a37-64460ea631c28bf66fcceb8b;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 07:09:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sIgFLjTepEtCd_DxhYe_Sa1uAccA4gHum63hatsdBUAjOcaI-MFfCw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 11:55:25 GMT
age: 48261
etag: "5b4d828eae49a9928efaf4a22a607897cee8da41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25f9647b-a062-474a-96b2-0b04f5e0328c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25f9647b-a062-474a-96b2-0b04f5e0328c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c931888a790ebf9a456e6096ab46bd34
971c55aff0dbb01ac93a2c9649be6633880e09ac
ba3d85fe6776c7f329d5fdb1febdbd6f3c09317029851940e3c99aeaee8d2400
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25f9647b-a062-474a-96b2-0b04f5e0328c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: f45ce04a-b0b1-4445-b6de-0f027bfc4264
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duqbtEQ3oAMFnEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8f117-6bc757e462070f3670bd962e;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 00:55:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2YpfBFkjXKdQwei66w0MuxmmsFDk2CQuR84hiugyeAItYdg22rpQjQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 16:16:32 GMT
age: 32594
etag: "971c55aff0dbb01ac93a2c9649be6633880e09ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7277968e-6d4b-4e04-9d10-d27c07c26f81.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7277968e-6d4b-4e04-9d10-d27c07c26f81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ddc261a4714fab13c19cf4b8762c7569
d3d987cd75786457356a4ed25b95f365560cb1de
d7d3d6d2e0ccd6ec75e6aaf640e40ca4549cb52dd0c75eb642ac24df121e7be2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7277968e-6d4b-4e04-9d10-d27c07c26f81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6536
x-amzn-requestid: f9b718fe-980d-4127-8d5b-4d807e0abd61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-sKDFCFoAMFgjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af5a40-6cb0e3ba78c0d3dd4a8dfcb4;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 21:38:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EWR9wFd86zboCuH6RcYqpZ3lm-MLsGpKeV0UTU_7c6WNWaRogNCBmg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:47:12 GMT
etag: "d3d987cd75786457356a4ed25b95f365560cb1de"
content-type: image/jpeg
age: 12754
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40dc263f-68b0-4655-93e6-3c506845ba5d.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40dc263f-68b0-4655-93e6-3c506845ba5d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f964589a563304970c0be9354c542fe4
09d7db3bba00ca08d2664e6a73c8d4182d0214cb
abec859403f136b9b18a11511ae6ceda25763983bdaa609b1c693957624070fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40dc263f-68b0-4655-93e6-3c506845ba5d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7590
x-amzn-requestid: 486ea200-bd0a-471f-ba63-fe950584c1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dyRRdFimoAMFYLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa626f-414211d02334dccc5cc5a834;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 03:11:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HHWitk11eb8u6r3KJER-Al9ToLVB1Ddt2bW1_a9DlXqUmM8oJVnNyA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 07:40:32 GMT
age: 63554
etag: "09d7db3bba00ca08d2664e6a73c8d4182d0214cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
54.230.245.130304 Not Modified 0 B URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
IP 54.230.245.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.vc.com/
If-Modified-Since: Thu, 23 Jun 2022 10:44:43 GMT
If-None-Match: "62b4441b-2c6f"
Cache-Control: max-age=0
HTTP/1.1 304 Not Modified
Connection: keep-alive
Server: nginx
Date: Fri, 30 Dec 2022 02:14:47 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
ETag: "62b4441b-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5ZeemyKQ161ndAHVV4NKivYnaayNXxFQuvhxAZMr3nrcd2kkiqCxpQ==
Age: 83100
www1.vc.com/track.php?domain=vc.com&toggle=browserjs&uid=MTY3MjQ0OTU4Ni42MzM2OjY1MjRiMzdmYzI2ZjA1ZDhlNTk0MTA3YmNhN2ZjYTZhMTc0OGFjOTZhYmQwZjYzM2ZlODMyNzgzZmJkOGM3Zjg6NjNhZjhlMzI5YWIwNw%3D%3D
75.2.73.197200 OK 20 B URL HTTP/1.1 www1.vc.com/track.php?domain=vc.com&toggle=browserjs&uid=MTY3MjQ0OTU4Ni42MzM2OjY1MjRiMzdmYzI2ZjA1ZDhlNTk0MTA3YmNhN2ZjYTZhMTc0OGFjOTZhYmQwZjYzM2ZlODMyNzgzZmJkOGM3Zjg6NjNhZjhlMzI5YWIwNw%3D%3D
IP 75.2.73.197:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=vc.com&toggle=browserjs&uid=MTY3MjQ0OTU4Ni42MzM2OjY1MjRiMzdmYzI2ZjA1ZDhlNTk0MTA3YmNhN2ZjYTZhMTc0OGFjOTZhYmQwZjYzM2ZlODMyNzgzZmJkOGM3Zjg6NjNhZjhlMzI5YWIwNw%3D%3D HTTP/1.1
Host: www1.vc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.vc.com/?tm=1&subid4=1672449584.0378420000&kw=connect+vpn&KW1=Norway%20Enterprise%20VPN&KW2=Social%20Media%20Analytics%20Software&KW3=Norway%20News%20Media%20Monitoring%20Tools&searchbox=0&domainname=0&backfill=0
Cookie: __gsas=ID=ca19a053c069b0ca:T=1672449586:S=ALNI_MY_-7UN4iki0N5anYt1j_q3n4ialg
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 01:19:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www1.vc.com/ls.php
75.2.73.197201 Created 0 B IP 75.2.73.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
POST /ls.php HTTP/1.1
Host: www1.vc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 2750
Origin: http://www1.vc.com
Connection: keep-alive
Referer: http://www1.vc.com/?tm=1&subid4=1672449584.0378420000&kw=connect+vpn&KW1=Norway%20Enterprise%20VPN&KW2=Social%20Media%20Analytics%20Software&KW3=Norway%20News%20Media%20Monitoring%20Tools&searchbox=0&domainname=0&backfill=0
Cookie: __gsas=ID=ca19a053c069b0ca:T=1672449586:S=ALNI_MY_-7UN4iki0N5anYt1j_q3n4ialg
Cache-Control: max-age=0
HTTP/1.1 201 Created
Date: Sat, 31 Dec 2022 01:19:47 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 63af8e33e5c9505fb5488fd1
Charset: utf-8
Access-Control-Allow-Origin: http://www1.vc.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_BeUHvsKdk3XzP3gzqPqiWx2uMqeZzmmrv2pidCGjzlI7QUro0YrBec17GUYenm7ltsS7x6eWyTupj9oibRtkrw==
www1.vc.com/track.php?domain=vc.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3MjQ0OTU4Ni42MzM2OjY1MjRiMzdmYzI2ZjA1ZDhlNTk0MTA3YmNhN2ZjYTZhMTc0OGFjOTZhYmQwZjYzM2ZlODMyNzgzZmJkOGM3Zjg6NjNhZjhlMzI5YWIwNw%3D%3D
75.2.73.197200 OK 20 B URL HTTP/1.1 www1.vc.com/track.php?domain=vc.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3MjQ0OTU4Ni42MzM2OjY1MjRiMzdmYzI2ZjA1ZDhlNTk0MTA3YmNhN2ZjYTZhMTc0OGFjOTZhYmQwZjYzM2ZlODMyNzgzZmJkOGM3Zjg6NjNhZjhlMzI5YWIwNw%3D%3D
IP 75.2.73.197:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=vc.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3MjQ0OTU4Ni42MzM2OjY1MjRiMzdmYzI2ZjA1ZDhlNTk0MTA3YmNhN2ZjYTZhMTc0OGFjOTZhYmQwZjYzM2ZlODMyNzgzZmJkOGM3Zjg6NjNhZjhlMzI5YWIwNw%3D%3D HTTP/1.1
Host: www1.vc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.vc.com/?tm=1&subid4=1672449584.0378420000&kw=connect+vpn&KW1=Norway%20Enterprise%20VPN&KW2=Social%20Media%20Analytics%20Software&KW3=Norway%20News%20Media%20Monitoring%20Tools&searchbox=0&domainname=0&backfill=0
Cookie: __gsas=ID=ca19a053c069b0ca:T=1672449586:S=ALNI_MY_-7UN4iki0N5anYt1j_q3n4ialg
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 01:19:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip