Report - c1.getapplicationmy.info/?step_id=1&installer_id=7615671449166612527&publisher_id=1273&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=1103257460271216829&external_id=0&session_id=5180070327736810423&hardware_id=10293465506191108006&product_name=Jads+and+Jadson+-+Jeito+Carinhos+[DVD+2013]&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&filesize=6.25Mb&product_title=Jads+and+Jadson+-+Jeito+Carinhos+[DVD+2013]&installer_file_name=Jads+and+Jad&product_download_url=<ServerUrl>/addons/error.txt&reffer=www.mp3olimp.net/&product_file

Report Overview

Submitted URL
c1.getapplicationmy.info/?step_id=1&installer_id=7615671449166612527&publisher_id=1273&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=1103257460271216829&external_id=0&session_id=5180070327736810423&hardware_id=10293465506191108006&product_name=Jads+and+Jadson+-+Jeito+Carinhos+[DVD+2013]&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&filesize=6.25Mb&product_title=Jads+and+Jadson+-+Jeito+Carinhos+[DVD+2013]&installer_file_name=Jads+and+Jad&product_download_url=<ServerUrl>/addons/error.txt&reffer=www.mp3olimp.net/&product_file_name=error.txt
IP
162.210.196.172
ASN
#30633 LEASEWEB-USA-WDC
Submitted
2022-09-28 19:59:39
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
c1.getapplicationmy.info	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	929 B	651 B	162.210.196.172
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.6 kB	14 kB	142.250.74.3
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	4.6 kB	192.124.249.36
r.srvtrck.com	45104	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	608 B	407 B	104.19.168.96
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	75 kB	34.120.237.76
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	799 B	757 B	142.250.74.3
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	493 B	843 B	142.250.74.164
media.bttry.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	401 kB	35.201.89.39
script.hotjar.com	887	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	67 kB	143.204.55.68
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
btpnative.com	108657	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	7.2 kB	209.15.13.136
p274639.mybetterck.com	381189	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	521 B	108.168.193.189
mybetterck.com	21362	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	1.3 kB	108.168.193.189
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	125 kB	142.250.74.163
www.batteryupgrade.ch	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.0 kB	58 kB	89.188.12.130
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	481 B	1.1 kB	64.233.165.154
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	822 B	1.5 kB	142.250.74.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.76.226
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.8 kB	172.64.155.188
chosenproduct.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	893 B	932 B	46.105.126.224
www.googleadservices.com	107	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	18 kB	142.250.74.34
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	715 B	568 B	216.239.34.36
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	630 B	54.230.111.8
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.164.183.116
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	58 kB	142.250.74.72
ssl.google-analytics.com	275	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	18 kB	142.250.74.104
vars.hotjar.com	1014	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	499 B	1.7 kB	143.204.55.105
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	798 B	2.0 kB	142.250.74.34

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-28	medium	getapplicationmy.info	Sinkholed

JavaScript (24)

	URL	Size	First Seen	Last Seen
	www.batteryupgrade.ch/	291 B	2023-03-08	2023-10-10
Pretty URL www.batteryupgrade.ch/ IP 89.188.12.130 ASN #31477 Duocast B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:39:56 Last Seen2023-10-10 09:17:05 Times Seen33 Hash 74255a025980c8428e0c0b13fd6b70c5 234e67fbbf4e6376d7ac19e0e00bfdd207c1be92 c3f480f54838fa0b1e05c4cb1062f7c05997c14e9c8c327a8be731549dada1be Loading...

	www.batteryupgrade.ch/	1 B	2023-03-07	2024-04-19
Pretty URL www.batteryupgrade.ch/ IP 89.188.12.130 ASN #31477 Duocast B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:53 Last Seen2024-04-19 03:54:16 Times Seen21092 Hash 7215ee9c7d9dc229d2921a40e899ec5f b858cb282617fb0956d960215c8e84d1ccf909c6 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068 Loading...

	www.googletagmanager.com/gtag/js?id=G-CCJQ3Y2XPQ&l=dataLayer&cx=c	216 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-CCJQ3Y2XPQ&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:11:55 Last Seen2023-03-08 03:11:55 Times Seen1 Hash 7bd1b240bf0e9c3f14c7e8832cf33271 23bdcadc4d292a315e7fe3cc45b11171c253cf54 55e941e2aaa90d2b695a12448499f2f1f36fba22c7284c58df30e3d28e2bd6bc Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/1070102528/?random=1664395169679&cv=9&fst=1664395169679&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.batteryupgrade.ch%2F&tiba=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&hn=www.googleadservices.com&rfmt=3&fmt=4	2.3 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/1070102528/?random=1664395169679&cv=9&fst=1664395169679&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.batteryupgrade.ch%2F&tiba=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&hn=www.googleadservices.com&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:11:55 Last Seen2023-03-08 03:11:55 Times Seen1 Hash b6ea43cb71d2c8d651db2f8b00fbaeaf f74825c18975afb4f96c2ba93816c0362b4c8d27 c9f8d1984a6489860503a9e40eab5143081bd604735a577f2de38026244a9d78 Loading...

	vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html	2.3 kB	2023-03-07	2023-03-17
Pretty URL vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html IP 143.204.55.105 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:41 Last Seen2023-03-17 12:55:02 Times Seen1 Hash d92066afca578ed14865977d9feac035 2272d154325335dd33ffed8b26929039c6561771 fc200422a2125ba3391e529347524b6596dc8eb4cbb545e7db65ecde73f5bb28 Loading...

	media.bttry.net/assets/07168010/js/_BWF/js/functions.js	1.0 kB	2023-03-08	2023-10-17
Pretty URL media.bttry.net/assets/07168010/js/_BWF/js/functions.js IP 35.201.89.39 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:39:56 Last Seen2023-10-17 11:18:15 Times Seen77 Hash 0d0b88a6a7279ba71d6cf00a12812d4d 33105c5d7123d07a2f0e6045285f45af7b37ed2a d3edf467c2965804357947ae2855d396d925e319963a4d86842fe5acaae3b174 Loading...

	www.batteryupgrade.ch/	567 B	2023-03-08	2023-03-08
Pretty URL www.batteryupgrade.ch/ IP 89.188.12.130 ASN #31477 Duocast B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:11:55 Last Seen2023-03-08 03:11:55 Times Seen1 Hash 5f13b935bb0f2165fa963fe38c193599 0a62b9b6e2ed08203d8cc4db44ba92fa3668754e 2b46d552597ccdaa7286b93168f7249fa9c40c52f94d228008b8357c8ef5b6e5 Loading...

	www.batteryupgrade.ch/	48 B	2023-03-08	2023-10-17
Pretty URL www.batteryupgrade.ch/ IP 89.188.12.130 ASN #31477 Duocast B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:11:55 Last Seen2023-10-17 11:18:14 Times Seen20 Hash eb3f1b3bdd7005e21dab39bb1c8e5ff5 e16fcb9fe31ab95e021e22866c023f7aff1666e6 02b545f02812270036916270530e210d7ba29f20ca30120b36d18e1c64f90fdb Loading...

	media.bttry.net/assets/07168010/js/grwpjs/modernizr-3.3.1.min.js	95 kB	2023-03-08	2023-10-17
Pretty URL media.bttry.net/assets/07168010/js/grwpjs/modernizr-3.3.1.min.js IP 35.201.89.39 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:39:56 Last Seen2023-10-17 11:18:15 Times Seen76 Hash 858602e44e462ae594c0690a1339ab89 e74da1648a7c0590957f14b23839406e50378212 3e85ad9fe40549760f4f833e7ee14264f3308fa9c7d4366616261ee5af7aae57 Loading...

	www.batteryupgrade.ch/	342 B	2023-03-08	2023-10-17
Pretty URL www.batteryupgrade.ch/ IP 89.188.12.130 ASN #31477 Duocast B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:11:55 Last Seen2023-10-17 11:18:14 Times Seen30 Hash a7c5804b3698f5930f5292facf33bf3c a51e3b78aade70e83181548e97b0fc55837042fa cd31befb0377829eb0eb84bdfd6d95d0860b8a8bd7dfb0d85d48bdfe7170f244 Loading...

	static.hotjar.com/c/hotjar-1682517.js?sv=6	4.6 kB	2023-03-08	2023-03-08
Pretty URL static.hotjar.com/c/hotjar-1682517.js?sv=6 IP 54.230.111.8 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:11:55 Last Seen2023-03-08 03:11:55 Times Seen1 Hash 4979b13c9ed5773ba7a3da1ff23d84cf 7037a440f43034f5d1d1e25550f1a696340b8752 4cbf8008200cea37a1a25e4b721b4591452b08172974d1cf460e6f33090f1729 Loading...

	www.batteryupgrade.ch/	52 B	2023-03-08	2023-07-09
Pretty URL www.batteryupgrade.ch/ IP 89.188.12.130 ASN #31477 Duocast B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:39:56 Last Seen2023-07-09 00:08:33 Times Seen3 Hash 9a1f093f60cdd86374f1009d486522c1 d34d1a2629411ac9f6710a1b59eaa02b0e8687f7 af5ea442fc8113ca0191ab9efcf845890f7f17d6bf2900362aef0ff4dba9e403 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-M53HQ95	149 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-M53HQ95 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:11:55 Last Seen2023-03-08 03:11:55 Times Seen1 Hash 55773d0bcdec5d122e21a2c4b313ad64 1d2e76745d95c73a856f17b951958282778a29e8 2b60fce24e259fbbd6ef44304468bbfd52e3e6299e3d54843a683432f0cc9f0c Loading...

	ssl.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL ssl.google-analytics.com/ga.js IP 142.250.74.104 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	media.bttry.net/assets/07168010/js/all.min.js	343 kB	2023-03-08	2023-03-08
Pretty URL media.bttry.net/assets/07168010/js/all.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:39:56 Last Seen2023-03-08 03:11:55 Times Seen1 Hash 8aa7ccf95bc4c284afcfd2842954568d c2d8a199a737d0d5bbd36140793fa8911be69043 ed82a4bce0ddf3f0518b04d2122ec8b97547adc99c0da14e37dde87e121564cd Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 06:41:37 Times Seen36953558 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	btpnative.com/click?data=NTVteXFKdEVhaFdULVFNSURrMXg3cEd6cFp0M3AzazJLal9kcHRsaFlCczMyOUJUR29VblJEd0RXNjdTcWpoUGxhei1idE1vZ054V0JpWndiZUJnY01yMmtPMFQtMExFdTJLanBtaFVoTHc3QUg5bjFKMmNHTDFzVERxdEoxeHgzRW9HQVRvTHJkTlFUUVhmOWRucUR2YTZSSld6NWN1bmw1TlZ3OTlfYTg0MQ2&id=1fa46f70-2b00-451e-aae1-b92ea9bce473	4.1 kB	2023-03-07	2023-04-05
Pretty URL btpnative.com/click?data=NTVteXFKdEVhaFdULVFNSURrMXg3cEd6cFp0M3AzazJLal9kcHRsaFlCczMyOUJUR29VblJEd0RXNjdTcWpoUGxhei1idE1vZ054V0JpWndiZUJnY01yMmtPMFQtMExFdTJLanBtaFVoTHc3QUg5bjFKMmNHTDFzVERxdEoxeHgzRW9HQVRvTHJkTlFUUVhmOWRucUR2YTZSSld6NWN1bmw1TlZ3OTlfYTg0MQ2&id=1fa46f70-2b00-451e-aae1-b92ea9bce473 IP 209.15.13.136 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:24 Last Seen2023-04-05 01:56:36 Times Seen24 Hash a95ebc524317681eea9a586db022de39 4971459c3a5c26de04f1ca1edaa9c7ba225ee161 0bdbdaa3f492019a740ce5685efd434006c22801330be205bd590974e73c1b82 Loading...

	www.googleadservices.com/pagead/conversion.js	46 kB	2023-03-08	2023-03-10
Pretty URL www.googleadservices.com/pagead/conversion.js IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:11:38 Last Seen2023-03-10 12:01:36 Times Seen1 Hash 8bf7c4875e5899ce82558071f14e06a9 d64680c0e724360136a43a799f4157056c173d26 44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6 Loading...

	media.bttry.net/assets/07168010/js/polyfill.min.js	15 kB	2023-03-08	2023-10-17
Pretty URL media.bttry.net/assets/07168010/js/polyfill.min.js IP 35.201.89.39 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:39:56 Last Seen2023-10-17 11:18:15 Times Seen75 Hash 0161f0fd99a0d1b13e25067cb76dfd5b 9ba2e94d8a5b4ea319e699e7701bb21f2ed9cb57 2ef65825d324e90006d1b9c97ee670d9588346d4e88c1eaf2cbcfc830e09e5f7 Loading...

	www.batteryupgrade.ch/	327 B	2023-03-08	2023-08-12
Pretty URL www.batteryupgrade.ch/ IP 89.188.12.130 ASN #31477 Duocast B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:11:55 Last Seen2023-08-12 19:58:43 Times Seen24 Hash c6264294f5eaf0182e757f522576bb2f 5547e177338c185444e8b43df97c4277cb5e20b2 7a1850ab9fc041b93b8695f0bbefddd15395e22c53da679370e80f69b21bbddb Loading...

	p274639.mybetterck.com/adServe/domainClick?ai=tMxzWfm12LpkbNIWurMDWoiXD7klJ1soTN51QfSABfYD6oPh4t22c9B9_vdKnsZCUhrhXB7h4Q0Uuwo5IbgEBdUi6xSvMdRUq3nDjZUkzHvLJyjqHra8mGW6CHfeBodVgvgI1g_o4dK0Bqs_9EYIR_VYuzZSYLtak8a2TCfMlWrIMMlTWYfZjlToK4-_1ACOP0s6MBsFTTAOGVIq7SQHt2xDKr8Rw5O7dO4wvtGnrzTddVqW4b_Ykxw_vxfmXwaLNORDvO_u8SbIzzh0hp6ogO7JzK4vQzmiPaDGm4CwDwXfw_JoL1ALTR_29IAMKrswtsrhcGeRW6RqgEE0f5FjhxhGK23FSY41eOG-uPJj6bxlqf_64l0Z6hpyy_YN0YQtpLSZmparWHWvrphb_I88ZSIO3PHyowRR_6p576eQm9fr2iPLc49PERgUkMD_VLeROfuqs0moSwPq7QXN-ylcxrw3TeQXSnFC-IokKZjFQZ7rqNKnLYX0tfAD-AuLqsioXaRG_Rn9EU5baMHjMW5FMVZ1q7sg30V1X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiPLxdLCBTbS2E-vcPMz4vkC4FXmAKRd9aSyJTuzQtneEKj1HVaOgt_lw&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSHTbvXa9bc3gUMCZFDPA5eSNaBH9W47pomJmpXnVSXAuWEOrnfwZmTzSi7POAjgQDzkTIYbeCY1Hn59BaP8A9XQ&si=1&oref=22a3b7b148bba753762bd6aaf4a8a708&optunit=r66YW_yPPGUiDtzx8qMEUc7n_r2HV6hZ&rb=2Vb288azLYM&rr=0&abtg=0	194 B	2023-03-07	2023-03-08
Pretty URL p274639.mybetterck.com/adServe/domainClick?ai=tMxzWfm12LpkbNIWurMDWoiXD7klJ1soTN51QfSABfYD6oPh4t22c9B9_vdKnsZCUhrhXB7h4Q0Uuwo5IbgEBdUi6xSvMdRUq3nDjZUkzHvLJyjqHra8mGW6CHfeBodVgvgI1g_o4dK0Bqs_9EYIR_VYuzZSYLtak8a2TCfMlWrIMMlTWYfZjlToK4-_1ACOP0s6MBsFTTAOGVIq7SQHt2xDKr8Rw5O7dO4wvtGnrzTddVqW4b_Ykxw_vxfmXwaLNORDvO_u8SbIzzh0hp6ogO7JzK4vQzmiPaDGm4CwDwXfw_JoL1ALTR_29IAMKrswtsrhcGeRW6RqgEE0f5FjhxhGK23FSY41eOG-uPJj6bxlqf_64l0Z6hpyy_YN0YQtpLSZmparWHWvrphb_I88ZSIO3PHyowRR_6p576eQm9fr2iPLc49PERgUkMD_VLeROfuqs0moSwPq7QXN-ylcxrw3TeQXSnFC-IokKZjFQZ7rqNKnLYX0tfAD-AuLqsioXaRG_Rn9EU5baMHjMW5FMVZ1q7sg30V1X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiPLxdLCBTbS2E-vcPMz4vkC4FXmAKRd9aSyJTuzQtneEKj1HVaOgt_lw&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSHTbvXa9bc3gUMCZFDPA5eSNaBH9W47pomJmpXnVSXAuWEOrnfwZmTzSi7POAjgQDzkTIYbeCY1Hn59BaP8A9XQ&si=1&oref=22a3b7b148bba753762bd6aaf4a8a708&optunit=r66YW_yPPGUiDtzx8qMEUc7n_r2HV6hZ&rb=2Vb288azLYM&rr=0&abtg=0 IP 108.168.193.189 ASN #36351 SOFTLAYER Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:01:45 Last Seen2023-03-08 03:11:55 Times Seen1 Hash 19fcdc9130dc02d99f6180ff33e0eff1 b3068a029c144e63b203d50efcfd9607ecd39f7a 982ace7d26bc3ddb30df323a545669388bd6d322b90b61b0a8dcea19014fd325 Loading...

	media.bttry.net/assets/07168010/js/grwpjs/require.js	16 kB	2023-03-08	2023-10-17
Pretty URL media.bttry.net/assets/07168010/js/grwpjs/require.js IP 35.201.89.39 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:39:56 Last Seen2023-10-17 11:18:15 Times Seen75 Hash 6020db79c078ed02469b21c17c00e806 e02b7a02b34ffda3f98cbe7b5947e49f4cfef347 0070d2e259006e7e98fc08cdfc9329717c090077ecb2f1e670e3e7a0e5420d21 Loading...

	www.batteryupgrade.ch/	155 B	2023-03-08	2023-08-12
Pretty URL www.batteryupgrade.ch/ IP 89.188.12.130 ASN #31477 Duocast B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:11:55 Last Seen2023-08-12 19:58:43 Times Seen24 Hash 107c43efe755454d84344d23cbecf23e 3a65a935d05a0c004a3f11bf6f073f8c1bd2e4f7 9bf86c39b59783083dfcd51039dda132fc73812518383f08020ff860d8defaaa Loading...

		Size	First Seen	Last Seen
	#1 Write - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 06:41:37 Times Seen36953558 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (89)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 19:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EFhuFfYw0d-rClg2wMC5hOlHBzre3DTAp8bIu_jYH5QzjaMwPeKz-A==
Age: 2629

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3300
Expires: Wed, 28 Sep 2022 20:54:28 GMT
Date: Wed, 28 Sep 2022 19:59:28 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sackcQs1KVZvB54mRQCo6M9pWKR9L0wL-9lUAmnef7g-NSt92EVmdw==
age: 52262
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:59:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 19:29:33 GMT
Expires: Wed, 28 Sep 2022 20:26:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ER9mnRU9_hX0h8IXpyRlSirM3QCV86ae4ydTQB_xzOrNpTgf8p5x-w==
Age: 1795

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3989
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:29 GMT
Last-Modified: Wed, 28 Sep 2022 18:53:00 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

c1.getapplicationmy.info/?step_id=1&installer_id=7615671449166612527&publisher_id=1273&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=1103257460271216829&external_id=0&session_id=5180070327736810423&hardware_id=10293465506191108006&product_name=Jads+and+Jadson+-+Jeito+Carinhos+[DVD+2013]&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&filesize=6.25Mb&product_title=Jads+and+Jadson+-+Jeito+Carinhos+[DVD+2013]&installer_file_name=Jads+and+Jad&product_download_url=%3CServerUrl%3E/addons/error.txt&reffer=http://www.mp3olimp.net/&product_file_name=error.txt

162.210.196.172

302 Found

11 B

URL HTTP/1.1
c1.getapplicationmy.info/?step_id=1&installer_id=7615671449166612527&publisher_id=1273&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=1103257460271216829&external_id=0&session_id=5180070327736810423&hardware_id=10293465506191108006&product_name=Jads+and+Jadson+-+Jeito+Carinhos+[DVD+2013]&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&filesize=6.25Mb&product_title=Jads+and+Jadson+-+Jeito+Carinhos+[DVD+2013]&installer_file_name=Jads+and+Jad&product_download_url=%3CServerUrl%3E/addons/error.txt&reffer=http://www.mp3olimp.net/&product_file_name=error.txt
IP
162.210.196.172:0
ASN
#30633 LEASEWEB-USA-WDC

File type
ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?step_id=1&installer_id=7615671449166612527&publisher_id=1273&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=1103257460271216829&external_id=0&session_id=5180070327736810423&hardware_id=10293465506191108006&product_name=Jads+and+Jadson+-+Jeito+Carinhos+[DVD+2013]&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&amp=&filesize=6.25Mb&product_title=Jads+and+Jadson+-+Jeito+Carinhos+[DVD+2013]&installer_file_name=Jads+and+Jad&product_download_url=%3CServerUrl%3E/addons/error.txt&reffer=http://www.mp3olimp.net/&product_file_name=error.txt HTTP/1.1
Host: c1.getapplicationmy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Wed, 28 Sep 2022 19:59:28 GMT
location: http://btpnative.com/click?data=NTVteXFKdEVhaFdULVFNSURrMXg3cEd6cFp0M3AzazJLal9kcHRsaFlCczMyOUJUR29VblJEd0RXNjdTcWpoUGxhei1idE1vZ054V0JpWndiZUJnY01yMmtPMFQtMExFdTJLanBtaFVoTHc3QUg5bjFKMmNHTDFzVERxdEoxeHgzRW9HQVRvTHJkTlFUUVhmOWRucUR2YTZSSld6NWN1bmw1TlZ3OTlfYTg0MQ2&id=1fa46f70-2b00-451e-aae1-b92ea9bce473
server: nginx
set-cookie: sid=0f27d4a4-3f68-11ed-a180-f49dd94b3612; path=/; domain=.getapplicationmy.info; expires=Mon, 16 Oct 2090 23:13:35 GMT; max-age=2147483647; HttpOnly

btpnative.com/click?data=NTVteXFKdEVhaFdULVFNSURrMXg3cEd6cFp0M3AzazJLal9kcHRsaFlCczMyOUJUR29VblJEd0RXNjdTcWpoUGxhei1idE1vZ054V0JpWndiZUJnY01yMmtPMFQtMExFdTJLanBtaFVoTHc3QUg5bjFKMmNHTDFzVERxdEoxeHgzRW9HQVRvTHJkTlFUUVhmOWRucUR2YTZSSld6NWN1bmw1TlZ3OTlfYTg0MQ2&id=1fa46f70-2b00-451e-aae1-b92ea9bce473

209.15.13.136

200 OK

2.1 kB

URL HTTP/1.1
btpnative.com/click?data=NTVteXFKdEVhaFdULVFNSURrMXg3cEd6cFp0M3AzazJLal9kcHRsaFlCczMyOUJUR29VblJEd0RXNjdTcWpoUGxhei1idE1vZ054V0JpWndiZUJnY01yMmtPMFQtMExFdTJLanBtaFVoTHc3QUg5bjFKMmNHTDFzVERxdEoxeHgzRW9HQVRvTHJkTlFUUVhmOWRucUR2YTZSSld6NWN1bmw1TlZ3OTlfYTg0MQ2&id=1fa46f70-2b00-451e-aae1-b92ea9bce473
IP
209.15.13.136:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators
Size
2.1 kB (2140 bytes)
Hash
500956c38191fb695a2a32e2f86c81b2
cc683ec10d21728a8dc13d8ad9f41f5c232e12aa
5469ce2653d24e1dd08ae5d973702b62912a4baf0ed940b0dcb052cfb27eb36a

HTTP Headers

GET /click?data=NTVteXFKdEVhaFdULVFNSURrMXg3cEd6cFp0M3AzazJLal9kcHRsaFlCczMyOUJUR29VblJEd0RXNjdTcWpoUGxhei1idE1vZ054V0JpWndiZUJnY01yMmtPMFQtMExFdTJLanBtaFVoTHc3QUg5bjFKMmNHTDFzVERxdEoxeHgzRW9HQVRvTHJkTlFUUVhmOWRucUR2YTZSSld6NWN1bmw1TlZ3OTlfYTg0MQ2&id=1fa46f70-2b00-451e-aae1-b92ea9bce473 HTTP/1.1
Host: btpnative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: bfhDAdVLLDkXqvZ=bfhDAdVLLDkXqvZ; path=/
X-Server: web02
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Wed, 28 Sep 2022 19:59:28 GMT
Content-Length: 2140

push.services.mozilla.com/

35.164.183.116

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.183.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hDFucVsl2H9IB+ZJv46kvA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Lyx1bdr55ykC6AMrU4O9mivuTI8=

btpnative.com/Redirect/

209.15.13.136

302 Found

2.2 kB

URL HTTP/1.1
btpnative.com/Redirect/
IP
209.15.13.136:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (2142), with CRLF line terminators
Size
2.2 kB (2214 bytes)
Hash
2d0ac8268e14f4ad19eb8d043f628174
39a0eb65413141c60e4cd6759dc40f93cbb76eb2
2623b98239087f6a8dac22958a76b91ad3b1dd639cc0fc751a7224b560c82461

HTTP Headers

POST /Redirect/ HTTP/1.1
Host: btpnative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 359
Origin: http://btpnative.com
Connection: keep-alive
Referer: http://btpnative.com/click?data=NTVteXFKdEVhaFdULVFNSURrMXg3cEd6cFp0M3AzazJLal9kcHRsaFlCczMyOUJUR29VblJEd0RXNjdTcWpoUGxhei1idE1vZ054V0JpWndiZUJnY01yMmtPMFQtMExFdTJLanBtaFVoTHc3QUg5bjFKMmNHTDFzVERxdEoxeHgzRW9HQVRvTHJkTlFUUVhmOWRucUR2YTZSSld6NWN1bmw1TlZ3OTlfYTg0MQ2&id=1fa46f70-2b00-451e-aae1-b92ea9bce473
Cookie: bfhDAdVLLDkXqvZ=bfhDAdVLLDkXqvZ
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://mybetterck.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEzxpRTG9mCZxJfSMU3tyux_woPqiJVE9nxxwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYF4NN-Fy2QN7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cENpbWSCIHQ-FZcAMknNI4ZF80IsrCLG4Kr2dP7nXtnCzhSBMVsAVhP01H2yiS__esX152jrNZsPq3yGQPJxXcAu20esPp5mUmpSy35LDJ9EksHx8KKTxmZ7bCArU45ARqa6IT5YEGN6fK4ZQo-5RTa3IFU6_GWiOtjktFENBpsTBH8Ix7rv-o-hDwc3eliZ8w1c3_gviCtZyfuFl8aWibAMb7bre4z1nJYKMoDe0-GihTydKDN4tS4ljojxUfWyRe1cwYSO3hW0yR2F4Vfl9f89RdEwtQbmdnP_TT0ylJ3B3KbnJV5YwbPe_7svZdyhh1x3SQjATls6gG9CN6V73qwgw7H8zDtnK_4sCkGuu8-sn-IY95q6fgj_sU0RTy1ugMxp8Sk_tVGrfm0DMSDMYOf-Oc5Fyxnoclitee75HXECZw3VvtboKymcDGM__BSluxGZ3mdrCIXjkxiXPlO6PPH2BxK4K9jH_CX3f1DQGfbgmr35OHtIRs6K2jOPC_VPHkngNwUNnOgL2hXmCL90sB3Lu3zt1pjrNjsj6wbFkBw-bemSeUmbYWsOs71ZY1wj3Jk9SrrjUEQckOSRCh1Dg951cQqOcJZ29B7nd9X2aCKlBcEd0vWLWPcniTvq7FnLKlu5PnFcN8IVyCptB5yt7BZUVkbxdHsdTSeZZsGq08d5pTQww9Mqfjulhk4ec38Bj4IJbCpkPT9ue0ac7-WRXkZa0xa1Tym71zXEuw6pdJZBSL1c9cFUTWuzuJS8FaOTxbZNL_sN3qJYRwxh8r78HQAD7M3w7tgN3ao1rz-2k-rxeA9qRgGvqzwTts7Pl5c5Ger73w_fEgDx3E85TnCFvszy6wgErdxrYTqXIMOGWk6Jh9GwoJII7YO3acraJPj2wOy0Y7yAkZzLXeCYLlhdQ7xlxCDP32lrwT8WrTp_GqwZE7uLsCVSjCN-qnXxYcXkJeDAXdPeD8k5Zh7Wk5sUOhCrUkrVnknsZwQ1LAI0XqrA__bwfFnhzrV1FR0Zg7JUjw-qNPHp1P28NNkjB39YVs4Y3LaDNqfSCojR0jW7l2uo787dfS_A8k6_yuUwiCTGNzF8ESMDI-mSfzJkEnmCSeGiNWSVKM4gvBmb93VDXsh6S2rzwnERlcHJPtMVF6Fwoa7YOWLroL5e5wAN9fa0E-VHemtA5-njSYs2CsHl7oxvieyZzLOxGlg8yRP-l9k4uHTgGnZxstzZIGD6jRWxVibfvumnr1CklXdqdyQJueqJ85r88Jne4OBHQJpsyxV7m4MRXfqc9uZLPo2zZEFN5lY_FXAWgMdusLUVOz6tuUu0-COflArKyxRKSiEA1cvlrLvsQLmg2vrVlK5Pp8oP2etDvfwyvOBULiCG-9tNAm_5iQZyOHl1bR_ldLStVG0hIW97nm6yiHWrABMkdxsM1RPj7gI-YMD4K3BBPNnAxtXGTGYRpt5YWixL_ATMgKnqSIcchXbRZH9lLvyO0X2ZfHhcfx0th3Q4kWGpUsUn33_S49kDK9sTsFeDu1jg2_y7T_dCa7EZrJEJRYYgkztjT90-K2L-uKionY-xOhZKvtjGQbXnfont6XiKBmxg2A8P-6hjQNe-qgCMhLnblafJRV4wTE94OsVhoW2pqwemq1iuk-95Ptt8jX58PBafMazbXX_ih0dWLFmRkjVynk8BtUekGko8eoV6LiOFwlzkCkbzr4hhb22dkpBFaeVOufzA9N3nZ8WfBUQKpBpKPHqFei6Af3OPbBrXN2DTu-xlaeORzlwdneqSDnuPKbvWNovtyuV0tK1UbSEhb3uebrKIdauoGh-xEWeqfaGouEuwLVY_TN51QfSABfbNJ8SvslHwWnPsbtk97hvO9DWrRNXJ2_UOUVA7kenMPJDz4pxcPLju5oestkTcX-c
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web02
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Wed, 28 Sep 2022 19:59:28 GMT
Content-Length: 2214

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
21c8643db6d75b1bc9c09f2ca6881ac6
ff767bac23d4d6318f00f19a99e8a6d17402e864
7a680450a7a73886bb65c29fc23b1a75b652274ad11d0f5cb5055a549239161d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 19:20:06 GMT
Expires: Mon, 03 Oct 2022 19:20:05 GMT
Etag: "ff767bac23d4d6318f00f19a99e8a6d17402e864"
Cache-Control: max-age=429035,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751f0f538c58b4fd-OSL

mybetterck.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEzxpRTG9mCZxJfSMU3tyux_woPqiJVE9nxxwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYF4NN-Fy2QN7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cENpbWSCIHQ-FZcAMknNI4ZF80IsrCLG4Kr2dP7nXtnCzhSBMVsAVhP01H2yiS__esX152jrNZsPq3yGQPJxXcAu20esPp5mUmpSy35LDJ9EksHx8KKTxmZ7bCArU45ARqa6IT5YEGN6fK4ZQo-5RTa3IFU6_GWiOtjktFENBpsTBH8Ix7rv-o-hDwc3eliZ8w1c3_gviCtZyfuFl8aWibAMb7bre4z1nJYKMoDe0-GihTydKDN4tS4ljojxUfWyRe1cwYSO3hW0yR2F4Vfl9f89RdEwtQbmdnP_TT0ylJ3B3KbnJV5YwbPe_7svZdyhh1x3SQjATls6gG9CN6V73qwgw7H8zDtnK_4sCkGuu8-sn-IY95q6fgj_sU0RTy1ugMxp8Sk_tVGrfm0DMSDMYOf-Oc5Fyxnoclitee75HXECZw3VvtboKymcDGM__BSluxGZ3mdrCIXjkxiXPlO6PPH2BxK4K9jH_CX3f1DQGfbgmr35OHtIRs6K2jOPC_VPHkngNwUNnOgL2hXmCL90sB3Lu3zt1pjrNjsj6wbFkBw-bemSeUmbYWsOs71ZY1wj3Jk9SrrjUEQckOSRCh1Dg951cQqOcJZ29B7nd9X2aCKlBcEd0vWLWPcniTvq7FnLKlu5PnFcN8IVyCptB5yt7BZUVkbxdHsdTSeZZsGq08d5pTQww9Mqfjulhk4ec38Bj4IJbCpkPT9ue0ac7-WRXkZa0xa1Tym71zXEuw6pdJZBSL1c9cFUTWuzuJS8FaOTxbZNL_sN3qJYRwxh8r78HQAD7M3w7tgN3ao1rz-2k-rxeA9qRgGvqzwTts7Pl5c5Ger73w_fEgDx3E85TnCFvszy6wgErdxrYTqXIMOGWk6Jh9GwoJII7YO3acraJPj2wOy0Y7yAkZzLXeCYLlhdQ7xlxCDP32lrwT8WrTp_GqwZE7uLsCVSjCN-qnXxYcXkJeDAXdPeD8k5Zh7Wk5sUOhCrUkrVnknsZwQ1LAI0XqrA__bwfFnhzrV1FR0Zg7JUjw-qNPHp1P28NNkjB39YVs4Y3LaDNqfSCojR0jW7l2uo787dfS_A8k6_yuUwiCTGNzF8ESMDI-mSfzJkEnmCSeGiNWSVKM4gvBmb93VDXsh6S2rzwnERlcHJPtMVF6Fwoa7YOWLroL5e5wAN9fa0E-VHemtA5-njSYs2CsHl7oxvieyZzLOxGlg8yRP-l9k4uHTgGnZxstzZIGD6jRWxVibfvumnr1CklXdqdyQJueqJ85r88Jne4OBHQJpsyxV7m4MRXfqc9uZLPo2zZEFN5lY_FXAWgMdusLUVOz6tuUu0-COflArKyxRKSiEA1cvlrLvsQLmg2vrVlK5Pp8oP2etDvfwyvOBULiCG-9tNAm_5iQZyOHl1bR_ldLStVG0hIW97nm6yiHWrABMkdxsM1RPj7gI-YMD4K3BBPNnAxtXGTGYRpt5YWixL_ATMgKnqSIcchXbRZH9lLvyO0X2ZfHhcfx0th3Q4kWGpUsUn33_S49kDK9sTsFeDu1jg2_y7T_dCa7EZrJEJRYYgkztjT90-K2L-uKionY-xOhZKvtjGQbXnfont6XiKBmxg2A8P-6hjQNe-qgCMhLnblafJRV4wTE94OsVhoW2pqwemq1iuk-95Ptt8jX58PBafMazbXX_ih0dWLFmRkjVynk8BtUekGko8eoV6LiOFwlzkCkbzr4hhb22dkpBFaeVOufzA9N3nZ8WfBUQKpBpKPHqFei6Af3OPbBrXN2DTu-xlaeORzlwdneqSDnuPKbvWNovtyuV0tK1UbSEhb3uebrKIdauoGh-xEWeqfaGouEuwLVY_TN51QfSABfbNJ8SvslHwWnPsbtk97hvO9DWrRNXJ2_UOUVA7kenMPJDz4pxcPLju5oestkTcX-c

108.168.193.189

302 Found

0 B

URL HTTP/2
mybetterck.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEzxpRTG9mCZxJfSMU3tyux_woPqiJVE9nxxwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYF4NN-Fy2QN7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cENpbWSCIHQ-FZcAMknNI4ZF80IsrCLG4Kr2dP7nXtnCzhSBMVsAVhP01H2yiS__esX152jrNZsPq3yGQPJxXcAu20esPp5mUmpSy35LDJ9EksHx8KKTxmZ7bCArU45ARqa6IT5YEGN6fK4ZQo-5RTa3IFU6_GWiOtjktFENBpsTBH8Ix7rv-o-hDwc3eliZ8w1c3_gviCtZyfuFl8aWibAMb7bre4z1nJYKMoDe0-GihTydKDN4tS4ljojxUfWyRe1cwYSO3hW0yR2F4Vfl9f89RdEwtQbmdnP_TT0ylJ3B3KbnJV5YwbPe_7svZdyhh1x3SQjATls6gG9CN6V73qwgw7H8zDtnK_4sCkGuu8-sn-IY95q6fgj_sU0RTy1ugMxp8Sk_tVGrfm0DMSDMYOf-Oc5Fyxnoclitee75HXECZw3VvtboKymcDGM__BSluxGZ3mdrCIXjkxiXPlO6PPH2BxK4K9jH_CX3f1DQGfbgmr35OHtIRs6K2jOPC_VPHkngNwUNnOgL2hXmCL90sB3Lu3zt1pjrNjsj6wbFkBw-bemSeUmbYWsOs71ZY1wj3Jk9SrrjUEQckOSRCh1Dg951cQqOcJZ29B7nd9X2aCKlBcEd0vWLWPcniTvq7FnLKlu5PnFcN8IVyCptB5yt7BZUVkbxdHsdTSeZZsGq08d5pTQww9Mqfjulhk4ec38Bj4IJbCpkPT9ue0ac7-WRXkZa0xa1Tym71zXEuw6pdJZBSL1c9cFUTWuzuJS8FaOTxbZNL_sN3qJYRwxh8r78HQAD7M3w7tgN3ao1rz-2k-rxeA9qRgGvqzwTts7Pl5c5Ger73w_fEgDx3E85TnCFvszy6wgErdxrYTqXIMOGWk6Jh9GwoJII7YO3acraJPj2wOy0Y7yAkZzLXeCYLlhdQ7xlxCDP32lrwT8WrTp_GqwZE7uLsCVSjCN-qnXxYcXkJeDAXdPeD8k5Zh7Wk5sUOhCrUkrVnknsZwQ1LAI0XqrA__bwfFnhzrV1FR0Zg7JUjw-qNPHp1P28NNkjB39YVs4Y3LaDNqfSCojR0jW7l2uo787dfS_A8k6_yuUwiCTGNzF8ESMDI-mSfzJkEnmCSeGiNWSVKM4gvBmb93VDXsh6S2rzwnERlcHJPtMVF6Fwoa7YOWLroL5e5wAN9fa0E-VHemtA5-njSYs2CsHl7oxvieyZzLOxGlg8yRP-l9k4uHTgGnZxstzZIGD6jRWxVibfvumnr1CklXdqdyQJueqJ85r88Jne4OBHQJpsyxV7m4MRXfqc9uZLPo2zZEFN5lY_FXAWgMdusLUVOz6tuUu0-COflArKyxRKSiEA1cvlrLvsQLmg2vrVlK5Pp8oP2etDvfwyvOBULiCG-9tNAm_5iQZyOHl1bR_ldLStVG0hIW97nm6yiHWrABMkdxsM1RPj7gI-YMD4K3BBPNnAxtXGTGYRpt5YWixL_ATMgKnqSIcchXbRZH9lLvyO0X2ZfHhcfx0th3Q4kWGpUsUn33_S49kDK9sTsFeDu1jg2_y7T_dCa7EZrJEJRYYgkztjT90-K2L-uKionY-xOhZKvtjGQbXnfont6XiKBmxg2A8P-6hjQNe-qgCMhLnblafJRV4wTE94OsVhoW2pqwemq1iuk-95Ptt8jX58PBafMazbXX_ih0dWLFmRkjVynk8BtUekGko8eoV6LiOFwlzkCkbzr4hhb22dkpBFaeVOufzA9N3nZ8WfBUQKpBpKPHqFei6Af3OPbBrXN2DTu-xlaeORzlwdneqSDnuPKbvWNovtyuV0tK1UbSEhb3uebrKIdauoGh-xEWeqfaGouEuwLVY_TN51QfSABfbNJ8SvslHwWnPsbtk97hvO9DWrRNXJ2_UOUVA7kenMPJDz4pxcPLju5oestkTcX-c
IP
108.168.193.189:0
ASN
#36351 SOFTLAYER

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /aS/feedclick?s=HFz5zNIIs95ROWPasgEEzxpRTG9mCZxJfSMU3tyux_woPqiJVE9nxxwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYF4NN-Fy2QN7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cENpbWSCIHQ-FZcAMknNI4ZF80IsrCLG4Kr2dP7nXtnCzhSBMVsAVhP01H2yiS__esX152jrNZsPq3yGQPJxXcAu20esPp5mUmpSy35LDJ9EksHx8KKTxmZ7bCArU45ARqa6IT5YEGN6fK4ZQo-5RTa3IFU6_GWiOtjktFENBpsTBH8Ix7rv-o-hDwc3eliZ8w1c3_gviCtZyfuFl8aWibAMb7bre4z1nJYKMoDe0-GihTydKDN4tS4ljojxUfWyRe1cwYSO3hW0yR2F4Vfl9f89RdEwtQbmdnP_TT0ylJ3B3KbnJV5YwbPe_7svZdyhh1x3SQjATls6gG9CN6V73qwgw7H8zDtnK_4sCkGuu8-sn-IY95q6fgj_sU0RTy1ugMxp8Sk_tVGrfm0DMSDMYOf-Oc5Fyxnoclitee75HXECZw3VvtboKymcDGM__BSluxGZ3mdrCIXjkxiXPlO6PPH2BxK4K9jH_CX3f1DQGfbgmr35OHtIRs6K2jOPC_VPHkngNwUNnOgL2hXmCL90sB3Lu3zt1pjrNjsj6wbFkBw-bemSeUmbYWsOs71ZY1wj3Jk9SrrjUEQckOSRCh1Dg951cQqOcJZ29B7nd9X2aCKlBcEd0vWLWPcniTvq7FnLKlu5PnFcN8IVyCptB5yt7BZUVkbxdHsdTSeZZsGq08d5pTQww9Mqfjulhk4ec38Bj4IJbCpkPT9ue0ac7-WRXkZa0xa1Tym71zXEuw6pdJZBSL1c9cFUTWuzuJS8FaOTxbZNL_sN3qJYRwxh8r78HQAD7M3w7tgN3ao1rz-2k-rxeA9qRgGvqzwTts7Pl5c5Ger73w_fEgDx3E85TnCFvszy6wgErdxrYTqXIMOGWk6Jh9GwoJII7YO3acraJPj2wOy0Y7yAkZzLXeCYLlhdQ7xlxCDP32lrwT8WrTp_GqwZE7uLsCVSjCN-qnXxYcXkJeDAXdPeD8k5Zh7Wk5sUOhCrUkrVnknsZwQ1LAI0XqrA__bwfFnhzrV1FR0Zg7JUjw-qNPHp1P28NNkjB39YVs4Y3LaDNqfSCojR0jW7l2uo787dfS_A8k6_yuUwiCTGNzF8ESMDI-mSfzJkEnmCSeGiNWSVKM4gvBmb93VDXsh6S2rzwnERlcHJPtMVF6Fwoa7YOWLroL5e5wAN9fa0E-VHemtA5-njSYs2CsHl7oxvieyZzLOxGlg8yRP-l9k4uHTgGnZxstzZIGD6jRWxVibfvumnr1CklXdqdyQJueqJ85r88Jne4OBHQJpsyxV7m4MRXfqc9uZLPo2zZEFN5lY_FXAWgMdusLUVOz6tuUu0-COflArKyxRKSiEA1cvlrLvsQLmg2vrVlK5Pp8oP2etDvfwyvOBULiCG-9tNAm_5iQZyOHl1bR_ldLStVG0hIW97nm6yiHWrABMkdxsM1RPj7gI-YMD4K3BBPNnAxtXGTGYRpt5YWixL_ATMgKnqSIcchXbRZH9lLvyO0X2ZfHhcfx0th3Q4kWGpUsUn33_S49kDK9sTsFeDu1jg2_y7T_dCa7EZrJEJRYYgkztjT90-K2L-uKionY-xOhZKvtjGQbXnfont6XiKBmxg2A8P-6hjQNe-qgCMhLnblafJRV4wTE94OsVhoW2pqwemq1iuk-95Ptt8jX58PBafMazbXX_ih0dWLFmRkjVynk8BtUekGko8eoV6LiOFwlzkCkbzr4hhb22dkpBFaeVOufzA9N3nZ8WfBUQKpBpKPHqFei6Af3OPbBrXN2DTu-xlaeORzlwdneqSDnuPKbvWNovtyuV0tK1UbSEhb3uebrKIdauoGh-xEWeqfaGouEuwLVY_TN51QfSABfbNJ8SvslHwWnPsbtk97hvO9DWrRNXJ2_UOUVA7kenMPJDz4pxcPLju5oestkTcX-c HTTP/1.1
Host: mybetterck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Cookie: rhid=81412752446
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 28 Sep 2022 19:59:30 GMT
content-length: 0
set-cookie: rhid=81412752446; Max-Age=15552000; Expires=Mon, 27-Mar-2023 19:59:30 GMT; Domain=mybetterck.com; Path=/; SameSite=None; secure;
location: https://p274639.mybetterck.com/adServe/domainClick?ai=tMxzWfm12LpkbNIWurMDWoiXD7klJ1soTN51QfSABfYD6oPh4t22c9B9_vdKnsZCUhrhXB7h4Q0Uuwo5IbgEBdUi6xSvMdRUq3nDjZUkzHvLJyjqHra8mGW6CHfeBodVgvgI1g_o4dK0Bqs_9EYIR_VYuzZSYLtak8a2TCfMlWrIMMlTWYfZjlToK4-_1ACOP0s6MBsFTTAOGVIq7SQHt2xDKr8Rw5O7dO4wvtGnrzTddVqW4b_Ykxw_vxfmXwaLNORDvO_u8SbIzzh0hp6ogO7JzK4vQzmiPaDGm4CwDwXfw_JoL1ALTR_29IAMKrswtsrhcGeRW6RqgEE0f5FjhxhGK23FSY41eOG-uPJj6bxlqf_64l0Z6hpyy_YN0YQtpLSZmparWHWvrphb_I88ZSIO3PHyowRR_6p576eQm9fr2iPLc49PERgUkMD_VLeROfuqs0moSwPq7QXN-ylcxrw3TeQXSnFC-IokKZjFQZ7rqNKnLYX0tfAD-AuLqsioXaRG_Rn9EU5baMHjMW5FMVZ1q7sg30V1X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiPLxdLCBTbS2E-vcPMz4vkC4FXmAKRd9aSyJTuzQtneEKj1HVaOgt_lw&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSHTbvXa9bc3gUMCZFDPA5eSNaBH9W47pomJmpXnVSXAuWEOrnfwZmTzSi7POAjgQDzkTIYbeCY1Hn59BaP8A9XQ&si=1&oref=22a3b7b148bba753762bd6aaf4a8a708&optunit=r66YW_yPPGUiDtzx8qMEUc7n_r2HV6hZ&rb=2Vb288azLYM&rr=0&abtg=0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15388
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 19:59:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15388
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 19:59:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15388
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 19:59:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15388
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 19:59:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15388
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 19:59:30 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13299 bytes)
Hash
ad84ed0c5b2090df7996007514cf1984
651600f2ef18cecc2e38370069bbb5e1d86f68e0
a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KmVkKXoPqZmnwFtpKhuox1kJNDoSxMEmYE39_zVPyaeoU4sPqq-_wA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:23 GMT
age: 80107
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7455 bytes)
Hash
ea3890e460356d6ecc3ba4e405ac2e9e
b383135e2ebc23fe80eb0d594b198cb8c89327a5
8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Di1kDUlYEc1rv31fHM-OquU_W_LggEzDCTVME5iFJ5KffZcQyN6i2A==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:31:39 GMT
age: 44871
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12016 bytes)
Hash
4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: y3DefdcXJyoDHpJXwz460gfWcv2JUboOFExNQmTFgy30B4mn54Xvuw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:30 GMT
age: 80100
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8500 bytes)
Hash
6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: af82c8d6-950c-4933-87e3-7bbb15cb1ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HOaoAMFoPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-77e0ecc522de575e40f429b3;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rD5LsVDLQkaomG1nCGZGihbdlWKMCjUYNC2kRyAjJesJEOEBSj8Q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 79947
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14464 bytes)
Hash
aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 6627e07e-034b-432e-ab9e-afe035fa0b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e9HgIoAMFxUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7f34c3f6454379724a7ac413;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: J27vcANRhkMUuGwTZjXkO0EF0-UjN-MODVQRKgsc7hJI2S-UPF8Ctw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:53 GMT
age: 80317
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13213 bytes)
Hash
62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rV80hKsopWPf_A8hKw0kwTOjVN4Bq-5f8oXDP2wluyGwof5yXFe2Bw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:42:47 GMT
age: 80203
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e2875a9e06f892f0d4fa46c0f98a1c49
9c0e332f55a592367b602494642ee2127699b543
74692ca89ddc427d0c55f56aedb738b107a9761c44ed5201f932f54950a6f406

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2

142.250.74.163

200 OK

30 kB

URL HTTP/2
fonts.gstatic.com/s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 29564, version 1.0\012- data
Size
30 kB (29564 bytes)
Hash
1b66ccb164151a6cf698667c8b570cc6
f5617a0f087645703c874453960be6382c8a7427
4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24

HTTP Headers

GET /s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chosenproduct.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 04:32:23 GMT
expires: Sun, 24 Sep 2023 04:32:23 GMT
cache-control: public, max-age=31536000
age: 401227
last-modified: Tue, 19 Apr 2022 17:55:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

chosenproduct.com/favicon.ico

46.105.126.224

404 Not Found

604 B

URL HTTP/2
chosenproduct.com/favicon.ico
IP
46.105.126.224:0
ASN
#16276 OVH SAS

File type
data
Size
604 B (604 bytes)
Hash
4e56a276cbb614a5fba670dd0cb56533
344f6a89b013c5c3da9d8654d6cb9cb73e274d69
b090ac2ff149f2541de03f8c858046950af8abdf56ba0f41eeae0d8c89f3ce31

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: chosenproduct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chosenproduct.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx/1.10.3
date: Wed, 28 Sep 2022 19:59:30 GMT
content-type: text/html
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
1ead9d91ed690667b0a358c5dba647e8
9cde69017bc5b90acf4c78bce960f453e05d64d0
897f0ee1cdba73c3425092111e7d60801b14d6c1b981c7ed25a1b60d1233b427

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 28 Sep 2022 19:59:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 27 Sep 2022 22:39:59 GMT
Expires: Wed, 28 Sep 2022 22:39:59 GMT
ETag: "9cde69017bc5b90acf4c78bce960f453e05d64d0"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

r.srvtrck.com/v1/redirect?type=linkId&id=210e22d18edb4f55ac2129213f0d740c&api_key=1d897aa295f3a987ef3cac111ef75592&site_id=303af113113d40559f8c6c07e745a987&dch=feed&ad_t=advertiser&yk_tag=s-no-NO-443565139

104.19.168.96

302 Found

0 B

URL HTTP/2
r.srvtrck.com/v1/redirect?type=linkId&id=210e22d18edb4f55ac2129213f0d740c&api_key=1d897aa295f3a987ef3cac111ef75592&site_id=303af113113d40559f8c6c07e745a987&dch=feed&ad_t=advertiser&yk_tag=s-no-NO-443565139
IP
104.19.168.96:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v1/redirect?type=linkId&id=210e22d18edb4f55ac2129213f0d740c&api_key=1d897aa295f3a987ef3cac111ef75592&site_id=303af113113d40559f8c6c07e745a987&dch=feed&ad_t=advertiser&yk_tag=s-no-NO-443565139 HTTP/1.1
Host: r.srvtrck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 28 Sep 2022 19:59:31 GMT
content-length: 0
location: http://www.batteryupgrade.ch
p3p: CP="CAO PSA OUR"
set-cookie: ykuid=08c1ecdc264a49d28a90bb2f153b55b0; Domain=.srvtrck.com; Expires=Thu, 28-Sep-2023 19:59:31 GMT; Path=/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751f0f5a0b3bb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.batteryupgrade.ch/

89.188.12.130

301 Moved Permanently

238 B

URL HTTP/1.1
www.batteryupgrade.ch/
IP
89.188.12.130:0
ASN
#31477 Duocast B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
238 B (238 bytes)
Hash
861cc11661e653ac8dece88dc4c461bc
aa6b60d780e98aacacc5b199a27a8272c25cc085
04c423803a42c7bb3d3d6027e48fcb6790d79079d1c4b58209bd742c9041e8dc

HTTP Headers

GET / HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Sep 2022 19:59:31 GMT
Server: Apache/2.4.54 (Debian)
Location: https://www.batteryupgrade.ch/
Content-Length: 238
Connection: close
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3f4cd19cfaab4807aa39b0f277ffb4cb
16660b3c46f06ac4e582c820bfbcc8c8204a5c6e
47579ac9b982a5bb26449a033abf210a480b9eae522b72ef1153647b73c67b0c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47579AC9B982A5BB26449A033ABF210A480B9EAE522B72EF1153647B73C67B0C"
Last-Modified: Tue, 27 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21508
Expires: Thu, 29 Sep 2022 01:57:59 GMT
Date: Wed, 28 Sep 2022 19:59:31 GMT
Connection: keep-alive

www.batteryupgrade.ch/

89.188.12.130

200 OK

22 kB

URL HTTP/1.1
www.batteryupgrade.ch/
IP
89.188.12.130:0
ASN
#31477 Duocast B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65486), with no line terminators
Size
22 kB (22455 bytes)
Hash
f6a62cafa8dc882bced15b401e58e01d
936c013313a7d79a182e681c02ed7c53d029e39e
af85ce5d3b597419e57586b9cb170175572fd45cfdbafb345f01eac2bbc4a99e

HTTP Headers

GET / HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:31 GMT
Server: Apache/2.4.54 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=el6gp386380f261l19b31feg08; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22455
Connection: close
Content-Type: text/html; charset=UTF-8

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
2caa539e025c33760688ffe3ad111e3a
2c8bf30c9faca601dc28aac6c09a6d0bf3675d45
ce52dfdf8490683decc34878b77c011046b3b0ddf9ce42a22a52dcf7967475a9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 07:33:43 GMT
Expires: Wed, 05 Oct 2022 07:33:42 GMT
Etag: "2c8bf30c9faca601dc28aac6c09a6d0bf3675d45"
Cache-Control: max-age=559449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751f0f611939b4fd-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
2caa539e025c33760688ffe3ad111e3a
2c8bf30c9faca601dc28aac6c09a6d0bf3675d45
ce52dfdf8490683decc34878b77c011046b3b0ddf9ce42a22a52dcf7967475a9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 07:33:43 GMT
Expires: Wed, 05 Oct 2022 07:33:42 GMT
Etag: "2c8bf30c9faca601dc28aac6c09a6d0bf3675d45"
Cache-Control: max-age=559449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751f0f612829b505-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
2caa539e025c33760688ffe3ad111e3a
2c8bf30c9faca601dc28aac6c09a6d0bf3675d45
ce52dfdf8490683decc34878b77c011046b3b0ddf9ce42a22a52dcf7967475a9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 07:33:43 GMT
Expires: Wed, 05 Oct 2022 07:33:42 GMT
Etag: "2c8bf30c9faca601dc28aac6c09a6d0bf3675d45"
Cache-Control: max-age=559449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751f0f612810b529-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
2caa539e025c33760688ffe3ad111e3a
2c8bf30c9faca601dc28aac6c09a6d0bf3675d45
ce52dfdf8490683decc34878b77c011046b3b0ddf9ce42a22a52dcf7967475a9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 07:33:43 GMT
Expires: Wed, 05 Oct 2022 07:33:42 GMT
Etag: "2c8bf30c9faca601dc28aac6c09a6d0bf3675d45"
Cache-Control: max-age=559449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751f0f612def1c06-OSL

media.bttry.net/assets/07168010/js/grwpjs/require.js

35.201.89.39

200 OK

16 kB

URL HTTP/2
media.bttry.net/assets/07168010/js/grwpjs/require.js
IP
35.201.89.39:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1007)
Size
16 kB (16477 bytes)
Hash
6020db79c078ed02469b21c17c00e806
e02b7a02b34ffda3f98cbe7b5947e49f4cfef347
0070d2e259006e7e98fc08cdfc9329717c090077ecb2f1e670e3e7a0e5420d21

HTTP Headers

GET /assets/07168010/js/grwpjs/require.js HTTP/1.1
Host: media.bttry.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtvVmX8VoHEH_CyaY4z4kCtgfvPUM-rk8Mgbx4nXpmqtBeWQ0G_69ssrsHwKR5Y98JO45ZSdwbSJZkdT-gzPDp2v_Bd--Xg
x-goog-generation: 1656416141927789
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 16477
x-goog-meta-goog-reserved-file-mtime: 1656416051
x-goog-hash: crc32c=lzIJ6g==, md5=YCDbecB47QJGmyHBfADoBg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 16477
server: UploadServer
date: Wed, 28 Sep 2022 19:11:11 GMT
expires: Wed, 28 Sep 2022 20:11:11 GMT
cache-control: public, max-age=3600
age: 2901
last-modified: Tue, 28 Jun 2022 11:35:41 GMT
etag: "6020db79c078ed02469b21c17c00e806"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
65a399a0400cd3bbe139818374c37daf
7672f6788ec76435e7a5f55ad29a1d0235e25e0a
c71b9559aa088c88491a378528c08f4eb4dff38940c07a59314eefbe848c07c8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

media.bttry.net/banner_images/bu/homepagebanner_2021%20BU%20Homepagina%20banner%20-%20voorjaar.jpg

35.201.89.39

200 OK

90 kB

URL HTTP/2
media.bttry.net/banner_images/bu/homepagebanner_2021%20BU%20Homepagina%20banner%20-%20voorjaar.jpg
IP
35.201.89.39:0
ASN
#15169 GOOGLE

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=354, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=755], progressive, precision 8, 755x354, components 3\012- data
Size
90 kB (89955 bytes)
Hash
8efb0d3971e14a56f9fbefa7807db9b3
0342dd84c1e14edfe308e5e33eccb2c49f768fb3
1047679fb64ae5783e30a1926fd8d72e26b4db4a16f3ced01d56bc5a3311bf9f

HTTP Headers

GET /banner_images/bu/homepagebanner_2021%20BU%20Homepagina%20banner%20-%20voorjaar.jpg HTTP/1.1
Host: media.bttry.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycduhzhQHvBXW9UI7NCAHLV1tyzKMQVlK-49ZFewoDGdRvwX7mPTavGq1P8Q7dXGCGWuV2TgEixQi5theME87jMQONbhA12ZD
x-goog-generation: 1614239133233024
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89955
x-goog-meta-gcsfuse_mtime: 2021-02-25T07:45:33.09266556Z
x-goog-hash: crc32c=BDvDxA==, md5=jvsNOXHhSlb5+++ngH25sw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 89955
server: UploadServer
date: Wed, 28 Sep 2022 19:36:11 GMT
expires: Wed, 28 Sep 2022 20:36:11 GMT
cache-control: public, max-age=3600
age: 1401
last-modified: Thu, 25 Feb 2021 07:45:33 GMT
etag: "8efb0d3971e14a56f9fbefa7807db9b3"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

media.bttry.net/assets/07168010/js/_BWF/js/functions.js

35.201.89.39

200 OK

1.0 kB

URL HTTP/2
media.bttry.net/assets/07168010/js/_BWF/js/functions.js
IP
35.201.89.39:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
1.0 kB (1049 bytes)
Hash
0d0b88a6a7279ba71d6cf00a12812d4d
33105c5d7123d07a2f0e6045285f45af7b37ed2a
d3edf467c2965804357947ae2855d396d925e319963a4d86842fe5acaae3b174

HTTP Headers

GET /assets/07168010/js/_BWF/js/functions.js HTTP/1.1
Host: media.bttry.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtGeNoQCWxJr2u6x5rw9nbso5rQYhEFj-3KZoEjqo5YOY81guCjqECZUIUnnMAVUBclfsb7rnUc9QjQg_yQbD9dxQ-ZSOLQ
x-goog-generation: 1656416138265939
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1049
x-goog-meta-goog-reserved-file-mtime: 1656416051
x-goog-hash: crc32c=XBmKcA==, md5=DQuIpqcnm6cdbPAKEoEtTQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1049
server: UploadServer
date: Wed, 28 Sep 2022 19:11:11 GMT
expires: Wed, 28 Sep 2022 20:11:11 GMT
cache-control: public, max-age=3600
age: 2901
last-modified: Tue, 28 Jun 2022 11:35:38 GMT
etag: "0d0b88a6a7279ba71d6cf00a12812d4d"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

media.bttry.net/assets/07168010/js/grwpjs/modernizr-3.3.1.min.js

35.201.89.39

200 OK

95 kB

URL HTTP/2
media.bttry.net/assets/07168010/js/grwpjs/modernizr-3.3.1.min.js
IP
35.201.89.39:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with very long lines (600)
Size
95 kB (95298 bytes)
Hash
858602e44e462ae594c0690a1339ab89
e74da1648a7c0590957f14b23839406e50378212
3e85ad9fe40549760f4f833e7ee14264f3308fa9c7d4366616261ee5af7aae57

HTTP Headers

GET /assets/07168010/js/grwpjs/modernizr-3.3.1.min.js HTTP/1.1
Host: media.bttry.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdut9u4rFe1A9wQL29FGvFnMaNDsVJrjzo2hg0C5dkGcYgOzP0E_RMxTnLtzk1Q8oejNkiVu3jiQIjdgT2mxuM-fd7n5kOpw
x-goog-generation: 1656416141099760
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 95298
x-goog-meta-goog-reserved-file-mtime: 1656416051
x-goog-hash: crc32c=L4kdxw==, md5=hYYC5E5GKuWUwGkKEzmriQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 95298
server: UploadServer
date: Wed, 28 Sep 2022 19:18:31 GMT
expires: Wed, 28 Sep 2022 20:18:31 GMT
cache-control: public, max-age=3600
age: 2461
last-modified: Tue, 28 Jun 2022 11:35:41 GMT
etag: "858602e44e462ae594c0690a1339ab89"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googleadservices.com/pagead/conversion.js

142.250.74.34

200 OK

17 kB

URL HTTP/2
www.googleadservices.com/pagead/conversion.js
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2021)
Size
17 kB (17403 bytes)
Hash
644b3aa474b0b7418649a582badfd446
b86345e44ed16c69f9b8efbd6a9ae426d7b6a8cc
b29181ba84a74ed0344e80b66101125293ccaeb15a22456a02aefdb7671a344a

HTTP Headers

GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 28 Sep 2022 19:59:32 GMT
expires: Wed, 28 Sep 2022 19:59:32 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 11313833467736987248
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 17403
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

media.bttry.net/assets/07168010/js/polyfill.min.js

35.201.89.39

200 OK

15 kB

URL HTTP/2
media.bttry.net/assets/07168010/js/polyfill.min.js
IP
35.201.89.39:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (15103), with no line terminators
Size
15 kB (15103 bytes)
Hash
0161f0fd99a0d1b13e25067cb76dfd5b
9ba2e94d8a5b4ea319e699e7701bb21f2ed9cb57
2ef65825d324e90006d1b9c97ee670d9588346d4e88c1eaf2cbcfc830e09e5f7

HTTP Headers

GET /assets/07168010/js/polyfill.min.js HTTP/1.1
Host: media.bttry.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtfPCvposmIBEnDEgWkCMzU7XNjCDLUMg-I2M_YCm_ztbKLlJb1f2k4RfsjOZcvGk5VBJUPPk_99bfG7FSZUUFOqA
x-goog-generation: 1656416144498737
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 15103
x-goog-meta-goog-reserved-file-mtime: 1656416078
x-goog-hash: crc32c=1sXLbA==, md5=AWHw/Zmg0bE+JQZ8t239Ww==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 15103
server: UploadServer
date: Wed, 28 Sep 2022 19:18:31 GMT
expires: Wed, 28 Sep 2022 20:18:31 GMT
cache-control: public, max-age=3600
age: 2461
last-modified: Tue, 28 Jun 2022 11:35:44 GMT
etag: "0161f0fd99a0d1b13e25067cb76dfd5b"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.batteryupgrade.ch/images/braunoni2017/home/categories/stofzuiger.jpg

89.188.12.130

200 OK

5.2 kB

URL HTTP/1.1
www.batteryupgrade.ch/images/braunoni2017/home/categories/stofzuiger.jpg
IP
89.188.12.130:0
ASN
#31477 Duocast B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 206x120, components 3\012- data
Size
5.2 kB (5161 bytes)
Hash
131c869110e530cb222629039644dfee
c5168d339e6d54143d9bfe11c456a68f85c1ad72
3f66b1a845a712c75950c8b8f8e96fa4e4d7d5e157d85e4dd9b62a49603ba60f

HTTP Headers

GET /images/braunoni2017/home/categories/stofzuiger.jpg HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Cookie: PHPSESSID=el6gp386380f261l19b31feg08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Server: Apache/2.4.54 (Debian)
Last-Modified: Tue, 28 Jun 2022 12:07:41 GMT
ETag: "1429-5e280e22dca70"
Accept-Ranges: bytes
Content-Length: 5161
Cache-Control: max-age=86400
Expires: Thu, 29 Sep 2022 19:59:32 GMT
Connection: close
Content-Type: image/jpeg

www.batteryupgrade.ch/images/braunoni2017/payment/paymentmethods/payment-visa.png

89.188.12.130

200 OK

2.3 kB

URL HTTP/1.1
www.batteryupgrade.ch/images/braunoni2017/payment/paymentmethods/payment-visa.png
IP
89.188.12.130:0
ASN
#31477 Duocast B.V.

File type
PNG image data, 49 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2253 bytes)
Hash
d1fa3f4c9dec90651b42bc3db03aa0fa
f5eaa69377d392395c3ce51f1e50148652a7e813
0fffebebb735ad54f2412b07e9fd6a3e4a4b5a8f4b61058f8f86d2731ab8ed94

HTTP Headers

GET /images/braunoni2017/payment/paymentmethods/payment-visa.png HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Cookie: PHPSESSID=el6gp386380f261l19b31feg08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Server: Apache/2.4.54 (Debian)
Last-Modified: Tue, 28 Jun 2022 12:07:41 GMT
ETag: "8cd-5e280e22dda10"
Accept-Ranges: bytes
Content-Length: 2253
Cache-Control: max-age=86400
Expires: Thu, 29 Sep 2022 19:59:32 GMT
Connection: close
Content-Type: image/png

www.batteryupgrade.ch/images/braunoni2017/payment/paymentmethods/payment-paypal.png

89.188.12.130

200 OK

2.5 kB

URL HTTP/1.1
www.batteryupgrade.ch/images/braunoni2017/payment/paymentmethods/payment-paypal.png
IP
89.188.12.130:0
ASN
#31477 Duocast B.V.

File type
PNG image data, 90 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2548 bytes)
Hash
630e124385f0927e0f94e70421d17b91
9434be3ac3f639fe7a0606c5ba24856c41f3f6ee
977d3ba4e3a6d6783cf813ce4d3b3ef576561f37afdc54f28551df15ea8b5143

HTTP Headers

GET /images/braunoni2017/payment/paymentmethods/payment-paypal.png HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Cookie: PHPSESSID=el6gp386380f261l19b31feg08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Server: Apache/2.4.54 (Debian)
Last-Modified: Tue, 28 Jun 2022 12:07:41 GMT
ETag: "9f4-5e280e22dda10"
Accept-Ranges: bytes
Content-Length: 2548
Cache-Control: max-age=86400
Expires: Thu, 29 Sep 2022 19:59:32 GMT
Connection: close
Content-Type: image/png

media.bttry.net/assets/07168010/css/main.min.css

35.201.89.39

200 OK

163 kB

URL HTTP/2
media.bttry.net/assets/07168010/css/main.min.css
IP
35.201.89.39:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (36493)
Size
163 kB (163113 bytes)
Hash
adac310d38906108df6ca74e86ba391e
951f3e84ce9fff9ca96eeb90c982bf87b4c12821
e787f0379b3582d44574b584c478b5fee48bda257e467dff79d1c21be67fe075

HTTP Headers

GET /assets/07168010/css/main.min.css HTTP/1.1
Host: media.bttry.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtQdGf9ZQ_JC9Dbp9abcFJtQkvOnhWPFM3M4jlmVER4pAAdnEXBDBVDnjg-ZQfpoyoXwhtH3Gzc1q2PPzxUKOaRKov2TAyS
x-goog-generation: 1656416136850454
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 163113
x-goog-meta-goog-reserved-file-mtime: 1656416078
x-goog-hash: crc32c=C8vxnw==, md5=rawxDTiQYQjfbKdOhro5Hg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 163113
server: UploadServer
date: Wed, 28 Sep 2022 19:33:32 GMT
expires: Wed, 28 Sep 2022 20:33:32 GMT
cache-control: public, max-age=3600
age: 1560
last-modified: Tue, 28 Jun 2022 11:35:36 GMT
etag: "adac310d38906108df6ca74e86ba391e"
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.batteryupgrade.ch/images/braunoni2017/home/categories/boormachine.jpg

89.188.12.130

200 OK

5.0 kB

URL HTTP/1.1
www.batteryupgrade.ch/images/braunoni2017/home/categories/boormachine.jpg
IP
89.188.12.130:0
ASN
#31477 Duocast B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 206x120, components 3\012- data
Size
5.0 kB (4964 bytes)
Hash
6d7f5dca0308c22a45a2b48d6fd1e722
0d0e0fc40379849068200bffd8ac1b49c6e84cc1
0eb63dd5683370f3f34fb1fd031ab4f09d77f130b4457ae511e144afa20aece0

HTTP Headers

GET /images/braunoni2017/home/categories/boormachine.jpg HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Cookie: PHPSESSID=el6gp386380f261l19b31feg08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Server: Apache/2.4.54 (Debian)
Last-Modified: Tue, 28 Jun 2022 12:07:41 GMT
ETag: "1364-5e280e22dca70"
Accept-Ranges: bytes
Content-Length: 4964
Cache-Control: max-age=86400
Expires: Thu, 29 Sep 2022 19:59:32 GMT
Connection: close
Content-Type: image/jpeg

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
553d32dd4cc8e05b91f7bebc94f0ac4a
715ee18c314776a43e4faa33b689356246567e3f
77ffc37d779019267e4ed820be18d8f3ac8247e236de23bd7bb43d8f54ed0c4f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.batteryupgrade.ch/images/braunoni2017/payment/paymentmethods/payment-americanexpress.png

89.188.12.130

200 OK

1.8 kB

URL HTTP/1.1
www.batteryupgrade.ch/images/braunoni2017/payment/paymentmethods/payment-americanexpress.png
IP
89.188.12.130:0
ASN
#31477 Duocast B.V.

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1816 bytes)
Hash
c462b8b2439ec33d1c6785bc18760afc
5b38fa47c8be293f1f95922f0bc581edfa1e560c
a44500f8d875bda2f727342b34e703cb00f428948c1fc868bbcf97752a015bad

HTTP Headers

GET /images/braunoni2017/payment/paymentmethods/payment-americanexpress.png HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Cookie: PHPSESSID=el6gp386380f261l19b31feg08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Server: Apache/2.4.54 (Debian)
Last-Modified: Tue, 28 Jun 2022 12:07:41 GMT
ETag: "718-5e280e22dda10"
Accept-Ranges: bytes
Content-Length: 1816
Cache-Control: max-age=86400
Expires: Thu, 29 Sep 2022 19:59:32 GMT
Connection: close
Content-Type: image/png

www.batteryupgrade.ch/images/braunoni2017/home/categories/smartphone.jpg

89.188.12.130

200 OK

7.3 kB

URL HTTP/1.1
www.batteryupgrade.ch/images/braunoni2017/home/categories/smartphone.jpg
IP
89.188.12.130:0
ASN
#31477 Duocast B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 206x120, components 3\012- data
Size
7.3 kB (7337 bytes)
Hash
bc2f26e92fdd28e817c17bd7d746bb69
10063173af6352c94316cfdf7c3e39fc422482c2
17268d6e613d3a5cc6b3ba541cc07389a0cbb6487cc4a6ed8c251dcc972a1ee1

HTTP Headers

GET /images/braunoni2017/home/categories/smartphone.jpg HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Cookie: PHPSESSID=el6gp386380f261l19b31feg08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Server: Apache/2.4.54 (Debian)
Last-Modified: Tue, 28 Jun 2022 12:07:41 GMT
ETag: "1ca9-5e280e22dca70"
Accept-Ranges: bytes
Content-Length: 7337
Cache-Control: max-age=86400
Expires: Thu, 29 Sep 2022 19:59:32 GMT
Connection: close
Content-Type: image/jpeg

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e2875a9e06f892f0d4fa46c0f98a1c49
9c0e332f55a592367b602494642ee2127699b543
74692ca89ddc427d0c55f56aedb738b107a9761c44ed5201f932f54950a6f406

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.batteryupgrade.ch/images/braunoni2017/payment/paymentmethods/payment-mastercard.png

89.188.12.130

200 OK

2.1 kB

URL HTTP/1.1
www.batteryupgrade.ch/images/braunoni2017/payment/paymentmethods/payment-mastercard.png
IP
89.188.12.130:0
ASN
#31477 Duocast B.V.

File type
PNG image data, 49 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 kB (2126 bytes)
Hash
2a5d13db9f3ba12e8a43956de2fa1e9f
525d19ecc4c1023975524c5bef7501e603387687
8b880d0ac70686e6f06986a00fc959ab1d77074736a20c1070f6d45df5de2d56

HTTP Headers

GET /images/braunoni2017/payment/paymentmethods/payment-mastercard.png HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Cookie: PHPSESSID=el6gp386380f261l19b31feg08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Server: Apache/2.4.54 (Debian)
Last-Modified: Tue, 28 Jun 2022 12:07:41 GMT
ETag: "84e-5e280e22dda10"
Accept-Ranges: bytes
Content-Length: 2126
Cache-Control: max-age=86400
Expires: Thu, 29 Sep 2022 19:59:32 GMT
Connection: close
Content-Type: image/png

www.batteryupgrade.ch/images/braunoni2017/home/categories/notebook.jpg

89.188.12.130

200 OK

4.9 kB

URL HTTP/1.1
www.batteryupgrade.ch/images/braunoni2017/home/categories/notebook.jpg
IP
89.188.12.130:0
ASN
#31477 Duocast B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 206x120, components 3\012- data
Size
4.9 kB (4866 bytes)
Hash
2c5c3f6f4335b961dd7f0f6f904ab11d
8586b5604ada99f603e2ac7dfd88f6bac4bd0585
0f3258076a7f46c33b168edc90e0d36ff1fce2eb131bcbe8164491fe4ed907ea

HTTP Headers

GET /images/braunoni2017/home/categories/notebook.jpg HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Cookie: PHPSESSID=el6gp386380f261l19b31feg08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Server: Apache/2.4.54 (Debian)
Last-Modified: Tue, 28 Jun 2022 12:07:41 GMT
ETag: "1302-5e280e22dca70"
Accept-Ranges: bytes
Content-Length: 4866
Cache-Control: max-age=86400
Expires: Thu, 29 Sep 2022 19:59:32 GMT
Connection: close
Content-Type: image/jpeg

media.bttry.net/bu/braunoni2017/flag/sprite.png

35.201.89.39

200 OK

15 kB

URL HTTP/2
media.bttry.net/bu/braunoni2017/flag/sprite.png
IP
35.201.89.39:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 460, 16-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14692 bytes)
Hash
df5ab3a1e9e3b6d24f38fd7abe0b9c0b
5b5ddd5ae17156ac380a605e8a461021a68da06b
2f3494b7f0513edbf8143ada7287413bfee5807e611bae7d98d39b619dbb41e6

HTTP Headers

GET /bu/braunoni2017/flag/sprite.png HTTP/1.1
Host: media.bttry.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.bttry.net/assets/07168010/css/main.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdsktWw4PmNpOaoHgokt9DYFBeMIdcUwEjjkd_PyTQYLg5VEuFEMsLxZ8bQjBhNq7Sqm6vFhaXzD0d00ZYmGHCfqsQ
x-goog-generation: 1635864881954935
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 14692
x-goog-meta-goog-reserved-file-mtime: 1635864728
x-goog-hash: crc32c=7zccdw==, md5=31qzoenjttJPOP16vgucCw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 14692
server: UploadServer
date: Wed, 28 Sep 2022 19:29:55 GMT
expires: Wed, 28 Sep 2022 20:29:55 GMT
cache-control: public, max-age=3600
age: 1777
last-modified: Tue, 02 Nov 2021 14:54:42 GMT
etag: "df5ab3a1e9e3b6d24f38fd7abe0b9c0b"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-M53HQ95

142.250.74.72

200 OK

57 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-M53HQ95
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4662)
Size
57 kB (56715 bytes)
Hash
bd279a64adac8b29e01c1dee1bdc1d36
a1d104f5cef2b01013278427c682a4086ed6cc2e
d1f8ddb9f9fe26b3a730492962d6dbf00ffe06d0251a035f815dc21be45721b6

HTTP Headers

GET /gtm.js?id=GTM-M53HQ95 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Sep 2022 19:59:32 GMT
expires: Wed, 28 Sep 2022 19:59:32 GMT
cache-control: private, max-age=900
last-modified: Wed, 28 Sep 2022 18:50:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 56715
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
2caa539e025c33760688ffe3ad111e3a
2c8bf30c9faca601dc28aac6c09a6d0bf3675d45
ce52dfdf8490683decc34878b77c011046b3b0ddf9ce42a22a52dcf7967475a9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 07:33:43 GMT
Expires: Wed, 05 Oct 2022 07:33:42 GMT
Etag: "2c8bf30c9faca601dc28aac6c09a6d0bf3675d45"
Cache-Control: max-age=559449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751f0f61fadbb4fd-OSL

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb2f3cc13b8ab763c5f346d6fc23054d
1768cc61721a6a6624c1ccbf2c874342f53abd99
3faee940dd222a051862bc2a4e090ecd2cc1f2ead8b1a5c84e10241f31461c5f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.batteryupgrade.ch
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 18:01:25 GMT
expires: Sun, 24 Sep 2023 18:01:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 352687
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ssl.google-analytics.com/ga.js

142.250.74.104

200 OK

17 kB

URL HTTP/2
ssl.google-analytics.com/ga.js
IP
142.250.74.104:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1305)
Size
17 kB (17168 bytes)
Hash
01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

HTTP Headers

GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Wed, 28 Sep 2022 18:17:11 GMT
expires: Wed, 28 Sep 2022 20:17:11 GMT
cache-control: public, max-age=7200
age: 6141
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
afa078b70d80b6b5afcd913b9a626159
ccce4ced1c0e2aacb3c9de29c995e69084fdd851
b39fd4ba1a0a96216d68eaddf1ce8dd67c4cceae45f90c29e4b3093300873d08

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/1070102528/?random=1664395169679&cv=9&fst=1664395169679&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.batteryupgrade.ch%2F&tiba=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&hn=www.googleadservices.com&rfmt=3&fmt=4

142.250.74.34

200 OK

1.1 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070102528/?random=1664395169679&cv=9&fst=1664395169679&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.batteryupgrade.ch%2F&tiba=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&hn=www.googleadservices.com&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2314), with no line terminators
Size
1.1 kB (1055 bytes)
Hash
38d93e090dae6274854fe053b9c92531
00df4368771d6f873787073652d088accbce1d58
c19b9701882069c4302b24c5cb12de0c9d7b6659969e7b7a42ad0addf33b382e

HTTP Headers

GET /pagead/viewthroughconversion/1070102528/?random=1664395169679&cv=9&fst=1664395169679&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.batteryupgrade.ch%2F&tiba=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 19:59:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1055
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Sep-2022 20:14:32 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.batteryupgrade.ch/images/braunoni2017/favicon.ico

89.188.12.130

200 OK

1.2 kB

URL HTTP/1.1
www.batteryupgrade.ch/images/braunoni2017/favicon.ico
IP
89.188.12.130:0
ASN
#31477 Duocast B.V.

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
136d5262d74db8599929b4bbe8a799df
02c5e7c13909fa3c7d134de70e2281b7c1af3087
679ff821d6e9d67cc9a80a429c692eb3d11eb27b6b37b3375939174c529ceb5e

HTTP Headers

GET /images/braunoni2017/favicon.ico HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Cookie: PHPSESSID=el6gp386380f261l19b31feg08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Server: Apache/2.4.54 (Debian)
Last-Modified: Tue, 28 Jun 2022 12:07:41 GMT
ETag: "47e-5e280e22dca70"
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=86400
Expires: Thu, 29 Sep 2022 19:59:32 GMT
Connection: close
Content-Type: image/vnd.microsoft.icon

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b7ed37e03b72b8da3fb7f6c476ae9a1f
c335157b42102c71f5431bc295b2b2542af781d4
66ad71fe8fc69a39c7852c1b8e1fe1308e8ccaf2a147ed1c3a6866d3b248f9a3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5e01e4cfb215a3f052b4c716bc77c1a6
6e63b3e883051319571310c44b87591f0312d83f
aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

script.hotjar.com/modules.cf44a0a6b448df1b035e.js

143.204.55.68

200 OK

66 kB

URL HTTP/2
script.hotjar.com/modules.cf44a0a6b448df1b035e.js
IP
143.204.55.68:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48714)
Size
66 kB (66148 bytes)
Hash
5f131c93ccff63ccc86d0067d0eebf99
a599898399783be0db5f757c043b828a0726deec
91980f4223c639c3849139a6e692ccf10310f0b57d74b403198af020fc7398a2

HTTP Headers

GET /modules.cf44a0a6b448df1b035e.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 66148
date: Wed, 28 Sep 2022 11:37:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "5f131c93ccff63ccc86d0067d0eebf99"
last-modified: Wed, 28 Sep 2022 11:36:53 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7kwu3ZlL70un11qp07-98rn_g5hdwP62gUbMeUqWyi4UR-RDtGuQqQ==
age: 30146
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
29102972fb9fde106a95422d220e56a1
8b9b2daed36f5cc67c71549616b561842c0ed740
2e01e1afcd76c390dd0d86baf9f4a88c02792c5c0870d59911cd8dbe46436ca3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/1070102528/?random=1664395169679&cv=9&fst=1664391600000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.batteryupgrade.ch%2F&tiba=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&fmt=3&is_vtc=1&random=1100533187&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/1070102528/?random=1664395169679&cv=9&fst=1664391600000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.batteryupgrade.ch%2F&tiba=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&fmt=3&is_vtc=1&random=1100533187&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/1070102528/?random=1664395169679&cv=9&fst=1664391600000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.batteryupgrade.ch%2F&tiba=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&fmt=3&is_vtc=1&random=1100533187&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 19:59:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-215155-1&cid=1079438106.1664395170&jid=533491960&_v=5.7.2&z=2116644467

64.233.165.154

302 Found

366 B

URL HTTP/2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-215155-1&cid=1079438106.1664395170&jid=533491960&_v=5.7.2&z=2116644467
IP
64.233.165.154:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
366 B (366 bytes)
Hash
aaca7b605913a3d46262b71df27ad875
647d9a32d2c077feab11cec5bb5dc43de6401e78
0119816766a57b43cbdef078834205df102a2636d31076fe2bd72b7d40d39e73

HTTP Headers

GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-215155-1&cid=1079438106.1664395170&jid=533491960&_v=5.7.2&z=2116644467 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.batteryupgrade.ch/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-215155-1&cid=1079438106.1664395170&jid=533491960&_v=5.7.2&z=2116644467
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 19:59:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
64efebb51e5b4f12f97825c5944d0cfa
fc6830187fd786f3d7fefeda96bf0fbe15509927
a33a76aa921357b856b0f68c84f500cd12c40cce3172723b8cd77c250422ac43

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-215155-1&cid=1079438106.1664395170&jid=533491960&_v=5.7.2&z=2116644467

142.250.74.164

302 Found

0 B

URL HTTP/2
www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-215155-1&cid=1079438106.1664395170&jid=533491960&_v=5.7.2&z=2116644467
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-215155-1&cid=1079438106.1664395170&jid=533491960&_v=5.7.2&z=2116644467 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.batteryupgrade.ch/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 19:59:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-215155-1&cid=1079438106.1664395170&jid=533491960&_v=5.7.2&z=2116644467&slf_rd=1&random=322815193
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7f6c1bbbde940ad17ceda150b7b1664d
7273da22f182d9540784068537cc678ec27800d3
4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
29102972fb9fde106a95422d220e56a1
8b9b2daed36f5cc67c71549616b561842c0ed740
2e01e1afcd76c390dd0d86baf9f4a88c02792c5c0870d59911cd8dbe46436ca3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

142.250.74.163

200 OK

48 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Size
48 kB (47952 bytes)
Hash
17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

HTTP Headers

GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.batteryupgrade.ch
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 18:59:14 GMT
expires: Tue, 26 Sep 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 176418
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

143.204.55.105

200 OK

1.0 kB

URL HTTP/2
vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
IP
143.204.55.105:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2431), with no line terminators
Size
1.0 kB (1044 bytes)
Hash
f6a9ca04b0687ea3c0d98e8430c8c77b
35503b2deb23091a9a9c6c68d4020dbdf879588e
8e4328ecb6b395499567369e3c227231dbdaf361f43ce315934d7a2a3abbed41

HTTP Headers

GET /box-69edcc3187336f9b0a3fbb4c73be9fe6.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1044
date: Wed, 07 Sep 2022 09:17:07 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zITkWVKHfg9jBXvw36nmhxIQQAKq2KT7NKrBkV9qMFfk_5Ny-rd4Vg==
age: 1852945
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1eefefb3b607aa38e387d21186006d42
f1878481dff39afc79564dca4f6939a4b81f5ea7
b9011e095634ed695f18b8b901e89d2be93d84b5f25f812e8f665da588858810

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.google-analytics.com/g/collect?v=2&tid=G-CCJQ3Y2XPQ&gtm=2oe9q0&_p=957397586&cid=416946429.1664395170&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664395170&sct=1&seg=0&dl=https%3A%2F%2Fwww.batteryupgrade.ch%2F&dt=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-CCJQ3Y2XPQ&gtm=2oe9q0&_p=957397586&cid=416946429.1664395170&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664395170&sct=1&seg=0&dl=https%3A%2F%2Fwww.batteryupgrade.ch%2F&dt=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-CCJQ3Y2XPQ&gtm=2oe9q0&_p=957397586&cid=416946429.1664395170&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664395170&sct=1&seg=0&dl=https%3A%2F%2Fwww.batteryupgrade.ch%2F&dt=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.batteryupgrade.ch
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.batteryupgrade.ch
date: Wed, 28 Sep 2022 19:59:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
1ead9d91ed690667b0a358c5dba647e8
9cde69017bc5b90acf4c78bce960f453e05d64d0
897f0ee1cdba73c3425092111e7d60801b14d6c1b981c7ed25a1b60d1233b427

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 28 Sep 2022 19:59:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 27 Sep 2022 22:39:59 GMT
Expires: Wed, 28 Sep 2022 22:39:59 GMT
ETag: "9cde69017bc5b90acf4c78bce960f453e05d64d0"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

p274639.mybetterck.com/adServe/domainClick?ai=tMxzWfm12LpkbNIWurMDWoiXD7klJ1soTN51QfSABfYD6oPh4t22c9B9_vdKnsZCUhrhXB7h4Q0Uuwo5IbgEBdUi6xSvMdRUq3nDjZUkzHvLJyjqHra8mGW6CHfeBodVgvgI1g_o4dK0Bqs_9EYIR_VYuzZSYLtak8a2TCfMlWrIMMlTWYfZjlToK4-_1ACOP0s6MBsFTTAOGVIq7SQHt2xDKr8Rw5O7dO4wvtGnrzTddVqW4b_Ykxw_vxfmXwaLNORDvO_u8SbIzzh0hp6ogO7JzK4vQzmiPaDGm4CwDwXfw_JoL1ALTR_29IAMKrswtsrhcGeRW6RqgEE0f5FjhxhGK23FSY41eOG-uPJj6bxlqf_64l0Z6hpyy_YN0YQtpLSZmparWHWvrphb_I88ZSIO3PHyowRR_6p576eQm9fr2iPLc49PERgUkMD_VLeROfuqs0moSwPq7QXN-ylcxrw3TeQXSnFC-IokKZjFQZ7rqNKnLYX0tfAD-AuLqsioXaRG_Rn9EU5baMHjMW5FMVZ1q7sg30V1X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiPLxdLCBTbS2E-vcPMz4vkC4FXmAKRd9aSyJTuzQtneEKj1HVaOgt_lw&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSHTbvXa9bc3gUMCZFDPA5eSNaBH9W47pomJmpXnVSXAuWEOrnfwZmTzSi7POAjgQDzkTIYbeCY1Hn59BaP8A9XQ&si=1&oref=22a3b7b148bba753762bd6aaf4a8a708&optunit=r66YW_yPPGUiDtzx8qMEUc7n_r2HV6hZ&rb=2Vb288azLYM&rr=0&abtg=0

108.168.193.189

200 OK

0 B

URL HTTP/2
p274639.mybetterck.com/adServe/domainClick?ai=tMxzWfm12LpkbNIWurMDWoiXD7klJ1soTN51QfSABfYD6oPh4t22c9B9_vdKnsZCUhrhXB7h4Q0Uuwo5IbgEBdUi6xSvMdRUq3nDjZUkzHvLJyjqHra8mGW6CHfeBodVgvgI1g_o4dK0Bqs_9EYIR_VYuzZSYLtak8a2TCfMlWrIMMlTWYfZjlToK4-_1ACOP0s6MBsFTTAOGVIq7SQHt2xDKr8Rw5O7dO4wvtGnrzTddVqW4b_Ykxw_vxfmXwaLNORDvO_u8SbIzzh0hp6ogO7JzK4vQzmiPaDGm4CwDwXfw_JoL1ALTR_29IAMKrswtsrhcGeRW6RqgEE0f5FjhxhGK23FSY41eOG-uPJj6bxlqf_64l0Z6hpyy_YN0YQtpLSZmparWHWvrphb_I88ZSIO3PHyowRR_6p576eQm9fr2iPLc49PERgUkMD_VLeROfuqs0moSwPq7QXN-ylcxrw3TeQXSnFC-IokKZjFQZ7rqNKnLYX0tfAD-AuLqsioXaRG_Rn9EU5baMHjMW5FMVZ1q7sg30V1X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiPLxdLCBTbS2E-vcPMz4vkC4FXmAKRd9aSyJTuzQtneEKj1HVaOgt_lw&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSHTbvXa9bc3gUMCZFDPA5eSNaBH9W47pomJmpXnVSXAuWEOrnfwZmTzSi7POAjgQDzkTIYbeCY1Hn59BaP8A9XQ&si=1&oref=22a3b7b148bba753762bd6aaf4a8a708&optunit=r66YW_yPPGUiDtzx8qMEUc7n_r2HV6hZ&rb=2Vb288azLYM&rr=0&abtg=0
IP
108.168.193.189:0
ASN
#36351 SOFTLAYER

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /adServe/domainClick?ai=tMxzWfm12LpkbNIWurMDWoiXD7klJ1soTN51QfSABfYD6oPh4t22c9B9_vdKnsZCUhrhXB7h4Q0Uuwo5IbgEBdUi6xSvMdRUq3nDjZUkzHvLJyjqHra8mGW6CHfeBodVgvgI1g_o4dK0Bqs_9EYIR_VYuzZSYLtak8a2TCfMlWrIMMlTWYfZjlToK4-_1ACOP0s6MBsFTTAOGVIq7SQHt2xDKr8Rw5O7dO4wvtGnrzTddVqW4b_Ykxw_vxfmXwaLNORDvO_u8SbIzzh0hp6ogO7JzK4vQzmiPaDGm4CwDwXfw_JoL1ALTR_29IAMKrswtsrhcGeRW6RqgEE0f5FjhxhGK23FSY41eOG-uPJj6bxlqf_64l0Z6hpyy_YN0YQtpLSZmparWHWvrphb_I88ZSIO3PHyowRR_6p576eQm9fr2iPLc49PERgUkMD_VLeROfuqs0moSwPq7QXN-ylcxrw3TeQXSnFC-IokKZjFQZ7rqNKnLYX0tfAD-AuLqsioXaRG_Rn9EU5baMHjMW5FMVZ1q7sg30V1X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiPLxdLCBTbS2E-vcPMz4vkC4FXmAKRd9aSyJTuzQtneEKj1HVaOgt_lw&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSHTbvXa9bc3gUMCZFDPA5eSNaBH9W47pomJmpXnVSXAuWEOrnfwZmTzSi7POAjgQDzkTIYbeCY1Hn59BaP8A9XQ&si=1&oref=22a3b7b148bba753762bd6aaf4a8a708&optunit=r66YW_yPPGUiDtzx8qMEUc7n_r2HV6hZ&rb=2Vb288azLYM&rr=0&abtg=0 HTTP/1.1
Host: p274639.mybetterck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Cookie: rhid=81412752446
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:59:30 GMT
content-type: text/html;charset=ISO-8859-1
vary: Accept-Encoding
set-cookie: rhid=81412752446; Max-Age=15552000; Expires=Mon, 27-Mar-2023 19:59:30 GMT; Domain=mybetterck.com; Path=/; SameSite=None; secure;
loi=ad_1115396_off_560965_aff_89916_cid_274639-575901862-GETAPPLICATIONMY.INFO_ts_1664395170; Max-Age=3600; Expires=Wed, 28-Sep-2022 20:59:30 GMT; Domain=mybetterck.com; Path=/; SameSite=None; secure;
content-encoding: gzip
X-Firefox-Spdy: h2

chosenproduct.com/redirect-simple?ci=182&c=no&c_p=s&c_s=416058226&c_k=computers&c_geo=NO&c_d=Desktop

46.105.126.224

200 OK

0 B

URL HTTP/2
chosenproduct.com/redirect-simple?ci=182&c=no&c_p=s&c_s=416058226&c_k=computers&c_geo=NO&c_d=Desktop
IP
46.105.126.224:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /redirect-simple?ci=182&c=no&c_p=s&c_s=416058226&c_k=computers&c_geo=NO&c_d=Desktop HTTP/1.1
Host: chosenproduct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.10.3
date: Wed, 28 Sep 2022 19:59:30 GMT
content-type: text/html; charset=UTF-8
x-frame-options: *
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Permanent+Marker&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Permanent+Marker&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Permanent+Marker&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chosenproduct.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 19:59:30 GMT
date: Wed, 28 Sep 2022 19:59:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300i,400,600,700,700i&subset=cyrillic,greek

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300i,400,600,700,700i&subset=cyrillic,greek
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:300i,400,600,700,700i&subset=cyrillic,greek HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.bttry.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 19:59:32 GMT
date: Wed, 28 Sep 2022 19:59:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-1682517.js?sv=6

54.230.111.8

200 OK

0 B

URL HTTP/2
static.hotjar.com/c/hotjar-1682517.js?sv=6
IP
54.230.111.8:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/hotjar-1682517.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 19:59:32 GMT
cache-control: max-age=60
etag: W/4979b13c9ed5773ba7a3da1ff23d84cf
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QIcodv-Wwunl0_EmjWFU3MgoSu9AWBdoQkhalmEoA7i1peHqBleyUw==
age: 9
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations