Report - wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920

Report Overview

Submitted URL
wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife
IP
104.21.90.46
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-18 20:28:09
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.161.231.36
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
cdn.ahacdu.com	479176	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	1.1 MB	45.133.44.4
wopifo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.0 kB	104.21.90.46
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	8.0 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
zerossl.ocsp.sectigo.com	4049	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	336 B	809 B	172.64.155.188
news-debipa.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	786 B	13 kB	149.7.16.221
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	482 B	62 kB	142.250.74.10
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	652 B	1.5 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	86 kB	142.250.74.163
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	6.6 kB	142.250.74.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-18	medium	news-debipa.com	Sinkholed
2022-09-18	medium	news-debipa.com	Sinkholed

JavaScript (24)

	URL	Size	First Seen	Last Seen
	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/	396 B	2023-03-07	2024-02-07
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/ IP 172.67.194.243 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:16:00 Last Seen2024-02-07 05:46:02 Times Seen1 Hash 2a0e341dd29729f5fcec0879780c5617 e371e0c1b384947df488da7f5b07c697ba9a360f db49c579802e855166fff3e82a41d5b2a0006a578076a9d3cd3751cf549cf6e3 Loading...

	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/	107 B	2023-03-07	2023-06-28
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/ IP 172.67.194.243 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:20:16 Last Seen2023-06-28 05:00:18 Times Seen4 Hash aefa084b928f202ba56daf2533fe67d5 a52b060f76fcd6d53b05ad036dde6987fbf9c635 f32325a0cd02c845e2645234dc6fe5518a80e7dc819ec93a8a1ecd2e00a59f3e Loading...

	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/	409 B	2023-03-07	2023-12-28
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/ IP 172.67.194.243 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:16:00 Last Seen2023-12-28 20:10:19 Times Seen9 Hash f97c138b3f203a274caf626c268e5a7a c4cdf3a3cd2ceaecdc6d16a83924e93277d0718e a5d318600507120ac2ca73d4b096283bdf3dce5ac53333ccacbcc0e736165125 Loading...

	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/	90 B	2023-03-07	2023-11-22
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/ IP 172.67.194.243 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:16:00 Last Seen2023-11-22 12:25:54 Times Seen7 Hash 387a5cd82965e9fd666bb532e8449ab6 2dc424aaef222b4e9ec4946e1c15dd3abdeeb75b f32d7f71713e443bcf914c545f19aa1675da849eff3b9b07e35eb4a4e957c18b Loading...

	news-debipa.com/code/https.js?uid=145572&site=8051217&banadu=0&sub1=sub1	8.7 kB	2023-03-07	2024-02-07
Pretty URL news-debipa.com/code/https.js?uid=145572&site=8051217&banadu=0&sub1=sub1 IP 149.7.16.221 ASN #63023 AS-GLOBALTELEHOST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:16:00 Last Seen2024-02-07 05:46:03 Times Seen2 Hash 45354fe40a67b7d312f5d38a6a0155c4 83b3ed0ccc6c5a30c467f3cf3afce23bbb297b30 05345697a022f485f4642c9379b53c636b39b63767cbe1a1014b22b2e96f1446 Loading...

	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/js/9_14.min.js	15 kB	2023-03-07	2024-02-07
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/js/9_14.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:16:00 Last Seen2024-02-07 05:46:03 Times Seen1 Hash 1ccc630b3c4071b6629dad6e29ad639f 2ddc287c0080d0d6d2483e1a750664bfbe09d4c0 203604dc2f207641ae463f22f8e447020f62d60cbceff525b08aa2fe0e1240eb Loading...

	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/	107 B	2023-03-07	2023-06-28
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/ IP 172.67.194.243 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:20:16 Last Seen2023-06-28 05:00:18 Times Seen4 Hash f3dbdb89e9ae4ad13bbbc44548b1cc0f 7b3279892353b639648f28844b65cc0eb306036a fb043cd5de6877a3063bf5b3939dbddcbc0975420b52c688e967ee438710f142 Loading...

	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/	1.2 kB	2023-03-07	2024-02-07
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/ IP 172.67.194.243 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:16:00 Last Seen2024-02-07 05:46:03 Times Seen1 Hash f5f18592872039efed6c1e738ccddbc5 0674de15e9a417bdd0afb64dee3886e230ace77d 6531bf6aa818564250860cf05bda683560fa8d8825ea064a916558968e3f6dbb Loading...

	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/js/js.cookie.min.js	1.9 kB	2023-03-07	2024-02-05
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/js/js.cookie.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:24 Last Seen2024-02-05 00:42:56 Times Seen432 Hash 3671d16ed7eca0f2bf7bae64facaea27 dbe65c6a5cc77ea5f185f8775788600c6594f1e8 89d8e2c8c460dbb856aa8fc5ec2a7cef4af421daea7730fae0822a1eec584679 Loading...

	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/	180 B	2023-03-07	2024-02-07
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/ IP 172.67.194.243 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:16:00 Last Seen2024-02-07 05:46:03 Times Seen1 Hash 58f04405fdc1bb129f2d0c160331d7ad 48f5736fc85f77bf18416ecd09025481e2eed62b 388ed4cf6b5e3a787ae04daeff51e20e0adb8ef63414237e245e01a2286b426a Loading...

	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/	107 B	2023-03-07	2023-06-28
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/ IP 172.67.194.243 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:20:16 Last Seen2023-06-28 05:00:18 Times Seen4 Hash e7a9826a0cd7f14b2e981b1f3ae0211b 93800562cc050fa39697524a9ea20babe9d273da d140a6422c6ecc8997717f0fa10154f4a0f4b47f82af08f56cbf9332aecb6c4e Loading...

	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/	97 B	2023-03-07	2024-04-14
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/ IP 172.67.194.243 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:53 Last Seen2024-04-14 20:55:56 Times Seen223 Hash e5becd724a37f0cb88133664ef9459cc 189d18ce6815d9dd33d5c97f1f9ae194efd47935 3b324ef1aae1c96b56094b43ddc2b486182a63653357c17793b6eb4c17cbe01f Loading...

	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/	83 B	2023-03-07	2023-09-17
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/ IP 172.67.194.243 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:05:14 Last Seen2023-09-17 04:31:02 Times Seen11 Hash a575772ec41b66f58b9c41a2973c22a0 178052472ea4d0d1634db5dbac6ab2df578dc8de e4a3e556f1a81bb55f86c3bee0f8d4b98a3ae98cced55f8cc87d4a3cc84d1d2c Loading...

	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/	107 B	2023-03-07	2023-06-28
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/ IP 172.67.194.243 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:20:16 Last Seen2023-06-28 05:00:18 Times Seen4 Hash 198596257c8f949dfd5ead441da73102 b03ea1a2679f9460dccb46f816e734d44e91d057 d2129b1990331e240f4d5ca8a83d06b2802b76a51169fd66b06074419e5d8d08 Loading...

	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/	45 B	2023-03-07	2023-11-22
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/ IP 172.67.194.243 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:16:00 Last Seen2023-11-22 12:25:54 Times Seen2 Hash d612345986b89c0205a11676502c548e 283aa5841d7d219ad198c3062563740fbb7096eb b920812d5a90cc7fe47454de753ae0278cf8b38666e6bdef41e5679f4a33025d Loading...

	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/	101 B	2023-03-07	2023-11-22
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/ IP 172.67.194.243 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:16:00 Last Seen2023-11-22 12:25:54 Times Seen9 Hash 67f296bc39837730d78474a92878fbd2 f462a52564576292500b8fab0e99ce9e894c3d89 075cceb50f6f659bf6982645394c3b744386f1ad5297b3e050f4cb1a12ded776 Loading...

	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/js/jquery-1.12.4.min.js	97 kB	2023-03-07	2024-02-16
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/js/jquery-1.12.4.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:24 Last Seen2024-02-16 19:59:50 Times Seen756 Hash e879cddf945a0eacc68a976334dea4af e34000448c41c6f51bb839bc9b0197e4ef31fcec 2194c674751b8228cc5b0988c53e4e660a0f8e491481d78e9f4dbad711b23d3a Loading...

	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/js/9_14.min.js	12 kB	2023-03-07	2023-11-23
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/js/9_14.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:06 Last Seen2023-11-23 07:56:05 Times Seen6 Hash 111d3e6a61c0903c43be59669e223444 c106e539347fd8e25579fe71675d62268e98e981 f5155260404a03186e9b39d0af066bdb4653c2b939acb117c41349741aef8e56 Loading...

	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/	1.7 kB	2023-03-07	2024-02-07
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/ IP 172.67.194.243 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:16:00 Last Seen2024-02-07 05:46:03 Times Seen1 Hash 4df8af9d238a7f75236d6bbb4611be8c 15956139741787b74ca896a50d65c4c97413ee8a f90eb25ce2d899ffcf8214f78a19c9fa7ef5375f9afad6fd8c64dfefbc7c10bc Loading...

	wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/	1.3 kB	2023-03-07	2024-02-07
Pretty URL wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/ IP 172.67.194.243 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:16:00 Last Seen2024-02-07 05:46:03 Times Seen1 Hash 58a4cdfa21c0640e2d2b5008cc45be96 ceb31ebfb86e78d0d1c68c54f10578d5c2351026 19d07e1726ecc8a2de427fb92aea1c6ff21264d3e175eb09b0e6280b224f0edb Loading...

		Size	First Seen	Last Seen
	#1 Write - eb52bc03874fc3d44cdeba9233515399	10 B	2023-03-07	2024-02-07
Pretty Observations First Seen2023-03-07 16:32:21 Last Seen2024-02-07 05:46:03 Times Seen1 Hash eb52bc03874fc3d44cdeba9233515399 5f18195683cacd22cad3017acce87c1b1aec025c 0623795394f3d58eba0603f410538a2eb4d92841238ac5f501b3a79884d5917c Loading...

	#2 Write - 9c367f276569b77596f7c06998a295a7	10 B	2023-03-07	2024-02-07
Pretty Observations First Seen2023-03-07 18:16:00 Last Seen2024-02-07 05:46:03 Times Seen1 Hash 9c367f276569b77596f7c06998a295a7 7d9e551a001401fca73c85b82d677ec9d20f5c7e 6b250b68b84c42efc80776c3f1b51e757c3979f6b80079963885af8ac25dfe01 Loading...

	#3 Write - ccc7e68e6480f7e05f603568d93b105c	10 B	2023-03-07	2024-02-07
Pretty Observations First Seen2023-03-07 18:16:00 Last Seen2024-02-07 05:46:03 Times Seen1 Hash ccc7e68e6480f7e05f603568d93b105c df2ee35d377123c65ff16cea0c2774f993ef6a49 9669698cd2f54807873dd6080d2eedb9d758ed3fa25729a39751d69473233065 Loading...

	#4 Write - 5d5dc82817ef62114e0a00001619b887	10 B	2023-03-07	2024-02-07
Pretty Observations First Seen2023-03-07 18:16:00 Last Seen2024-02-07 05:46:03 Times Seen1 Hash 5d5dc82817ef62114e0a00001619b887 79633fe2fac3eeefd5bd845648b1eb1092b9bd1f 0a3984ffce21459c0bea84e8275a17433d1435b81ba800f0720269c036807eb5 Loading...

HTTP Transactions (48)

URL IP Response Size

wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife

104.21.90.46

301 Moved Permanently

0 B

URL HTTP/1.1
wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife
IP
104.21.90.46:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife HTTP/1.1
Host: wopifo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 20:27:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 21:27:59 GMT
Location: https://wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnjA8ngjW%2FJ%2BeUlEpnW737CauHuyJyHZsmzTGZbufUN5xMYLvDmLTKewTsxhKpFN14mVjffKa0xOSN7XBeXliZziwcfiKx%2BdCVgYcy%2F5MztpdT9JbjDgc1q35nK4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ccd34dbff0b4f7-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 20:02:58 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PduXtJDZI0qKuzP0eyGDdpIHyE-tLPz7k9-Bd58Gr8ewEVk0xmPQ9w==
Age: 1501

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5834
Expires: Sun, 18 Sep 2022 22:05:13 GMT
Date: Sun, 18 Sep 2022 20:27:59 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WrjFGiTda4jhHUQn9xMdBaxS1w_ioUjYXhiaxBRsZzabl18sw1kw3A==
age: 57166
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 20:27:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
494b9243647088bb25c9580d4976af59
2fe44074aa72096a058704a0244140ee04574be5
36cc2e670b8c5078b9c3532ac8e33f2c40ae4181e6d2eec83b43670a66706ff7

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "36CC2E670B8C5078B9C3532AC8E33F2C40AE4181E6D2EEC83B43670A66706FF7"
Last-Modified: Sat, 17 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21596
Expires: Mon, 19 Sep 2022 02:27:55 GMT
Date: Sun, 18 Sep 2022 20:27:59 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
494b9243647088bb25c9580d4976af59
2fe44074aa72096a058704a0244140ee04574be5
36cc2e670b8c5078b9c3532ac8e33f2c40ae4181e6d2eec83b43670a66706ff7

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "36CC2E670B8C5078B9C3532AC8E33F2C40AE4181E6D2EEC83B43670A66706FF7"
Last-Modified: Sat, 17 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21596
Expires: Mon, 19 Sep 2022 02:27:55 GMT
Date: Sun, 18 Sep 2022 20:27:59 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 18 Sep 2022 20:03:22 GMT
Expires: Sun, 18 Sep 2022 20:13:42 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qxaoOV24kLFBxi-mrR-UGL8v1DODZ7QEwzf720FFVniVVPYedI4VKg==
Age: 1477

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4210
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:27:59 GMT
Last-Modified: Sun, 18 Sep 2022 19:17:49 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b417168037cd02cb414797a2fe8a898f
504f56151849a7bfcd36d7e72b39ead79a69bfe8
39238b70192886874fc0362dbf5e2b017f71760665c5d1025d75e4a304ded1f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:27:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

1.4 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
1.4 kB (1378 bytes)
Hash
97a8bcaf7941418ced6ea7163749fc93
c297a9860c3ad0e49a1b81c442efeb7047f8177f
5303a671f58daa1f06277332298ec459674559de54b29e11e96a34d20c462670

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:27:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

317 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
317 B (317 bytes)
Hash
5853e468edf1751a1af8829546793b50
c39ad3abe6aefe27250ab3f15d7c629137b57a13
b6a3e7aed32e5429d1f08130eb6c7134ea4e8f3257c30c034de988a56fb03955

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 20:28:00 GMT
Content-Type: application/ocsp-response
Content-Length: 317
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 04:12:15 GMT
Expires: Sun, 25 Sep 2022 04:12:14 GMT
Etag: "c39ad3abe6aefe27250ab3f15d7c629137b57a13"
Cache-Control: max-age=545653,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ccd353fb240b31-OSL

push.services.mozilla.com/

35.161.231.36

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.231.36:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: N+O1xE+/JKHbvfWT3rKMJg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SaaaudnUiKtvZzuTqTnjZM37chk=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:28:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Size
16 kB (15700 bytes)
Hash
3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

HTTP Headers

GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wopifo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 16:04:44 GMT
expires: Sat, 16 Sep 2023 16:04:44 GMT
cache-control: public, max-age=31536000
age: 188596
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

news-debipa.com/code/https.js?uid=145572&site=8051217&banadu=0&sub1=sub1

149.7.16.221

200 OK

8.7 kB

URL HTTP/2
news-debipa.com/code/https.js?uid=145572&site=8051217&banadu=0&sub1=sub1
IP
149.7.16.221:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (8709), with no line terminators
Size
8.7 kB (8709 bytes)
Hash
45354fe40a67b7d312f5d38a6a0155c4
83b3ed0ccc6c5a30c467f3cf3afce23bbb297b30
05345697a022f485f4642c9379b53c636b39b63767cbe1a1014b22b2e96f1446

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /code/https.js?uid=145572&site=8051217&banadu=0&sub1=sub1 HTTP/1.1
Host: news-debipa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wopifo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 20:28:00 GMT
content-type: application/javascript
content-length: 8709
last-modified: Thu, 15 Sep 2022 11:23:35 GMT
etag: "63230b37-2205"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:28:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:28:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:28:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:28:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15528, version 1.0\012- data
Size
16 kB (15528 bytes)
Hash
595fe3fc0b85f3cc9ef5aed2d519abc5
96e76de44987e9dec2f97f1e5eb7a18c738daf5d
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a

HTTP Headers

GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wopifo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 22:59:03 GMT
expires: Wed, 13 Sep 2023 22:59:03 GMT
cache-control: public, max-age=31536000
age: 422937
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotocondensed/v25/ieVg2ZhZI2eCN5jzbjEETS9weq8-19eDtCYobdNZ.woff2

142.250.74.163

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/robotocondensed/v25/ieVg2ZhZI2eCN5jzbjEETS9weq8-19eDtCYobdNZ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17080, version 1.0\012- data
Size
17 kB (17080 bytes)
Hash
e43aefe2f0b22276ca8ade3f8040749b
10b70add30fcf8566fe57dbf220500a1b37ed7ee
921d6a08298f520a4f4c7444ba3cf32d128706ad4018c6a576f915d79122a8dc

HTTP Headers

GET /s/robotocondensed/v25/ieVg2ZhZI2eCN5jzbjEETS9weq8-19eDtCYobdNZ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wopifo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 22:33:53 GMT
expires: Wed, 13 Sep 2023 22:33:53 GMT
cache-control: public, max-age=31536000
age: 424447
last-modified: Tue, 19 Apr 2022 18:52:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotocondensed/v25/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2

142.250.74.163

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/robotocondensed/v25/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17376, version 1.0\012- data
Size
17 kB (17376 bytes)
Hash
8e134f1169d65556e833a4f33fd78242
6f6a4355042cc46857a27f98426e5f5df3059697
3ab6d5bddb52a980ebe7658cca937e1ce087c1478cbeb13715876e463b2dd7f3

HTTP Headers

GET /s/robotocondensed/v25/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wopifo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 17:22:45 GMT
expires: Fri, 15 Sep 2023 17:22:45 GMT
cache-control: public, max-age=31536000
age: 270315
last-modified: Tue, 19 Apr 2022 18:55:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Size
16 kB (15660 bytes)
Hash
d7b0b953a50fddaa88089b5b787cf719
2f85bc568b27659a3d6452f58f9fd7678450326d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

HTTP Headers

GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wopifo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 22:17:40 GMT
expires: Wed, 13 Sep 2023 22:17:40 GMT
cache-control: public, max-age=31536000
age: 425420
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

523 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
523 B (523 bytes)
Hash
7cbebf4c4b0b6120e16ebc5e9f7a507c
c74bd4d5af1b5fddff06840d0cbc3782ae3577b7
6c226c170656585349bebb7af0490d6fedbf3380b5726268e92fa0c0aa1d405a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:28:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2c9ec04e884d0dd8ba76b4c949a75e44
8d90647742e81bc1e70b3ade80e28c981de41156
fb499b6afed3e915ede8ecf097447139835f8f18d30a260068a49dddfbb47105

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB499B6AFED3E915EDE8ECF097447139835F8F18D30A260068A49DDDFBB47105"
Last-Modified: Sat, 17 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20052
Expires: Mon, 19 Sep 2022 02:02:12 GMT
Date: Sun, 18 Sep 2022 20:28:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2c9ec04e884d0dd8ba76b4c949a75e44
8d90647742e81bc1e70b3ade80e28c981de41156
fb499b6afed3e915ede8ecf097447139835f8f18d30a260068a49dddfbb47105

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB499B6AFED3E915EDE8ECF097447139835F8F18D30A260068A49DDDFBB47105"
Last-Modified: Sat, 17 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20052
Expires: Mon, 19 Sep 2022 02:02:12 GMT
Date: Sun, 18 Sep 2022 20:28:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2c9ec04e884d0dd8ba76b4c949a75e44
8d90647742e81bc1e70b3ade80e28c981de41156
fb499b6afed3e915ede8ecf097447139835f8f18d30a260068a49dddfbb47105

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB499B6AFED3E915EDE8ECF097447139835F8F18D30A260068A49DDDFBB47105"
Last-Modified: Sat, 17 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20052
Expires: Mon, 19 Sep 2022 02:02:12 GMT
Date: Sun, 18 Sep 2022 20:28:00 GMT
Connection: keep-alive

news-debipa.com/sw.js

149.7.16.221

200 OK

4.0 kB

URL HTTP/2
news-debipa.com/sw.js
IP
149.7.16.221:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (3964), with no line terminators
Size
4.0 kB (3964 bytes)
Hash
7c60cc903a18857a61023bde734a757b
d53632ffe44847e798eeb6fcaacc3b3584e4a23d
dff87b88fb2ffccdadc8d3c04ffe475d848247456fa7c5b95328ccc14e7a48ea

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sw.js HTTP/1.1
Host: news-debipa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wopifo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 20:28:00 GMT
content-type: application/javascript
content-length: 3964
last-modified: Tue, 30 Aug 2022 09:40:36 GMT
etag: "630ddb14-f7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.ahacdu.com/94/videos/1634767200/menshealth.mp4

45.133.44.4

206 Partial Content

106 kB

URL HTTP/2
cdn.ahacdu.com/94/videos/1634767200/menshealth.mp4
IP
45.133.44.4:0
ASN
#39572 DataWeb Global Group B.V.

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
106 kB (105736 bytes)
Hash
1bee63702f3bbcb0e17ed2f67b9724b2
dd9ab0097b4585d1eea51da2cc8d4e57d23f53ec
d393e81439c9d688b74ebaf8ccd32993f538f6aaad8c6cb23b3713cae0e5fe03

HTTP Headers

GET /94/videos/1634767200/menshealth.mp4 HTTP/1.1
Host: cdn.ahacdu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://wopifo.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 206 Partial Content
date: Sun, 18 Sep 2022 20:28:00 GMT
content-type: video/mp4
content-length: 105736
server: nginx
last-modified: Thu, 21 Oct 2021 14:18:11 GMT
etag: "617176a3-19d08"
x-generator-cdn: true
pragma: public
cache-control: max-age=604800
expires: Sun, 25 Sep 2022 20:28:00 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
content-range: bytes 0-105735/105736
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat+Alternates:wght@600;800&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

142.250.74.10

200 OK

61 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat+Alternates:wght@600;800&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
61 kB (60729 bytes)
Hash
5a8bf04e898fa98a85a52e6a0cc6e7f1
c0b9bb1e849f257fd4f7abce44e5bb177c64526a
17d3fea3cca4763f4784df2ce562e3f4f9304b5082caf0b39c59aff0fefd0f71

HTTP Headers

GET /css2?family=Montserrat+Alternates:wght@600;800&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wopifo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Sep 2022 20:27:59 GMT
date: Sun, 18 Sep 2022 20:27:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.ahacdu.com/94/videos/1634767200/menshealthgif2.mp4

45.133.44.4

206 Partial Content

315 kB

URL HTTP/2
cdn.ahacdu.com/94/videos/1634767200/menshealthgif2.mp4
IP
45.133.44.4:0
ASN
#39572 DataWeb Global Group B.V.

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
315 kB (314579 bytes)
Hash
42925aa2422cbead930f1329246fd42f
ff406fcfc8dc12ce7d3c36581e16d749839bb61c
eef9ec3267d3d1d884341a9f72b4a20a6dd29e4255c8e5ad5c765ab5173fde83

HTTP Headers

GET /94/videos/1634767200/menshealthgif2.mp4 HTTP/1.1
Host: cdn.ahacdu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://wopifo.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 206 Partial Content
date: Sun, 18 Sep 2022 20:28:00 GMT
content-type: video/mp4
content-length: 314579
server: nginx
last-modified: Thu, 21 Oct 2021 14:22:15 GMT
etag: "61717797-4ccd3"
x-generator-cdn: true
pragma: public
cache-control: max-age=604800
expires: Sun, 25 Sep 2022 20:28:00 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
content-range: bytes 0-314578/314579
X-Firefox-Spdy: h2

cdn.ahacdu.com/94/videos/1634767200/menshealth.webm

45.133.44.4

206 Partial Content

174 kB

URL HTTP/2
cdn.ahacdu.com/94/videos/1634767200/menshealth.webm
IP
45.133.44.4:0
ASN
#39572 DataWeb Global Group B.V.

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
174 kB (174213 bytes)
Hash
4595eb6796b6b995726172202b967a91
4bdc4a236d9c47fc57c6441f6085d739a9e54394
07ae9460b80ecda0adaf501261631476e9715bbcb3bf816ec199c41860f99d60

HTTP Headers

GET /94/videos/1634767200/menshealth.webm HTTP/1.1
Host: cdn.ahacdu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://wopifo.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
date: Sun, 18 Sep 2022 20:28:00 GMT
content-type: video/webm
content-length: 174213
server: nginx
last-modified: Thu, 21 Oct 2021 14:18:12 GMT
etag: "617176a4-2a885"
x-generator-cdn: true
pragma: public
cache-control: max-age=604800
expires: Sun, 25 Sep 2022 20:28:00 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
content-range: bytes 0-174212/174213
X-Firefox-Spdy: h2

cdn.ahacdu.com/94/videos/1634767200/menshealthgif2.webm

45.133.44.4

206 Partial Content

432 kB

URL HTTP/2
cdn.ahacdu.com/94/videos/1634767200/menshealthgif2.webm
IP
45.133.44.4:0
ASN
#39572 DataWeb Global Group B.V.

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
432 kB (431789 bytes)
Hash
ef8b5b40f3b305a23327e9538915a07c
5b6837bbc56e2d6621a57a5b75fb6af5cdee130c
1aeeb8eb6488852a46225d87dc209e64b133786ac988a19fedd6a77c80757a04

HTTP Headers

GET /94/videos/1634767200/menshealthgif2.webm HTTP/1.1
Host: cdn.ahacdu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://wopifo.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
date: Sun, 18 Sep 2022 20:28:00 GMT
content-type: video/webm
content-length: 431789
server: nginx
last-modified: Thu, 21 Oct 2021 14:22:15 GMT
etag: "61717797-696ad"
x-generator-cdn: true
pragma: public
cache-control: max-age=604800
expires: Sun, 25 Sep 2022 20:28:00 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
content-range: bytes 0-431788/431789
X-Firefox-Spdy: h2

cdn.ahacdu.com/94/videos/1634767200/menshealthgif3.webm

45.133.44.4

206 Partial Content

72 kB

URL HTTP/2
cdn.ahacdu.com/94/videos/1634767200/menshealthgif3.webm
IP
45.133.44.4:0
ASN
#39572 DataWeb Global Group B.V.

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
72 kB (72186 bytes)
Hash
8d9af4bda220ee9304462fdc22e74172
6d393e35191cc5603259541ee8c74189442746be
1c7b0fbbda3ad5bda6c8068e6ceb1bdcfbb437220c905e19a089516f2ceae874

HTTP Headers

GET /94/videos/1634767200/menshealthgif3.webm HTTP/1.1
Host: cdn.ahacdu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://wopifo.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
date: Sun, 18 Sep 2022 20:28:00 GMT
content-type: video/webm
content-length: 72186
server: nginx
last-modified: Thu, 21 Oct 2021 14:24:35 GMT
etag: "61717823-119fa"
x-generator-cdn: true
pragma: public
cache-control: max-age=604800
expires: Sun, 25 Sep 2022 20:28:00 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
content-range: bytes 0-72185/72186
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10700
Expires: Sun, 18 Sep 2022 23:26:21 GMT
Date: Sun, 18 Sep 2022 20:28:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10700
Expires: Sun, 18 Sep 2022 23:26:21 GMT
Date: Sun, 18 Sep 2022 20:28:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10700
Expires: Sun, 18 Sep 2022 23:26:21 GMT
Date: Sun, 18 Sep 2022 20:28:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10700
Expires: Sun, 18 Sep 2022 23:26:21 GMT
Date: Sun, 18 Sep 2022 20:28:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10700
Expires: Sun, 18 Sep 2022 23:26:21 GMT
Date: Sun, 18 Sep 2022 20:28:01 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5133 bytes)
Hash
56ade9172e883c777dd974ca879bceba
b2aaf019e083443a6404c262206ee2e981d3165c
c8407ad191143d2d947464b357d8426efb334cb165c4fa5ca01573d8f7ca7b76

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5133
x-amzn-requestid: 01f39c0a-c86f-4057-a505-20200819203c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioKkFrFoAMFhMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420a9-5821f44144b61475180ec961;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: mDe4BYbMkqkO3wq6onH6c_YOfWn32Z4L9t-QW_5mwez4bcrVkrQBuw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:38:13 GMT
age: 46188
etag: "b2aaf019e083443a6404c262206ee2e981d3165c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5827 bytes)
Hash
29f4a52fb629dce4ef8038d4df7ea58a
4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5827
x-amzn-requestid: a30d5a61-ccb2-4582-8298-1abb79830dda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7VSF21IAMFvGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257288-5b79117f185617fb0f37a845;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:08:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2cYYmknnm5GHRMA69N-dqXXKHb1-tfN1PuRYB5xxtRJK5Gk3-PO0Bw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:16:15 GMT
age: 47506
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7788 bytes)
Hash
7a22ab7dcdf50f4a297b8e117d336eae
e139a0974317212f094fdbe59e26ca5cf6b9e56d
9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4-H_LbXRjS1PJkVz9OIhwsaPfu8ZlL98zTZG--hdmij9Tc6KtmNSFQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:51:29 GMT
age: 81392
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd6067cf-6392-4f3a-8543-a3861c83d1cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9093 bytes)
Hash
5ae5a7fc19cf9601753b147621cb9f8c
04063797f76518668fdd9a5d5a86c7637eac43b8
b1c659363aa69139a03aab9a6d76800b3568ccf5201f02e1ea864e2bff70d3a7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd6067cf-6392-4f3a-8543-a3861c83d1cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: 29c7788f-27e9-4823-8cba-ebf4ef9ea7ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tjEvsoAMFrtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbc-37b8d7930503d507592bf728;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ad9w48miLhhgUj5HjLWVi8MuMLErwtnog3r3Set_qdQH2FS9Q5Fj6A==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:10:23 GMT
age: 80258
etag: "04063797f76518668fdd9a5d5a86c7637eac43b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6869 bytes)
Hash
51d067e534c477ce996b3e806f6a132e
451c1f67948e45909e636828e3d2a3099de922f0
e13318949733eb7992695c61570cc8b2961d881a8343c677a77cd035e787bbaf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6869
x-amzn-requestid: e4e424a6-6c79-405b-8d1b-d40749ae3f0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5yLHi8oAMFpXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cda-22f6dae17ded045177976eaf;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:32:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eSPLuSCIr6IOor8bQh1STKcy6i_bS6nPhndKrN_g7IrXl6U43TogYw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:29:35 GMT
etag: "451c1f67948e45909e636828e3d2a3099de922f0"
content-type: image/jpeg
age: 79106
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11919 bytes)
Hash
f003d8b6e12692fb16dddd6827deead8
786c333cf08456aea446a55c547520572e1c2df9
d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QgOb-hraq20XpHk_0Cyz2UMxaIEjP8ilIXt2VuhiRJWJAOG5EuAb5A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 05:49:05 GMT
age: 52736
etag: "786c333cf08456aea446a55c547520572e1c2df9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife

172.67.194.243

301 Moved Permanently

0 B

URL HTTP/2
wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife
IP
172.67.194.243:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife HTTP/1.1
Host: wopifo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Sun, 18 Sep 2022 20:27:59 GMT
content-type: text/html; charset=iso-8859-1
location: https://wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfDkXeO31hcYrqUM8IY7zBUWD97K%2FnaFbrU2A%2FSvbdgXxbKXtyb1yy1obWIeP%2Fy8gfNLBrk2OUgV9Onfrb73pOyB7u4teYJIMD3cf6nHVVcMNZ6XP1zQF%2FpT4GGZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ccd3503b7cb4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/

172.67.194.243

200 OK

0 B

URL HTTP/2
wopifo.com/ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/
IP
172.67.194.243:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ovv/cr/cr_tridentex_33764/cr_tridentex_87920_menshealthlife/ HTTP/1.1
Host: wopifo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:27:59 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Mon, 22 Aug 2022 13:14:28 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIHb3QuGXXTR5%2B42HW2ZVRJBYec7pD7oWBtyMqSGlBHqxwQur1tDyaC8bHTXgQvtA%2FOX%2BSXtkE3voYOxIlGDfrNMh4Fv7t%2BN3ORmq8JkkNQV6FE2%2B11cxffxeK3%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ccd350cc6cb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations