Report - reurl.cc/Y9g06O

Report Overview

Submitted URL
reurl.cc/Y9g06O
IP
35.185.130.121
ASN
#15169 GOOGLE
Submitted
2022-09-16 07:57:14
Access
public
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-17T10:38:51Z	2.0 kB	99 kB	142.250.74.163
ssl.gstatic.com	unknown	2012-05-23T08:57:57Z	2023-03-17T06:15:59Z	386 B	11 kB	142.250.74.99
docs.google.com	122	2013-05-31T01:34:47Z	2023-03-17T09:10:18Z	989 B	96 kB	142.250.74.142
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-17T05:09:02Z	2.3 kB	6.2 kB	23.36.76.226
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-17T05:10:35Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-17T10:42:19Z	987 B	2.2 kB	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-17T05:10:36Z	594 B	127 B	34.213.92.18
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-17T10:35:55Z	2.8 kB	375 kB	142.250.74.163
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-17T10:51:58Z	1.2 kB	21 kB	142.250.74.174
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-17T10:24:23Z	1.3 kB	2.2 kB	216.58.211.10
reurl.cc	115186	2017-10-13T03:32:26Z	2023-03-17T07:40:44Z	1.9 kB	111 kB	35.185.130.121
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-17T05:10:55Z	354 B	28 kB	31.13.72.12
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	566 B	499 B	31.13.72.36
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-17T05:09:04Z	758 B	2.7 kB	143.204.55.115
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-17T05:10:36Z	401 B	5.8 kB	143.204.55.49
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-17T05:09:22Z	5.3 kB	11 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-17T05:09:15Z	3.2 kB	63 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-16	medium	reurl.cc	Sinkholed
2022-09-16	medium	reurl.cc	Sinkholed
2022-09-16	medium	reurl.cc	Sinkholed
2022-09-16	medium	reurl.cc	Sinkholed
2022-09-16	medium	reurl.cc	Sinkholed

JavaScript (15)

	URL	Size	First Seen	Last Seen
	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-04-25
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 19:24:16 Times Seen842 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	connect.facebook.net/signals/config/1675200226052423?v=2.9.81&r=stable	26 kB	2023-03-17	2023-03-17
Pretty URL connect.facebook.net/signals/config/1675200226052423?v=2.9.81&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:39:13 Last Seen2023-03-17 12:39:16 Times Seen1 Hash 584c21b831473b04fe40eb2ea89b2af1 217d2928549cb5eebddcf9f571f03a6275931216 e5325488577c7cdfdf41dfe9dce4df0ad1fd520ff31b9eab8b3260b6b288739c Loading...

	www.gstatic.com/_/freebird/_/js/k=freebird.v.no.OjJ1nRuKwDg.O/d=1/rs=AMjVe6iN100p9Yf4XXL8JcMHvngP4kDobA/m=viewer_base	368 kB	2023-03-07	2023-03-17
Pretty URL www.gstatic.com/_/freebird/_/js/k=freebird.v.no.OjJ1nRuKwDg.O/d=1/rs=AMjVe6iN100p9Yf4XXL8JcMHvngP4kDobA/m=viewer_base IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:39:19 Last Seen2023-03-17 12:39:13 Times Seen1 Hash 1d14ac99b5b03db40f463167d4cfdfb5 5c594395b8b7ef50198e6d40dac4547461d9ffc1 1cc5341b4608f315aba7b88beaa7b85ac2a560990b68a9f0d37c0ca9d746ba26 Loading...

	docs.google.com/forms/d/e/1FAIpQLSduEL5ldag7aayqRKTVDLiAmXW2EReiUT5kh3oyPZuuyH0hgw/viewform	184 B	2023-03-07	2023-03-17
Pretty URL docs.google.com/forms/d/e/1FAIpQLSduEL5ldag7aayqRKTVDLiAmXW2EReiUT5kh3oyPZuuyH0hgw/viewform IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:11:57 Last Seen2023-03-17 12:39:13 Times Seen1 Hash ac77a9a24777f0ed62d4691488ece34e 56b9175830d32b5382ebf5f9e81acf91790bccbb ca9f573276fc04b692a739d907c58f03d92af4456d0caa90dae40d9e445495db Loading...

	docs.google.com/forms/d/e/1FAIpQLSduEL5ldag7aayqRKTVDLiAmXW2EReiUT5kh3oyPZuuyH0hgw/viewform	13 kB	2023-03-17	2023-03-17
Pretty URL docs.google.com/forms/d/e/1FAIpQLSduEL5ldag7aayqRKTVDLiAmXW2EReiUT5kh3oyPZuuyH0hgw/viewform IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:39:13 Last Seen2023-03-17 12:39:13 Times Seen1 Hash 4d65df94c2707a4d5e3832fcd55331da d7754a1a08626466c95e89bc98e8741452a55fe7 f756908b89daf865cfa046c71444335f78c2fb39e38be559ef25b81c156366ff Loading...

	reurl.cc/javascripts/ga.js	382 B	2023-03-07	2023-03-17
Pretty URL reurl.cc/javascripts/ga.js IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:27 Last Seen2023-03-17 12:39:15 Times Seen1 Hash 598ca469e716df9b9e14b96973304916 e72fe30980c0ea5da33db08de82015c976d53ec0 f72126d2e60ad5f3b162e550ffc8ac968451b1391e5619332d1e6873bdd5190d Loading...

	reurl.cc/javascripts/pixel.js	470 B	2023-03-07	2023-03-17
Pretty URL reurl.cc/javascripts/pixel.js IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:28 Last Seen2023-03-17 12:39:15 Times Seen1 Hash f344336c5f5b5f7b87936eae0f9d5631 c7f60bda3ad66a1b236415b898cd107d78f11be9 6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037 Loading...

	reurl.cc/javascripts/redirect.js	192 B	2023-03-07	2023-03-17
Pretty URL reurl.cc/javascripts/redirect.js IP 35.185.130.121 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:28 Last Seen2023-03-17 12:39:17 Times Seen1 Hash 32ddb4632a818ccdc1545049c5675c7e 8ff70738ac005ec820e1bf73876c2b74d594569e 31e04833b168c92456b325b00642c7b3e04b82dc8ed6fbebdef5bc96de5b1360 Loading...

	docs.google.com/forms/d/e/1FAIpQLSduEL5ldag7aayqRKTVDLiAmXW2EReiUT5kh3oyPZuuyH0hgw/viewform	286 B	2023-03-17	2023-03-17
Pretty URL docs.google.com/forms/d/e/1FAIpQLSduEL5ldag7aayqRKTVDLiAmXW2EReiUT5kh3oyPZuuyH0hgw/viewform IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:39:13 Last Seen2023-03-17 12:39:13 Times Seen1 Hash d41d42d47a7cd344c1be6efa14cfb6b1 319c9a99dd7037375aa66f31950274c65144bcfe 36541da71c399a6863470a14bd5b4f802661a0b6e392aef358ba1676f993673f Loading...

	www.gstatic.com/feedback/js/help/prod/service/lazy.min.js	94 kB	2023-03-07	2023-03-17
Pretty URL www.gstatic.com/feedback/js/help/prod/service/lazy.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:32:32 Last Seen2023-03-17 12:55:31 Times Seen1 Hash 485dbc4f4b3ee365032759195afa5267 757e462a49982361a469b9f76ac8e559920827fd bf2d8b80d2e3fa71d7aae2a7c7720526b068e3b5a6cf24e433ddf9e1c85e8306 Loading...

	connect.facebook.net/en_US/fbevents.js	103 kB	2023-03-07	2023-03-17
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:26:42 Last Seen2023-03-17 12:50:27 Times Seen1 Hash 4593c9a189098f86b8ab0aab8163ad29 8fdfa3920bfe0ac8d7c7f8a8f63571013b14d753 46c2253a990373efcab1c600a6e1c731e5a971b0eecb0358ae53d1fbd7e16ada Loading...

	docs.google.com/forms/d/e/1FAIpQLSduEL5ldag7aayqRKTVDLiAmXW2EReiUT5kh3oyPZuuyH0hgw/viewform	8.7 kB	2023-03-07	2024-04-24
Pretty URL docs.google.com/forms/d/e/1FAIpQLSduEL5ldag7aayqRKTVDLiAmXW2EReiUT5kh3oyPZuuyH0hgw/viewform IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:52 Last Seen2024-04-24 17:24:13 Times Seen102 Hash 51cee7394c3cc67f243429fbf080aaf3 09241b614a725a925234bcb0088e8532c367cda5 39ad264c45da6489abf40a36e2c533b8bb485104a4ba131b0f3d1c16aee83fe9 Loading...

		Size	First Seen	Last Seen
	#1 Eval - bde728314c689f8146b303c43054fb3b	82 kB	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 18:11:57 Last Seen2023-03-17 12:39:13 Times Seen1 Hash bde728314c689f8146b303c43054fb3b f9e33194005283ab50b108417e37fc7e015835db 643706e9a7df56a12be0a92effe0df553b526a116da2744391054b94381088ce Loading...

	#2 Eval - 72ad0c1ac41ce8cb2009fe4995c4f633	1.7 kB	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 18:11:57 Last Seen2023-03-17 12:39:13 Times Seen1 Hash 72ad0c1ac41ce8cb2009fe4995c4f633 7da58ddbd7fce0ff570db748e31c4ec83c7c242d ac4f0e3458693981932ec90950716b64beca41d68842b5718b8a0d7cadb85878 Loading...

	#3 Eval - 3d61050da0a2c894280a6aabbbd2465e	509 kB	2023-03-17	2023-03-17
Pretty Observations First Seen2023-03-17 12:39:13 Last Seen2023-03-17 12:39:13 Times Seen1 Hash 3d61050da0a2c894280a6aabbbd2465e 891e36a439052ad4d7e7237c6ba3b75a99a337da 7d81ae7eabed779d529967268338148d9ab5d82a9fc967b99d83d3d3c63c19b6 Loading...

HTTP Transactions (58)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 16 Sep 2022 06:58:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: atSjwGCAkWrIMKDQR2wXPK-pkhbHuHG1dmrP3QT-kYU9Y3Qtd4UxNQ==
Age: 3521

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
96daaf84cd2c07756756caf7a2724a29
d24d47c68eec98d44bf341dab9d893df97103e1a
fef9ce9f75ec19e7ae2ccbffb6654db2473a2b4acc94c1b4303e5ec24149465f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FEF9CE9F75EC19E7AE2CCBFFB6654DB2473A2B4ACC94C1B4303E5EC24149465F"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2371
Expires: Fri, 16 Sep 2022 08:36:34 GMT
Date: Fri, 16 Sep 2022 07:57:03 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _3ybiyimIe3rEBB1HFfjUSy0xPZw24uKk5h5EcTStK-_yctZYYK_xQ==
age: 12108
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 07:57:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

reurl.cc/Y9g06O

35.185.130.121

301 Moved Permanently

178 B

URL HTTP/1.1
reurl.cc/Y9g06O
IP
35.185.130.121:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
bd2695f4b079c71dbddde3436286fb9c
733c05da132193d6cf1d8e242d12e2525c03bab4
2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Y9g06O HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 16 Sep 2022 07:57:03 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://reurl.cc/Y9g06O

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 16 Sep 2022 07:03:22 GMT
Expires: Fri, 16 Sep 2022 07:44:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZCMPUtZ_BcV8TfvrmxAuU-_3bg_O0JBLLGFd0ZazZCV9dLd3_ZxSug==
Age: 3221

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d597af1ab2f21a983bf0f0d105b94209
9d5dd938777abde094c89066b539141a02106b88
a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3549
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:03 GMT
Last-Modified: Fri, 16 Sep 2022 06:57:54 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e7c3d54719811d0574fcff2ac127bb11
0b4b975ffbf4221cb18296d48def5b848547293e
eddac69cc4896fa647576dea3883d706789c54362dcf55929bd1b329c607b1dc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EDDAC69CC4896FA647576DEA3883D706789C54362DCF55929BD1B329C607B1DC"
Last-Modified: Thu, 15 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1533
Expires: Fri, 16 Sep 2022 08:22:37 GMT
Date: Fri, 16 Sep 2022 07:57:04 GMT
Connection: keep-alive

push.services.mozilla.com/

34.213.92.18

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.213.92.18:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MvLq+lZtg08fND4s+UHw+g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MM/DL/zRLguCzUarg4qHZcLN90E=

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7dff4bc87dbee6fd33e0d7a3dc5ed3bd
59878d4dd98e60b39dcf7ac288e77bb262afab5d
8c3a027cee1f48144eb0504deff1f2b9aa98c9fc3f4e3057ece6caac9f604315

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2064
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:04 GMT
Last-Modified: Fri, 16 Sep 2022 07:22:40 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (26872 bytes)
Hash
ecb99528d18dbe7952eac9618eaf2d8e
eb59bf3afc849403fa3dde09b75b5fc51f29e7b5
bcecfe43bf3e0f22ff425fe630e189d28fc3ecdc9764dd1686599e5ce59f40cc

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: wkADgjf+k1sPtrwXooMAs9wv5KYZMhIB+lWE4mnC1zMg3+FRDQ6EgGSfgwOom9A36OdhMpC9aFp93gAEEJGq+Q==
priority: u=3,i
content-length: 26872
x-fb-trip-id: 1904183273
date: Fri, 16 Sep 2022 07:57:04 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3b816941816ca5fed922c0604e9da8dc
94c14ea6c512c6c262479b4299f1cd4dd99ea5cd
a05000788114487ba8b8c661ba1370b29c96a93a16275b3fab497cf75722b51d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d65b161562e9954cbbfa1fe751b894b6
b07c476e717ee82ebee32f34350b5a26b9dab949
4d6d53c250f858e6fb4c677243c0b04a520038455cfbb2f42ab4fb9fa7f07f76

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Fri, 16 Sep 2022 06:41:12 GMT
expires: Fri, 16 Sep 2022 08:41:12 GMT
cache-control: public, max-age=7200
age: 4552
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7dff4bc87dbee6fd33e0d7a3dc5ed3bd
59878d4dd98e60b39dcf7ac288e77bb262afab5d
8c3a027cee1f48144eb0504deff1f2b9aa98c9fc3f4e3057ece6caac9f604315

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2064
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:04 GMT
Last-Modified: Fri, 16 Sep 2022 07:22:40 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

reurl.cc/javascripts/redirect.js

35.185.130.121

200 OK

2.5 kB

URL HTTP/2
reurl.cc/javascripts/redirect.js
IP
35.185.130.121:0
ASN
#15169 GOOGLE

File type
data
Size
2.5 kB (2525 bytes)
Hash
437e158f6b20524c68ec408087e7e674
eda0b8e2be86116dfd9d6046295d21cf6fc26e6b
544463ca9d2854849a518dd7193fb61eac2551c9ead9e1d0f6ce1d7615579959

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /javascripts/redirect.js HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/Y9g06O
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 16 Sep 2022 07:57:04 GMT
content-type: application/javascript
last-modified: Sun, 08 May 2022 03:38:29 GMT
vary: Accept-Encoding
etag: W/"62773b35-c0"
expires: Sat, 16 Sep 2023 07:57:04 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3b816941816ca5fed922c0604e9da8dc
94c14ea6c512c6c262479b4299f1cd4dd99ea5cd
a05000788114487ba8b8c661ba1370b29c96a93a16275b3fab497cf75722b51d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d65b161562e9954cbbfa1fe751b894b6
b07c476e717ee82ebee32f34350b5a26b9dab949
4d6d53c250f858e6fb4c677243c0b04a520038455cfbb2f42ab4fb9fa7f07f76

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/j/collect?v=1&_v=j96&a=630000778&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FY9g06O&ul=en-us&de=UTF-8&dt=%E6%92%92%E5%9B%BA%E5%85%92%E9%83%A8%E8%90%BD%E6%B0%B4%E6%96%87%E5%8C%96%E5%B7%A5%E4%BD%9C%E5%9D%8A&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAAC~&jid=1445278165&gjid=1989279979&cid=1230907019.1663315009&tid=UA-102456694-1&_gid=1615745632.1663315009&_r=1&_slc=1&z=801249700

142.250.74.174

200 OK

4 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j96&a=630000778&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FY9g06O&ul=en-us&de=UTF-8&dt=%E6%92%92%E5%9B%BA%E5%85%92%E9%83%A8%E8%90%BD%E6%B0%B4%E6%96%87%E5%8C%96%E5%B7%A5%E4%BD%9C%E5%9D%8A&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAAC~&jid=1445278165&gjid=1989279979&cid=1230907019.1663315009&tid=UA-102456694-1&_gid=1615745632.1663315009&_r=1&_slc=1&z=801249700
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

HTTP Headers

POST /j/collect?v=1&_v=j96&a=630000778&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FY9g06O&ul=en-us&de=UTF-8&dt=%E6%92%92%E5%9B%BA%E5%85%92%E9%83%A8%E8%90%BD%E6%B0%B4%E6%96%87%E5%8C%96%E5%B7%A5%E4%BD%9C%E5%9D%8A&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAAC~&jid=1445278165&gjid=1989279979&cid=1230907019.1663315009&tid=UA-102456694-1&_gid=1615745632.1663315009&_r=1&_slc=1&z=801249700 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://reurl.cc
date: Fri, 16 Sep 2022 07:57:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FY9g06O&rl=&if=false&ts=1663315008935&sw=1280&sh=1024&v=2.9.81&r=stable&ec=0&o=28&fbp=fb.1.1663315008934.974751910&it=1663315008895&coo=false&rqm=GET

31.13.72.36

200 OK

44 B

URL HTTP/2
www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FY9g06O&rl=&if=false&ts=1663315008935&sw=1280&sh=1024&v=2.9.81&r=stable&ec=0&o=28&fbp=fb.1.1663315008934.974751910&it=1663315008895&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
44 B (44 bytes)
Hash
b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

HTTP Headers

GET /tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FY9g06O&rl=&if=false&ts=1663315008935&sw=1280&sh=1024&v=2.9.81&r=stable&ec=0&o=28&fbp=fb.1.1663315008934.974751910&it=1663315008895&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
date: Fri, 16 Sep 2022 07:57:04 GMT
expires: Fri, 16 Sep 2022 07:57:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: 
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ff1c0d8a380ce4a561609526d995bf5
135ecd7e71ea2823d39f8c1efcb2121618ed8167
f7228281af8d6de222aa47b3a78a627f85315244e65a8956fa2c0c7dff1bb7ad

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5701
Expires: Fri, 16 Sep 2022 09:32:06 GMT
Date: Fri, 16 Sep 2022 07:57:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5701
Expires: Fri, 16 Sep 2022 09:32:06 GMT
Date: Fri, 16 Sep 2022 07:57:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5701
Expires: Fri, 16 Sep 2022 09:32:06 GMT
Date: Fri, 16 Sep 2022 07:57:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5701
Expires: Fri, 16 Sep 2022 09:32:06 GMT
Date: Fri, 16 Sep 2022 07:57:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5701
Expires: Fri, 16 Sep 2022 09:32:06 GMT
Date: Fri, 16 Sep 2022 07:57:05 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12123 bytes)
Hash
f876cdc19dca10c62d83d19303512c7f
9f812c7bc1b42b0cea3e42694e7d1f6738789770
c647aac44ba9eb501eb7def781ca0168b4eb71a716283cc6f4e6782939a396cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12123
x-amzn-requestid: 2beedee9-cf7e-47d6-ac4d-3ca9251aa565
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfSWEFAZoAMFd6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322ca8d-37688e4a23c3234a25becf57;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 06:47:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: H2ySDtSQZtsrCA99y1a2_fLQcRI8hvN_nvA9U_V_iCm6c3cq3DigXQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:11:59 GMT
age: 35106
etag: "9f812c7bc1b42b0cea3e42694e7d1f6738789770"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf0d71b3-30ed-483e-8bef-18d7a833ff57.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6560 bytes)
Hash
300d3b6181f9bcb7318b0706646787fa
9cf371e2ecdd46de7ea1290bb158b144a9de57bb
7059364a6076210e603301e0e3ad0009a5c1cd0b8821e321f704532e17b95e5e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf0d71b3-30ed-483e-8bef-18d7a833ff57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6560
x-amzn-requestid: 0532b908-dbda-4d51-8574-dba85e33bfcf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUrG7GTnoAMF9-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e8bc5-35c25a2a76c8e0db6d7b06df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 01:30:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Xvgf5sF1GJNaJ2uERewkTcfwr3cUHVwU8-CXI7fK2K4t6JCsyPnzJg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:27:11 GMT
age: 34194
etag: "9cf371e2ecdd46de7ea1290bb158b144a9de57bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12425 bytes)
Hash
da1bd18c37b83b0ef4641036dc208eec
abb5c719ec9341c6d4146297a2a1eca171df9c81
0085a66912a814c619a1257545d36610c7109ba32f1b097176102d3d3db2c8d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12425
x-amzn-requestid: 96b5f0d2-1327-4180-9d48-f915630c3de2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDqHyooAMFqyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb0-7d89d2d7024f6a821a62c948;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1Y5uBMPJvxTDKGnc5Q0lzKZXDv4lwTByGDO8eRIwgauut0yfJz-8Lg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:50:35 GMT
age: 36390
etag: "abb5c719ec9341c6d4146297a2a1eca171df9c81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be0dbac-eae3-494b-bc73-d4df7f6c2f33.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8864 bytes)
Hash
69c9db5022c0c66909867f1e0946f5a8
9825e0fc606dc983280a6cd05803bb07e3435ef6
f2809509eee24ed69e6003ac9263423ea949bcc9205969c6cdd476e89ede9b01

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be0dbac-eae3-494b-bc73-d4df7f6c2f33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8864
x-amzn-requestid: 6e1a82d1-e35e-4d77-be31-6969a13918da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU_6GiXoAMFaLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b98-46ca0525157031324749ee5b;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:39:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sZDehRAgImuoJtVDIS6Mgz2871fOYrT0H7cx0QucG6mDuE1NmrW5Hw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:50:59 GMT
age: 36366
etag: "9825e0fc606dc983280a6cd05803bb07e3435ef6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8435 bytes)
Hash
b7d4ee58e0f26ec6817dbab72aa7db6d
b6e634ef27eba9da38c6472565e0fdca6898e4f0
07db05a6ee70a699164ad55da47bfca58e6639956e256d902cbe0388cd7995c6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8435
x-amzn-requestid: f6efd924-4f54-41a6-8771-087803b5b8ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU0-EJaoAMFvtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b52-37c21ee857fe27d104b70337;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:38:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rgjwYJ-ZzVF3bv7pl1l8TN8EAoENIcaSAXJU_YhFOSNRCzrCuPuKbQ==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:44:10 GMT
age: 36775
etag: "b6e634ef27eba9da38c6472565e0fdca6898e4f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e20b221-cd14-4696-aa45-979946430e9c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8076 bytes)
Hash
ab434eb762838f03bf60457b3039c738
bcacfdb674bdd90c157f7e97d232c49a4d206004
9e1e6b832980c9777e3e90a7ff3d84f96d35bbaab808a74343d91cea01aa1d64

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e20b221-cd14-4696-aa45-979946430e9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8076
x-amzn-requestid: e5521c18-64d3-4f61-8879-3dac61128920
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfzqG_hIAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6321467d-009f1413346a7b965d1c65e4;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iuHNhGHNAWOnDQMh9cgYAVHgnCuyqLcXiYBUBzgK5PFyC1_AaE-CbA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 19:18:41 GMT
age: 45504
etag: "bcacfdb674bdd90c157f7e97d232c49a4d206004"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ff1c0d8a380ce4a561609526d995bf5
135ecd7e71ea2823d39f8c1efcb2121618ed8167
f7228281af8d6de222aa47b3a78a627f85315244e65a8956fa2c0c7dff1bb7ad

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e8e3b8dcfc70035468cee19fa0ce164
8abd549de54a56c4d8866642803817e1d411ad88
9f8702221570464be855f0cf42d77a90b745fbf6c60d5d437218d45f9603fd19

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e8e3b8dcfc70035468cee19fa0ce164
8abd549de54a56c4d8866642803817e1d411ad88
9f8702221570464be855f0cf42d77a90b745fbf6c60d5d437218d45f9603fd19

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e8e3b8dcfc70035468cee19fa0ce164
8abd549de54a56c4d8866642803817e1d411ad88
9f8702221570464be855f0cf42d77a90b745fbf6c60d5d437218d45f9603fd19

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
20ae50d0df52817906a88b07b3c08138
0f999020f07959636477be4178d238d4dd460464
26eb9c5ac69c9144425fb15a481336487c1923bb141685aea110b0e3dfc20171

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

reurl.cc/Y9g06O

35.185.130.121

200 OK

1.5 kB

URL HTTP/2
reurl.cc/Y9g06O
IP
35.185.130.121:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2505), with no line terminators
Size
1.5 kB (1462 bytes)
Hash
81b1ece949a65764cfadae4005e63ba8
df03c44c96b4d398bd3bddadee9a49e902c1ba06
b0019ff8a7a27d16129904f91994a7bc95f55199e620cc4aa05b717814b8273f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Y9g06O HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 16 Sep 2022 07:57:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
target: https://docs.google.com/forms/d/e/1FAIpQLSduEL5ldag7aayqRKTVDLiAmXW2EReiUT5kh3oyPZuuyH0hgw/viewform
content-encoding: gzip
X-Firefox-Spdy: h2

www.gstatic.com/_/freebird/_/js/k=freebird.v.no.OjJ1nRuKwDg.O/d=1/rs=AMjVe6iN100p9Yf4XXL8JcMHvngP4kDobA/m=viewer_base

142.250.74.163

200 OK

120 kB

URL HTTP/2
www.gstatic.com/_/freebird/_/js/k=freebird.v.no.OjJ1nRuKwDg.O/d=1/rs=AMjVe6iN100p9Yf4XXL8JcMHvngP4kDobA/m=viewer_base
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (527)
Size
120 kB (120488 bytes)
Hash
77aa6733ef53d0d4be473c1b36f53c0e
49860148ac37a3f6ca73ffb678206cb26afd997b
8c214b098d96085c329494f5f562a8eead513100703d567771c5545cb4828ee5

HTTP Headers

GET /_/freebird/_/js/k=freebird.v.no.OjJ1nRuKwDg.O/d=1/rs=AMjVe6iN100p9Yf4XXL8JcMHvngP4kDobA/m=viewer_base HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-forms"
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-length: 120488
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 07:58:00 GMT
expires: Fri, 15 Sep 2023 07:58:00 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Sep 2022 22:31:29 GMT
content-type: text/javascript; charset=UTF-8
age: 86345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/_/freebird/_/ss/k=freebird.v.BngxeSUqcZQ.L.F4.O/d=1/rs=AMjVe6ihclA9mvWGKMUwCGmaQz9_i4_HZQ

142.250.74.163

200 OK

89 kB

URL HTTP/2
www.gstatic.com/_/freebird/_/ss/k=freebird.v.BngxeSUqcZQ.L.F4.O/d=1/rs=AMjVe6ihclA9mvWGKMUwCGmaQz9_i4_HZQ
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65536), with no line terminators
Size
89 kB (88987 bytes)
Hash
b558e0604b3b6d722ce07a5e63340b25
4092298e96f69213d7a62589b290dcfd5b9c88f2
2cc72ff1407b50727012e44f108012bbe61e50423c5d89d81247fb02676c442a

HTTP Headers

GET /_/freebird/_/ss/k=freebird.v.BngxeSUqcZQ.L.F4.O/d=1/rs=AMjVe6ihclA9mvWGKMUwCGmaQz9_i4_HZQ HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-forms"
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-length: 88987
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 18:50:26 GMT
expires: Thu, 14 Sep 2023 18:50:26 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Sep 2022 00:27:17 GMT
content-type: text/css; charset=UTF-8
age: 133599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e8e3b8dcfc70035468cee19fa0ce164
8abd549de54a56c4d8866642803817e1d411ad88
9f8702221570464be855f0cf42d77a90b745fbf6c60d5d437218d45f9603fd19

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://docs.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 130977
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://docs.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 130977
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d65b161562e9954cbbfa1fe751b894b6
b07c476e717ee82ebee32f34350b5a26b9dab949
4d6d53c250f858e6fb4c677243c0b04a520038455cfbb2f42ab4fb9fa7f07f76

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

142.250.74.163

200 OK

28 kB

URL HTTP/2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Size
28 kB (28288 bytes)
Hash
53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

HTTP Headers

GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://docs.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 20:35:24 GMT
expires: Thu, 14 Sep 2023 20:35:24 GMT
cache-control: public, max-age=31536000
age: 127301
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2

142.250.74.163

200 OK

35 kB

URL HTTP/2
fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 35060, version 1.0\012- data
Size
35 kB (35060 bytes)
Hash
0360dbc6e8c09dce9183a1fd78f3be2e
6cd4b65a94707ae941d78b12f082c968cb05ec92
2db6bc36808d43fa89029c652636e206fa3e889b35ecf71814ab85f8ba944af3

HTTP Headers

GET /s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://docs.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35060
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 22:21:24 GMT
expires: Wed, 13 Sep 2023 22:21:24 GMT
cache-control: public, max-age=31536000
age: 207341
last-modified: Tue, 19 Apr 2022 17:57:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ssl.gstatic.com/docs/forms/qp_sprite161.svg

142.250.74.99

200 OK

10 kB

URL HTTP/2
ssl.gstatic.com/docs/forms/qp_sprite161.svg
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1128)
Size
10 kB (10270 bytes)
Hash
2b7718f9e1955ff2a72a3c0f605e1779
1756c873eb2eb94562e899117d0e79f72e5b8e38
63d37bddab723c459ed1ef8fa9d6ff96de8d6f092776a7549f0266364f4a1063

HTTP Headers

GET /docs/forms/qp_sprite161.svg HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-length: 10270
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 14:29:12 GMT
expires: Sat, 09 Sep 2023 14:29:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 19 May 2022 20:58:00 GMT
content-type: image/svg+xml
age: 581273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/_/freebird/_/js/k=freebird.v.no.OjJ1nRuKwDg.O/d=0/rs=AMjVe6iN100p9Yf4XXL8JcMHvngP4kDobA/m=sy2m,vGOnYd,sy4g,IZT63,vfuNJf,MpJwZc,n73qwf,sy1n,ws9Tlc,sy3q,sy3v,sy5t,sy5y,sy60,sy61,siKnQd,sy0,sy7,sy6,sy8,sy1,sy9,sy1m,sy2q,sy2r,V3dDOb,gkf10d,j2YlP,sya,cEt90b,sy1r,sy1s,sy4f,KUM7Z,yxTchf,sy5z,xQtZb,qddgKe,sy4d,sy4h,sy3p,sy5p,sy5s,sy5u,wR5FRb,pXdRYb,sy2,iFQyKf,sy4j,sy3o,sy3w,sy3u,YNjGDd,sy5v,PrPYRd,hc6Ubd,sy62,SpsfSb,dIoSBb,zbML3c,zr1jrb,EmZ2Bf,sy4e,sy2y,Uas9Hd,WO9ee,sy4,sy5,syh,syg,sye,syd,syf,OShpD,sy1d,sy1l,sy1o,sy1q,sy20,sy3e,A4UTCb,owcnme,syi,sym,sy1k,Sk9apb,J8mJTc,UUJqVe,CP1oW,syj,sbHRWb,cNHZjb,sy1i,sy1h,syk,sy25,sy1g,sy27,sy38,pxq3x,syw,sy1b,O6y8ed,sy2z,sy30,sy32,sy2j,sy31,sy33,Xhpexc,Q91hve,sy2h,sy2c,mRfQQ,sy35,sy34,CFa0o,sy3f,VXdfxd,szrus,sy3r,sy3s,sy3t,sy3x,s39S4,sy23,ENNBBf,sy12,L1AAkb,QvB8bb,bCfhJc,sy1j,sy2x,u9ZRK,pItcJd,yZuGp,aW3pY,mvo1oc,KFVhZe,sy2n,sy2o,sy2p,I6YDgd,sy3g,N5Lqpc,sy1v,sy1u,sy1w,sy1x,sy26,sy1t,sy1y,sy1z,sy21,sy22,sy24,sy28,fgj8Rb,IvDHfc,sy36,sy37,sy39,sy3c,sy2w,sy1f,i5dxUd,sy3a,sy3b,sy3d,sy3i,sy3m,sy2u,wg1P6b,EcW08c,sy3h,sy3j,sy3k,sy3l,t8tqF,p2tbsc,sy2e,sy2l,LxALBf,SM1lmd,sy2t,sy2v,sy4y,sy4z,vofJp,JCrucd,QwQO1b,X16vkb,WdhPgc,syp,syo,yfEVte,syl,sy2k,QMSdQb,sy1c,sy2f,sy2d,sy2g,Ibqgte,ok0nye,sys,syt,sy46,xmYr4,DhgO0d,ID6c7,sy2i,sy3n,sy43,sy3y,sy44,sy40,sy48,sy49,sy4b,sy3z,sy47,sy4a,xKXrob,RGrRJf,OkF2xb,oZECf,sy41,sy4p,sy4k,sy4q,sy4r,sy4s,rmdjlf,syb,TOfxwf,A2m8uc,akEJMc,zG2TEe,sy45,yUS4Lc,KOZzeb,sy4m,sy4n,sy4l,riEgMd,sy50,lSvzH,sy4c,oCiKKc,sy4t,sy4u,rxfmRc,YwHGTd,OZjhxc,lLliLe

142.250.74.163

200 OK

162 kB

URL HTTP/2
www.gstatic.com/_/freebird/_/js/k=freebird.v.no.OjJ1nRuKwDg.O/d=0/rs=AMjVe6iN100p9Yf4XXL8JcMHvngP4kDobA/m=sy2m,vGOnYd,sy4g,IZT63,vfuNJf,MpJwZc,n73qwf,sy1n,ws9Tlc,sy3q,sy3v,sy5t,sy5y,sy60,sy61,siKnQd,sy0,sy7,sy6,sy8,sy1,sy9,sy1m,sy2q,sy2r,V3dDOb,gkf10d,j2YlP,sya,cEt90b,sy1r,sy1s,sy4f,KUM7Z,yxTchf,sy5z,xQtZb,qddgKe,sy4d,sy4h,sy3p,sy5p,sy5s,sy5u,wR5FRb,pXdRYb,sy2,iFQyKf,sy4j,sy3o,sy3w,sy3u,YNjGDd,sy5v,PrPYRd,hc6Ubd,sy62,SpsfSb,dIoSBb,zbML3c,zr1jrb,EmZ2Bf,sy4e,sy2y,Uas9Hd,WO9ee,sy4,sy5,syh,syg,sye,syd,syf,OShpD,sy1d,sy1l,sy1o,sy1q,sy20,sy3e,A4UTCb,owcnme,syi,sym,sy1k,Sk9apb,J8mJTc,UUJqVe,CP1oW,syj,sbHRWb,cNHZjb,sy1i,sy1h,syk,sy25,sy1g,sy27,sy38,pxq3x,syw,sy1b,O6y8ed,sy2z,sy30,sy32,sy2j,sy31,sy33,Xhpexc,Q91hve,sy2h,sy2c,mRfQQ,sy35,sy34,CFa0o,sy3f,VXdfxd,szrus,sy3r,sy3s,sy3t,sy3x,s39S4,sy23,ENNBBf,sy12,L1AAkb,QvB8bb,bCfhJc,sy1j,sy2x,u9ZRK,pItcJd,yZuGp,aW3pY,mvo1oc,KFVhZe,sy2n,sy2o,sy2p,I6YDgd,sy3g,N5Lqpc,sy1v,sy1u,sy1w,sy1x,sy26,sy1t,sy1y,sy1z,sy21,sy22,sy24,sy28,fgj8Rb,IvDHfc,sy36,sy37,sy39,sy3c,sy2w,sy1f,i5dxUd,sy3a,sy3b,sy3d,sy3i,sy3m,sy2u,wg1P6b,EcW08c,sy3h,sy3j,sy3k,sy3l,t8tqF,p2tbsc,sy2e,sy2l,LxALBf,SM1lmd,sy2t,sy2v,sy4y,sy4z,vofJp,JCrucd,QwQO1b,X16vkb,WdhPgc,syp,syo,yfEVte,syl,sy2k,QMSdQb,sy1c,sy2f,sy2d,sy2g,Ibqgte,ok0nye,sys,syt,sy46,xmYr4,DhgO0d,ID6c7,sy2i,sy3n,sy43,sy3y,sy44,sy40,sy48,sy49,sy4b,sy3z,sy47,sy4a,xKXrob,RGrRJf,OkF2xb,oZECf,sy41,sy4p,sy4k,sy4q,sy4r,sy4s,rmdjlf,syb,TOfxwf,A2m8uc,akEJMc,zG2TEe,sy45,yUS4Lc,KOZzeb,sy4m,sy4n,sy4l,riEgMd,sy50,lSvzH,sy4c,oCiKKc,sy4t,sy4u,rxfmRc,YwHGTd,OZjhxc,lLliLe
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (537)
Size
162 kB (162177 bytes)
Hash
f6dbd4ee7b031c6a73574e968ca4dceb
edf778267a29cce4d7c13c2988d0be5e3369e752
d41d60d6212ac435ad8653a8646b2289443730952abc8e482fe5d51c1497dfdf

HTTP Headers

GET /_/freebird/_/js/k=freebird.v.no.OjJ1nRuKwDg.O/d=0/rs=AMjVe6iN100p9Yf4XXL8JcMHvngP4kDobA/m=sy2m,vGOnYd,sy4g,IZT63,vfuNJf,MpJwZc,n73qwf,sy1n,ws9Tlc,sy3q,sy3v,sy5t,sy5y,sy60,sy61,siKnQd,sy0,sy7,sy6,sy8,sy1,sy9,sy1m,sy2q,sy2r,V3dDOb,gkf10d,j2YlP,sya,cEt90b,sy1r,sy1s,sy4f,KUM7Z,yxTchf,sy5z,xQtZb,qddgKe,sy4d,sy4h,sy3p,sy5p,sy5s,sy5u,wR5FRb,pXdRYb,sy2,iFQyKf,sy4j,sy3o,sy3w,sy3u,YNjGDd,sy5v,PrPYRd,hc6Ubd,sy62,SpsfSb,dIoSBb,zbML3c,zr1jrb,EmZ2Bf,sy4e,sy2y,Uas9Hd,WO9ee,sy4,sy5,syh,syg,sye,syd,syf,OShpD,sy1d,sy1l,sy1o,sy1q,sy20,sy3e,A4UTCb,owcnme,syi,sym,sy1k,Sk9apb,J8mJTc,UUJqVe,CP1oW,syj,sbHRWb,cNHZjb,sy1i,sy1h,syk,sy25,sy1g,sy27,sy38,pxq3x,syw,sy1b,O6y8ed,sy2z,sy30,sy32,sy2j,sy31,sy33,Xhpexc,Q91hve,sy2h,sy2c,mRfQQ,sy35,sy34,CFa0o,sy3f,VXdfxd,szrus,sy3r,sy3s,sy3t,sy3x,s39S4,sy23,ENNBBf,sy12,L1AAkb,QvB8bb,bCfhJc,sy1j,sy2x,u9ZRK,pItcJd,yZuGp,aW3pY,mvo1oc,KFVhZe,sy2n,sy2o,sy2p,I6YDgd,sy3g,N5Lqpc,sy1v,sy1u,sy1w,sy1x,sy26,sy1t,sy1y,sy1z,sy21,sy22,sy24,sy28,fgj8Rb,IvDHfc,sy36,sy37,sy39,sy3c,sy2w,sy1f,i5dxUd,sy3a,sy3b,sy3d,sy3i,sy3m,sy2u,wg1P6b,EcW08c,sy3h,sy3j,sy3k,sy3l,t8tqF,p2tbsc,sy2e,sy2l,LxALBf,SM1lmd,sy2t,sy2v,sy4y,sy4z,vofJp,JCrucd,QwQO1b,X16vkb,WdhPgc,syp,syo,yfEVte,syl,sy2k,QMSdQb,sy1c,sy2f,sy2d,sy2g,Ibqgte,ok0nye,sys,syt,sy46,xmYr4,DhgO0d,ID6c7,sy2i,sy3n,sy43,sy3y,sy44,sy40,sy48,sy49,sy4b,sy3z,sy47,sy4a,xKXrob,RGrRJf,OkF2xb,oZECf,sy41,sy4p,sy4k,sy4q,sy4r,sy4s,rmdjlf,syb,TOfxwf,A2m8uc,akEJMc,zG2TEe,sy45,yUS4Lc,KOZzeb,sy4m,sy4n,sy4l,riEgMd,sy50,lSvzH,sy4c,oCiKKc,sy4t,sy4u,rxfmRc,YwHGTd,OZjhxc,lLliLe HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Origin: https://docs.google.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
access-control-allow-origin: https://docs.google.com
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-forms"
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-length: 162177
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 17:41:03 GMT
expires: Fri, 15 Sep 2023 17:41:03 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Sep 2022 22:31:29 GMT
content-type: text/javascript; charset=UTF-8
age: 51362
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

docs.google.com/forms/d/e/1FAIpQLSduEL5ldag7aayqRKTVDLiAmXW2EReiUT5kh3oyPZuuyH0hgw/viewform

142.250.74.142

200 OK

95 kB

URL HTTP/2
docs.google.com/forms/d/e/1FAIpQLSduEL5ldag7aayqRKTVDLiAmXW2EReiUT5kh3oyPZuuyH0hgw/viewform
IP
142.250.74.142:0
ASN
#15169 GOOGLE

File type
data
Size
95 kB (94762 bytes)
Hash
25428840950484dc1dd78b2c7ef9b42c
12958c79812289135eb3de0e375cdcbce29a2fb2
58ec503495bdba8bd760f4acabb40288f21907ff78eb7920087027a2b4697126

HTTP Headers

GET /forms/d/e/1FAIpQLSduEL5ldag7aayqRKTVDLiAmXW2EReiUT5kh3oyPZuuyH0hgw/viewform HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Cookie: NID=511=mFaVQ2laxz7LyOQPRMNzZ8pfqtskvHoyf0TGBmbY6s5Ub1CeFQvkj_KT2o_8zl8ZHXEbPRRR9GJm6m0MGzqDm2ReTzPtXEV8G2VgueTBYhbH5hld7hYlVF_VTRE8Ty8cROmpXCvwVcV_GYdGf7gIo1WoEG66Lmz3vbEwW5XyrUM; __Secure-ENID=7.SE=QYWDssoBmmTaCqjFyB_jt6Uz9KA1PhYNilqX0j25X-gmdR5i6qGsMAklmptBGMC8xt-KRSD4PS6sB8pGCbopuoyQW44AtAMcRV_RtdibFoF41Dyw2gy4gjiV7VnEZXJrIIiubwpxqKS0AOF5cjrpENtd-qgRbwZW-FFoDGrMN-A; CONSENT=PENDING+883; AEC=AakniGNfxSu5CqR2y34P-LInss8pNaOfgIFoDj_LhAembYjQa2rBTz_e-_Y
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-robots-tag: noindex, nofollow, nosnippet
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 16 Sep 2022 07:57:05 GMT
content-security-policy-report-only: report-uri https://csp.withgoogle.com/csp/forms/prod;frame-ancestors 'none'
content-encoding: gzip
content-security-policy: base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'nonce-yFyS_D0GtQ38lzE6o3ETPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: S=spreadsheet_forms=3b8Id-YlWEA52Iub3nqGUTjIBSxL538IrNDUI_LPCUA; Domain=.docs.google.com; Expires=Fri, 16-Sep-2022 08:57:05 GMT; Path=/forms/d/e/1FAIpQLSduEL5ldag7aayqRKTVDLiAmXW2EReiUT5kh3oyPZuuyH0hgw; Secure; HttpOnly; SameSite=none
COMPASS=spreadsheet_forms=CjIACWuJV-NvCdCcQdRz27ahUDKXLkUe1RLvrn-isuweZc4KnnD2NEwHRW68uTqvKqmp2RDh9JCZBho0AAlriVegSjn-l-nBqkt3jcOLeZP56z7d3TiJhAJ03JYwP49xZ_C52RO-ABWXR6SWra2H9A==; Domain=.docs.google.com; Expires=Fri, 16-Sep-2022 08:57:05 GMT; Path=/forms/d/e/1FAIpQLSduEL5ldag7aayqRKTVDLiAmXW2EReiUT5kh3oyPZuuyH0hgw; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
20ae50d0df52817906a88b07b3c08138
0f999020f07959636477be4178d238d4dd460464
26eb9c5ac69c9144425fb15a481336487c1923bb141685aea110b0e3dfc20171

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 07:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

reurl.cc/javascripts/pixel.js

35.185.130.121

200 OK

51 kB

URL HTTP/2
reurl.cc/javascripts/pixel.js
IP
35.185.130.121:0
ASN
#15169 GOOGLE

File type
data
Size
51 kB (50692 bytes)
Hash
0f780642effa4ea01e27d2b2a8c981e4
21e72afb36c0dbad9140c1c7127303c940b57599
d469a4e525b975d3cd720fdb5041e84ce307727039db4e0a28927d4170b7d3d5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /javascripts/pixel.js HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/Y9g06O
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 16 Sep 2022 07:57:04 GMT
content-type: application/javascript
last-modified: Sun, 08 Aug 2021 17:07:38 GMT
vary: Accept-Encoding
etag: W/"61100f5a-1d6"
expires: Sat, 16 Sep 2023 07:57:04 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

reurl.cc/javascripts/ga.js

35.185.130.121

200 OK

55 kB

URL HTTP/2
reurl.cc/javascripts/ga.js
IP
35.185.130.121:0
ASN
#15169 GOOGLE

File type
data
Size
55 kB (55068 bytes)
Hash
ed5785820a9eaae317eee188fda4eaa2
382c621733f7e981ed2ccb3214e61e62ab7dd7e6
aa47065e2e7f0e62294c20a939f84fb3dc6cc8c417f59fa9a3744bb55608f630

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /javascripts/ga.js HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/Y9g06O
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 16 Sep 2022 07:57:04 GMT
content-type: application/javascript
last-modified: Sun, 08 May 2022 03:38:29 GMT
vary: Accept-Encoding
etag: W/"62773b35-17e"
expires: Sat, 16 Sep 2023 07:57:04 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

216.58.211.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 07:57:05 GMT
date: Fri, 16 Sep 2022 07:57:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons+Extended

216.58.211.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/icon?family=Material+Icons+Extended
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /icon?family=Material+Icons+Extended HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 07:57:05 GMT
date: Fri, 16 Sep 2022 07:57:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

216.58.211.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 07:57:05 GMT
date: Fri, 16 Sep 2022 07:57:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations