Report - lindasdailylivingskills.com/

Report Overview

Submitted URL
lindasdailylivingskills.com/
IP
95.217.135.78
ASN
#24940 Hetzner Online GmbH
Submitted
2023-01-12 08:44:37
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	737 B	93.184.220.29
partner.googleadservices.com	798	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	496 B	918 B	216.58.207.226
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
ww1.lindasdailylivingskills.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	10 kB	75.2.61.216
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	216.58.211.3
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.83.22.170
d1lxhc4jvstzrp.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	441 B	12 kB	54.230.245.141
lindasdailylivingskills.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	284 B	95.217.135.78
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	112 kB	216.58.211.4
d38psrni17bvxu.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	12 kB	54.230.245.138
afs.googleusercontent.com	12123	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	885 B	2.3 kB	142.250.74.97
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-12	medium	lindasdailylivingskills.com/	Malware
2023-01-12	medium	ww1.lindasdailylivingskills.com/	Malware
2023-01-12	medium	ww1.lindasdailylivingskills.com/ls.php	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	ww1.lindasdailylivingskills.com/	71 B	2023-03-08	2024-01-04
Pretty URL ww1.lindasdailylivingskills.com/ IP 75.2.61.216 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:23:53 Last Seen2024-01-04 08:38:22 Times Seen25410 Hash 1a5a5e1b6a26f57b95e3dd42f60612f4 b62a27e55a59b49084e682bd3c1588f6a40881ab 4066da16910907c7962da8e7011bf0cd62b6f2dcddb1911e3ea2de03ce3e1dc7 Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=ww1.lindasdailylivingskills.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie	394 B	2023-03-12	2023-03-12
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=ww1.lindasdailylivingskills.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie IP 216.58.207.226 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:12:23 Last Seen2023-03-12 21:12:23 Times Seen1 Hash 7c7c139edb6c980f06742779eb331d96 671821c3037b6b3b62a0074c6ba760089d3f633d 8b00c496af8bf9d533c77c7a883d88d22c476376730d7dc764f3ac8993d9538f Loading...

	ww1.lindasdailylivingskills.com/	245 B	2023-03-12	2023-03-12
Pretty URL ww1.lindasdailylivingskills.com/ IP 75.2.61.216 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:12:23 Last Seen2023-03-12 21:12:23 Times Seen1 Hash 8dbba4c9c5f9c83070784b40c06e6099 c1cca4eca622ac2298012f9cc51c1993cdf25c22 19d5a2179cc105edf2077dad8838e75f691f59e476659baaa395fb696ad10e98 Loading...

	ww1.lindasdailylivingskills.com/	7.0 kB	2023-03-12	2023-03-13
Pretty URL ww1.lindasdailylivingskills.com/ IP 75.2.61.216 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:07:17 Last Seen2023-03-13 06:10:22 Times Seen1 Hash 087f7c086868890d34f85e4a2c8608c4 dbe4012808ffe48d894793f46518c1cc2de7fb29 f35f5d7e129dc87bbd6d5fa65bbd568e37955c10c9a257a940057808141fcd2a Loading...

	ww1.lindasdailylivingskills.com/	1.2 kB	2023-03-12	2023-03-12
Pretty URL ww1.lindasdailylivingskills.com/ IP 75.2.61.216 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:12:23 Last Seen2023-03-12 21:12:23 Times Seen1 Hash 2a6fd4b8d4aeef593b88ae1daf3e6fdb 88f840dd9d3d045b2c8d4bd3e446769e4fc675d8 dcc2145ac0ebda6d93b323aa4d885bf13cb5dfcee8ae33c5c48ea9077ba0af09 Loading...

	www.google.com/adsense/domains/caf.js	147 kB	2023-03-12	2023-03-12
Pretty URL www.google.com/adsense/domains/caf.js IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:32:19 Last Seen2023-03-12 21:21:57 Times Seen1 Hash 5ed2450c9aaceff97098d4c17a3cd1aa 32794256f6315e47b6fe20d510fb6172439f291c 1d3cdcc74e5a2a76034dead4d932b2ead039f0fd6edf4030833af3954b7b7639 Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-03-12	2023-03-13
Pretty URL www.google.com/adsense/domains/caf.js IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:32:47 Last Seen2023-03-13 02:33:03 Times Seen1 Hash 38cb20b15f192b10e57fa80c25607f5e cd49a66145a82792a5d6d66afd344ffcbd14f199 6b7f9c3753052974e73d137fc592fc585894de03d258e36e1602b63cca6fd513 Loading...

	ww1.lindasdailylivingskills.com/	968 B	2023-03-08	2024-04-19
Pretty URL ww1.lindasdailylivingskills.com/ IP 75.2.61.216 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:24:08 Last Seen2024-04-19 15:56:40 Times Seen27678 Hash c77554570ae0fa8e4fb31747dc213058 e989fbde07e6a68975c7a31e1d4df76afd90b96f c3f831fe1717c6d76a8950ac5e7dc88ceee7440d079b11584be5c6c5b3269e77 Loading...

	ww1.lindasdailylivingskills.com/	40 B	2023-03-08	2023-05-23
Pretty URL ww1.lindasdailylivingskills.com/ IP 75.2.61.216 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:24:08 Last Seen2023-05-23 17:14:04 Times Seen4695 Hash bbf1d9896eb3544c767d965a657e142c 5df55c7669b87f414501ffc91de02e4756141a83 f73cb6aef53ef853b780335ddf7d4cb319edcf02c8c050f270639a91226a09bc Loading...

	www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket103&client=dp-teaminternet09_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2651012708261368&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r3%7Cs&nocache=3771673513052693&num=0&output=afd_ads&domain_name=ww1.lindasdailylivingskills.com&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1673513052695&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=840&frm=0&cl=500700135&uio=--&cont=tc&jsid=caf&jsv=500700135&rurl=http%3A%2F%2Fww1.lindasdailylivingskills.com%2F&adbw=master-1%3A530	5.3 kB	2023-03-12	2023-03-12
Pretty URL www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket103&client=dp-teaminternet09_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2651012708261368&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r3%7Cs&nocache=3771673513052693&num=0&output=afd_ads&domain_name=ww1.lindasdailylivingskills.com&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1673513052695&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=840&frm=0&cl=500700135&uio=--&cont=tc&jsid=caf&jsv=500700135&rurl=http%3A%2F%2Fww1.lindasdailylivingskills.com%2F&adbw=master-1%3A530 IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:12:23 Last Seen2023-03-12 21:12:23 Times Seen1 Hash 23ec1152bfe2fcff4e374b2b4825195b fcf69e1fe2493098d29c904f9faaa1bc96ccc71e b368a0d2f8e12351fd11ee2a277d2118c249bd9ca391dde5fbc8a43964c83319 Loading...

	ww1.lindasdailylivingskills.com/	65 B	2023-03-12	2023-11-16
Pretty URL ww1.lindasdailylivingskills.com/ IP 75.2.61.216 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:12:23 Last Seen2023-11-16 05:43:28 Times Seen8 Hash 9448c2522b85f322f84771788d49a1cf f16f135c5c0f57320c853fc0193b486ecc803f91 1b039806ed4f4e9e18d94e2c0dd013c99fa019ac23653bddafadacf38519e72c Loading...

	ww1.lindasdailylivingskills.com/	325 B	2023-03-12	2023-03-13
Pretty URL ww1.lindasdailylivingskills.com/ IP 75.2.61.216 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:56:36 Last Seen2023-03-13 06:13:29 Times Seen1 Hash 9359f4a6defa35f5c0096dbe324d0480 f76fd7235504d9494da4c14012ca0236d94149cd f49ddc9ffd4db2a85d906a9e0d7710f7e9bc0822a14909a47adfdd377f540059 Loading...

	ww1.lindasdailylivingskills.com/	2.5 kB	2023-03-12	2023-03-12
Pretty URL ww1.lindasdailylivingskills.com/ IP 75.2.61.216 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:12:23 Last Seen2023-03-12 21:12:23 Times Seen1 Hash c5ef3723a4e890c424fb3ab9f5f5395d d4ace5ecf7b5651954767bab5f9d595dae024687 75522e7792f7bb9308583a1141b84139950f2339f4fc81a66f8beaeeb3bfe949 Loading...

	ww1.lindasdailylivingskills.com/	386 B	2023-03-07	2023-03-17
Pretty URL ww1.lindasdailylivingskills.com/ IP 75.2.61.216 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:44:55 Last Seen2023-03-17 23:32:26 Times Seen1 Hash e0f461f5e786de00532cae23265f8fa7 00aeec0405f209f8e537dfce729fb7970d332c70 6cf19b1406d2f42b163e5a58b451e5e5f1c31f46e9bd30edd8a1b7ee643f987b Loading...

	ww1.lindasdailylivingskills.com/	824 B	2023-03-12	2023-03-12
Pretty URL ww1.lindasdailylivingskills.com/ IP 75.2.61.216 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:12:23 Last Seen2023-03-12 21:12:23 Times Seen1 Hash 4de1b5f5f64cf57dac8ba445aa1b9b6b acc416cc6481794eb183d6bc7779d2ddf0f3c9c2 814056ce1346e00d43dafe7a30d6a24444133e462297a9c3c72a39a01345b284 Loading...

	ww1.lindasdailylivingskills.com/	29 B	2023-03-12	2024-01-03
Pretty URL ww1.lindasdailylivingskills.com/ IP 75.2.61.216 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:56:36 Last Seen2024-01-03 12:53:29 Times Seen10974 Hash 5405126a58d646a09ad6d154c5d3a335 9e64f2a4ee55fef112fbd9654e76e8eabb751e28 76229fdaf8e9553878811c30cf5305bd2dab82248d0054d3fb2e760b35f32154 Loading...

	ww1.lindasdailylivingskills.com/	110 B	2023-03-12	2023-03-13
Pretty URL ww1.lindasdailylivingskills.com/ IP 75.2.61.216 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:56:36 Last Seen2023-03-13 06:13:29 Times Seen1 Hash 8867a43e960d3ea932eb42d9feeea0e2 aa8f9ab0e8106b2ed1c59c22d4a824575be32568 f33e7f65dc8689fa578ec9a08a20116025584e90503c0117055d81567f3710af Loading...

HTTP Transactions (39)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4826412809ac0196f13ac1ef44e357e5
793c81d2f90cfaa245dc89fc7a6090cbee846b26
11be07342f3aa4e059ddc3149337895d55bc71e30ad045dc72e4cca4be4c6951

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11BE07342F3AA4E059DDC3149337895D55BC71E30AD045DC72E4CCA4BE4C6951"
Last-Modified: Wed, 11 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12859
Expires: Thu, 12 Jan 2023 12:18:45 GMT
Date: Thu, 12 Jan 2023 08:44:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e6b7a72139d0ef7688330456e9be9a4c
e130a94e7d531768300071764dd1e81fee5bbbcb
d3818afd1493030105341b4cfb91037acbf27085c96068b3ef91c5071277c8e5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3818AFD1493030105341B4CFB91037ACBF27085C96068B3EF91C5071277C8E5"
Last-Modified: Mon, 09 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9603
Expires: Thu, 12 Jan 2023 11:24:29 GMT
Date: Thu, 12 Jan 2023 08:44:26 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 12 Jan 2023 08:41:50 GMT
content-type: application/json
age: 157
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

lindasdailylivingskills.com/

95.217.135.78

302 Found

0 B

URL HTTP/1.1
lindasdailylivingskills.com/
IP
95.217.135.78:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: lindasdailylivingskills.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: openresty
Date: Thu, 12 Jan 2023 08:42:32 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://ww1.lindasdailylivingskills.com/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
718fc486cd6a70fcacc1653759703fae
bf60ba7a37d2deef1b7000e91cc88da586bb75ca
398d02e16da466ffe87b64ac34b007615951cca14d43610b4acd58bc2a5fadff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "398D02E16DA466FFE87B64AC34B007615951CCA14D43610B4ACD58BC2A5FADFF"
Last-Modified: Tue, 10 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13008
Expires: Thu, 12 Jan 2023 12:21:15 GMT
Date: Thu, 12 Jan 2023 08:44:27 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: FPZM1GFrGWbQHkveh7SmnoO1ZbNMyyO8MLsq274hJoFkpdYnz8PH9VzHL7zu2WAtk+WPM9/KByw=
x-amz-request-id: 6RWYE6VTDXXABRFN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 12 Jan 2023 08:17:22 GMT
age: 1625
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jan 2023 08:44:27 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ww1.lindasdailylivingskills.com/

75.2.61.216

200 OK

7.7 kB

URL HTTP/1.1
ww1.lindasdailylivingskills.com/
IP
75.2.61.216:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2334)
Size
7.7 kB (7694 bytes)
Hash
7a144e279f2038e9378fc982b978e01a
3cc7d65e0c58a3ba44937e023799a9774d3109cc
d7680e1c0f561c02ab988b3cab8b17f514d5ceb2f4b961bcf9183ed1a039d76f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: ww1.lindasdailylivingskills.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 08:44:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_JDZMx9zReC/Ulbh3O8xdIZEgnsXk83d0iWUKfSsXSFyOlG9b1mRVup6Qem8LXQNM7pe1AwC5OC5TXINtyy3HUA==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip

www.google.com/adsense/domains/caf.js

216.58.211.4

200 OK

54 kB

URL HTTP/1.1
www.google.com/adsense/domains/caf.js
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1885)
Size
54 kB (53625 bytes)
Hash
3944705fb107f65d6eb0221717075575
6d8cb65898204ae395e4ac852e7c3db126522107
85c0c3b88b59a556847436f4cc496a14f3d60e41375274c284b897a20b67d336

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lindasdailylivingskills.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Thu, 12 Jan 2023 08:44:27 GMT
Expires: Thu, 12 Jan 2023 08:44:27 GMT
Cache-Control: private, max-age=3600
ETag: "10630543644207490439"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 12 Jan 2023 08:33:45 GMT
age: 642
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ww1.lindasdailylivingskills.com/track.php?domain=lindasdailylivingskills.com&toggle=browserjs&uid=MTY3MzUxMzA2Ny4yNzQ3OmZhZDk0MWNmYzMxNzdhYzA5N2ExYWU2OWM0ZTc5ZTNlYTI2MDAyZmQyMTUwYzNjYmQxYTY0ZWE0NzY2ZjA1ZTk6NjNiZmM4NmI0MzEwMg%3D%3D

75.2.61.216

200 OK

20 B

URL HTTP/1.1
ww1.lindasdailylivingskills.com/track.php?domain=lindasdailylivingskills.com&toggle=browserjs&uid=MTY3MzUxMzA2Ny4yNzQ3OmZhZDk0MWNmYzMxNzdhYzA5N2ExYWU2OWM0ZTc5ZTNlYTI2MDAyZmQyMTUwYzNjYmQxYTY0ZWE0NzY2ZjA1ZTk6NjNiZmM4NmI0MzEwMg%3D%3D
IP
75.2.61.216:0
ASN
#16509 AMAZON-02

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /track.php?domain=lindasdailylivingskills.com&toggle=browserjs&uid=MTY3MzUxMzA2Ny4yNzQ3OmZhZDk0MWNmYzMxNzdhYzA5N2ExYWU2OWM0ZTc5ZTNlYTI2MDAyZmQyMTUwYzNjYmQxYTY0ZWE0NzY2ZjA1ZTk6NjNiZmM4NmI0MzEwMg%3D%3D HTTP/1.1
Host: ww1.lindasdailylivingskills.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lindasdailylivingskills.com/

HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 08:44:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
418cc0013b870a3e893a890d6962312b
837c5288a29dd6d9a5c418e34d635100e9f206d8
f97954804b50167f137f2fd67fe3a95efe35b4b7dc75d64f22a996388f78d792

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 08:44:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ce604e6f88a42844a4ec7d404879bdcf
d462a2a194a67d39d091ff49c4435fdfc39b3e5b
9e0222bcc67f019bb5c61657fc921fc42aa0cd7a75f6b1358d05231c53cc26e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1812
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 08:44:27 GMT
Last-Modified: Thu, 12 Jan 2023 08:14:15 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png

54.230.245.138

200 OK

11 kB

URL HTTP/1.1
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
IP
54.230.245.138:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11375 bytes)
Hash
0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865

HTTP Headers

GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lindasdailylivingskills.com/

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11375
Connection: keep-alive
Server: nginx
Date: Thu, 12 Jan 2023 02:14:54 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Accept-Ranges: bytes
ETag: "62b4441b-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aiwIEuRq1MB7Lvu2lLxz1C_4c9jKi4saYSFHJ5YIxr4LkdxYrUZc6Q==
Age: 23373

ww1.lindasdailylivingskills.com/ls.php

75.2.61.216

201 Created

0 B

URL HTTP/1.1
ww1.lindasdailylivingskills.com/ls.php
IP
75.2.61.216:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /ls.php HTTP/1.1
Host: ww1.lindasdailylivingskills.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 2286
Origin: http://ww1.lindasdailylivingskills.com
Connection: keep-alive
Referer: http://ww1.lindasdailylivingskills.com/

HTTP/1.1 201 Created
Date: Thu, 12 Jan 2023 08:44:27 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 63bfc86b8966c57ca80378bb
Charset: utf-8
Access-Control-Allow-Origin: http://ww1.lindasdailylivingskills.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_X/NkFdfnmhzG1HLDF6YTBGVFUYatxe+14cw/IbnJnQbZHd13m7nMmRijR7RAqMaNR310bIcIfkNBd5yimG5XRw==

d1lxhc4jvstzrp.cloudfront.net/themes/registrar/images/logo_moniker.svg

54.230.245.141

200 OK

12 kB

URL HTTP/2
d1lxhc4jvstzrp.cloudfront.net/themes/registrar/images/logo_moniker.svg
IP
54.230.245.141:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (3789)
Size
12 kB (11555 bytes)
Hash
cf0c8176b74f40624b95379024280560
a81363c5ad85633fef767b2c2c7ea545d2790c75
d1dbb42f294606ca04e3ace0b9f6e9afe78ba963c05eba4ce5b00ed6363d39b0

HTTP Headers

GET /themes/registrar/images/logo_moniker.svg HTTP/1.1
Host: d1lxhc4jvstzrp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.lindasdailylivingskills.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 11555
server: nginx
date: Thu, 12 Jan 2023 01:07:00 GMT
last-modified: Fri, 09 Jul 2021 12:37:58 GMT
etag: "60e84326-2d23"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KwEU8be-7nk5mhg2LlQu97bHPtsaNPVrZeV6RrZkepWuiHIfCpDW7w==
age: 27447
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ad71010601a2d18af1934ce0c83eae00
b12189e563105c3b1322d2e28d56f23c33b7ba9e
0e1a974e3c4952d8be4767fc24f01a8fdffc7eb4271b45f094baf9bf2ff4aaf5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 08:44:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

partner.googleadservices.com/gampad/cookie.js?domain=ww1.lindasdailylivingskills.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie

216.58.207.226

200 OK

255 B

URL HTTP/2
partner.googleadservices.com/gampad/cookie.js?domain=ww1.lindasdailylivingskills.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
IP
216.58.207.226:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (394), with no line terminators
Size
255 B (255 bytes)
Hash
4f7c7c121f203a72b3cfc1a7f720fea0
fdfce0c11606c19902efe4f238dbf669bd07b3c7
101bdf4b4da8d5009b8da2573b9bba184b90dd23d10fc7cd524d7c7175615b9c

HTTP Headers

GET /gampad/cookie.js?domain=ww1.lindasdailylivingskills.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.lindasdailylivingskills.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 12 Jan 2023 08:44:27 GMT
server: cafe
cache-control: private
content-length: 255
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket103&client=dp-teaminternet09_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2651012708261368&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r3%7Cs&nocache=3771673513052693&num=0&output=afd_ads&domain_name=ww1.lindasdailylivingskills.com&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1673513052695&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=840&frm=0&cl=500700135&uio=--&cont=tc&jsid=caf&jsv=500700135&rurl=http%3A%2F%2Fww1.lindasdailylivingskills.com%2F&adbw=master-1%3A530

216.58.211.4

200 OK

2.0 kB

URL HTTP/2
www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket103&client=dp-teaminternet09_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2651012708261368&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r3%7Cs&nocache=3771673513052693&num=0&output=afd_ads&domain_name=ww1.lindasdailylivingskills.com&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1673513052695&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=840&frm=0&cl=500700135&uio=--&cont=tc&jsid=caf&jsv=500700135&rurl=http%3A%2F%2Fww1.lindasdailylivingskills.com%2F&adbw=master-1%3A530
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5169)
Size
2.0 kB (1968 bytes)
Hash
11c6842222629031fe677b9b1689519f
5d67bd43a60bd8c7d522cd3437607ab115d5804f
968e56301eebf12c6f97e5fdfd44ba53a977bec0731457798f11264b9af66fe1

HTTP Headers

GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket103&client=dp-teaminternet09_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2651012708261368&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r3%7Cs&nocache=3771673513052693&num=0&output=afd_ads&domain_name=ww1.lindasdailylivingskills.com&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1673513052695&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=840&frm=0&cl=500700135&uio=--&cont=tc&jsid=caf&jsv=500700135&rurl=http%3A%2F%2Fww1.lindasdailylivingskills.com%2F&adbw=master-1%3A530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.lindasdailylivingskills.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Thu, 12 Jan 2023 08:44:27 GMT
expires: Thu, 12 Jan 2023 08:44:27 GMT
cache-control: private, max-age=3600
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 1968
x-xss-protection: 0
set-cookie: NID=511=svtf0amOwjT9l-TC_3DZypkdt77bdg05CBeuN95sYMQafyitbKM0PCjXUuTBTiEBkt6C3wR8BePkAqAgPeWYcfC0k3uO4glm5LlGf4RcSM4WVwZ-foR1ionkDavMpPbdN-AwknqFcVG84fIwNJc5hfC0b3MiGmnuEuwqQkudcBk; expires=Fri, 14-Jul-2023 08:44:27 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+206; expires=Sat, 11-Jan-2025 08:44:27 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ad71010601a2d18af1934ce0c83eae00
b12189e563105c3b1322d2e28d56f23c33b7ba9e
0e1a974e3c4952d8be4767fc24f01a8fdffc7eb4271b45f094baf9bf2ff4aaf5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 08:44:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
369a4ab78242abec248f6b88008a1399
4375b764b0924e68be4cd510f47a82be045576b1
964e5a697a13aebd30c22e520ff45ec6a8de1286913d2fde1edd88f57c9bf47c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 08:44:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ww1.lindasdailylivingskills.com/favicon.ico

75.2.61.216

200 OK

0 B

URL HTTP/1.1
ww1.lindasdailylivingskills.com/favicon.ico
IP
75.2.61.216:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ww1.lindasdailylivingskills.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lindasdailylivingskills.com/

HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 08:44:27 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes

www.google.com/adsense/domains/caf.js

216.58.211.4

200 OK

54 kB

URL HTTP/2
www.google.com/adsense/domains/caf.js
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
data
Size
54 kB (53990 bytes)
Hash
080384991224b23327930294cf68e2c4
1dbd4560b8d2cc4be3ad6286e11db934cfdb01ac
ea8b439a5318671438970d4d82478447b2c2970cff26ba3279b183deb69a2420

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 12 Jan 2023 08:44:27 GMT
expires: Thu, 12 Jan 2023 08:44:27 GMT
cache-control: private, max-age=3600
etag: "13330010707271947461"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
80c8de752cfb422fee7d7aad10258981
208e1551bba6dbb5e5d14e75aff0853c68b03707
4712cff67caa77b51fe86dd2fe88b4931f41f9861f453938c9003bb7b539b885

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 08:44:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff

142.250.74.97

200 OK

270 B

URL HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Size
270 B (270 bytes)
Hash
5100391430a00e10ce60aa159f525b5c
231a4492d73b225f441b1e9028dc33c89862e498
52b1432a6e3002e41ed1d8f4c84b258fdc4c6dac863e3c0e5c06360c81be6067

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 14:45:09 GMT
expires: Thu, 12 Jan 2023 13:45:09 GMT
cache-control: public, max-age=82800
age: 64758
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

142.250.74.97

200 OK

174 B

URL HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
174 B (174 bytes)
Hash
4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 14:00:21 GMT
expires: Thu, 12 Jan 2023 13:00:21 GMT
cache-control: public, max-age=82800
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
age: 67446
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
80c8de752cfb422fee7d7aad10258981
208e1551bba6dbb5e5d14e75aff0853c68b03707
4712cff67caa77b51fe86dd2fe88b4931f41f9861f453938c9003bb7b539b885

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 08:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

35.83.22.170

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.83.22.170:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: O98Rmwzfd5gC4xw5rMjZtw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: t/jrhhUfulNX4KCog9tnhkGEKus=

ww1.lindasdailylivingskills.com/track.php?domain=lindasdailylivingskills.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3MzUxMzA2Ny4yNzQ3OmZhZDk0MWNmYzMxNzdhYzA5N2ExYWU2OWM0ZTc5ZTNlYTI2MDAyZmQyMTUwYzNjYmQxYTY0ZWE0NzY2ZjA1ZTk6NjNiZmM4NmI0MzEwMg%3D%3D

75.2.61.216

200 OK

20 B

URL HTTP/1.1
ww1.lindasdailylivingskills.com/track.php?domain=lindasdailylivingskills.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3MzUxMzA2Ny4yNzQ3OmZhZDk0MWNmYzMxNzdhYzA5N2ExYWU2OWM0ZTc5ZTNlYTI2MDAyZmQyMTUwYzNjYmQxYTY0ZWE0NzY2ZjA1ZTk6NjNiZmM4NmI0MzEwMg%3D%3D
IP
75.2.61.216:0
ASN
#16509 AMAZON-02

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /track.php?domain=lindasdailylivingskills.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3MzUxMzA2Ny4yNzQ3OmZhZDk0MWNmYzMxNzdhYzA5N2ExYWU2OWM0ZTc5ZTNlYTI2MDAyZmQyMTUwYzNjYmQxYTY0ZWE0NzY2ZjA1ZTk6NjNiZmM4NmI0MzEwMg%3D%3D HTTP/1.1
Host: ww1.lindasdailylivingskills.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lindasdailylivingskills.com/
Cookie: __gsas=ID=6f44efdfc2cf00a2:T=1673513067:S=ALNI_MYVS-BHWnLV7oEBK5JM6IoE7FPEEw

HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 08:44:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16724
Expires: Thu, 12 Jan 2023 13:23:13 GMT
Date: Thu, 12 Jan 2023 08:44:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16724
Expires: Thu, 12 Jan 2023 13:23:13 GMT
Date: Thu, 12 Jan 2023 08:44:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16724
Expires: Thu, 12 Jan 2023 13:23:13 GMT
Date: Thu, 12 Jan 2023 08:44:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16724
Expires: Thu, 12 Jan 2023 13:23:13 GMT
Date: Thu, 12 Jan 2023 08:44:29 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10579 bytes)
Hash
fb89a11a1dca9a2924adf7e3712c6405
a881a7d88f08035b9e045f2bf73a4d9fabc640a0
8a0c9f295dd30123847eaed0ba8d4e7c2c6dea8b9c645fc70cdcb4fa8c082ee4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10579
x-amzn-requestid: 8760acae-f770-45e2-9639-53967ef1cdb2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPDWET4oAMFo-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bae-153ebb3e4ec7d5045529ce0a;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5-mGrlwehnkK-hQz3CpzAe2OCuhLVy1HMcztugSsM7veOFCfYtwKsw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:52:33 GMT
age: 39116
etag: "a881a7d88f08035b9e045f2bf73a4d9fabc640a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2fd0e53-ba82-4c9e-80b5-a81462d60dcd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11115 bytes)
Hash
8356e95181dbd657fa14e3c502704f30
cf052aee06d74da968cd2c7bad46fef32b5f8456
bfb897dbf5136c95862408dd3051172f3a1ff8ffa07b299b62c733786087526b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2fd0e53-ba82-4c9e-80b5-a81462d60dcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11115
x-amzn-requestid: e939f491-63f1-41f1-b0cc-7b0468442bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPDBESsIAMFzxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bac-62dd2ab95dce70172b92d587;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bacPEr4bCKZt2d8F5c-QEh3_Wpo3da1Bdh0F6KCFOWa5PudMt_Bsnw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 22:14:57 GMT
age: 37772
etag: "cf052aee06d74da968cd2c7bad46fef32b5f8456"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3573ee52-2f26-4d59-9c6b-3058a2df51d2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9652 bytes)
Hash
e14b05e7ffee91a3d54c4bf971fd19ca
90c6426313c98d437ca66e6ba674ba11e419a9d8
9c7bb1fc835615913bb99f2291759893331529d02577dd8f6d3c7357b9ee704f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3573ee52-2f26-4d59-9c6b-3058a2df51d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9652
x-amzn-requestid: bc619a58-6d22-4bfb-aced-5e7fd4572e20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPNlFmyoAMFVMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bf0-10dc7a496df5d3971fe29eae;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:36:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KQqfZfteRI8MHPgg0OkHF4Ih45g_4BC7VkTLG9wM8sqPhqtgMitNOQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:52:32 GMT
age: 39117
etag: "90c6426313c98d437ca66e6ba674ba11e419a9d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fbbc90d-c4c5-45db-ac55-16077e5b0d1d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8689 bytes)
Hash
94f1c1490ac711097f5eef5e6adab49d
bb41e2958d267cc2d5b24457a6048f484c8cd429
94f854077e6008b97f63419a283f70327ebc8a05794a9dd9fa0518f0f5b00e14

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fbbc90d-c4c5-45db-ac55-16077e5b0d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8689
x-amzn-requestid: c88866a0-e22b-4f8c-b423-1d970ebde318
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: egZ9sHuuoAMFzvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bcd6bd-063dab1f2c6aaab03e5fdb9a;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 03:08:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vSPK9nuciu6p2onwRcWmi08wmS-9X5ze7QMalJh1jw-5sVQHp-SNEQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 04:45:35 GMT
age: 14334
etag: "bb41e2958d267cc2d5b24457a6048f484c8cd429"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd60a3a13-835c-4663-a77b-e6f12db97608.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.1 kB (4118 bytes)
Hash
49f4a4b1cbd9ec8af7c5e15d7c29c54b
5c8d4f2160f9b86072b2e2d91fa4b65dc1384493
a6aa855159b3988d9155a0ea5b387a504c0fc2180486ce967308522e0b7bf118

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd60a3a13-835c-4663-a77b-e6f12db97608.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4118
x-amzn-requestid: b5d86a67-dd01-4446-83f9-395efc85f56f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: egZ9qEbQoAMFrVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bcd6bd-657c4b995ea0618a3a92665e;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 03:08:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yLEny1AUeDcEYGggT83w4gr3LsEjX6SMHSknziZh-u1d4wHltxI5Qg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 03:59:36 GMT
age: 17093
etag: "5c8d4f2160f9b86072b2e2d91fa4b65dc1384493"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd511e402-775e-49af-87f1-40b071ae947e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9413 bytes)
Hash
cbf9979c9463fc2681e757256e9d028c
a45408076bf9fa5c6ec83c96a4c5680dc7be7da9
1d0d45cbbba75f0add27aae361e0dc31ce6e317ec62b23acf10db34b47f125e5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd511e402-775e-49af-87f1-40b071ae947e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9413
x-amzn-requestid: fb0125f5-e899-463d-ae4a-0a92945c1731
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPDYFKgIAMF7mQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2baf-080b963d391741252d9f67ee;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gyrxhGqUCH9JOcWSfuj0JAoNPBtI9YKeCrzqcq1kzl8RJts-Py0WsQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 22:12:48 GMT
age: 37901
etag: "a45408076bf9fa5c6ec83c96a4c5680dc7be7da9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations