Report - www.takeover.live/

Report Overview

Submitted URL
www.takeover.live/
IP
104.21.8.74
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-12 22:58:45
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	34.217.237.91
mycn.io	307852	2017-09-02T09:05:35Z	2023-01-04T09:00:51Z	1.3 kB	4.0 kB	104.26.11.103
www.takeover.live	unknown			1.6 kB	231 kB	104.21.8.74
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.0 kB	5.3 kB	23.36.77.32
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.8 kB	76 kB	34.120.237.76
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-10T05:13:37Z	1.8 kB	9.7 kB	104.18.21.226
cc-west-usa.oss-accelerate.aliyuncs.com	635824	2020-06-04T15:20:38Z	2023-03-04T17:24:10Z	5.5 kB	2.3 MB	47.254.186.254
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	424 B	746 B	142.250.74.10
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.7 kB	3.8 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-10T11:39:59Z	676 B	1.5 kB	23.36.76.226
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.1 kB	38 kB	142.250.74.35
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	972 B	98 kB	216.58.207.195
ipinfo.io	8136	2013-12-16T08:25:53Z	2023-03-10T12:17:38Z	413 B	1.3 kB	34.117.59.81

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-12	medium	takeover.live	Sinkholed
2022-11-12	medium	takeover.live	Sinkholed
2022-11-12	medium	takeover.live	Sinkholed

JavaScript (24)

	URL	Size	First Seen	Last Seen
	www.takeover.live/ar	5.8 kB	2023-03-11	2023-03-11
Pretty URL www.takeover.live/ar IP 104.21.8.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:21 Last Seen2023-03-11 11:36:21 Times Seen1 Hash 1d6e476e961b7611882ad59ad9d4da49 a944c6030c6c4f3d32bd7a5eee0b750c1ec00868 76f114be299d8a6ddf1d5dc9327298ad6af2555d1ef4fdc74c3e7eeacc6096b6 Loading...

	www.takeover.live/js/post.js	7.8 kB	2023-03-11	2023-03-11
Pretty URL www.takeover.live/js/post.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:21 Last Seen2023-03-11 11:36:21 Times Seen1 Hash 1a22f38aa50d173b7112bd96106eba37 1d0b5006d36356f39278de6ee271eeabeff3e7a6 81196b53bc85fde9b86312f15513dcc3ea55570a49eb525365305ba8cf8aea19 Loading...

	www.takeover.live/templates_assets/js/intlTelInput.js	89 kB	2023-03-11	2023-03-11
Pretty URL www.takeover.live/templates_assets/js/intlTelInput.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:21 Last Seen2023-03-11 11:36:21 Times Seen1 Hash 9690a496fe8d028ad2fceef1d4395cf8 26860f9bda62bd4889fd5025b517703907da5965 1169587a13113510132337e78db047d50c634b8de674765d810c61362a795947 Loading...

	www.takeover.live/ar	883 B	2023-03-11	2023-03-11
Pretty URL www.takeover.live/ar IP 104.21.8.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:21 Last Seen2023-03-11 11:36:21 Times Seen1 Hash cf567f38a78c95bfddc555f750443750 f3497af1f25ba47704582b9599662133a10a7af8 95830fbcde5cdf8b2addfc447fb476513758ee7c57a83e9ebdf528a5810d15cd Loading...

	www.takeover.live/ar	15 kB	2023-03-11	2023-03-11
Pretty URL www.takeover.live/ar IP 104.21.8.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:21 Last Seen2023-03-11 11:36:21 Times Seen1 Hash 77fd36ce13e6292ded51b5666b7d027e f7c4ebb35516fcb46a3606eb504ca4fd45676f80 a8e717b3a31e531cd174793c147082bd2f5c17ae75eb930da625e523ad19f8e0 Loading...

	www.takeover.live/ar	13 B	2023-03-07	2024-04-19
Pretty URL www.takeover.live/ar IP 104.21.8.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:23 Last Seen2024-04-19 07:43:53 Times Seen830 Hash 1892a845aa81b9ddb8b6ef6920d742bb 0075569a5a4198b9812be41eab8956188aa19e55 6ba6c11bd8700086c8f00d11c7e22487a9c13a211f57e0cf06bb9e365fa87704 Loading...

	www.takeover.live/ar	3.4 kB	2023-03-11	2023-03-11
Pretty URL www.takeover.live/ar IP 104.21.8.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:22 Last Seen2023-03-11 11:36:22 Times Seen1 Hash 6324acaa9a3271fb9fa21cd3297413de a775882be88cfef22ef0e03f680b507508709655 c07453f2945f892ff85968221b5e60e0cffa71c5f21e9e09d15ba6d047cdc979 Loading...

	ipinfo.io/?callback=jQuery32107651314672312814_1668293915173&_=1668293915174	672 B	2023-03-11	2023-03-11
Pretty URL ipinfo.io/?callback=jQuery32107651314672312814_1668293915173&_=1668293915174 IP 34.117.59.81 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:22 Last Seen2023-03-11 11:36:22 Times Seen1 Hash 87c9f3ff3c3c3eb83bbc0230767274ce a899e805333e21d17295a8e583f3899855d32385 9b17c5485db950078e1e94c9e032a4feb570f10be9e2c328081cd83e594f268f Loading...

	www.takeover.live/ar	95 B	2023-03-11	2024-04-14
Pretty URL www.takeover.live/ar IP 104.21.8.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:53:12 Last Seen2024-04-14 17:34:55 Times Seen10 Hash 99a2a3db2c0c8ec139be8bb495db852e 1a31e153e5a0719fc9cfef289e3168f7a24f21c9 e659a3caf239d44f079b0bea51b0e40c3d61ccfdd4fb6b8c892c71e90c0a8deb Loading...

	www.takeover.live/ar	5.9 kB	2023-03-11	2023-03-11
Pretty URL www.takeover.live/ar IP 104.21.8.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:22 Last Seen2023-03-11 11:36:22 Times Seen1 Hash 497c04563748bd4654812f0937490266 279ead507b8018c3382bd1ec272c27e26af7df26 056ddb5ffad6ca49926964a72a9ff3f4ed1d025621a8c0bc4d11cb6c8c07a2e2 Loading...

	www.takeover.live/ar	1.2 kB	2023-03-11	2023-03-11
Pretty URL www.takeover.live/ar IP 104.21.8.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:22 Last Seen2023-03-11 11:36:22 Times Seen1 Hash a3b80ff8950dde190146b3398d45656d f9947aececdd32d609cbf98a40d4a83d1a67af0f 586a092d2b4060622626cbc14c475a1d113cc52a112fcb32b6628a049d17edb2 Loading...

	www.takeover.live/templates_assets/js/custom.js?v=0.06	15 kB	2023-03-11	2023-03-11
Pretty URL www.takeover.live/templates_assets/js/custom.js?v=0.06 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:22 Last Seen2023-03-11 11:36:22 Times Seen1 Hash 8cd5bd06333a34f4835148094f8ff95f 5e9304fa55d7b85934a43dde4d2e2ad8c6958c4f 98251d3621107ec9dc9827384267853245fbe9cb9eb6a44fc45603123e1857db Loading...

	www.takeover.live/axios/dist/axios.min.js	31 kB	2023-03-11	2023-03-11
Pretty URL www.takeover.live/axios/dist/axios.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:22 Last Seen2023-03-11 11:36:22 Times Seen1 Hash 56be4c158a01b9517e472b0941a78113 731f40b7e19bca7e40ff2e4eaffff2b15ab52918 3b21438f3331d4d3696ebec0e1757a90d6f3d87f10234dff540d7b3ae897297b Loading...

	www.takeover.live/templates_assets/js/main.js?v=1668293915	6.6 kB	2023-03-11	2023-03-11
Pretty URL www.takeover.live/templates_assets/js/main.js?v=1668293915 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:22 Last Seen2023-03-11 11:36:22 Times Seen1 Hash 532f5e1a487e237312b755db3b57b715 acd668dedf1df41d2eafd77a009fd7deef68529f bb2927ee294b3964899b18d9fc82a2ac0bf6b1676cc1b08c0bbf5ff556e6b05c Loading...

	www.takeover.live/templates_assets/js/store-plugin-min.js?v=0.01	404 kB	2023-03-11	2023-03-11
Pretty URL www.takeover.live/templates_assets/js/store-plugin-min.js?v=0.01 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:22 Last Seen2023-03-11 11:36:22 Times Seen1 Hash efcc396b72794432713707021da863b4 548912eda695db66254c70bcfcac94ffb42375c9 f50d7f2e755de7362bd8ce72c86c8ab69038daf6d9ca8193890df40af9735b09 Loading...

	www.takeover.live/ar	3.3 kB	2023-03-11	2023-03-11
Pretty URL www.takeover.live/ar IP 104.21.8.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:22 Last Seen2023-03-11 11:36:22 Times Seen1 Hash de405db5c6b61f79fa788944dab7f1ba 7e5d0ecfbd76a126d65f4b21395a89d367d1f62b fb88b6f4d13c3baa330048d431e7af4161d8a8fc42ac806451cc78792c9d45ac Loading...

	www.takeover.live/ar	451 B	2023-03-11	2023-03-11
Pretty URL www.takeover.live/ar IP 104.21.8.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:22 Last Seen2023-03-11 11:36:22 Times Seen1 Hash 9738501aeaaa48e5e607156f0b189548 ba079bd2998414a880186af7f86ad8790f8d7614 a5df01ffabb78856b0b14a6359ac797719d3ecd2110584452349fbad4952babe Loading...

	www.takeover.live/ar	4.4 kB	2023-03-11	2023-03-11
Pretty URL www.takeover.live/ar IP 104.21.8.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:22 Last Seen2023-03-11 11:36:22 Times Seen1 Hash 19961ac00830cdadd9afdaa38de6a192 fd47c839b444ceabe66a6121d7efea4511e872ec 1acd4e19154beaafb374b618d83a8fc2e0baf09320455805fc728a98c88f3345 Loading...

	www.takeover.live/landing_assets/js/tel_input/utils.js	246 kB	2023-03-07	2024-04-06
Pretty URL www.takeover.live/landing_assets/js/tel_input/utils.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:26 Last Seen2024-04-06 18:12:00 Times Seen111 Hash fa93ba6d05b742fa860e996d2e2ad026 b49617d52532fd9103be37b2b9aac09c0213d4d8 296e05debe566282bde87bc3de5e06990abbb5a622e7564ead60f4b35f50520b Loading...

	www.takeover.live/templates_assets/js/owl.carousel.min.js	44 kB	2023-03-07	2024-04-20
Pretty URL www.takeover.live/templates_assets/js/owl.carousel.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-20 09:49:39 Times Seen19837 Hash f416f9031fef25ae25ba9756e3eb6978 e2a600e433df72b4cfde93d7880e3114917a3cbe a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d Loading...

	www.takeover.live/ar	1.2 kB	2023-03-11	2023-03-11
Pretty URL www.takeover.live/ar IP 104.21.8.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:22 Last Seen2023-03-11 11:36:22 Times Seen1 Hash 4bda6b7aba82126da1628ec9b675561e 5898181e92f31ca2e9dd4ce71fab83e5866352a5 de86ed219fa3a9224383c3b5b409d6da9c3fda84a00fc00ec658153fa7e8acc1 Loading...

	www.takeover.live/js/submit-login.js?v=0.02	3.0 kB	2023-03-11	2023-03-11
Pretty URL www.takeover.live/js/submit-login.js?v=0.02 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:22 Last Seen2023-03-11 11:36:22 Times Seen1 Hash 4da1a7c74041d8a493a43dc5376c1ded 45b0853938731b9fcafd70d1b7c349029be9be0e 01a466b65079709035b00e9fcf89a2f6e4a67d47a965ea1e4df903797a4f2c0f Loading...

	www.takeover.live/ar	1.0 kB	2023-03-11	2023-03-11
Pretty URL www.takeover.live/ar IP 104.21.8.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:36:22 Last Seen2023-03-11 11:36:22 Times Seen1 Hash 2d63c1e5a3ba039447f4ff44d9c85f97 c712a54a94663a50de72479f6b9cea89774d5be5 40ba2e25b8b5d6043d5326f02b747917f41b3ffda2f3d89722cf439179621b6e Loading...

		Size	First Seen	Last Seen
	#1 Write - 3a824154b16ed7dab899bf000b80eeee	4 B	2023-03-07	2024-02-13
Pretty Observations First Seen2023-03-07 01:02:03 Last Seen2024-02-13 04:29:14 Times Seen34 Hash 3a824154b16ed7dab899bf000b80eeee e575dccc71140754dd85beda5965b6a358150309 b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0 Loading...

HTTP Transactions (59)

URL IP Response Size

www.takeover.live/

104.21.8.74

301 Moved Permanently

0 B

URL HTTP/1.1
www.takeover.live/
IP
104.21.8.74:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.takeover.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 12 Nov 2022 22:58:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 12 Nov 2022 23:58:33 GMT
Location: https://www.takeover.live/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hjo2x4j5aTbVPa3Tv0vlyMF%2FG8xebG%2BTEV6PthLQ07cjdaSzDy4L1AyZBLS3fff7aTAdvT%2FwV7C5EW4EPG5KkJCipfXgg1a%2Bcvd70EnPiTKE3nybNTDOCeKICjeTfa4XQhHb2g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7692df7f59d20b39-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10871
Expires: Sun, 13 Nov 2022 01:59:44 GMT
Date: Sat, 12 Nov 2022 22:58:33 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
de470c6bab46e7c4b7cc69f392900fe7
189e4dcc4c2b8bf1f050e06bd68bce8a99618918
86f57134ddebd23a25615dc4d59c4b1ca8919e3e0495e1f006cbe7c0f39aa27e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6281
Cache-Control: max-age=134243
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:33 GMT
Etag: "636f75f3-1d7"
Expires: Mon, 14 Nov 2022 12:15:56 GMT
Last-Modified: Sat, 12 Nov 2022 10:31:15 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 22:44:16 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 857
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8391107bfc5e4673e8a706f90f63768
5295ed0b1cb8bad4d3e851049acc7f0270937d12
ed5c27510100ffc4481be474ebcb020d147c645beb110604d5284eeeb8b97c02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED5C27510100FFC4481BE474EBCB020D147C645BEB110604D5284EEEB8B97C02"
Last-Modified: Fri, 11 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6741
Expires: Sun, 13 Nov 2022 00:50:54 GMT
Date: Sat, 12 Nov 2022 22:58:33 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 8G3Kb3jhBHgE+VvZFVJ6CMInj34MHgDxdIvnANqRXh8uKv1XRbMCrwxtbt8YZ6wINVH7eeI+g60=
x-amz-request-id: AV6XABG35JNBBGJB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 22:13:10 GMT
age: 2723
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 22:58:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
944b00ebda3a5ba3f41b0de3ee0d9cb8
1ef0c83a9d353c0aaf9503e720465d0be939eaa9
85542b9bef66d3cb39a036ee7985e6702e9b9b0e6db3390a0356263b53990097

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "85542B9BEF66D3CB39A036EE7985E6702E9B9B0E6DB3390A0356263B53990097"
Last-Modified: Fri, 11 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 13 Nov 2022 04:58:33 GMT
Date: Sat, 12 Nov 2022 22:58:33 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
944b00ebda3a5ba3f41b0de3ee0d9cb8
1ef0c83a9d353c0aaf9503e720465d0be939eaa9
85542b9bef66d3cb39a036ee7985e6702e9b9b0e6db3390a0356263b53990097

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "85542B9BEF66D3CB39A036EE7985E6702E9B9B0E6DB3390A0356263B53990097"
Last-Modified: Fri, 11 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Sun, 13 Nov 2022 04:58:33 GMT
Date: Sat, 12 Nov 2022 22:58:34 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 22:44:48 GMT
cache-control: public,max-age=3600
age: 826
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ae51f1958554de4457c22a7d5a9ba8b6
173e90a8c6ee36b7ec569dbea47436a90d7e7c76
dc43a04e1e26243f63a8e628f2ebcb23a9527fd4bc40dc6d1d61879b0f95bb21

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6301
Cache-Control: max-age=129199
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:34 GMT
Etag: "636f622c-1d7"
Expires: Mon, 14 Nov 2022 10:51:53 GMT
Last-Modified: Sat, 12 Nov 2022 09:06:52 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.217.237.91

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.217.237.91:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /SsIJWcJhM4YoNFc1Ae4eg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YpspCXFkjN09GsqyPT2VUYr5Rl8=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21259
Expires: Sun, 13 Nov 2022 04:52:54 GMT
Date: Sat, 12 Nov 2022 22:58:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21259
Expires: Sun, 13 Nov 2022 04:52:54 GMT
Date: Sat, 12 Nov 2022 22:58:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21259
Expires: Sun, 13 Nov 2022 04:52:54 GMT
Date: Sat, 12 Nov 2022 22:58:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21259
Expires: Sun, 13 Nov 2022 04:52:54 GMT
Date: Sat, 12 Nov 2022 22:58:35 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a9d38fc-0dee-4412-bfef-620ec5ad637d.jpeg

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a9d38fc-0dee-4412-bfef-620ec5ad637d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8699 bytes)
Hash
0077b7342ec253df4859e37e6bd05e80
48fa15cd9d04448bcfde91d3fdef1ff3ff16d8a4
9af831fc83059c499c0d45aed0fc6f30154caa972d29ce63a71bbfc6b9e26e88

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a9d38fc-0dee-4412-bfef-620ec5ad637d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8699
x-amzn-requestid: b8c0d987-2ca4-4fb5-b2a2-6f262ac3e9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bHbGiEBMIAMFxzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63660bc3-0a4863164f8313e1310700c6;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 07:07:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fhGr0dGIo-khJAPKA0t5WUzrrjziu4cfG1qAcLdR2QQGAfvsDoeCBw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 03:21:55 GMT
age: 70600
etag: "48fa15cd9d04448bcfde91d3fdef1ff3ff16d8a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcda76b4a-e2cf-4a4f-903b-a939ac862b71.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11388 bytes)
Hash
3fd9f2cf5d5cbda75b55b310034f8294
58ebbd459c47d5f773da1da77f370286e006ae30
6b04a734b7e10e329df43e107462906f1690c95783cad69d56a412955b88d66e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcda76b4a-e2cf-4a4f-903b-a939ac862b71.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11388
x-amzn-requestid: 476bbb49-4bd4-408f-b82f-3dfd52dcf7ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bgfNdEYsoAMF0HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63701255-06630c41353045dc5e5d58b8;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -wI4Gprap42Eewd0DwppPQcSN4Bj5LX-PDAGk-eo-UCk8TuX_Dd9_A==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:54:29 GMT
age: 3846
etag: "58ebbd459c47d5f773da1da77f370286e006ae30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4da03871-10a1-4d64-8f01-11282f1f6f20.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13931 bytes)
Hash
dbfb6798f32968c8e68ba386edf23794
29d00e0276be7b87b759d78edbb3851c52e4db86
4379cce07bdfea4da27c1f158d1c16928346f8ebdf00272737fd1cf1c75f5fee

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4da03871-10a1-4d64-8f01-11282f1f6f20.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13931
x-amzn-requestid: 3f6caf57-b687-4d1b-af40-a21bbebaff95
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEI_KFf2IAMFwgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364bb94-23ae7ecd18dc41521e172237;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 07:13:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CoDvVLQV5-9tqbMiKDNkb6y-U0EGO36WHPtZ3Am-eGbPdGLXd7tNYA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 03:53:05 GMT
age: 68730
etag: "29d00e0276be7b87b759d78edbb3851c52e4db86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8995ae3b-9ed6-4d82-aeda-bce16829dd81.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7018 bytes)
Hash
8bb9138fde16b4052595c61c9aae69a1
eba0fcacc61aed15fe7c4aa11a951e1b681f08d2
11b98e67b1e869b2456ace0e07aa6f5019d15f43c8132f482c76e322282d8e63

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8995ae3b-9ed6-4d82-aeda-bce16829dd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7018
x-amzn-requestid: 35b9ea76-0024-42a6-9561-f2f87fa09f70
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bHcAoGLUIAMFkVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63660d37-29eb6d7d6379fff612a6a593;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 07:13:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _Lgx5YJ1SaHAGB2vH0VIXW7Hu6ZIjdvyLjo3XFasEXqUNqCeKzLqJQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 04:07:30 GMT
age: 67865
etag: "eba0fcacc61aed15fe7c4aa11a951e1b681f08d2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bfc69f5-02e2-48e4-a7f8-345ee02dd656.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11187 bytes)
Hash
4f181df0e475c123b46f016d3c0bbaa5
399ce32b1fdcdef9061bddb840663f35e39b919a
ed9ba753f718903cd997c027f58b63f41e32107367b22b03f964d7eecdf9ba16

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bfc69f5-02e2-48e4-a7f8-345ee02dd656.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11187
x-amzn-requestid: 475229e1-bbb5-43a0-8733-1140a99b6b6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEIaqFFrIAMF7KA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364baaa-4261a60e57ae0c4d7a62e5e9;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 07:09:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NOu_3OBXieJtRp3_FbCykAhx3laNraMMTqFKfjXIiV6QqPTeUYsnfQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 06:02:50 GMT
age: 60945
etag: "399ce32b1fdcdef9061bddb840663f35e39b919a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd2698a2-6980-44f7-aa49-52cc55dc0647.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6327 bytes)
Hash
9089a86b213cc0f8701c5ce6ed1a135a
bba046058fb4144e78ccc43e22baa873c1cd396d
9929557912911c1afa95ad55509fbda53d7755e5b0f7eb33adf4f8ee9a9f61de

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd2698a2-6980-44f7-aa49-52cc55dc0647.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6327
x-amzn-requestid: 4228ad59-2113-4457-b225-fd931b5e1092
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bUquTE1KoAMFi1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636b57f4-353d91f526e7efb9088c8692;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 07:34:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: F_cpNY6oFlOj9NvJXbdyFHpGZlkn_5jzUwLpiOqNs8I_zQbEgVKN_w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:55:53 GMT
age: 3762
etag: "bba046058fb4144e78ccc43e22baa873c1cd396d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
2723d5c97ce20782e81bd635bdf346e8
2312b6bb3e038916ae5ae2ce7372f7c61e74b2d1
2c2beb24062615df44939b1ab8c09df7c61405b919f91ede479e5c5708afcd27

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=96249
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:35 GMT
Etag: "636efa14-116"
Expires: Mon, 14 Nov 2022 01:42:44 GMT
Last-Modified: Sat, 12 Nov 2022 01:42:44 GMT
Server: nginx
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
2723d5c97ce20782e81bd635bdf346e8
2312b6bb3e038916ae5ae2ce7372f7c61e74b2d1
2c2beb24062615df44939b1ab8c09df7c61405b919f91ede479e5c5708afcd27

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=96249
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:35 GMT
Etag: "636efa14-116"
Expires: Mon, 14 Nov 2022 01:42:44 GMT
Last-Modified: Sat, 12 Nov 2022 01:42:44 GMT
Server: nginx
Content-Length: 278

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

791 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
gzip compressed data, max compression\012- data
Size
791 B (791 bytes)
Hash
15160be6cc492374fcde1fb56bdd5065
d498fb522e4b005f38eb869f70670facdbce70f3
603c32e1782067e2cdb0667471e710e95130a38d66fc0b06acc5ef0c67e104d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=96249
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:35 GMT
Etag: "636efa14-116"
Expires: Mon, 14 Nov 2022 01:42:44 GMT
Last-Modified: Sat, 12 Nov 2022 01:42:44 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

34 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
34 kB (34536 bytes)
Hash
e192779c63694b5d08bf2f25de3c3a26
0be6b9b580ca1947c4b7069a4416d783cc70306c
f38d7ee3181dcfab1d5b0d0c49b33712d73c4949a3d6828352528a7264468dca

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/almarai/v12/tsstApxBaigK_hnnQ1iFow.woff2

216.58.207.195

200 OK

47 kB

URL HTTP/2
fonts.gstatic.com/s/almarai/v12/tsstApxBaigK_hnnQ1iFow.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 46804, version 1.0\012- data
Size
47 kB (46804 bytes)
Hash
4abcf53e103bfce2b9c0f04bf199308d
297b069084752969677f01a519bd64458cb7a579
2a6bda3553569fc700de73f81edc96180d144db1e05a702bc9854dbe14961c5e

HTTP Headers

GET /s/almarai/v12/tsstApxBaigK_hnnQ1iFow.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.takeover.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46804
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 22:43:35 GMT
expires: Wed, 08 Nov 2023 22:43:35 GMT
cache-control: public, max-age=31536000
age: 346501
last-modified: Tue, 19 Apr 2022 18:10:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/almarai/v12/tssoApxBaigK_hnnS-agtnqWow.woff2

216.58.207.195

200 OK

50 kB

URL HTTP/2
fonts.gstatic.com/s/almarai/v12/tssoApxBaigK_hnnS-agtnqWow.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
data
Size
50 kB (49779 bytes)
Hash
8b978a55bfc5ffb87f22bd697c67dc07
4a281b8d9276b89bbe2a80a65a971434579295c1
db392f7031412c1e5eb978b24371d7b8fecfc9eac5027a99cf04575e5819d4b7

HTTP Headers

GET /s/almarai/v12/tssoApxBaigK_hnnS-agtnqWow.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.takeover.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 20:05:58 GMT
expires: Tue, 07 Nov 2023 20:05:58 GMT
cache-control: public, max-age=31536000
age: 442358
last-modified: Tue, 19 Apr 2022 18:29:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3723d23fdcd3f3d34132d56faae4428b
4bf9c6e15b8de24fc7387ce145382f9b3e9cb1c8
4bc047ec725bd4d99c9dd4fa11edc91702f722d16e53b5eef0920cb5dc7e7ca8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/8zRofmzdPas

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/8zRofmzdPas
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2a8ae1d4bed2f3c4ad838d3e1aef133e
db792b511787c46892de011830196cdb8a3ca806
27eb5ca3ab95cceb979651f4acac097f03618cec49b9d9a084578692afbe4787

HTTP Headers

POST /s/gts1d4/8zRofmzdPas HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:58:36 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ipinfo.io/?callback=jQuery32107651314672312814_1668293915173&_=1668293915174

34.117.59.81

200 OK

827 B

URL HTTP/2
ipinfo.io/?callback=jQuery32107651314672312814_1668293915173&_=1668293915174
IP
34.117.59.81:0
ASN
#15169 GOOGLE

File type
data
Size
827 B (827 bytes)
Hash
6324ae597c10292c5e6d656556429dcf
e8eaaff5964e91635211019ea4af16d4f010cd18
a4e2523cc30ed915ce3fba1ebbd076b99a1b9ab645db6a2b001ced4282d107eb

HTTP Headers

GET /?callback=jQuery32107651314672312814_1668293915173&_=1668293915174 HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-type: text/javascript; charset=utf-8
date: Sat, 12 Nov 2022 22:58:36 GMT
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
165d870547cff877acfc5b53a27f0f7b
3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb
963c686c4b2bb6b6f3057545597e4a65d8298c0c7c4355dc77ce92948a8d015b

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 22:58:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 16 Nov 2022 20:07:00 GMT
ETag: "3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb"
Last-Modified: Sat, 12 Nov 2022 20:07:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2415
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7692df94beac0b3d-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
165d870547cff877acfc5b53a27f0f7b
3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb
963c686c4b2bb6b6f3057545597e4a65d8298c0c7c4355dc77ce92948a8d015b

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 22:58:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 16 Nov 2022 20:07:00 GMT
ETag: "3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb"
Last-Modified: Sat, 12 Nov 2022 20:07:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2415
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7692df94b8511c0a-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
165d870547cff877acfc5b53a27f0f7b
3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb
963c686c4b2bb6b6f3057545597e4a65d8298c0c7c4355dc77ce92948a8d015b

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 22:58:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 16 Nov 2022 20:07:00 GMT
ETag: "3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb"
Last-Modified: Sat, 12 Nov 2022 20:07:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2415
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7692df94bd7d0b49-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
165d870547cff877acfc5b53a27f0f7b
3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb
963c686c4b2bb6b6f3057545597e4a65d8298c0c7c4355dc77ce92948a8d015b

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 22:58:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 16 Nov 2022 20:07:00 GMT
ETag: "3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb"
Last-Modified: Sat, 12 Nov 2022 20:07:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2415
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7692df94bda30b59-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
165d870547cff877acfc5b53a27f0f7b
3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb
963c686c4b2bb6b6f3057545597e4a65d8298c0c7c4355dc77ce92948a8d015b

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 22:58:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 16 Nov 2022 20:07:00 GMT
ETag: "3912efbf83f2fb4d4b822bd7e7e031ebf521d0cb"
Last-Modified: Sat, 12 Nov 2022 20:07:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2415
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7692df94bfadb50c-OSL

cc-west-usa.oss-accelerate.aliyuncs.com/20210124/330183414810.jpg

47.254.186.254

200 OK

80 kB

URL HTTP/1.1
cc-west-usa.oss-accelerate.aliyuncs.com/20210124/330183414810.jpg
IP
47.254.186.254:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
data
Size
80 kB (79957 bytes)
Hash
459efe2b5640474142c431814a02d5be
e491eb1a6abdd632f1042620b61892d4fb7527f4
bfc420bbc38f4e707d9df15a2db75f3c06057b5ff6a80e6fd75ec503ee88ceba

HTTP Headers

GET /20210124/330183414810.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 67557
Connection: keep-alive
x-oss-request-id: 6370251DF5968481722BEDDD
Accept-Ranges: bytes
ETag: "11F051650B51CC3E2E4894B1ACFA459F"
Last-Modified: Sun, 24 Jan 2021 01:09:18 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2173227806351685291
x-oss-storage-class: Standard
Content-MD5: EfBRZQtRzD4uSJSxrPpFnw==
x-oss-server-time: 1

cc-west-usa.oss-accelerate.aliyuncs.com/1615093780331.jpg

47.254.186.254

200 OK

54 kB

URL HTTP/1.1
cc-west-usa.oss-accelerate.aliyuncs.com/1615093780331.jpg
IP
47.254.186.254:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Size
54 kB (54239 bytes)
Hash
657032d3544e8766e67e7016d8cf097a
edce3432aa634a8e9d5e04415c57614c4b8056dd
3a6535b7fc24286696ff6f802be55b990cf3d78cd45b6bcb2a2d15993df294bd

HTTP Headers

GET /1615093780331.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 54239
Connection: keep-alive
x-oss-request-id: 6370251DBD4F6A957F2BEA2A
Accept-Ranges: bytes
ETag: "657032D3544E8766E67E7016D8CF097A"
Last-Modified: Sun, 07 Mar 2021 05:09:40 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9381709334874409653
x-oss-storage-class: Standard
Content-MD5: ZXAy01ROh2bmfnAW2M8Jeg==
x-oss-server-time: 26

cc-west-usa.oss-accelerate.aliyuncs.com/1612662954459.jpg

47.254.186.254

200 OK

112 kB

URL HTTP/1.1
cc-west-usa.oss-accelerate.aliyuncs.com/1612662954459.jpg
IP
47.254.186.254:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
data
Size
112 kB (112539 bytes)
Hash
5c004b21d63f28de76516981ce190480
e74211ba2f2d85bb63b6e017c18cca1ec65a3ab1
1cc06fd982c305531a61ce3bd03fce029d7e951690d0e184d9ed8d5d46771ffc

HTTP Headers

GET /1612662954459.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 112134
Connection: keep-alive
x-oss-request-id: 6370251DBC153D8FFA32CCEE
Accept-Ranges: bytes
ETag: "F5591D612D9CF6CBE064DA4D9ADE9541"
Last-Modified: Sun, 07 Feb 2021 01:55:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6211249305732974191
x-oss-storage-class: Standard
Content-MD5: 9VkdYS2c9svgZNpNmt6VQQ==
x-oss-server-time: 37

cc-west-usa.oss-accelerate.aliyuncs.com/203207/396981552789.jpg

47.254.186.254

200 OK

104 kB

URL HTTP/1.1
cc-west-usa.oss-accelerate.aliyuncs.com/203207/396981552789.jpg
IP
47.254.186.254:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
data
Size
104 kB (104099 bytes)
Hash
c0c8cb7f18331fe1238764b476572ad5
6e4fb2f6e50629ce98e1cbc7f5996cd4716c3164
651e264657308c9ab4dd71de550dd235f54bc2c61784c52db89bc442a44f351b

HTTP Headers

GET /203207/396981552789.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 103830
Connection: keep-alive
x-oss-request-id: 6370251DBC153D8FFA32CCEB
Accept-Ranges: bytes
ETag: "640253A6B8E4CA418B9E252C8F5BDD89"
Last-Modified: Mon, 07 Dec 2020 07:29:35 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7539397868680364022
x-oss-storage-class: Standard
Content-MD5: ZAJTprjkykGLniUsj1vdiQ==
x-oss-server-time: 100

cc-west-usa.oss-accelerate.aliyuncs.com/15254784/692945411166.png

47.254.186.254

200 OK

608 kB

URL HTTP/1.1
cc-west-usa.oss-accelerate.aliyuncs.com/15254784/692945411166.png
IP
47.254.186.254:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
data
Size
608 kB (608097 bytes)
Hash
1e83c32c6a80e71f4ed908e7d2e3fc0d
9fffeac54770368aa1266ddd0143153a84cc39f1
764a65cbfd7f625fca32300bc85ee0e8e07d65b513ac0edcd1a9f08d87a2305c

HTTP Headers

GET /15254784/692945411166.png HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/png
Content-Length: 607747
Connection: keep-alive
x-oss-request-id: 6370251DBD4F6A957F2BEA2C
Accept-Ranges: bytes
ETag: "134867A29484B542EF01C569F0A9156C"
Last-Modified: Mon, 04 Jul 2022 18:46:18 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7111407666637485075
x-oss-storage-class: Standard
Cache-Control: max-age=31536000
Content-MD5: E0hnopSEtULvAcVp8KkVbA==
x-oss-server-time: 87

cc-west-usa.oss-accelerate.aliyuncs.com/1615772936023.jpg

47.254.186.254

200 OK

88 kB

URL HTTP/1.1
cc-west-usa.oss-accelerate.aliyuncs.com/1615772936023.jpg
IP
47.254.186.254:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
data
Size
88 kB (87795 bytes)
Hash
f7d5b6a74ef427af132948c435ee6594
ec4a07790dd2a136c8d6a6615d16037a74c68744
967b57715d55473182eb50074ac4ec8d4ac07810c116af0cf5086254d8181935

HTTP Headers

GET /1615772936023.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 86791
Connection: keep-alive
x-oss-request-id: 6370251DF5968481722BEE08
Accept-Ranges: bytes
ETag: "2DD2F0E7EA8EBAB00047393162437124"
Last-Modified: Mon, 15 Mar 2021 01:48:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 856864699436289898
x-oss-storage-class: Standard
Content-MD5: LdLw5+qOurAARzkxYkNxJA==
x-oss-server-time: 41

cc-west-usa.oss-accelerate.aliyuncs.com/20200810/650700480559.jpg

47.254.186.254

200 OK

210 kB

URL HTTP/1.1
cc-west-usa.oss-accelerate.aliyuncs.com/20200810/650700480559.jpg
IP
47.254.186.254:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
data
Size
210 kB (210433 bytes)
Hash
35154009ebb1bd4e7503245aa17ba1ec
29dfedbacb036d93e493f086472aeafb4a9f7d01
a05e8b11047aac9872350c3613cbad258631b089241a9b82e316a6c15b551de3

HTTP Headers

GET /20200810/650700480559.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 93605
Connection: keep-alive
x-oss-request-id: 6370251DF5968481722BEE18
Accept-Ranges: bytes
ETag: "663AB8A60106037921EC6D9466D47B5D"
Last-Modified: Mon, 10 Aug 2020 02:24:43 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15074929034705863356
x-oss-storage-class: Standard
Content-MD5: Zjq4pgEGA3kh7G2UZtR7XQ==
x-oss-server-time: 56

cc-west-usa.oss-accelerate.aliyuncs.com/9a706a61-9543-4001-9817-ecd50b22d80c.jpg

47.254.186.254

200 OK

102 kB

URL HTTP/1.1
cc-west-usa.oss-accelerate.aliyuncs.com/9a706a61-9543-4001-9817-ecd50b22d80c.jpg
IP
47.254.186.254:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Size
102 kB (102318 bytes)
Hash
e7741a7c271952354ebb058b383d8f63
77ed4d6e8282e57cb78670e2efb13158f25d5bd5
993fca18b024918e7bbb95c5f20e25b9b178abf515eb614548b2ba2c43c6c9a5

HTTP Headers

GET /9a706a61-9543-4001-9817-ecd50b22d80c.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 102318
Connection: keep-alive
x-oss-request-id: 6370251DC60405673646C7AD
Accept-Ranges: bytes
ETag: "E7741A7C271952354EBB058B383D8F63"
Last-Modified: Fri, 24 Sep 2021 05:56:24 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11395407322428584218
x-oss-storage-class: Standard
Content-MD5: 53QafCcZUjVOuwWLOD2PYw==
x-oss-server-time: 60

cc-west-usa.oss-accelerate.aliyuncs.com/20200728/1691511680953.jpg

47.254.186.254

200 OK

230 kB

URL HTTP/1.1
cc-west-usa.oss-accelerate.aliyuncs.com/20200728/1691511680953.jpg
IP
47.254.186.254:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 1000x1000, components 3\012- data
Size
230 kB (230138 bytes)
Hash
091c363dbaf95e38da382fb51e9ce559
64ac6c463cf22c58d3f57c285e012eefd163f18b
c8d27c7d6211c2f20277145d6f07d9a8b84dad49618ea72d14246ba65d05a5ef

HTTP Headers

GET /20200728/1691511680953.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 230138
Connection: keep-alive
x-oss-request-id: 6370251DFF9A9286A238C5F0
Accept-Ranges: bytes
ETag: "091C363DBAF95E38DA382FB51E9CE559"
Last-Modified: Tue, 28 Jul 2020 07:38:04 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12053003904920793426
x-oss-storage-class: Standard
Content-MD5: CRw2Pbr5XjjaOC+1HpzlWQ==
x-oss-server-time: 40

cc-west-usa.oss-accelerate.aliyuncs.com/1615023209257.jpg

47.254.186.254

200 OK

323 kB

URL HTTP/1.1
cc-west-usa.oss-accelerate.aliyuncs.com/1615023209257.jpg
IP
47.254.186.254:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
data
Size
323 kB (322629 bytes)
Hash
b60b0cb2769b630b14e7317c93bf8d64
25e37fae8ca4cb6c14a6b86f478c1a9d49e723a0
1e6facede5b71368f7a9a0f734c2d6450a189cc87ab93ae69bbd1b5815e944ac

HTTP Headers

GET /1615023209257.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 322140
Connection: keep-alive
x-oss-request-id: 6370251DBD4F6A957F2BEA86
Accept-Ranges: bytes
ETag: "41F420E7D241842121977B3736D2E974"
Last-Modified: Sat, 06 Mar 2021 09:33:29 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9213528408614826214
x-oss-storage-class: Standard
Content-MD5: QfQg59JBhCEhl3s3NtLpdA==
x-oss-server-time: 84

cc-west-usa.oss-accelerate.aliyuncs.com/2048/656211389217.jpg

47.254.186.254

200 OK

159 kB

URL HTTP/1.1
cc-west-usa.oss-accelerate.aliyuncs.com/2048/656211389217.jpg
IP
47.254.186.254:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Size
159 kB (158724 bytes)
Hash
a0d9f325202daa5594cf7fd51654c821
30a706e2c8f950dc27d3e8a18169fc7d5f413c0a
e2918f021819d8a8983bf1d3a1dfca14974c06a4846cc729e8acb81395a28556

HTTP Headers

GET /2048/656211389217.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 158724
Connection: keep-alive
x-oss-request-id: 6370251DF5968481722BEE52
Accept-Ranges: bytes
ETag: "A0D9F325202DAA5594CF7FD51654C821"
Last-Modified: Wed, 16 Dec 2020 08:15:48 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 4163980679194445075
x-oss-storage-class: Standard
Content-MD5: oNnzJSAtqlWUz3/VFlTIIQ==
x-oss-server-time: 16

cc-west-usa.oss-accelerate.aliyuncs.com/2050/167193167684.jpg

47.254.186.254

200 OK

122 kB

URL HTTP/1.1
cc-west-usa.oss-accelerate.aliyuncs.com/2050/167193167684.jpg
IP
47.254.186.254:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
data
Size
122 kB (121815 bytes)
Hash
5055bee0c53399dca3847d42d2065ce6
e632c12393d337df2d8303b4e8909e3b189c8be3
387233892eff178be0789ad057e1483b152bbd2b10802e66d45366b1f4e37bdb

HTTP Headers

GET /2050/167193167684.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 119600
Connection: keep-alive
x-oss-request-id: 6370251DBC153D8FFA32CD75
Accept-Ranges: bytes
ETag: "A20FCF54950DDFF88D32822AF675D83F"
Last-Modified: Fri, 18 Dec 2020 08:45:35 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17527069388404868936
x-oss-storage-class: Standard
Content-MD5: og/PVJUN3/iNMoIq9nXYPw==
x-oss-server-time: 38

cc-west-usa.oss-accelerate.aliyuncs.com/1617345664209.jpg

47.254.186.254

200 OK

148 kB

URL HTTP/1.1
cc-west-usa.oss-accelerate.aliyuncs.com/1617345664209.jpg
IP
47.254.186.254:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x1200, components 3\012- data
Size
148 kB (147614 bytes)
Hash
4fdb409ff3010e9162d923ec9a846d71
105c2aa850a9b690da1bb14ec96daceece749690
f06a3b312069a0912f600e5521a7fa0b79bbb1484bdb787d0ab95e4e5cb5f49f

HTTP Headers

GET /1617345664209.jpg HTTP/1.1
Host: cc-west-usa.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 12 Nov 2022 22:58:37 GMT
Content-Type: image/jpeg
Content-Length: 147614
Connection: keep-alive
x-oss-request-id: 6370251DFF9A9286A238C648
Accept-Ranges: bytes
ETag: "4FDB409FF3010E9162D923EC9A846D71"
Last-Modified: Fri, 02 Apr 2021 06:41:11 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15692121122868701754
x-oss-storage-class: Standard
Content-MD5: T9tAn/MBDpFi2SPsmoRtcQ==
x-oss-server-time: 86

www.takeover.live/ar

104.21.8.74

200 OK

228 kB

URL HTTP/2
www.takeover.live/ar
IP
104.21.8.74:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1620)
Size
228 kB (228081 bytes)
Hash
c7a4dac4ebcfd06cd0cab994d0991a5d
55b1a6c9b0e51316b9ff0080e05472598487bff9
224512149ed6b21029c16d4a032559e32e7f0067175fbbd529ce629f1bd45f07

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ar HTTP/1.1
Host: www.takeover.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: mycn_session=eyJpdiI6IlFQRm10dCtpM0cweHB1eHRuRnJzalE9PSIsInZhbHVlIjoic3QvcjZ6RXRYc3RCaU5uR1pMdW9nL1VuS2ZlTmdCVXNpTUkyRGtkdzZlaVh3WEZHdTd4dVVvcFZueWdha0lTVkxSbG9Yd2FrSmYvbUFjQksyUG9vSVpLcXpFREY3Wnk4cWZtTjR1bkI3clBFVWkyK25xb0VCRXVZQlFva2x3YnEiLCJtYWMiOiIyODg0N2QyZDVmMjk5YzFlMTA0NjkxOWVkOWZlMjU4ODIxZDU3ODk1MTJlNGYxMWMxYTU2MGFjMWUwOTNkNGVmIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:58:35 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
set-cookie: mycn_session=eyJpdiI6ImpsdEdTek1lbE0vYXNlUEN2bUFYR0E9PSIsInZhbHVlIjoibGJabDRIY3JnTjBCL3Y3czNWdUpXcG1NdE96VnZRUDJuSC9xTVpKWGo1MjFEV2ozNDlJTGJXVjcrNWc2Zml5alkwTHpJWmFtUnZlRlI3Z1kyQVl6N3dhMG9iNmp5V3FSdVRlazI1Tjh1WHFaMTN1K1cxeE5JaVQxR1lHY2NuR3oiLCJtYWMiOiIyYTI5MTQ4MjI2ZGQxY2M3ZDc5NzVkOTdkMzc5MTU2MjMxMzMxMjI5YTlmMDZjNmI0NmJjZTE3MTYyYzFkZmU3IiwidGFnIjoiIn0%3D; expires=Sun, 13 Nov 2022 00:58:35 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpqufMX0xYVXRP63Hn0wo7zFXOkEhulk9YCW4mVR2%2FftqaeGvDglpJzYO7u%2F2xZX4ak78CJwh1aQEXNYVosyIzRZa0ISArThA%2FXXtbUQ1PslLBTdVViqEYZKUdzjXNqzoHaOgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7692df834b18b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15103da1-5996-4497-9ec1-6bf49292c35c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9708 bytes)
Hash
b3ce8ed12a73c0d1cc9a5f838bff34c8
b96ef6b0060b6dd83475728986ff333faf35c4b6
12466854c0ba0cf11043d6b0ef171c8d6645e6d7f4de4211e1426d0c883a0d96

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15103da1-5996-4497-9ec1-6bf49292c35c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9708
x-amzn-requestid: 08ff92c4-61ac-490e-9c5b-0c3e97abb6fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bBpBDGjPoAMFV8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6363bba0-7a0b97ea587f036e33c43e5f;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 13:01:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: B-VFR3675yhlwYVLgxGl9621BEfaTzCwdxglY0z07efK3bJ1cCzGqA==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 04:57:42 GMT
age: 64860
etag: "b96ef6b0060b6dd83475728986ff333faf35c4b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.takeover.live/

104.21.8.74

302 Found

0 B

URL HTTP/2
www.takeover.live/
IP
104.21.8.74:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.takeover.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Sat, 12 Nov 2022 22:58:34 GMT
content-type: text/html; charset=UTF-8
location: https://www.takeover.live/ar
access-control-allow-origin: *
cache-control: no-cache, private
set-cookie: mycn_session=eyJpdiI6IlFQRm10dCtpM0cweHB1eHRuRnJzalE9PSIsInZhbHVlIjoic3QvcjZ6RXRYc3RCaU5uR1pMdW9nL1VuS2ZlTmdCVXNpTUkyRGtkdzZlaVh3WEZHdTd4dVVvcFZueWdha0lTVkxSbG9Yd2FrSmYvbUFjQksyUG9vSVpLcXpFREY3Wnk4cWZtTjR1bkI3clBFVWkyK25xb0VCRXVZQlFva2x3YnEiLCJtYWMiOiIyODg0N2QyZDVmMjk5YzFlMTA0NjkxOWVkOWZlMjU4ODIxZDU3ODk1MTJlNGYxMWMxYTU2MGFjMWUwOTNkNGVmIiwidGFnIjoiIn0%3D; expires=Sun, 13 Nov 2022 00:58:34 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjM2FtDeNI7A28bcQkuIGeK0mnCcRuoTzCpEScqNUdRWsiIDkkExEXGplY2kLIEgXa9zfOzL%2FBFMOu1VXrcB3zm6c3qEacwA0doVOX3%2FM7C6QdrZUxe2MbCgFI1KJibtfBIbnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7692df8259d7b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mycn.io/Uploads/Users/store-designs/2022/09/image_16629804291992157327.png

104.26.11.103

302 Found

0 B

URL HTTP/2
mycn.io/Uploads/Users/store-designs/2022/09/image_16629804291992157327.png
IP
104.26.11.103:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Uploads/Users/store-designs/2022/09/image_16629804291992157327.png HTTP/1.1
Host: mycn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Sat, 12 Nov 2022 22:58:35 GMT
content-type: text/html; charset=UTF-8
location: https://mycn.io/ar/Uploads/Users/store-designs/2022/09/image_16629804291992157327.png
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
vary: Accept-Language,Accept-Encoding,User-Agent
cache-control: no-cache, private
cf-cache-status: BYPASS
set-cookie: mycn_session=eyJpdiI6IjUxeFNiWGNDYUlHN1JiaHVoR1VSVXc9PSIsInZhbHVlIjoiZGUxand5UjZ0TzQzUUFKZFRtN3QxeTlLdkRaYXNta2lYUG5aWjhtb0ViZVBibUxwY1JYR3JxWE5IaFVpMXBwcEtPbHZ2M042cTdaY05PUTRaMzErNXlBb0N6RGg4d0puSWFEbXRWZW5GUTNacWoxM3U0aitSSEFxSktvZFlnZ3UiLCJtYWMiOiJlNGQ2MzFlZmUwMTI5MTY4Zjc3YjIyODUxY2I0ZWZmYjUxZjUzNmFjNzZkOGU3M2NlMWMyNDJiZGMzNTYwMGMyIiwidGFnIjoiIn0%3D; expires=Sun, 13 Nov 2022 00:58:35 GMT; Max-Age=7200; path=/; httponly; samesite=lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TT0jAerE8dWnQUbiQywq%2B7hFZk5num3jDQGbfFdclLNM5vAi8ZoRFjzPx6Z7DBiIC68eZXAOVVPPVZZn%2BKdpx0hrO3YB9l1QworaIKXvXuTIwgxaRMnlq0w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7692df8e0ca9b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Almarai:wght@400;700&display=swap?v=0.23

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Almarai:wght@400;700&display=swap?v=0.23
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Almarai:wght@400;700&display=swap?v=0.23 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Nov 2022 22:58:35 GMT
date: Sat, 12 Nov 2022 22:58:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

mycn.io/Uploads/Users/store-logo/2022/09/image_1662882811509775908.jfif

104.26.11.103

302 Found

0 B

URL HTTP/2
mycn.io/Uploads/Users/store-logo/2022/09/image_1662882811509775908.jfif
IP
104.26.11.103:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Uploads/Users/store-logo/2022/09/image_1662882811509775908.jfif HTTP/1.1
Host: mycn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.takeover.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Sat, 12 Nov 2022 22:58:35 GMT
content-type: text/html; charset=UTF-8
location: https://mycn.io/ar/Uploads/Users/store-logo/2022/09/image_1662882811509775908.jfif
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
vary: Accept-Language,Accept-Encoding,User-Agent
cache-control: no-cache, private
set-cookie: mycn_session=eyJpdiI6InVnZVd0eE9yN3M0QzVkczFJbmJSbEE9PSIsInZhbHVlIjoidGRHY0xBcm82TCtwdGJpRlBzZmhGKzY4c3U2ZGtFSGF0YWJCMDNpYlBEMDJIS0VmUXpCenRNWmNSOFRYeVgvblBLaEt2V2oxaHBLZmgvTXNDNmMrZTh2ZkdIUndvVHJMM1lNVW1oSDZJa0UyRzRJbWh5NmlWcUFhR2JRQlNxL0ciLCJtYWMiOiI3MzhlNTQ5Zjc0ZGQzNGJlNWYzZjI3NDQyOTA1MmYyZDc0YzU5YTJmNjJiZDY1NDRlNDk1YmM3YjM5ZmEzYWRiIiwidGFnIjoiIn0%3D; expires=Sun, 13 Nov 2022 00:58:35 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsfqcsdLEAJ5Xz%2BvGQmLO9KYLBYO8Yeg6B%2BVBMQkKa5fYMueiQqIXYk2Qhri0v9%2FKq%2BLnKK2clkWy6u1uWTsyjn8miEY%2BXq6Yx0kr2oWaqme525%2BBdeJ0JE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7692df8e0ca7b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mycn.io/ar/Uploads/Users/store-logo/2022/09/image_1662882811509775908.jfif

104.26.11.103

200 OK

0 B

URL HTTP/2
mycn.io/ar/Uploads/Users/store-logo/2022/09/image_1662882811509775908.jfif
IP
104.26.11.103:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ar/Uploads/Users/store-logo/2022/09/image_1662882811509775908.jfif HTTP/1.1
Host: mycn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.takeover.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:58:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
cache-control: no-cache, private
set-cookie: mycn_session=eyJpdiI6IkoyeEQ5K1JMUlZUUXhZRTRKN2hwdkE9PSIsInZhbHVlIjoiczRpV1NLSllEZjdJU21ya0JlVWQ3RzRST0pIZWhoSWJZZU9pZXlHVy9yQXZFSFhsVGR4cDRZWDN1eVAzeGR2K29wQWFwdTIrWVF6VCtNeVQ2VytzZm4yYk4wa1k5bDNWTitLZVRmK1VaM3lTMXJSOFNjTU5BU2xPcEw1T3RPYXQiLCJtYWMiOiIxZWJjZDFkZmM1YzdkMTc0NTQ2MzU2YzFhNjMzNTljM2E2N2JmMWIxZDFjZjViMGFkOTUwNjdmNDVjYzA4ZDhiIiwidGFnIjoiIn0%3D; expires=Sun, 13 Nov 2022 00:58:36 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CG3c0zaGauGU2rOVeePXPzGFz2WMQbjJIcjWHpVZ6BYQLEzIztlyuvSz1EXAZsnjOnZlfjRCfKwHqJYiZjBRGIQzyGuQGbXxQnvgAb%2FFX2%2BJE0F0kR9QKSc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7692df8efd9eb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations