Report - xcis.mobixone.co.za/mtn-za/subscribe/omBl-0dJI-0Tfs-rUqi-rbPI-qBEl-9jiM-g13H/bigthinking/mtn-za/ZA/subscribe/fz99dQRDq1u4oh2G2SQ2CedP/bigthinking-strengthenyoga/strength190754/EMPTY/EMPTY/

Report Overview

Submitted URL
xcis.mobixone.co.za/mtn-za/subscribe/omBl-0dJI-0Tfs-rUqi-rbPI-qBEl-9jiM-g13H/bigthinking/mtn-za/ZA/subscribe/fz99dQRDq1u4oh2G2SQ2CedP/bigthinking-strengthenyoga/strength190754/EMPTY/EMPTY/
IP
52.208.180.140
ASN
#16509 AMAZON-02
Submitted
2023-01-30 12:01:12
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
static.ads-twitter.com	614	2018-06-24T00:08:39Z	2023-03-13T05:25:18Z	364 B	16 kB	151.101.244.157
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-13T05:09:29Z	373 B	29 kB	157.240.205.11
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	359 B	1.9 kB	104.18.21.226
xcis.mobixone.co.za	unknown	2022-06-03T11:51:09Z	2023-03-13T06:07:56Z	519 B	252 B	52.17.208.175
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
analytics-zmd.securewebfraud.io	285378	2019-05-09T00:33:45Z	2023-03-13T06:07:58Z	416 B	510 B	91.241.94.108
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-13T06:26:15Z	1.0 kB	1.2 kB	142.250.74.35
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.36.77.32
web-zmd.secure-d.io	288154	2022-06-08T18:26:28Z	2023-03-13T06:07:58Z	818 B	941 B	91.241.95.160
t.co	569	2012-07-25T21:09:44Z	2023-03-13T05:25:19Z	848 B	434 B	104.244.42.5
doi.mtndep.co.za	230273	2020-10-27T15:11:25Z	2023-03-13T06:07:56Z	3.0 kB	113 kB	54.246.197.15
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.4 kB	4.9 kB	142.250.74.131
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.4 kB	2.8 kB	93.184.220.29
dtm-dre.platform.hicloud.com	13669	2020-12-11T09:29:14Z	2023-03-13T10:05:25Z	423 B	46 kB	80.158.18.121
analytics.twitter.com	526	2013-04-10T21:53:18Z	2023-03-13T05:25:19Z	811 B	613 B	104.244.42.195
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	56 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	50.112.247.170

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-30 12:01:13	low	54.246.197.15	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
2023-01-30 12:01:13	low	54.246.197.15	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
2023-01-30 12:01:13	low	54.246.197.15	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (57)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtm.js?id=GTM-KV7DF92	242 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KV7DF92 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:22:00 Last Seen2023-03-13 12:22:00 Times Seen1 Hash 2c2b5c959950ad5ebfc5de59dad63d94 05787614fe601c7d12405654360a9acdbb99cfd7 1eda6cc5ee88aa7a42aa79c9db96816710e51b4e933af4b036d03991d1613969 Loading...

	doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b	335 B	2023-03-07	2024-04-21
Pretty URL doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b IP 54.246.197.15 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:55:09 Last Seen2024-04-21 16:50:53 Times Seen238 Hash 038c1ebbb7ae9db8cd65f63f6bda4527 9c8b563bd184f1c16ecd39bcf3df6f245dc0d69b 638d6f1347894bfe4748d7e4444756fa315e4fcfed68e0090b9082812aeae1cc Loading...

	doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b	422 B	2023-03-09	2024-02-24
Pretty URL doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b IP 54.246.197.15 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:09:48 Last Seen2024-02-24 11:49:47 Times Seen119 Hash f9b2ab892e774b7c2fdfd901378b855d 4b9ad2209a010c5c7b7a7174fc7c6ef747f8b594 2060ddabdc8bc3046476cf1604c38a2c90e7a8eccf2d9b3e6cc3bfa422f0020a Loading...

	connect.facebook.net/signals/config/320411056088910?v=2.9.92&r=stable	386 kB	2023-03-12	2023-03-13
Pretty URL connect.facebook.net/signals/config/320411056088910?v=2.9.92&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:44:37 Last Seen2023-03-13 12:30:20 Times Seen1 Hash ada6b7996cefaa37e67165296d747245 3c4ce0fc47445b5295a0138d69d27705b2883c41 270f84f33ec816d64e44ed0f7b22d1522b31934b22b23d14d196699655b01503 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NC3ZRGX	180 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NC3ZRGX IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:22:00 Last Seen2023-03-13 12:22:00 Times Seen1 Hash 6a2b36baa21cde26ccf6a30165f426e4 c2bad8fc9ff895429f28c329b58b8124b99715a1 d17a102f88ff389a99bf04acac57f8068f33e969ad0f290f217b6268bbcef522 Loading...

	doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b	422 B	2023-03-09	2024-02-24
Pretty URL doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b IP 54.246.197.15 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:09:48 Last Seen2024-02-24 11:49:46 Times Seen119 Hash fb1c7d6d7ee427eec045f2b5549cb982 68920a8dd10f588473de07367d9aa04993b5defd f0a53b6fb9d49e0f41a75c8d7acdeb7d56eb1855b5eb91cf79bed65ec2b7a37c Loading...

	doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b	548 B	2023-03-09	2024-02-24
Pretty URL doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b IP 54.246.197.15 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:09:48 Last Seen2024-02-24 11:49:47 Times Seen119 Hash 1ed4617af0a7d0167050c36582f4b06e b792ca2487013d1ae5e5a02a6defff8ea01b64fa edbdab2e7b665e8b28eb23ba222530eebdd18440be1f29b6327d17ae46dd2b41 Loading...

	www.googletagmanager.com/gtag/js?id=G-57Q9E221SZ&l=dataLayer&cx=c	186 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-57Q9E221SZ&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:22:00 Last Seen2023-03-13 12:22:00 Times Seen1 Hash 3340afe6ae937ff098d57b06fc2836f7 2d1e04aeea25d1594ea27b84c976cce903e35745 af4b9e1e039566559176fe91d85d3408e6c76f63beaab4e784eee2df16c3ac0f Loading...

	www.googleoptimize.com/optimize.js?id=OPT-PJNJFRW	113 kB	2023-03-13	2023-03-13
Pretty URL www.googleoptimize.com/optimize.js?id=OPT-PJNJFRW IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:25:16 Last Seen2023-03-13 12:30:20 Times Seen1 Hash 1adceb8ae3198fdc925067ff80e49744 7ebf16881e519fd2c245ba0cec477691bf9b3c8a 893d130b31eb9cd5f02377aa03646d4694619ac7bbfb7d753d68474f59bdfc30 Loading...

	connect.facebook.net/en_US/fbevents.js	109 kB	2023-03-12	2023-03-18
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.205.11 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:27:08 Last Seen2023-03-18 07:43:22 Times Seen1 Hash cf0731d687328f0426cf2709b697dd92 3fe9944a3efd792f4c59d0f1012cd8206769dca4 39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533 Loading...

	connect.facebook.net/signals/config/544558509536440?v=2.9.92&r=stable	386 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/signals/config/544558509536440?v=2.9.92&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:21:48 Last Seen2023-03-13 12:30:20 Times Seen1 Hash de5e700ec5f8f4c35ee6e5d9d9d607e7 5ff06320db1e1cff57265f83cb1919315c3d9df2 04daf0b54b412c9526777743eb729fd8b7ac67f063606daba60334f354f60115 Loading...

	doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b	129 kB	2023-03-13	2023-03-13
Pretty URL doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b IP 54.246.197.15 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:22:00 Last Seen2023-03-13 12:22:00 Times Seen1 Hash ed9f977b387d4fc6ab6949263e87ae15 074aa91c5faa4d9195e5f54d06159605cb2b45c8 8a5ef1d4ed229e02287261683c1f0808d6aef0b1e7c7562b87fd9cb31a5967a4 Loading...

	doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b	548 B	2023-03-09	2024-02-24
Pretty URL doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b IP 54.246.197.15 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:09:48 Last Seen2024-02-24 11:49:47 Times Seen121 Hash 2ab81b0dfa4ef65ad1b108c3115f8fea caae21a5829bed0800bfdd0d439bb7b604cffaba fd0b80c7f7c173aa7205c1d802f310c701f69683d653f395d2990c1aa63ca9e9 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	static.ads-twitter.com/uwt.js	58 kB	2023-03-08	2024-04-20
Pretty URL static.ads-twitter.com/uwt.js IP 151.101.244.157 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:46 Last Seen2024-04-20 17:48:03 Times Seen4329 Hash 32ad004436155ec972bc50e6238b5b67 9b2cdb645c2fa5b98a9d05dcdca521fed4a17b7b cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Loading...

	dtm-dre.platform.hicloud.com/download/web/dtm.js?id=DTM-ac1262027c6e10a2817cc06442e74a12	46 kB	2023-03-13	2023-03-14
Pretty URL dtm-dre.platform.hicloud.com/download/web/dtm.js?id=DTM-ac1262027c6e10a2817cc06442e74a12 IP 80.158.18.121 ASN #6878 T-Systems International GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:01:10 Last Seen2023-03-14 18:43:05 Times Seen1 Hash bce218b4df08c591de540bf37521b472 9781daa63caa8c99c9b9b31b5e0f7d07112a6a2e f78076c88dc1857960ecdcb0b9e32d22ec71921e25bfbbd4ea5285c33d8606c9 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2d436ad694618f8733366906c125b5b2	175 B	2023-03-09	2023-06-27
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-06-27 12:24:38 Times Seen71 Hash 2d436ad694618f8733366906c125b5b2 4a9843257bdb1a65027fd23ef6c1d3f93e1bdd0f 0b66bfbcbfe40fd99ecf2cd89905335ffc93100aafaf43468460e4a1d67baaa1 Loading...

	#2 Eval - 5574e52b1fd36f6e62a1d6210c7ac7d5	159 B	2023-03-09	2023-04-01
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-04-01 10:55:15 Times Seen12 Hash 5574e52b1fd36f6e62a1d6210c7ac7d5 17a0e8ed16cdfc67f8c1e8a5c747e9400ce90306 f58260efc5388d9ee62cfa504a33d66c62c1cc144c5520f4029b6c494f61caec Loading...

	#3 Eval - b8d2e7178a5640f6f03d2076e5be2573	175 B	2023-03-09	2023-06-10
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-06-10 19:44:54 Times Seen31 Hash b8d2e7178a5640f6f03d2076e5be2573 3c571309794ab746b4307f469046755d48b82984 cce9a1638a60e826f384115ee86bb6c7a6238374719f081175af0399977b9737 Loading...

	#4 Eval - d16fdaaa09d21403a83da8229354a2d3	175 B	2023-03-09	2023-06-10
Pretty Observations First Seen2023-03-09 21:09:49 Last Seen2023-06-10 19:44:54 Times Seen43 Hash d16fdaaa09d21403a83da8229354a2d3 d9b7209ef411c49ee7b15881a1fcd5b26830958e cdeddddd1e5823caa98d6e4ad4e27b1efb4106c00f8dfc9af950598fb81c0ee3 Loading...

	#5 Eval - a5cf3dcdc8aca1ec29c4abcfeecc1330	129 B	2023-03-09	2023-08-30
Pretty Observations First Seen2023-03-09 21:09:49 Last Seen2023-08-30 08:02:15 Times Seen109 Hash a5cf3dcdc8aca1ec29c4abcfeecc1330 f244724c564da711ab376d6988b713cec5ecb8c2 79b7b242a4d724e045a1452f4ec8b6be6da604550f1b80b8ac31f504a6e1f237 Loading...

	#6 Eval - ef2673b1afadb088cbd032790a25729e	175 B	2023-03-09	2023-06-10
Pretty Observations First Seen2023-03-09 21:09:50 Last Seen2023-06-10 19:44:54 Times Seen3 Hash ef2673b1afadb088cbd032790a25729e 9f30a1dd018d8b3f552bcc8941d349ea84df8306 1f3c50574860856bcfbecdbb353f91eb0af5ab59c7bcdad3dd7b5e27b363bccb Loading...

	#7 Eval - 80015629c3edbfa3827e7a3a6fce5537	1.1 kB	2023-03-09	2023-03-14
Pretty Observations First Seen2023-03-09 21:09:50 Last Seen2023-03-14 11:14:56 Times Seen1 Hash 80015629c3edbfa3827e7a3a6fce5537 2a1fcb0ce986a3e2f06d7ad39e7c203cdbb7b40d 8a7616f36c40cd62f3abf11a898242497f162997a7833c1fbee5fc34d99bb879 Loading...

	#8 Eval - 5f3ba1c7bc31c74d5df81e793fee5b4f	175 B	2023-03-09	2023-05-07
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-05-07 18:08:42 Times Seen31 Hash 5f3ba1c7bc31c74d5df81e793fee5b4f 52e4c705782800d045244ca54093080ed151f706 38133bce14ef09dbd421228ff7b10504bdeac36f52922a694e25faaf0a31d80b Loading...

	#9 Eval - cfddcee98f552c8e4a4aa5d23548ee3b	175 B	2023-03-09	2023-05-07
Pretty Observations First Seen2023-03-09 21:09:50 Last Seen2023-05-07 18:08:42 Times Seen2 Hash cfddcee98f552c8e4a4aa5d23548ee3b 176462d0aaf51929995157de3825d400e215d071 0f6168b2efdac565eace004ccab4e004ab05324222d7bafe5382d17d8b47cb9b Loading...

	#10 Eval - b2f6fd3f25b8995af531a822dc6eede4	159 B	2023-03-09	2023-03-14
Pretty Observations First Seen2023-03-09 21:09:50 Last Seen2023-03-14 11:14:56 Times Seen1 Hash b2f6fd3f25b8995af531a822dc6eede4 0318540be4c8aaae30b60de73f6e92b35d2a542e 3abdd48830dccf92407ee2bd27375931d51fce8bcb81849826a9c00e357983e1 Loading...

	#11 Eval - 4cb1c74e4437fa6ab0417b7f5804244a	1.1 kB	2023-03-09	2023-04-01
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-04-01 10:55:15 Times Seen12 Hash 4cb1c74e4437fa6ab0417b7f5804244a e8963a293e10ef1f30fbf1c39e104e52e6505a0d 982caa8846f5fdbb5a171e7a10bb8ad0505eff162f7b872608b9212ee9f7a61c Loading...

	#12 Eval - a329461c344762f9381c045f34c5efaa	175 B	2023-03-09	2023-06-27
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-06-27 12:24:38 Times Seen59 Hash a329461c344762f9381c045f34c5efaa 261e995731df0f8dfd9f778858f094cfcda2a8cb 1a11cb3947b0156df13da2cb5f3d34603590dac601b9453070918049fdd03f7b Loading...

	#13 Eval - 8730a13530355eb22bb33c836f086082	175 B	2023-03-09	2023-06-27
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-06-27 12:24:38 Times Seen88 Hash 8730a13530355eb22bb33c836f086082 26453d6988d8fa63ddb533f00c5f38848e7d5027 3fa6add7038e119c6675b632a82ce0dfd083138a2a4baeef9ed42666ee50c666 Loading...

	#14 Eval - 3c330c9a7a36e16fb093dbf12896f8d5	175 B	2023-03-09	2023-06-27
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-06-27 12:24:38 Times Seen89 Hash 3c330c9a7a36e16fb093dbf12896f8d5 7547b8d5c12b4912e84dbfb07c7b3a605ea99840 a09561252dbdeef6a5df9697ef3f1ad54a272817fdc1d7be84251af6a336bfeb Loading...

	#15 Eval - 5a9f55398a0e0fc9c911c63b712c36f9	96 B	2023-03-09	2023-04-01
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-04-01 11:03:51 Times Seen31 Hash 5a9f55398a0e0fc9c911c63b712c36f9 75a100478938bcc317f667eab308583f3d9b1c97 6f92001749d1628df317368837be7bf87a64f67c580c6afb3f624993464d189f Loading...

	#16 Eval - 63bffc9d84f04ebd7a931574121f5d81	174 B	2023-03-09	2023-06-10
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-06-10 19:44:54 Times Seen43 Hash 63bffc9d84f04ebd7a931574121f5d81 4d3da7ca6c3d2c7efb208fc2a96dcc3388072bb5 1f4341c81fef9a636b6517af25566b8e640b0c636147249e10e4570eccb8e5f8 Loading...

	#17 Eval - 2e786cf77cc7b009715f298893d1bd63	174 B	2023-03-09	2023-06-27
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-06-27 12:24:38 Times Seen59 Hash 2e786cf77cc7b009715f298893d1bd63 c0de0fa92c7adb9f1f9f75d48262add11f281c54 95bb3352f48612c399b70b96ac912c14ccbee69b9ae90fac8739c5b7f854097d Loading...

	#18 Eval - a5251e27ed1cd4089758c491c6ce801e	175 B	2023-03-09	2023-06-27
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-06-27 12:24:37 Times Seen76 Hash a5251e27ed1cd4089758c491c6ce801e fc948a7a60f3df3f914c2315489e4ee61f36cda9 992fa44947ee35b75e646237842b5d213f37eb7978820c93feba0ccdb4a314c1 Loading...

	#19 Eval - ebda5f877813687a70dbbaafa623bcbb	175 B	2023-03-09	2023-06-27
Pretty Observations First Seen2023-03-09 21:09:49 Last Seen2023-06-27 12:24:38 Times Seen88 Hash ebda5f877813687a70dbbaafa623bcbb 0682fd38fe2791485e6ba3c5f7698cb1bd18364d 4d32517d42fe2d802160ef3c2749de335fbda80fddf801c11271764119615d04 Loading...

	#20 Eval - fde27acd2570c41b1bc0a1efe6e6e23b	175 B	2023-03-09	2023-06-27
Pretty Observations First Seen2023-03-09 21:09:49 Last Seen2023-06-27 12:24:38 Times Seen89 Hash fde27acd2570c41b1bc0a1efe6e6e23b f78af27df6efe3f150be05e57999a0b4c73c77fc 9d464c64e5d941d63ca988c85369eadc53e8b6c1409a9bddcef122350c0be61e Loading...

	#21 Eval - 316c4e7b5197bab31992701980554baf	92 B	2023-03-09	2024-02-24
Pretty Observations First Seen2023-03-09 21:09:49 Last Seen2024-02-24 11:49:47 Times Seen123 Hash 316c4e7b5197bab31992701980554baf 67c2ebab8e5ef3291deda40b2ac7a73a9a839517 4934faa186db0cc2482826b13bf43692fcacf5eb162b84d555a31baba0cfa1e1 Loading...

	#22 Eval - 4fc3047af98c627dbe0e172ffc137010	311 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:03:19 Last Seen2024-04-24 12:12:45 Times Seen3403 Hash 4fc3047af98c627dbe0e172ffc137010 7bdfb08c510896f7fac79d8a8c17187f70ba9e20 83b34ed574c9630f2d800fa605bcc5d84e287907f47456c7bd1be0deabd38901 Loading...

	#23 Eval - 39b078bd657e8ed0fe2554cb5a544350	174 B	2023-03-09	2023-06-27
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-06-27 12:24:38 Times Seen40 Hash 39b078bd657e8ed0fe2554cb5a544350 22f52b059c0a6dda910614116a0f1d22daff801f d66403f747f834123ae4e8267efb424a435b675309d32284436e21499da00df9 Loading...

	#24 Eval - ec3021b5e2e86bbaced2cce6b20e7260	175 B	2023-03-09	2023-06-10
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-06-10 19:44:54 Times Seen62 Hash ec3021b5e2e86bbaced2cce6b20e7260 745499c87717749d02cb3aa0a11e1dfeed3bbd26 337cf45cb3e5924361a32f89a9aa1848a15c9e2097ec653fe3d91ed50b3e9625 Loading...

	#25 Eval - 6262626431d9a21ef99ce52be3dcc5e9	159 B	2023-03-09	2023-03-14
Pretty Observations First Seen2023-03-09 21:09:50 Last Seen2023-03-14 11:14:56 Times Seen1 Hash 6262626431d9a21ef99ce52be3dcc5e9 7879390c14b54feacc8878be2a2520873d860cb5 1f6838499d3fc8108bbbdd77167a37a8a0f3d3dffeaef6f138caff857ef7f8ed Loading...

	#26 Eval - 85c55d9f92386480e127b7288b5a6f39	175 B	2023-03-09	2023-05-07
Pretty Observations First Seen2023-03-09 21:09:49 Last Seen2023-05-07 18:08:42 Times Seen31 Hash 85c55d9f92386480e127b7288b5a6f39 fb67fb727f297ba2f27ea7204976b01a75759bac 24a33e2961de49b65941b97aef99987f45e37ea198d6711bf8a4b403d8ea81f0 Loading...

	#27 Eval - fc458da4beee9e8af7fab7273a931611	175 B	2023-03-09	2023-05-07
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-05-07 18:08:42 Times Seen30 Hash fc458da4beee9e8af7fab7273a931611 20cede65d8690fa85cf0baaa62463df49f081e16 2287cfecfb9b1396f01cf405cccc873a557aeb8635780437cfa07d8caf4f1544 Loading...

	#28 Eval - a1ce05cc53c8daa65984d59639fc91b4	159 B	2023-03-09	2023-03-14
Pretty Observations First Seen2023-03-09 21:09:50 Last Seen2023-03-14 11:14:56 Times Seen1 Hash a1ce05cc53c8daa65984d59639fc91b4 c4579d946db68a07927290e97b484fee7cb27ee2 fbca213a281d87c94d33ed4c62f7b11dacff994381dad97026b3c447c809fcea Loading...

	#29 Eval - be53b7315d393c05668231722fec98d7	175 B	2023-03-09	2023-06-27
Pretty Observations First Seen2023-03-09 21:09:49 Last Seen2023-06-27 12:24:37 Times Seen75 Hash be53b7315d393c05668231722fec98d7 970107d583d4b62eebc05b05615b7255bc80421b cd390c3f1bed569e1c02ef017dfa8978a088b7a790fba33b1c0bd85dd32c6d8d Loading...

	#30 Eval - 6a8c45f5329855315d36f25509bd6737	175 B	2023-03-09	2023-06-10
Pretty Observations First Seen2023-03-09 21:09:49 Last Seen2023-06-10 19:44:54 Times Seen21 Hash 6a8c45f5329855315d36f25509bd6737 fa02a6c0c82392b629ba974e5a9a1b8006ac4e0d 37ce5d5bec59cc6dda8b18db2217f7249a077f49ff920fc46c43dc1e0a9afeb0 Loading...

	#31 Eval - fe90dbfac477ff6ffac2e43cb1fb19ab	159 B	2023-03-09	2023-04-01
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-04-01 10:55:15 Times Seen12 Hash fe90dbfac477ff6ffac2e43cb1fb19ab 3bfcdcf1d19f3ea1cfd4963f04553a602d65083b 0da6fd0a2cd90a1f15c695daf39d7a0e67556abd2bf1801da15ee718cc72ee30 Loading...

	#32 Eval - 350725ea65fb789436d7704c57209bc2	1.1 kB	2023-03-09	2023-04-01
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-04-01 10:55:15 Times Seen12 Hash 350725ea65fb789436d7704c57209bc2 f1793c730cfb0910153517eb95b50ddbe653a36e 13443455dd3418deeee4e201d13a80c670065d6c785b4afc3fdcae5cf1382616 Loading...

	#33 Eval - 1da1eb934936bf610f85413bee4e6542	174 B	2023-03-09	2023-06-27
Pretty Observations First Seen2023-03-09 21:09:49 Last Seen2023-06-27 12:24:38 Times Seen71 Hash 1da1eb934936bf610f85413bee4e6542 b90a3caa50f398e988febe4d0f5b30439d6b5174 d9490d9811084b85ae0b243062e77164dc8650d0f2797a64b1b68aef03837acb Loading...

	#34 Eval - 42f2a362bba5fa12d791522e64926446	175 B	2023-03-09	2023-06-27
Pretty Observations First Seen2023-03-09 21:09:49 Last Seen2023-06-27 12:24:38 Times Seen40 Hash 42f2a362bba5fa12d791522e64926446 15a046afc916ddc3a613b6e470e56763c7aef47a 630b8919b362d11e2258db5630f777c25d7e72dd4f2e9ef6b5a7db9bece07c76 Loading...

	#35 Eval - e91bc465b6b2e17cd749097207ffadf9	175 B	2023-03-09	2023-05-07
Pretty Observations First Seen2023-03-09 21:09:49 Last Seen2023-05-07 18:08:42 Times Seen21 Hash e91bc465b6b2e17cd749097207ffadf9 bdb8d1e7715d01dfe4cf8ef5c83f3b7acc2871eb 7d4d16be676743463d23b2d89fd2ef540397106e5bb581dabde6304fd76c1be3 Loading...

	#36 Eval - 4ef763b3166d3390d991894500498e60	1.1 kB	2023-03-09	2023-06-10
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-06-10 19:44:54 Times Seen43 Hash 4ef763b3166d3390d991894500498e60 82a1f86568151823070c69d4250f84b0e7527165 93a591cb3b0817b067674ee986244ad6991e25b6366301402fa8d6d9c8a69ab4 Loading...

	#37 Eval - 12f000ffd6d79947fbd7be31b447a9ff	158 B	2023-03-09	2023-04-01
Pretty Observations First Seen2023-03-09 21:09:49 Last Seen2023-04-01 10:55:15 Times Seen12 Hash 12f000ffd6d79947fbd7be31b447a9ff 01e5c923dd434e8a725a764ce4c3b8af6f1c37e5 bd1ec1ff18ace0bab48ebbaffe1cc83e85db0f1bbd0dcf903f0010ad9c6e0f85 Loading...

	#38 Eval - 27cabf969512651f7259d26314daa2ab	174 B	2023-03-09	2023-06-10
Pretty Observations First Seen2023-03-09 21:09:48 Last Seen2023-06-10 19:44:54 Times Seen43 Hash 27cabf969512651f7259d26314daa2ab ae33a7934bb295839f0361e57280bc0683944dbe e8048d4d1d027c84ea908b315784bbd9047f7cfd11a13d62f2e8e6d95bc2a2ec Loading...

	#39 Eval - 4cd1376e3bc80691c5fde1dcf352362b	1.1 kB	2023-03-09	2023-03-14
Pretty Observations First Seen2023-03-09 21:09:50 Last Seen2023-03-14 11:14:56 Times Seen1 Hash 4cd1376e3bc80691c5fde1dcf352362b f6280343b01db7cdbac7886627143e61019f1c69 96f81a4848c8058342456a85aa698e767e6c43719df1f1d3453efa25d90f61fe Loading...

	#40 Eval - 271669c0dc2ce357b2e32c1d290f9454	175 B	2023-03-09	2023-06-10
Pretty Observations First Seen2023-03-09 21:09:50 Last Seen2023-06-10 19:44:54 Times Seen3 Hash 271669c0dc2ce357b2e32c1d290f9454 9854ff16631028f7ece7d04d0c64bade59270ff5 06048a986b4a2a2f68d434a4f91fdea397ac07c477384c28fd134288a536b95d Loading...

	#41 Eval - ccb020b0f8a0bb9194f0a9079c431fad	1.1 kB	2023-03-09	2023-03-14
Pretty Observations First Seen2023-03-09 21:09:50 Last Seen2023-03-14 11:14:56 Times Seen1 Hash ccb020b0f8a0bb9194f0a9079c431fad bcd3035ada29747f649f4ec16f03ff453d0288da 598086b38b4284e75a261de5c09d4bcf88df76ab5150fcb91d706b04df07d1c0 Loading...

HTTP Transactions (48)

URL IP Response Size

xcis.mobixone.co.za/mtn-za/subscribe/omBl-0dJI-0Tfs-rUqi-rbPI-qBEl-9jiM-g13H/bigthinking/mtn-za/ZA/subscribe/fz99dQRDq1u4oh2G2SQ2CedP/bigthinking-strengthenyoga/strength190754/EMPTY/EMPTY/

52.17.208.175

303 See Other

0 B

URL HTTP/1.1
xcis.mobixone.co.za/mtn-za/subscribe/omBl-0dJI-0Tfs-rUqi-rbPI-qBEl-9jiM-g13H/bigthinking/mtn-za/ZA/subscribe/fz99dQRDq1u4oh2G2SQ2CedP/bigthinking-strengthenyoga/strength190754/EMPTY/EMPTY/
IP
52.17.208.175:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /mtn-za/subscribe/omBl-0dJI-0Tfs-rUqi-rbPI-qBEl-9jiM-g13H/bigthinking/mtn-za/ZA/subscribe/fz99dQRDq1u4oh2G2SQ2CedP/bigthinking-strengthenyoga/strength190754/EMPTY/EMPTY/ HTTP/1.1
Host: xcis.mobixone.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 303 See Other
Date: Mon, 30 Jan 2023 12:01:01 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Referrer-Policy: origin-when-cross-origin
Location: http://doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2568
Expires: Mon, 30 Jan 2023 12:43:49 GMT
Date: Mon, 30 Jan 2023 12:01:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18169
Expires: Mon, 30 Jan 2023 17:03:50 GMT
Date: Mon, 30 Jan 2023 12:01:01 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 11:35:42 GMT
content-type: application/json
age: 1519
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6539
Expires: Mon, 30 Jan 2023 13:50:00 GMT
Date: Mon, 30 Jan 2023 12:01:01 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: WqO7Ws5kDjYA44/644twPE7DzuvbnzdeQ27dkVQhlF/FOqEjkWpxn2ZotUVZD4sSL1/Ce5Tgh6yg0IF1i9qomA==
x-amz-request-id: N5CQBH29S1679JDS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 11:21:46 GMT
age: 2355
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh

54.246.197.15

302 Found

202 B

URL HTTP/1.1
doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh
IP
54.246.197.15:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with no line terminators
Size
202 B (202 bytes)
Hash
204d54c03d9a9f667b63e8367af1f490
5cff0185c7e5a70ed1f0bfd013317364fcad7970
683439f970afb4f4b36ce5c701adfe814be016360b092edbc14692d3d46cb1aa

HTTP Headers

GET /service/9095?ext_ref=ASBbc3NI10m6Opyh HTTP/1.1
Host: doi.mtndep.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _gcl_au=1.1.263228655.1675079803; _ga_57Q9E221SZ=GS1.1.1675079803.1.0.1675079810.0.0.0; _ga=GA1.3.332567611.1675079803; _gid=GA1.3.1865360990.1675079804; _fbp=fb.2.1675079803845.556691543
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Mon, 30 Jan 2023 12:01:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 202
Connection: keep-alive
Server: nginx/1.15.8
X-DNS-Prefetch-Control: off
X-Frame-Options: DENY
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Location: /service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b
Vary: Accept

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:01:01 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 11:41:41 GMT
age: 1160
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b

54.246.197.15

200 OK

43 kB

URL HTTP/1.1
doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b
IP
54.246.197.15:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (62577)
Size
43 kB (43184 bytes)
Hash
779a9289a22a5bf7d56a0aa4098f0ab1
d097a66df5528e299a2456d98118a4cf00a5a722
697fab14c6efb960172bf26e990fbe4cebf72f4a305611152a10e5ed4a32d829

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3

HTTP Headers

GET /service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b HTTP/1.1
Host: doi.mtndep.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _gcl_au=1.1.263228655.1675079803; _ga_57Q9E221SZ=GS1.1.1675079803.1.0.1675079810.0.0.0; _ga=GA1.3.332567611.1675079803; _gid=GA1.3.1865360990.1675079804; _fbp=fb.2.1675079803845.556691543
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:01:02 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.15.8
Vary: Accept-Encoding
X-DNS-Prefetch-Control: off
X-Frame-Options: DENY
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
ETag: W/"27d2b-SQDo8uFF2sazNg0wVW9ODmgO64E"
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16936
Expires: Mon, 30 Jan 2023 16:43:18 GMT
Date: Mon, 30 Jan 2023 12:01:02 GMT
Connection: keep-alive

doi.mtndep.co.za/css/wap_templates_20210518.min.css

54.246.197.15

200 OK

2.6 kB

URL HTTP/1.1
doi.mtndep.co.za/css/wap_templates_20210518.min.css
IP
54.246.197.15:0
ASN
#16509 AMAZON-02

File type
assembler source, ASCII text
Size
2.6 kB (2601 bytes)
Hash
1a59d6ecc194c41870a8df1c5eca5872
01cadaa4626e4ad47d2597718b36789a22743d36
b57dc3041b37622b44e7fb6e269c197b79722a806070177cf4899b1f8295654d

HTTP Headers

GET /css/wap_templates_20210518.min.css HTTP/1.1
Host: doi.mtndep.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b
Cookie: _gcl_au=1.1.263228655.1675079803; _ga_57Q9E221SZ=GS1.1.1675079803.1.0.1675079810.0.0.0; _ga=GA1.3.332567611.1675079803; _gid=GA1.3.1865360990.1675079804; _fbp=fb.2.1675079803845.556691543

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:01:02 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.15.8
Vary: Accept-Encoding
Last-Modified: Wed, 07 Dec 2022 18:09:39 GMT
ETag: W/"6390d6e3-2593"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' https://ui-api.dep.mtn.co.za; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com data: blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com https://dep.mtn.co.za http://doi.dep.mtn.co.za http://doi.mtndep.co.za  data:; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com; object-src 'none'
Cache-Control: no-store
Pragma: no-cache
Expires: -1
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip

doi.mtndep.co.za/img/mtn-logo.png

54.246.197.15

200 OK

1.9 kB

URL HTTP/1.1
doi.mtndep.co.za/img/mtn-logo.png
IP
54.246.197.15:0
ASN
#16509 AMAZON-02

File type
PNG image data, 180 x 92, 8-bit colormap, non-interlaced\012- data
Size
1.9 kB (1933 bytes)
Hash
0dea7b732ecb857b6b67e1a93304d7ed
8e1bf1e3bd90ea4becfe7cd23d3646cb5f8adf78
349123710f9330be65bce7c718519d88f3d1bf51b5fa7f46a0c7402521762f0f

HTTP Headers

GET /img/mtn-logo.png HTTP/1.1
Host: doi.mtndep.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b
Cookie: _gcl_au=1.1.263228655.1675079803; _ga_57Q9E221SZ=GS1.1.1675079803.1.0.1675079810.0.0.0; _ga=GA1.3.332567611.1675079803; _gid=GA1.3.1865360990.1675079804; _fbp=fb.2.1675079803845.556691543

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:01:02 GMT
Content-Type: image/png
Content-Length: 1933
Connection: keep-alive
Server: nginx/1.15.8
Last-Modified: Wed, 09 Mar 2022 18:05:31 GMT
ETag: "6228ec6b-78d"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' https://ui-api.dep.mtn.co.za; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com data: blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com https://dep.mtn.co.za http://doi.dep.mtn.co.za http://doi.mtndep.co.za  data:; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com; object-src 'none'
Cache-Control: no-store
Pragma: no-cache
Expires: -1
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes

doi.mtndep.co.za/img/doi-confirmation_66_3294_banner.png

54.246.197.15

200 OK

60 kB

URL HTTP/1.1
doi.mtndep.co.za/img/doi-confirmation_66_3294_banner.png
IP
54.246.197.15:0
ASN
#16509 AMAZON-02

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x520, components 3\012- data
Size
60 kB (60352 bytes)
Hash
6df503088fcb143fd8d889da3e4e6b6f
55cee6884fa3acbadd2a2e261d554dd1fd72be17
18cdba5eceee6a447f4cebb462c63266baf3225bc7e6ee3e1e0282ffff36e802

HTTP Headers

GET /img/doi-confirmation_66_3294_banner.png HTTP/1.1
Host: doi.mtndep.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doi.mtndep.co.za/service/9095?ext_ref=ASBbc3NI10m6Opyh&rid=c3e0bc10a09511edb3e4ada3aa83b02b
Cookie: _gcl_au=1.1.263228655.1675079803; _ga_57Q9E221SZ=GS1.1.1675079803.1.0.1675079810.0.0.0; _ga=GA1.3.332567611.1675079803; _gid=GA1.3.1865360990.1675079804; _fbp=fb.2.1675079803845.556691543

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:01:02 GMT
Content-Type: image/png
Content-Length: 60352
Connection: keep-alive
Server: nginx/1.15.8
Last-Modified: Mon, 18 Jul 2022 12:21:52 GMT
ETag: "62d55060-ebc0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' https://ui-api.dep.mtn.co.za; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com data: blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com https://dep.mtn.co.za http://doi.dep.mtn.co.za http://doi.mtndep.co.za  data:; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com; object-src 'none'
Cache-Control: no-store
Pragma: no-cache
Expires: -1
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes

analytics-zmd.securewebfraud.io/web/v1/content/view/Confirmation/za_mtn/AQ4z3knYXIfEzc2Dn4uDHiVq8MsKty0XXi5ZRskPKueo60rVB2PHOIIaL0IKm2zpLQ4_

91.241.94.108

200

51 B

URL HTTP/1.1
analytics-zmd.securewebfraud.io/web/v1/content/view/Confirmation/za_mtn/AQ4z3knYXIfEzc2Dn4uDHiVq8MsKty0XXi5ZRskPKueo60rVB2PHOIIaL0IKm2zpLQ4_
IP
91.241.94.108:0
ASN
#49582 Upstream Telecommunications And Software Systems S.A.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
51 B (51 bytes)
Hash
49cdc214849d5ced018d230677b14076
0e75513436e6b01963759f6a88282445ff2e5b3a
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675

HTTP Headers

GET /web/v1/content/view/Confirmation/za_mtn/AQ4z3knYXIfEzc2Dn4uDHiVq8MsKty0XXi5ZRskPKueo60rVB2PHOIIaL0IKm2zpLQ4_ HTTP/1.1
Host: analytics-zmd.securewebfraud.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doi.mtndep.co.za/

HTTP/1.1 200 
Date: Mon, 30 Jan 2023 12:01:02 GMT
Cache-Control: no-store, private
Content-Disposition: attachment; filename="pixel"
Pragma: no-cache
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 51
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
Set-Cookie: TS0178889e=01b02e3e89895f69a70b0a1867c366809a89c6a679b3b5863af1b0b20da7149306b33d32cadac70b521f888b3ad56938545591e066; Path=/; Domain=.analytics-zmd.securewebfraud.io

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:01:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

web-zmd.secure-d.io/web/v1/content/view/Confirmation/za_mtn/AQ4z3knYXIfEzc2Dn4uDHiVq8MsKty0XXi5ZRskPKueo60rVB2PHOIIaL0IKm2zpLQ4_

91.241.95.160

200

51 B

URL HTTP/1.1
web-zmd.secure-d.io/web/v1/content/view/Confirmation/za_mtn/AQ4z3knYXIfEzc2Dn4uDHiVq8MsKty0XXi5ZRskPKueo60rVB2PHOIIaL0IKm2zpLQ4_
IP
91.241.95.160:0
ASN
#49582 Upstream Telecommunications And Software Systems S.A.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
51 B (51 bytes)
Hash
49cdc214849d5ced018d230677b14076
0e75513436e6b01963759f6a88282445ff2e5b3a
7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675

HTTP Headers

GET /web/v1/content/view/Confirmation/za_mtn/AQ4z3knYXIfEzc2Dn4uDHiVq8MsKty0XXi5ZRskPKueo60rVB2PHOIIaL0IKm2zpLQ4_ HTTP/1.1
Host: web-zmd.secure-d.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doi.mtndep.co.za/

HTTP/1.1 200 
Date: Mon, 30 Jan 2023 12:01:02 GMT
Cache-Control: no-store, private
Content-Disposition: attachment; filename="pixel"
Pragma: no-cache
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 51
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
Set-Cookie: TS01de573e=01b02e3e89e74800630dd6817e87d6ff235e31cf9aa1902e768e9931708125e91c532a8f6a78f1ebec8a32ffe2ba1f1baf062a2762; Path=/; Domain=.web-zmd.secure-d.io

push.services.mozilla.com/

50.112.247.170

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
50.112.247.170:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fis+hHp8PfTaC5BXdqJvmg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nyBXVUtKkE43PiI7PkfsApqjJYM=

web-zmd.secure-d.io/api/v1/beacon/retrieve?secureSessionId=AQ4z3knYXIfEzc2Dn4uDHiVq8MsKty0XXi5ZRskPKueo60rVB2PHOIIaL0IKm2zpLQ4_

91.241.95.160

200

0 B

URL HTTP/1.1
web-zmd.secure-d.io/api/v1/beacon/retrieve?secureSessionId=AQ4z3knYXIfEzc2Dn4uDHiVq8MsKty0XXi5ZRskPKueo60rVB2PHOIIaL0IKm2zpLQ4_
IP
91.241.95.160:0
ASN
#49582 Upstream Telecommunications And Software Systems S.A.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/v1/beacon/retrieve?secureSessionId=AQ4z3knYXIfEzc2Dn4uDHiVq8MsKty0XXi5ZRskPKueo60rVB2PHOIIaL0IKm2zpLQ4_ HTTP/1.1
Host: web-zmd.secure-d.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://doi.mtndep.co.za
Connection: keep-alive
Referer: http://doi.mtndep.co.za/

HTTP/1.1 200 
Date: Mon, 30 Jan 2023 12:01:02 GMT
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Access-Control-Allow-Origin: *
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
Set-Cookie: TS01de573e=01b02e3e89e65d04728676e09b43a3b229083270129510573866d3fa5bbfff7f04ee13149be4635b598ec46f413c7857e133313e97; Path=/; Domain=.web-zmd.secure-d.io

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d12e9ff2f182d3ce52d59d589ab5a61d
1d39c5eed0a766cbee2fe1f0729eab7472f56d7f
e675272e9b74782eb09ee52be90da7a92ba0cbe71fccba9bd8c4416e4817b13b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:01:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:01:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:01:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c239475b53a2314c43c5922ef55e73f8
e30168fe4daa7e6ebe19591863e7175bf9ad784d
2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3858
Cache-Control: max-age=136356
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:01:02 GMT
Etag: "63d71410-1d7"
Expires: Wed, 01 Feb 2023 01:53:38 GMT
Last-Modified: Mon, 30 Jan 2023 00:49:20 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

static.ads-twitter.com/uwt.js

151.101.244.157

200 OK

15 kB

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.244.157:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (57596), with no line terminators
Size
15 kB (15375 bytes)
Hash
573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:01:02 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-hel1410021-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

157.240.205.11

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.205.11:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
28 kB (27815 bytes)
Hash
541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 5+GiZiVe9129HyC7CBW7NwUZjFqov9tGGrzS9XmecwCY03Vqgu7pCLmQOE242jUEioF7Pb+7XhknbcT/VfSf8A==
priority: u=3,i
content-length: 27815
x-fb-trip-id: 1679558926
date: Mon, 30 Jan 2023 12:01:02 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c239475b53a2314c43c5922ef55e73f8
e30168fe4daa7e6ebe19591863e7175bf9ad784d
2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3858
Cache-Control: max-age=136356
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:01:02 GMT
Etag: "63d71410-1d7"
Expires: Wed, 01 Feb 2023 01:53:38 GMT
Last-Modified: Mon, 30 Jan 2023 00:49:20 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
d06ae4c607bf5f868f9b300b22384cfb
2629b2e0228105e2c1b21012c8095c041f857f97
65c2fdfa47c0e848e895e365ca185438e33fdae5776f4c430bf235cc24c35077

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2169
Cache-Control: max-age=88198
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:01:02 GMT
Etag: "63d65e8b-138"
Expires: Tue, 31 Jan 2023 12:31:00 GMT
Last-Modified: Sun, 29 Jan 2023 11:54:51 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 312

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
ab2dcc3bb1362e56d703cd5a9770206b
ada40adb7738c48a99921df4a550ad4e0a8316ee
177dd8308239727be447478425fd2e3d720b902ea3bb74834efc4bb1b1830bad

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:01:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 03 Feb 2023 10:43:10 GMT
ETag: "ada40adb7738c48a99921df4a550ad4e0a8316ee"
Last-Modified: Mon, 30 Jan 2023 10:43:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 627
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791a0cf9a8b2b527-OSL

t.co/i/adsct?bci=3&eci=2&event_id=6d1bbb8a-4067-4cab-8543-72fd9bcc573d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e6b876eb-e653-4b54-92a6-912f34b2b57e&tw_document_href=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9095%3Fext_ref%3DASBbc3NI10m6Opyh%26rid%3Dc3e0bc10a09511edb3e4ada3aa83b02b&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxkpr&type=javascript&version=2.3.29

104.244.42.5

200 OK

43 B

URL HTTP/2
t.co/i/adsct?bci=3&eci=2&event_id=6d1bbb8a-4067-4cab-8543-72fd9bcc573d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e6b876eb-e653-4b54-92a6-912f34b2b57e&tw_document_href=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9095%3Fext_ref%3DASBbc3NI10m6Opyh%26rid%3Dc3e0bc10a09511edb3e4ada3aa83b02b&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxkpr&type=javascript&version=2.3.29
IP
104.244.42.5:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=6d1bbb8a-4067-4cab-8543-72fd9bcc573d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e6b876eb-e653-4b54-92a6-912f34b2b57e&tw_document_href=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9095%3Fext_ref%3DASBbc3NI10m6Opyh%26rid%3Dc3e0bc10a09511edb3e4ada3aa83b02b&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxkpr&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Cookie: muc_ads=e461826e-d5e2-4ce7-b034-7e048aef6de1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:01:02 GMT
perf: 7626143928
server: tsa_o
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: c038af31a2d9acf7
strict-transport-security: max-age=0
x-response-time: 106
x-connection-hash: 6a4471b59d8a0af09b8a2f4bce41eda953d33d779fcc6816cbf356c6966771bf
X-Firefox-Spdy: h2

dtm-dre.platform.hicloud.com/download/web/dtm.js?id=DTM-ac1262027c6e10a2817cc06442e74a12

80.158.18.121

200 OK

46 kB

URL HTTP/1.1
dtm-dre.platform.hicloud.com/download/web/dtm.js?id=DTM-ac1262027c6e10a2817cc06442e74a12
IP
80.158.18.121:0
ASN
#6878 T-Systems International GmbH

File type
ASCII text, with very long lines (35529)
Size
46 kB (45819 bytes)
Hash
bce218b4df08c591de540bf37521b472
9781daa63caa8c99c9b9b31b5e0f7d07112a6a2e
f78076c88dc1857960ecdcb0b9e32d22ec71921e25bfbbd4ea5285c33d8606c9

HTTP Headers

GET /download/web/dtm.js?id=DTM-ac1262027c6e10a2817cc06442e74a12 HTTP/1.1
Host: dtm-dre.platform.hicloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:00:56 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private,max-age=900
Content-Disposition: inline
X-XSS-Protection: 1; mode=block
X-frame-options: SAMEORIGIN
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: elb

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
6d2677a268c46fe7437bc9ba7f1933f0
c4c8338d86338480d15172e8691dc9b25c9c25bf
0709a1fe6bd9156d9e98f2c986bcb486031947ce2412744efd1e0ff52f7929d2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1863
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:01:03 GMT
Last-Modified: Mon, 30 Jan 2023 11:30:00 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:01:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:01:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:01:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11133282-52&cid=332567611.1675079803&jid=757020560&_u=QCCAgEABQAAAAEgAI~&z=578061456

142.250.74.35

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11133282-52&cid=332567611.1675079803&jid=757020560&_u=QCCAgEABQAAAAEgAI~&z=578061456
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11133282-52&cid=332567611.1675079803&jid=757020560&_u=QCCAgEABQAAAAEgAI~&z=578061456 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 12:01:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6d1bbb8a-4067-4cab-8543-72fd9bcc573d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e6b876eb-e653-4b54-92a6-912f34b2b57e&tw_document_href=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9095%3Fext_ref%3DASBbc3NI10m6Opyh%26rid%3Dc3e0bc10a09511edb3e4ada3aa83b02b&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxkpr&type=javascript&version=2.3.29

104.244.42.195

200 OK

43 B

URL HTTP/2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6d1bbb8a-4067-4cab-8543-72fd9bcc573d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e6b876eb-e653-4b54-92a6-912f34b2b57e&tw_document_href=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9095%3Fext_ref%3DASBbc3NI10m6Opyh%26rid%3Dc3e0bc10a09511edb3e4ada3aa83b02b&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxkpr&type=javascript&version=2.3.29
IP
104.244.42.195:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=6d1bbb8a-4067-4cab-8543-72fd9bcc573d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e6b876eb-e653-4b54-92a6-912f34b2b57e&tw_document_href=http%3A%2F%2Fdoi.mtndep.co.za%2Fservice%2F9095%3Fext_ref%3DASBbc3NI10m6Opyh%26rid%3Dc3e0bc10a09511edb3e4ada3aa83b02b&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxkpr&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:01:02 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_7+9BoaXbvNAoacPhZQsN1A=="; Max-Age=63072000; Expires=Wed, 29 Jan 2025 12:01:03 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 3d7f882a62f74ddc
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: 539e6ebca4005b09dfc9d4b44a0d18e655f6afa2f90e666d2c8eec2037d2446a
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11133282-52&cid=332567611.1675079803&jid=1477348905&_u=QCCAAEABQAAAAGgAI~&z=1343568180

142.250.74.35

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11133282-52&cid=332567611.1675079803&jid=1477348905&_u=QCCAAEABQAAAAGgAI~&z=1343568180
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-11133282-52&cid=332567611.1675079803&jid=1477348905&_u=QCCAAEABQAAAAGgAI~&z=1343568180 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doi.mtndep.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 12:01:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10672
Expires: Mon, 30 Jan 2023 14:58:55 GMT
Date: Mon, 30 Jan 2023 12:01:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10672
Expires: Mon, 30 Jan 2023 14:58:55 GMT
Date: Mon, 30 Jan 2023 12:01:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10672
Expires: Mon, 30 Jan 2023 14:58:55 GMT
Date: Mon, 30 Jan 2023 12:01:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10672
Expires: Mon, 30 Jan 2023 14:58:55 GMT
Date: Mon, 30 Jan 2023 12:01:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10672
Expires: Mon, 30 Jan 2023 14:58:55 GMT
Date: Mon, 30 Jan 2023 12:01:03 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8464 bytes)
Hash
fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UNub7Gd4S0ogn5EJhtJVu8q1qML5_4eL2lIPQXiAuXy_q-XiR4s-5w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:21 GMT
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
age: 50742
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7538 bytes)
Hash
131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 8bec493a-9c81-4cfd-b6e9-66f4f3d55cb7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOOJQEZSoAMFb1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf2a3b-5f0c9f3e4cac1ba26c802050;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 00:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3uybP14DBtrEK8ieNWHaQfz3Zl_JMl0_L9CGZgcusTjVCFIIaTpwIQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 00:23:18 GMT
age: 41865
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7679 bytes)
Hash
3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx-qjsrMLYpLmE-8QmpR46BeRySbUGL2Rrr6LqhEQ8jaEEj_6Aj0qg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 50934
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9700 bytes)
Hash
6d200552d23c85c199558b79cc24348f
8cc20b9ce98eeacd5b826268da24955a82e78a01
09b05ae6f75b5141401ddc49014e0eb2eac0856ba3b5020bc85f4a9a64d3d2a6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9700
x-amzn-requestid: 9f944a46-7e39-44c3-a640-3c7e9b778bca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkoEEkJIAMFs0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7cd-4b29196f5bd1b2fb04e6363f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jdh2u-xrCjqq1SKWL7hCTqrlGRjbytuxecJS-cwiXb5FQypGKYbFzg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:35 GMT
age: 50728
etag: "8cc20b9ce98eeacd5b826268da24955a82e78a01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9457 bytes)
Hash
51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: soTFEnYjNcti77h3FpnztwzR7ypv68NbyoI6DxS0NhU412ykFsWAgA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:00:38 GMT
age: 50425
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7333 bytes)
Hash
01f406ed5d9b17a7aa00015301bddf94
d78e18830fc6cf231f66f95cc0e01520cfeebddf
33245ea764fb634a01ee9657e529a30567588ecbb10fc0e6499aac14cd21fe81

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7333
x-amzn-requestid: 7563c72f-e40d-4e96-a73f-8aa404ae0b25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFK8IAMFzMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-7eb009311701187873f05b20;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TtG9ZgGc6f034YegsSHOZcZw8Cp-rQwbd03IoB6rCBgAp-boKj_X4w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 50934
etag: "d78e18830fc6cf231f66f95cc0e01520cfeebddf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (57)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML