| t.y1h1.com/visit/5d282e030142b6000661240f?type=lpkeyerror_type_1&srctrafficsource=redirect&srccampaign=0_autosmartlink_auto&srcpub=1962&srcoffer=smartlink_with_push_randompub&exid=1668938253-vurzlf | 104.26.3.157 | 301 Moved Permanently | 0 B |
URL HTTP/1.1t.y1h1.com/visit/5d282e030142b6000661240f?type=lpkeyerror_type_1&srctrafficsource=redirect&srccampaign=0_autosmartlink_auto&srcpub=1962&srcoffer=smartlink_with_push_randompub&exid=1668938253-vurzlf IP104.26.3.157:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /visit/5d282e030142b6000661240f?type=lpkeyerror_type_1&srctrafficsource=redirect&srccampaign=0_autosmartlink_auto&srcpub=1962&srcoffer=smartlink_with_push_randompub&exid=1668938253-vurzlf HTTP/1.1
Host: t.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 05:31:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 05 Dec 2022 06:31:15 GMT
Location: https://t.y1h1.com/visit/5d282e030142b6000661240f?type=lpkeyerror_type_1&srctrafficsource=redirect&srccampaign=0_autosmartlink_auto&srcpub=1962&srcoffer=smartlink_with_push_randompub&exid=1668938253-vurzlf
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Pn9KsseA8ili2oYtu0GFdEW9K48AGepPBGAukEI4FCpb7Q9RMaQqzucNBIH75Rmym63TwCUzkJP0%2FupBWBLNKchDtiLnTelH6c7QYqIEzQNz3v%2FMkvFe6TZ1FcO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774a64fb0fecb529-OSL
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashcfec3d7283a9b66d2be426ce54d210f3 808c1feb1ba918951d1928c1f6bfc0c253262774 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18523
Expires: Mon, 05 Dec 2022 10:39:58 GMT
Date: Mon, 05 Dec 2022 05:31:15 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashfb2c0697c6d9a96a5411dd2952947458 79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4 3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 584
Cache-Control: max-age=104986
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:15 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:41:01 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash1ea206ac3c440825741687351f8c6e4e 2f38dafd8c43dcce2411a0590bc5c02cd6286735 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4172
Expires: Mon, 05 Dec 2022 06:40:47 GMT
Date: Mon, 05 Dec 2022 05:31:15 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 05:20:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 662
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kFZMis4Hxfxl6Cf4r3kHNqknz5BOZadzHZFLvwTIZihVyT1ct3nYEVrLQdmfVSgU50xG7uNMhqk=
x-amz-request-id: V22FM4RCNDZ9KD6J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 04:47:16 GMT
age: 2639
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 05:31:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash67eaf80416802078cf20f6f8328ca0bb d9cbffdc1972eec762e18fb620e4efe5169be163 12c2cddb038dc58e56c84a521b6f17b66ec54427a738fb8a46a4d95ceec9abbd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:15 GMT
Server: ECS (amb/6B9C)
Content-Length: 279
|
|
| t.y1h1.com/visit/5d282e030142b6000661240f?type=lpkeyerror_type_1&srctrafficsource=redirect&srccampaign=0_autosmartlink_auto&srcpub=1962&srcoffer=smartlink_with_push_randompub&exid=1668938253-vurzlf | 104.26.2.157 | 200 OK | 279 B |
URL HTTP/2t.y1h1.com/visit/5d282e030142b6000661240f?type=lpkeyerror_type_1&srctrafficsource=redirect&srccampaign=0_autosmartlink_auto&srcpub=1962&srcoffer=smartlink_with_push_randompub&exid=1668938253-vurzlf IP104.26.2.157:0
File typeHTML document text\012- HTML document, ASCII text, with no line terminators Hashd69145d7ba650b1b97ccf0e0846c0978 9394813ec7cd8ca680b83bb4672afad3a0e36df4 aef4ad42f51d42b2e866d861312adff1a2a11b2ca8a10583015c21c45d562a6f
GET /visit/5d282e030142b6000661240f?type=lpkeyerror_type_1&srctrafficsource=redirect&srccampaign=0_autosmartlink_auto&srcpub=1962&srcoffer=smartlink_with_push_randompub&exid=1668938253-vurzlf HTTP/1.1
Host: t.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:31:15 GMT
content-length: 279
refresh: 0;URL=https://t.y1h1.com/visit/61e55f98081ec20007c7f606?exid=1670218275-DbTfDf&srcTrafficSource=Redirect&srcCampaign=0_Redirect_Auto&srcPub=%7Bsub1%7D&type=Cloak
set-cookie: vid=1670218275-DbTfDf; Path=/; Domain=y1h1.com; Max-Age=604800; Expires=Mon, 12 Dec 2022 05:31:15 GMT; Secure; HttpOnly; SameSite=None
lv_5d282e030142b6000661240f=1670218275-DbTfDf; Path=/; Domain=y1h1.com; Max-Age=3600; Expires=Mon, 05 Dec 2022 06:31:15 GMT; Secure; HttpOnly; SameSite=None
vn_5d282e030142b6000661240f=1; Path=/; Domain=y1h1.com; Max-Age=3600; Expires=Mon, 05 Dec 2022 06:31:15 GMT; Secure; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8ux0ff3DZHpl%2FOGAbqiZ6dODOrE8FCtEJo%2B0gd%2FZGsEBblDJPLHAaNBNsGxjFAxrAkRO%2BrvFNZ2fXwmydupFTfgpq4YhHqaxuUroWUSQyNzU912ZiJiOU%2BLUzLt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a64fe5bb01bfe-OSL
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 05:08:58 GMT
cache-control: public,max-age=3600
age: 1337
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| t.y1h1.com/visit/61e55f98081ec20007c7f606?exid=1670218275-DbTfDf&srcTrafficSource=Redirect&srcCampaign=0_Redirect_Auto&srcPub=%7Bsub1%7D&type=Cloak | 104.26.2.157 | 200 OK | 430 B |
URL HTTP/2t.y1h1.com/visit/61e55f98081ec20007c7f606?exid=1670218275-DbTfDf&srcTrafficSource=Redirect&srcCampaign=0_Redirect_Auto&srcPub=%7Bsub1%7D&type=Cloak IP104.26.2.157:0
File typeHTML document text\012- HTML document, ASCII text, with very long lines (430), with no line terminators Hashcdbd05ad387a08cba93696a9806de24b d63fe0a84c2c44a2b55b7d8a4047cccc3b81b887 b48b9b95d694de2b8b2e2ebe1a562685b2fdb718e8a32efb827be19106e84089
GET /visit/61e55f98081ec20007c7f606?exid=1670218275-DbTfDf&srcTrafficSource=Redirect&srcCampaign=0_Redirect_Auto&srcPub=%7Bsub1%7D&type=Cloak HTTP/1.1
Host: t.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: vid=1670218275-DbTfDf; lv_5d282e030142b6000661240f=1670218275-DbTfDf; vn_5d282e030142b6000661240f=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:31:15 GMT
content-length: 430
refresh: 0;URL=https://magic3881.goggle.vip/commons/ww/magicbtn1/index_en-us.php?vid=1670218275-iSWogb&utm_medium=%7Bsub1%7D&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_With_Push_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=169670b221d888c575&ck=2
set-cookie: vid=1670218275-iSWogb; Path=/; Domain=y1h1.com; Max-Age=604800; Expires=Mon, 12 Dec 2022 05:31:15 GMT; Secure; HttpOnly; SameSite=None
lv_61e55f98081ec20007c7f606=1670218275-iSWogb; Path=/; Domain=y1h1.com; Max-Age=3600; Expires=Mon, 05 Dec 2022 06:31:15 GMT; Secure; HttpOnly; SameSite=None
vn_61e55f98081ec20007c7f606=1; Path=/; Domain=y1h1.com; Max-Age=3600; Expires=Mon, 05 Dec 2022 06:31:15 GMT; Secure; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40KMfhGRDkE4eq5zoWFZqlRstB%2BYHGEYYkB4OzixICV0YIP5biTyr%2FD6m1gCrimC9GPiduR7J61e4bij8%2BxkegB4p6rboVwhBw%2BRkj1i%2BpYckaoHcZ36x8j5i9gZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a64ffcc421bfe-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash31b129c94a90b1e695b21395cb54e378 a3cae46b48d469cc61ab0581303bcd5f5b654db9 fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 539
Cache-Control: max-age=99874
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:16 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:15:50 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashdb3a7a835850d29f73d539bca13fbf71 73ac03148286bef3e4b7eae537a0fe79991a7a7a a9be93a07d46c2a66f335d712ddefec393b6cae451238e78c9dab1e259aff2eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=161597
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:16 GMT
Etag: "638d5661-118"
Expires: Wed, 07 Dec 2022 02:24:33 GMT
Last-Modified: Mon, 05 Dec 2022 02:24:33 GMT
Server: nginx
Content-Length: 280
|
|
| push.services.mozilla.com/ | 44.240.159.184 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP44.240.159.184:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iqPggkLk+gtseYh2DACA2g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BsH+/agoIwCFRQwmH5OfR2ekHhw=
|
|
| rs.y1h1.com/recaptcha.css | 104.26.2.157 | 200 OK | 28 B |
URL HTTP/2rs.y1h1.com/recaptcha.css IP104.26.2.157:0
File typeASCII text, with no line terminators Hash8f48e083a831bd16da0aada175478aaa df342632e700b5453c189d3129a1e7c5a27598c6 ec8e585ab06e164d11e99adcf9b18d3074de0ece7c922fc6cc99d86fad4d9ea7
GET /recaptcha.css HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:31:16 GMT
content-type: text/css
content-length: 28
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=31
etag: "5dc0edfb-1f"
expires: Mon, 05 Dec 2022 17:28:35 GMT
last-modified: Tue, 05 Nov 2019 03:35:23 GMT
cf-cache-status: HIT
age: 161
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g72l0biHCZQfzdh5E1%2F17MU0zG8MZHD7Tz01Y6BGhxloLA5z6GKZ9qSdNdc9EnBlDI03Anwl751wTt79pXfBSuT4MTpIpBSwq1%2BITQefUgsqbfYdbGnD5C1ocxn0fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a65043c24b4f7-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash2e388f1ab4ec88104f57cf23944ee684 39178c45ed645709cc388d5790b1b58a3272a62f e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/recaptcha/api.js?render=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y | 216.58.211.4 | 200 OK | 584 B |
URL HTTP/2www.google.com/recaptcha/api.js?render=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y IP216.58.211.4:0
File typeASCII text, with very long lines (884), with no line terminators Hash62c89ebf7cba36af8481f17c85946e3c a77ddfb4fe4693b13f7b3706682702612f5d4a71 52c384765209e563f5f92173aae019176cefd21cbabfc6f4e6c01c756775d387
GET /recaptcha/api.js?render=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 05 Dec 2022 05:31:16 GMT
date: Mon, 05 Dec 2022 05:31:16 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash5f16a534222e5749ef240d413826c2f6 11683d84d420dd6f919425094edb8961278f7fed 691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash8ead0ac4ce19cef2471bae0458759d89 af02fd3fcd2e10cfa2458407c0c2e59a43e18517 507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagmanager.com/gtag/js?id=G-37GE99Q100 | 142.250.74.168 | 200 OK | 76 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=G-37GE99Q100 IP142.250.74.168:0
File typeASCII text, with very long lines (20080) Hashe7a7945af98a9c3d2ba7c236255f4ffb 85b67cccaf2dda3aa1bfecc9a0700dfd59184d8d ff82c86f036fe4821b5d88e3bdc80966910d39b725b103f886b423b220dbaa09
GET /gtag/js?id=G-37GE99Q100 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 05:31:16 GMT
expires: Mon, 05 Dec 2022 05:31:16 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76340
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash67eaf80416802078cf20f6f8328ca0bb d9cbffdc1972eec762e18fb620e4efe5169be163 12c2cddb038dc58e56c84a521b6f17b66ec54427a738fb8a46a4d95ceec9abbd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:16 GMT
Last-Modified: Mon, 05 Dec 2022 05:31:15 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash5f16a534222e5749ef240d413826c2f6 11683d84d420dd6f919425094edb8961278f7fed 691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| rs.y1h1.com/checkbot.js | 104.26.2.157 | 200 OK | 3.7 kB |
IP104.26.2.157:0
File typeASCII text, with very long lines (8175), with no line terminators Hash5b0919f86a2be9136bf0cfbc3561ad2d aa3aad8e7ba5f40673367065c976511f7e92333e 4701f43463097e82ddb80d6df7e3304a639082ff6e32a68d5c2044832cec0c69
GET /checkbot.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:31:16 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"6222c2ff-1fef"
expires: Mon, 05 Dec 2022 17:28:35 GMT
last-modified: Sat, 05 Mar 2022 01:55:11 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 161
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTZ7foto8eoWmswS8UIW6gAAF6Q1TW5WQtqPOYSh1%2Bcb6FP6FYlrTirc%2BJ6W%2FOfsMuJ1A2hF74y%2FGCTzmTbmXTtgFB8ISKwLVNpgdc4MfiEtngRIgH%2BemEfqvBKU%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a65046c46b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash8ead0ac4ce19cef2471bae0458759d89 af02fd3fcd2e10cfa2458407c0c2e59a43e18517 507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash79c225db327a78b782f5a9512b07eaf0 398a1be3a70264d959146d6670d2ca54cdf4e91a 8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js | 142.250.74.35 | 200 OK | 163 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP142.250.74.35:0
File typeASCII text, with very long lines (730) Size163 kB (162976 bytes) Hash79d18cf4265108d7cecca1bf4ada6109 e51d0285a545381d4c39e9e0292a650ffeeecbb9 59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magic3881.goggle.vip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 555679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash79c225db327a78b782f5a9512b07eaf0 398a1be3a70264d959146d6670d2ca54cdf4e91a 8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash7dfb548d8f8a99d32050803775fad5d6 8b47999a01db7c2217d76a1cec576809a229cf1b 68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| translate.googleapis.com/translate_static/css/translateelement.css | 142.250.74.138 | 200 OK | 3.6 kB |
URL HTTP/2translate.googleapis.com/translate_static/css/translateelement.css IP142.250.74.138:0
File typeASCII text, with very long lines (18670) Hash897ba9a21d9625286674da769dacc2e2 84b4923ab7dee562395160824d53496314499b77 696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 05:17:04 GMT
expires: Mon, 05 Dec 2022 06:17:04 GMT
cache-control: public, max-age=3600
age: 853
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main | 142.250.74.138 | 200 OK | 75 kB |
URL HTTP/2translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main IP142.250.74.138:0
File typeASCII text, with very long lines (1613) Hash110765e1accf41111543c29721c78b52 3eeceb853d592a297162325f20f0420e136c875a b5fb084ee4491e64fca48643106c0eb338212638caafdad88ff91e0d4198b589
GET /_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75035
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 00:23:32 GMT
expires: Thu, 30 Nov 2023 00:23:32 GMT
cache-control: public, max-age=31536000
age: 450465
last-modified: Sat, 12 Nov 2022 06:10:12 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash7dfb548d8f8a99d32050803775fad5d6 8b47999a01db7c2217d76a1cec576809a229cf1b 68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.35 | 200 OK | 15 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 286994
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.35 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 305434
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-37GE99Q100>m=2oebu0&_p=131881925&cid=1873994379.1670218274&ul=en-us&sr=1280x1024&_s=1&sid=1670218274&sct=1&seg=0&dl=https%3A%2F%2Fmagic3881.goggle.vip%2Fcommons%2Fww%2Fmagicbtn1%2Findex_en-us.php%3Fvid%3D1670218275-iSWogb%26utm_medium%3D%257Bsub1%257D%26utm_source%3DRedirect%26utm_campaign%3D0_AutoSmartlink_Auto%26utm_content%3DSmartlink_With_Push_RandomPub%26isp%3DBlix%2BGroup%2BAS%26city%3DOslo%26br%3D0%26sp%3D1%26iw%3DFalse%26checked%3D0%26trans%3D1%26ipp%3D0%26lpkey%3D169670b221d888c575%26ck%3D2&dt=Magic%20Button%202022&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 | 216.239.32.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-37GE99Q100>m=2oebu0&_p=131881925&cid=1873994379.1670218274&ul=en-us&sr=1280x1024&_s=1&sid=1670218274&sct=1&seg=0&dl=https%3A%2F%2Fmagic3881.goggle.vip%2Fcommons%2Fww%2Fmagicbtn1%2Findex_en-us.php%3Fvid%3D1670218275-iSWogb%26utm_medium%3D%257Bsub1%257D%26utm_source%3DRedirect%26utm_campaign%3D0_AutoSmartlink_Auto%26utm_content%3DSmartlink_With_Push_RandomPub%26isp%3DBlix%2BGroup%2BAS%26city%3DOslo%26br%3D0%26sp%3D1%26iw%3DFalse%26checked%3D0%26trans%3D1%26ipp%3D0%26lpkey%3D169670b221d888c575%26ck%3D2&dt=Magic%20Button%202022&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-37GE99Q100>m=2oebu0&_p=131881925&cid=1873994379.1670218274&ul=en-us&sr=1280x1024&_s=1&sid=1670218274&sct=1&seg=0&dl=https%3A%2F%2Fmagic3881.goggle.vip%2Fcommons%2Fww%2Fmagicbtn1%2Findex_en-us.php%3Fvid%3D1670218275-iSWogb%26utm_medium%3D%257Bsub1%257D%26utm_source%3DRedirect%26utm_campaign%3D0_AutoSmartlink_Auto%26utm_content%3DSmartlink_With_Push_RandomPub%26isp%3DBlix%2BGroup%2BAS%26city%3DOslo%26br%3D0%26sp%3D1%26iw%3DFalse%26checked%3D0%26trans%3D1%26ipp%3D0%26lpkey%3D169670b221d888c575%26ck%3D2&dt=Magic%20Button%202022&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: null
date: Mon, 05 Dec 2022 05:31:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3909
Expires: Mon, 05 Dec 2022 06:36:26 GMT
Date: Mon, 05 Dec 2022 05:31:17 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3909
Expires: Mon, 05 Dec 2022 06:36:26 GMT
Date: Mon, 05 Dec 2022 05:31:17 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3909
Expires: Mon, 05 Dec 2022 06:36:26 GMT
Date: Mon, 05 Dec 2022 05:31:17 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3909
Expires: Mon, 05 Dec 2022 06:36:26 GMT
Date: Mon, 05 Dec 2022 05:31:17 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg | 34.120.237.76 | 200 OK | 6.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3130c86c084c4c925fb9179dfa5c145d 203f27660f3885d5c1bc68a535baef4e48ff6582 faf2c48c2286fe2149908947de9037640007d32e13694c1261f610250caf3f8f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6173
x-amzn-requestid: dc73ee0d-b1ec-407f-8e98-3ba264725ee3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqHqwIAMFwqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-56d74e8d45baa9e87136708f;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZjAfnCIfBIkjjk0E62TZ7bHsCTUhJk9Wm_wIyhnUNvhgXja5ELfC4g==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 27782
etag: "203f27660f3885d5c1bc68a535baef4e48ff6582"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash557fea28a0a540d2ffdadd828e03de0b c314368e2e73dabf2c5d856e2c3e1fae610a3005 0fdd195911cdfff46a6dd8ba7b760953e5317fd7ee88abf1e19458518979fdee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11253
x-amzn-requestid: e0561a00-8657-4af0-b24c-08b328282f79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_wKE9coAMFjmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1334-2844266d51d5c5672f34ff61;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iT3IPDIK-qKf-y1_x7hZNSW-4GqKLNuX6U__8bY8eZP178PPnD0IeA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:57:03 GMT
age: 27254
etag: "c314368e2e73dabf2c5d856e2c3e1fae610a3005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfddffc8edfa3ca668c8ac740d34f46c5 63483fc211cfb2808c7f37940a4065b4f4177c59 3c736f085f8f25d68c3dd946d5a546dc6d1f5f6e94a0da17b7fd4662d61a0b50
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8660
x-amzn-requestid: d5cf901f-bd2b-4269-918a-29a0bec09a40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uBG9IIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1326-63b4ea925878dab212409f2b;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZbrQ6wWHMvuPGfdujPdgWq3ahDYeTi0wGfwnn27xEBt6TvM8r0kMgQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 27782
etag: "63483fc211cfb2808c7f37940a4065b4f4177c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg | 34.120.237.76 | 200 OK | 6.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3c36448c65274ebbe1eb21e3bf02385e e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28 6f17788a394f1305755805a1b92117b1c1a03a1e3a075cb97a0da5184d574553
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6430
x-amzn-requestid: ae2ec151-d383-4554-9ac2-3d204701251c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ttFDKoAMFp0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1324-15aebb1a06253068472a6ab0;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kYXmy10msfeWdDYgvq0PXyGpy9UJyQkSLAhR_Q5PQMllJPXOOTnalw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:53 GMT
age: 27924
etag: "e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg | 34.120.237.76 | 200 OK | 7.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9b475d52dd164b9cc0efbecfd58282b6 973e77db7fb34c60e08719dc7196d865e8831cb2 3985e24217a2bd811a0ea9bf0223eb0cda31604986f3467fae028a086a8b827e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: 4d20bc36-d129-468d-b30d-f6b571d528af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKz6G86oAMF9oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abe7f-5f9353c04487352b64ba3bf8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:11:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pjwTv-Ry-1NHzZj6N-Mwul76sDeRSpLlVh7azqqqls44kH-mNhnggw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 04:59:53 GMT
age: 1884
etag: "973e77db7fb34c60e08719dc7196d865e8831cb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash37b58bb09c00b591c2819c89e371d927 aa487f4a7767cb4591fe620592da65bde90c0aa2 9b7791d79d1e9702c23e63450d556e7f1f287f4d02788fc147822c1d90f64657
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9825
x-amzn-requestid: 1ab366f4-78f2-4aaa-af7b-aa203c2d8234
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_1ZE23IAMFnhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1355-35c7b5bb6e4623e93900810c;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qJYTPoArDEx6lR34nZ3DPCAtuWr2lW5qybqaGAu1gSQVdfRq8zlhOg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:57:03 GMT
age: 27254
etag: "aa487f4a7767cb4591fe620592da65bde90c0aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| translate.google.com/translate_a/element.js?cb=googleTranslateElementInit | 216.58.211.14 | 200 OK | 0 B |
URL HTTP/2translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP216.58.211.14:0
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 05:31:16 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+921; expires=Wed, 04-Dec-2024 05:31:16 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| t.y1h1.com/recaptcha/verify?token=03AEkXODBCQIfd86ibtV8LB2_UmN6wRwaLjZu9WMeIR1qInc6VwF2wY2_cIsIqd3owvBuZ7Eyls7I488umNSfcZ99zcaY8f4Kb4gM-I5tYMNHiEVBURO1rUaQIIXYZJR71udKGoDN_zu9tns7lKYItj3vCgb7AWc4cFzilxzlFXkHp2hARPjMaWlSLuW2mRXXBRUOZYfN4ACEm4XrEvRvAhL-J1_-LUZOOYaVe9mpiYLvy1gdfLagRe2kAHupUBpeTx4EwKoSjEud2E5TssJRiam3qxjuQlBeoCRNLK9efDExTNEjTXgDuZnwTPthhRDg8NHx4qwps9UT_7wYcpWjKfL6mW9DJ9Bns5bhs1-f9alWFLHP83WDJEnk3EPOsQVBQDdghcxUKr4onEZulm9qaLMjSIERpWBg3z47XcT2rpoPIjr6rszmuZ4-APXCtuvHlzDLx6ZaBR3K8HCG149mJZoxFmcQ5JcAto4rOxbBhq-Kdj8ymhavX070hkFHWaUWNpIDlh9eYxIBE&vid=1670218275-iSWogb&eventSubField=eventSub9&eventField=event9&botScore=0.5 | 172.67.75.44 | 200 OK | 0 B |
URL HTTP/2t.y1h1.com/recaptcha/verify?token=03AEkXODBCQIfd86ibtV8LB2_UmN6wRwaLjZu9WMeIR1qInc6VwF2wY2_cIsIqd3owvBuZ7Eyls7I488umNSfcZ99zcaY8f4Kb4gM-I5tYMNHiEVBURO1rUaQIIXYZJR71udKGoDN_zu9tns7lKYItj3vCgb7AWc4cFzilxzlFXkHp2hARPjMaWlSLuW2mRXXBRUOZYfN4ACEm4XrEvRvAhL-J1_-LUZOOYaVe9mpiYLvy1gdfLagRe2kAHupUBpeTx4EwKoSjEud2E5TssJRiam3qxjuQlBeoCRNLK9efDExTNEjTXgDuZnwTPthhRDg8NHx4qwps9UT_7wYcpWjKfL6mW9DJ9Bns5bhs1-f9alWFLHP83WDJEnk3EPOsQVBQDdghcxUKr4onEZulm9qaLMjSIERpWBg3z47XcT2rpoPIjr6rszmuZ4-APXCtuvHlzDLx6ZaBR3K8HCG149mJZoxFmcQ5JcAto4rOxbBhq-Kdj8ymhavX070hkFHWaUWNpIDlh9eYxIBE&vid=1670218275-iSWogb&eventSubField=eventSub9&eventField=event9&botScore=0.5 IP172.67.75.44:0
GET /recaptcha/verify?token=03AEkXODBCQIfd86ibtV8LB2_UmN6wRwaLjZu9WMeIR1qInc6VwF2wY2_cIsIqd3owvBuZ7Eyls7I488umNSfcZ99zcaY8f4Kb4gM-I5tYMNHiEVBURO1rUaQIIXYZJR71udKGoDN_zu9tns7lKYItj3vCgb7AWc4cFzilxzlFXkHp2hARPjMaWlSLuW2mRXXBRUOZYfN4ACEm4XrEvRvAhL-J1_-LUZOOYaVe9mpiYLvy1gdfLagRe2kAHupUBpeTx4EwKoSjEud2E5TssJRiam3qxjuQlBeoCRNLK9efDExTNEjTXgDuZnwTPthhRDg8NHx4qwps9UT_7wYcpWjKfL6mW9DJ9Bns5bhs1-f9alWFLHP83WDJEnk3EPOsQVBQDdghcxUKr4onEZulm9qaLMjSIERpWBg3z47XcT2rpoPIjr6rszmuZ4-APXCtuvHlzDLx6ZaBR3K8HCG149mJZoxFmcQ5JcAto4rOxbBhq-Kdj8ymhavX070hkFHWaUWNpIDlh9eYxIBE&vid=1670218275-iSWogb&eventSubField=eventSub9&eventField=event9&botScore=0.5 HTTP/1.1
Host: t.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magic3881.goggle.vip
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:31:17 GMT
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://magic3881.goggle.vip
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVPEZcumCPqRcdBd7wkxUV41FYwv3IC6uPUGgr0j7TvIngXQUsiSh42RzCI%2Bsi9VhpxKEhitxSNCHuDgm5r4zha6taE4U9VdwKdsw1vX7WAN1wZFd8Pwg9UEolUU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a650c6b7bfabc-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| magic3881.goggle.vip/commons/ww/magicbtn1/index_en-us.php?vid=1670218275-iSWogb&utm_medium=%7Bsub1%7D&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_With_Push_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=169670b221d888c575&ck=2 | 104.26.13.100 | 200 OK | 0 B |
URL HTTP/2magic3881.goggle.vip/commons/ww/magicbtn1/index_en-us.php?vid=1670218275-iSWogb&utm_medium=%7Bsub1%7D&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_With_Push_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=169670b221d888c575&ck=2 IP104.26.13.100:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /commons/ww/magicbtn1/index_en-us.php?vid=1670218275-iSWogb&utm_medium=%7Bsub1%7D&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_With_Push_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=169670b221d888c575&ck=2 HTTP/1.1
Host: magic3881.goggle.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:31:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8f7DsQtl8LsNy09suwfs9V2cHvyHM9q0ppkoMPtmH8IlFMitHQ9%2FpFVU5et52a%2FHZlRbrUiX7UgN6Bv%2FEGJg%2Fb7hqhVOEngVssoJvI9h3BC1IrykFhpn%2FKW%2BUs6gbHe6RfEYP9SuNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a6502c8ebb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| magic3881.goggle.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 104.26.13.100 | 200 OK | 0 B |
URL HTTP/2magic3881.goggle.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP104.26.13.100:0
Analyzer | Verdict | Alert | fortinet | Phishing | | quad9 | Sinkholed | |
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: magic3881.goggle.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:31:16 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 18:31:41 GMT
etag: W/"6387a18d-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfsqOqXGdhYjEJVQloPff1aOJ1efXWF8O6gH0u%2FKw1dvHzuhZyuw4CIBX1fvHo1zfPQttvj1%2BiO%2BMnKPoUJfilwI6kd2WQFk1wceLlQ7IU5r2Hqur1zCDyDnKrbB9VqzXNOv5popGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a650439d6b4e8-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 07 Dec 2022 05:31:16 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| magic3881.goggle.vip/favicon.ico | 104.26.13.100 | 200 OK | 0 B |
URL HTTP/2magic3881.goggle.vip/favicon.ico IP104.26.13.100:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /favicon.ico HTTP/1.1
Host: magic3881.goggle.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:31:16 GMT
content-type: image/x-icon
last-modified: Mon, 10 Jan 2022 06:10:46 GMT
etag: W/"61dbcde6-1083e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnUH8O6Ph%2Bn3nYxSO%2Bmx6pJxsc8UFSC0fw%2F0ZHqzqX5boLUGRkvdpjRbGbc2TyyYOk5VOk4c%2FaOh7nkAeJ80YcfoKY5Hcz1mjMBtcLXyKO%2FbPxSgr5qxvqmC0LX%2FR0VpFmLaQ1B7Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a6505eb38b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/load.js | 104.26.2.157 | 200 OK | 0 B |
IP104.26.2.157:0
GET /load.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:31:16 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"6311dce6-1b90"
expires: Mon, 05 Dec 2022 17:28:35 GMT
last-modified: Fri, 02 Sep 2022 10:37:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 161
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HT3gQMCbyXntSz4WYYz0x%2FlPRZCcNQFJRTFzWgzlCtvILZ2b0RiRiMG2%2FbGpM6jcPMYuOEz%2FF8RqnHllwzzO8Hkj1pLj3KBRX97mVAcs8Q0ua%2BHaABnktcRZJJ79Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a65046c4cb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/backbutton.js | 104.26.2.157 | 200 OK | 0 B |
URL HTTP/2rs.y1h1.com/backbutton.js IP104.26.2.157:0
GET /backbutton.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:31:16 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"61d46677-12d0"
expires: Mon, 05 Dec 2022 17:28:35 GMT
last-modified: Tue, 04 Jan 2022 15:23:35 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 161
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqaGi1mNu90OY%2FfobWRt2hI6CRUaf9ShmgKBL8rhgsDOZwzqv2ZkFIVzIMFpXiGXQc6NVMB0owM6zyVW5UDiJW19%2FOrBYwJ3I7jJwWit9c2uWStk5xlVN%2Fae39GVww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a65046c4ab4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/trans.js | 104.26.2.157 | 200 OK | 0 B |
IP104.26.2.157:0
GET /trans.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:31:16 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=337
etag: W/"60837b56-151"
expires: Mon, 05 Dec 2022 07:37:41 GMT
last-modified: Sat, 24 Apr 2021 01:58:46 GMT
cf-cache-status: HIT
age: 35615
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3qfz%2Fzi5uMyhccMPoT4rbTkioX2PZw4o0WU1CqRMRb2p%2BaR8eovO3xgEdqB8XYXD3IAQRLNXWBE0VQKiPOqLIkovlcHmA0%2F85giECrXrTVUkZ7NYrc8LT9OWUWNmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a65050cbab4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/common.js | 104.26.2.157 | 200 OK | 0 B |
IP104.26.2.157:0
GET /common.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:31:16 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"6214ae9e-42fe"
expires: Mon, 05 Dec 2022 17:28:35 GMT
last-modified: Tue, 22 Feb 2022 09:36:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 161
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2dzIGOgVo3zCJ0NITsbAd7mFR68ydWPnKYc2RjdkhcqMZ3QzScMehNwBhLLnuWymj7QNzKBVX6okfgzFOwXAOy8MeUYfrkN%2B20QmbO2jZysxkWPhNJMldNcFIf17Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a65046c50b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/push.js | 104.26.2.157 | 200 OK | 0 B |
IP104.26.2.157:0
GET /push.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:31:16 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"61d4671f-2950"
expires: Mon, 05 Dec 2022 06:52:49 GMT
last-modified: Tue, 04 Jan 2022 15:26:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 38307
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7LCZ7amt0dx2%2B1N8SI59chh4Nnm53COG%2BExkMc8kFQ0YDUapPMPxGCK7Zm96Eu2DpDdMMMK%2BrfN2wBqaHQrrbsQ2ISpCnEL1lLLfKotFxz43EldvKiLCMCn0Sp9ww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a6504fcb6b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/trans.css | 104.26.2.157 | 200 OK | 0 B |
IP104.26.2.157:0
GET /trans.css HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:31:16 GMT
content-type: text/css
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=417
etag: W/"60837b07-1a1"
expires: Mon, 05 Dec 2022 08:23:48 GMT
last-modified: Sat, 24 Apr 2021 01:57:27 GMT
cf-cache-status: HIT
age: 32848
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nJZPIiKlidFmv4CNavntolesJ5ZBFs7d1Hdsc%2BnEDjvs0v17HjAWiEPzWuQockBccz73g9TWMpNKsLtUdWgYqLJ4r3ZP9a85NcD65NsZht92NEUmV4V68S1Py4viA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a65050cb8b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|