Report - thenineep.com/BaseBA.zip

Report Overview

Submitted URL
thenineep.com/BaseBA.zip
IP
3.19.116.195
ASN
#16509 AMAZON-02
Submitted
2022-10-04 12:01:34
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
use.typekit.net	494	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	932 B	21 kB	23.36.76.186
secure.statcounter.com	14835	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	380 B	104.20.229.67
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
thenineep.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	343 B	150 B	3.130.204.160
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	1.9 kB	104.18.21.226
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	35 kB	34.120.237.76
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.82.48.240
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	5.6 kB	142.250.74.3
p.typekit.net	620	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	426 B	357 B	23.36.76.186
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	437 B	160 kB	142.250.74.163
www.hugedomains.com	50857	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	2.1 kB	172.67.70.191
c.statcounter.com	7772	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	776 B	580 B	104.20.229.67
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
static.hugedomains.com	86609	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.3 kB	58 kB	172.67.70.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-04	medium	thenineep.com/BaseBA.zip	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files detected

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
1.2 kB (1156 bytes)
Hash
9d7b7962577a48a4129f0b0b55111479
8421311446c4865c1a08e6c11eb2b4c8931821a8
5dfb16af65fa651107a728673d0c3bbc27fe6f8419de3febead47bac7161ff01

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0

JavaScript (21)

	URL	Size	First Seen	Last Seen
	static.hugedomains.com/js/hdv3-js/script.js	9.9 kB	2023-03-07	2023-03-17
Pretty URL static.hugedomains.com/js/hdv3-js/script.js IP 172.67.70.191 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:07 Last Seen2023-03-17 12:45:24 Times Seen1 Hash 96e78f8efefc9f0db74492b73a6b861a cca818efb118edc2545512d5aed4f890d924e0f5 3a79919561d849e65b816d41a13d9f3c0db23d5242384333e2ad509db3b16721 Loading...

	static.hugedomains.com/js/hdv3-js/jquery.min.js	87 kB	2023-03-07	2024-04-27
Pretty URL static.hugedomains.com/js/hdv3-js/jquery.min.js IP 172.67.70.191 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-27 01:57:50 Times Seen62860 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LdB69wUAAAAABYUZU_WrxJJxC4oLZd2TV5i9Lzh	178 B	2023-03-07	2023-03-26
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LdB69wUAAAAABYUZU_WrxJJxC4oLZd2TV5i9Lzh IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:20 Last Seen2023-03-26 14:00:25 Times Seen116 Hash 2fecf1d5bb2d585e34d0806f17e08de0 e987adfa0c692ea6c81b158525ff9650641cfc4b 9179deee60ff6eeeae0f128a3c724464e7920707f9165367bca7d7c4e907041c Loading...

	www.hugedomains.com/domain_profile.cfm?d=thenineep.com	467 B	2023-03-07	2023-05-24
Pretty URL www.hugedomains.com/domain_profile.cfm?d=thenineep.com IP 172.67.70.191 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:32 Last Seen2023-05-24 04:21:32 Times Seen468 Hash 1e6fe3497ab0ff0c73a7629b99a6b38c 827ffa5d274cd5f8b1cbc302e6fca2f773da081b 5a76487f84b5482882b9d3de1d6ddfe2eb0bb13b34c09aa7f4ca70a6fc41d4bc Loading...

	secure.statcounter.com/counter/counter.js	44 kB	2023-03-07	2024-03-30
Pretty URL secure.statcounter.com/counter/counter.js IP 104.20.229.67 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:55 Last Seen2024-03-30 16:46:15 Times Seen13 Hash 366890db672c87ff79dd22a7534643d2 e7b0da6b49f35363f125deb595ff67ccb0dc222c 38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598 Loading...

	www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js	399 kB	2023-03-08	2023-03-11
Pretty URL www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:40:09 Last Seen2023-03-11 13:30:42 Times Seen1 Hash f35658481ed15bc5f9e381e5babb040b 6ac7505ec9c522b239aeefed9ff6c1ff4d7c98e5 bec7e5a49219ef10544321dbd44f27849644f20623c16f05baeeeaa73e3b9332 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdB69wUAAAAABYUZU_WrxJJxC4oLZd2TV5i9Lzh&co=aHR0cHM6Ly93d3cuaHVnZWRvbWFpbnMuY29tOjQ0Mw..&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=9ljijna1118r	36 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdB69wUAAAAABYUZU_WrxJJxC4oLZd2TV5i9Lzh&co=aHR0cHM6Ly93d3cuaHVnZWRvbWFpbnMuY29tOjQ0Mw..&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=9ljijna1118r IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:49 Last Seen2023-03-08 05:47:49 Times Seen1 Hash 54643041bcb4505f21145005955008b2 1669e7019b8fcc3e6adf5b01ffbb0f3df7dfdd8c 1b0f345e22cbd16b8166ebbe5b3587c5f3b95839901c42bace1b5a041b13a57d Loading...

	www.google.com/recaptcha/api.js	850 B	2023-03-08	2023-03-11
Pretty URL www.google.com/recaptcha/api.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:40:09 Last Seen2023-03-11 13:30:42 Times Seen1 Hash 671d51c8f7b6f6920c23e7092f2e07f4 f9c0ccad26b1524c2f0438657c0ce4b82960cdd3 91b729f00e7b893e0b8158d9d786315ed01b763e6b1053d72e2d6abbb906f70e Loading...

	www.googletagmanager.com/gtag/js?id=UA-7117339-4	109 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-7117339-4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:34:41 Last Seen2023-03-08 05:48:07 Times Seen1 Hash 086485578f618d1904a24b033c8bf10a 941276621dca3259885eab1464251ca5ad026d7c ef6b765c3cbeca8b56c53ffd2b8a574f64eb26a47ce92f2971800c2090752a1e Loading...

	http:blank	620 B	2023-03-08	2023-03-08
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:49 Last Seen2023-03-08 05:47:49 Times Seen1 Hash 8bf1501b77cabfab8e9c39dd5030f17d e5f290bc69cd3487612933ffb9eb1dbd61a30d9f d445b5592fbbe64796fc31e58775ec7bd9f5de26ce81c3e0fbfbe2ada0b25df0 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-27
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-27 02:03:36 Times Seen1536 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	www.hugedomains.com/domain_profile.cfm?d=thenineep.com	629 B	2023-03-07	2023-05-24
Pretty URL www.hugedomains.com/domain_profile.cfm?d=thenineep.com IP 172.67.70.191 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:32 Last Seen2023-05-24 04:21:32 Times Seen468 Hash a7ed7ffe557ed98dc75b8a0025c5b162 f5e0ea4e11b0f928fb35909984d9b5e1df3ac920 138b27aab23d6015b5f7c5aee0ae5d1b8ce26608752c53077d8341bbd1d4273b Loading...

	www.hugedomains.com/domain_profile.cfm?d=thenineep.com	377 B	2023-03-07	2023-05-24
Pretty URL www.hugedomains.com/domain_profile.cfm?d=thenineep.com IP 172.67.70.191 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:32 Last Seen2023-05-24 04:21:32 Times Seen468 Hash cba217ef037a19e529c629fae41dfe9f b70869692824220ef88e99d2fda757441ca8952c 2c72d0a5bd573680d7e76e7c14aa41c615e09bbadceedb1816948194704edc58 Loading...

	www.hugedomains.com/domain_profile.cfm?d=thenineep.com	1.5 kB	2023-03-08	2023-03-08
Pretty URL www.hugedomains.com/domain_profile.cfm?d=thenineep.com IP 172.67.70.191 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:47:49 Last Seen2023-03-08 05:47:49 Times Seen1 Hash fe022e8282ba7425acff746e0c6b2eef 6118790d4faa4167c9cdc16da1e569126b441846 6810d3ef972885bf362019b599cceaac4e7d712db01be14e9d742d593b3160b0 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdB69wUAAAAABYUZU_WrxJJxC4oLZd2TV5i9Lzh&co=aHR0cHM6Ly93d3cuaHVnZWRvbWFpbnMuY29tOjQ0Mw..&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=9ljijna1118r	69 B	2023-03-07	2024-04-27
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdB69wUAAAAABYUZU_WrxJJxC4oLZd2TV5i9Lzh&co=aHR0cHM6Ly93d3cuaHVnZWRvbWFpbnMuY29tOjQ0Mw..&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=9ljijna1118r IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-27 02:49:59 Times Seen99641 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

		Size	First Seen	Last Seen
	#1 Eval - 84a0a9584e27d72871ae316bd840798c	21 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 05:47:49 Last Seen2023-03-08 05:47:49 Times Seen1 Hash 84a0a9584e27d72871ae316bd840798c 4125a4a70291f413d73d30502811c13a6ae170ae 27b16bb72bd5318119c9a6981869cb927df0e6118e64c891f43061893f4fa8c5 Loading...

	#2 Eval - ce2f37889c95c02b5a921a78720467b8	64 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 04:29:18 Last Seen2023-03-08 12:41:28 Times Seen1 Hash ce2f37889c95c02b5a921a78720467b8 749a0a7ceb08f6f75cadc9d2eb27866057f9a939 87c99b9a88a42ee46bbe6ce447b600a1653142b3ebb7b9ed96bc786f7a99d488 Loading...

	#3 Eval - 4e4735fd2b45e9f85f94ee7a077bdbfd	16 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 04:29:18 Last Seen2023-03-08 12:41:28 Times Seen1 Hash 4e4735fd2b45e9f85f94ee7a077bdbfd 3a98b06d3ac90c1b6a69968c82f112afb345d0cb 1bf232e3afa032afeeb821804dac4bdcfae32c16178d33975a668df67e9d0841 Loading...

	#4 Eval - 22a65f4cef52e208803b7c3bb11ebf4b	22 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 04:29:18 Last Seen2023-03-08 12:41:28 Times Seen1 Hash 22a65f4cef52e208803b7c3bb11ebf4b 9ca60f59d7efeb1b54ad6197611aeabada756f7c eb3a140c9b84b3b5c69ed2966cf442240e63fc12aaf1e79d0c35aec5b237d9d7 Loading...

	#5 Eval - c4d295cfa88a0805c2a3a15e5f191fbc	22 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 04:29:18 Last Seen2023-03-08 12:41:28 Times Seen1 Hash c4d295cfa88a0805c2a3a15e5f191fbc 00b3c5ea6b390072a5207ddc66f0f5bd8d8a35e6 ba41c5348d38a6ebd3399d0378ae76921f287d04f94ff5d93d6709e7f2a962b7 Loading...

		Size	First Seen	Last Seen
	#1 Write - 23a9a19532d4d11d0162f8ff47f66385	96 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:06:56 Last Seen2024-04-26 04:41:28 Times Seen17083 Hash 23a9a19532d4d11d0162f8ff47f66385 39255a9f75cf85a5ce76383bab628291a9626f00 63fbe184fbb505dfd393d0292e5d1ee5f55922728fe59eef5b3d73818d6a9384 Loading...

HTTP Transactions (46)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7871
Expires: Tue, 04 Oct 2022 14:12:34 GMT
Date: Tue, 04 Oct 2022 12:01:23 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 11:40:45 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qn6PSCO-9dt0cGJAYDMzwEe0Gp4kNvWKVxxTA7Dx_w1RKCZ7SpZo5g==
Age: 1237

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EU6l_V8YYvqKv_mCJmVw1I5fbtoKPwMvvwG8h4rXopEhsAYbBoLhFQ==
age: 23576
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 12:01:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 11:29:33 GMT
Expires: Tue, 04 Oct 2022 12:17:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: akSNFpt_1CEbs_QC0TufeHCaCH-16QPR0DNL-DAUJvdN1c9sZpaq-w==
Age: 1911

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5053
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:01:24 GMT
Last-Modified: Tue, 04 Oct 2022 10:37:11 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.82.48.240

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.82.48.240:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MKVqOZlVNrzdXyk56jt4bg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SH2QE8GCtiPtAAiVo07jfeMTFZE=

thenineep.com/BaseBA.zip

3.130.204.160

302 Found

0 B

URL HTTP/1.1
thenineep.com/BaseBA.zip
IP
3.130.204.160:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /BaseBA.zip HTTP/1.1
Host: thenineep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
content-length: 0
date: Tue, 04 Oct 2022 12:01:24 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=thenineep.com

static.hugedomains.com/images/hdv3-img/phone-icon.png

172.67.70.191

200 OK

743 B

URL HTTP/2
static.hugedomains.com/images/hdv3-img/phone-icon.png
IP
172.67.70.191:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 22, 8-bit gray+alpha, non-interlaced\012- data
Size
743 B (743 bytes)
Hash
bd361461dbc83db995e644e42e59dca9
7d3d5350646382e10d1fd84a3489d2eec7f1c651
4e5d6e60573346e0eb3e8368ca629af38d0d59f4e51f750724e7f95f8be5917e

HTTP Headers

GET /images/hdv3-img/phone-icon.png HTTP/1.1
Host: static.hugedomains.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; sc_is_visitor_unique=rx5694535.1654525580.A6FC6F7B0E844FA056AA6FAA902E9B06.2.2.2.2.2.2.1.1.1; _gid=GA1.2.1080360224.1664883452
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:01:25 GMT
content-type: image/png
content-length: 743
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=2415
etag: "524238d6b75ed61:0"
last-modified: Mon, 20 Jul 2020 17:04:32 GMT
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 3794
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cBJqBsfzwW9GqZ355688zfsa0MWcf2B2%2FjZsUDlVte7zeS1pSnDq7DNWGqnX0hR66IfyoqoKxPsDOXKFEBZ6ObIFmNyn4VNxvzAbnXN6FjpzIMUfyehqAG2gV1Sj35Yj4XVyzI5Rhc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754dc3460f76b4ee-OSL
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
849f5b33ea2ba022a00531b0aba4c642
36f76bd448676ae09136bbe0c196e30056da8ee8
fdd737d38e7a68ab24eb2e3478697f8a6b85e999b4ca9b5790bc6dfc93de5195

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:01:25 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "086075CA50D7CAF5450D461EB867CDED6F44893F"
Expires: Tue, 04 Oct 2022 23:00:00 GMT
Last-Modified: Tue, 04 Oct 2022 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 317
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754dc3464930b505-OSL

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:01:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:01:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.hugedomains.com/images/hdv3-img/geo.png

172.67.70.191

200 OK

2.6 kB

URL HTTP/2
static.hugedomains.com/images/hdv3-img/geo.png
IP
172.67.70.191:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 166 x 36, 8-bit gray+alpha, non-interlaced\012- data
Size
2.6 kB (2578 bytes)
Hash
1aceace0b63ef3e4cf3a349b83f5725b
fede44a511cbb7a94be77c6a3fbaf05c0ac735e9
7185ad18f6d3ea3d12c0a64a084a4bc570ba2e79ed46a1fb3427a4c29ca9bb20

HTTP Headers

GET /images/hdv3-img/geo.png HTTP/1.1
Host: static.hugedomains.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; sc_is_visitor_unique=rx5694535.1654525580.A6FC6F7B0E844FA056AA6FAA902E9B06.2.2.2.2.2.2.1.1.1; _gid=GA1.2.1080360224.1664883452
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:01:25 GMT
content-type: image/png
content-length: 2578
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=5035
etag: "741f36d6b75ed61:0"
last-modified: Mon, 20 Jul 2020 17:04:31 GMT
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpvbLd367MUBzdpFgVvNsG8GAhqXBFrKXe2G%2BBzU88RMSfIDzamth8w5vW2kHZdO6Nd8oDOD0bXQYi7d4NK8aI5KqDTSvJF1nNLDQSufQmWSdTERB3B%2B8LYlFVQJmD9Xj1AifSS5nF8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754dc3460f7eb4ee-OSL
X-Firefox-Spdy: h2

static.hugedomains.com/images/hdv3-img/care.png

172.67.70.191

200 OK

708 B

URL HTTP/2
static.hugedomains.com/images/hdv3-img/care.png
IP
172.67.70.191:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 46 x 47, 8-bit gray+alpha, non-interlaced\012- data
Size
708 B (708 bytes)
Hash
3ceb91c3c875ca5750c7aadf7e4ece6c
041a428a64ee9d32d6da4befacf6d8e5e3f5e436
3ec2212fc76e58ec342024869548e63c5a954162535572610a184aa0690577c8

HTTP Headers

GET /images/hdv3-img/care.png HTTP/1.1
Host: static.hugedomains.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; sc_is_visitor_unique=rx5694535.1654525580.A6FC6F7B0E844FA056AA6FAA902E9B06.2.2.2.2.2.2.1.1.1; _gid=GA1.2.1080360224.1664883452
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:01:25 GMT
content-type: image/png
content-length: 708
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=1906
etag: "a9c92cd6b75ed61:0"
last-modified: Mon, 20 Jul 2020 17:04:31 GMT
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZtOR0BfyCAmSlTjfWYu73BmCBqOkyfqROTFLv8NeUwZA2gzrxhrj2EVYzBR%2Bx8UURO%2FFTNSakHIIhSlwKKCAdUdHCAN3p5bbIlEf7j57MQnkfJiuUgh%2FuqbzfsSUlHIlYIujQM%2BSCk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754dc3460f7bb4ee-OSL
X-Firefox-Spdy: h2

static.hugedomains.com/images/hdv3-img/escrow.png

172.67.70.191

200 OK

2.8 kB

URL HTTP/2
static.hugedomains.com/images/hdv3-img/escrow.png
IP
172.67.70.191:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 196 x 47, 8-bit gray+alpha, non-interlaced\012- data
Size
2.8 kB (2799 bytes)
Hash
5e3fff838a9aa2ef46e2e4d9fe13ab85
a6ea4b142dd129e28d02ecc0dc59edade1976376
bbb3555394a1e45cb61c59281716bf177f29a026efef4750eed9c8a21b838765

HTTP Headers

GET /images/hdv3-img/escrow.png HTTP/1.1
Host: static.hugedomains.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; sc_is_visitor_unique=rx5694535.1654525580.A6FC6F7B0E844FA056AA6FAA902E9B06.2.2.2.2.2.2.1.1.1; _gid=GA1.2.1080360224.1664883452
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:01:25 GMT
content-type: image/png
content-length: 2799
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=5589
etag: "ece634d6b75ed61:0"
last-modified: Mon, 20 Jul 2020 17:04:31 GMT
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfQSI3nYhQe%2BRGMVzjtmU49AcnNNiwfXOrskqN%2FcwR9cOsXlRVeAjJ52zerZRYf2X%2Fd8CundR2s1OsKvJI7fuSb8Da7mbhqwvZupNtUFI7JvbcynmYtIGdvSTJKUmQ9otZX6LsRzfKA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754dc3460f7db4ee-OSL
X-Firefox-Spdy: h2

static.hugedomains.com/images/hdv3-img/logo.png

172.67.70.191

200 OK

4.3 kB

URL HTTP/2
static.hugedomains.com/images/hdv3-img/logo.png
IP
172.67.70.191:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 237 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4310 bytes)
Hash
c6585d35dbe66427d2971405193e3420
88f0c9cc830f31e475aa5040a44c959b6e5b309a
b7538e415e50685e667d23705f5513c5770ae627e849bd1ea3c98f5abaf336c8

HTTP Headers

GET /images/hdv3-img/logo.png HTTP/1.1
Host: static.hugedomains.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; sc_is_visitor_unique=rx5694535.1654525580.A6FC6F7B0E844FA056AA6FAA902E9B06.2.2.2.2.2.2.1.1.1; _gid=GA1.2.1080360224.1664883452
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:01:25 GMT
content-type: image/png
content-length: 4310
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=6473
etag: "32f437d6b75ed61:0"
last-modified: Mon, 20 Jul 2020 17:04:32 GMT
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y67I%2Bv1bndetPfZKbxP5MIA6yodOZ26xSCH1dv7Fl3xp2gwjSzJKyDmlFS%2F0DLz9upRmOaouKiWRe6QxghtpeLrmWfw3uKvCXWRgsAEuIRfX2CFmnXHql3tki1sQKoaR3NU92QT%2ByB8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754dc3460f73b4ee-OSL
X-Firefox-Spdy: h2

static.hugedomains.com/images/hdv3-img/guarant-footer.png

172.67.70.191

200 OK

1.5 kB

URL HTTP/2
static.hugedomains.com/images/hdv3-img/guarant-footer.png
IP
172.67.70.191:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 37 x 47, 8-bit gray+alpha, non-interlaced\012- data
Size
1.5 kB (1507 bytes)
Hash
e527bd653c6ab12a65243ea7b6090d60
6f4cecd8c8d38e340a81295606d4faa28d34d0a7
397380d4c94183937f67dc28fc89697fadef075f66e637080ec71545b07d65f1

HTTP Headers

GET /images/hdv3-img/guarant-footer.png HTTP/1.1
Host: static.hugedomains.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; sc_is_visitor_unique=rx5694535.1654525580.A6FC6F7B0E844FA056AA6FAA902E9B06.2.2.2.2.2.2.1.1.1; _gid=GA1.2.1080360224.1664883452
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:01:25 GMT
content-type: image/png
content-length: 1507
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=3413
etag: "8d4636d6b75ed61:0"
last-modified: Mon, 20 Jul 2020 17:04:31 GMT
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oK9fom2eaFJ1P5I1xcFqESO1LVHK2O83bwBa8dvE9N4pVwpzM3U0eHpBx050CA8vSW4Qu0PrO2%2BT72ACFE6wKTz4GxkJKRgchDj10hQCq9nwwFAEUZBRK6cYAM6K%2FFfDs6RvS4%2BU00g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754dc3460f7cb4ee-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:01:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

use.typekit.net/zyw6mds.css

23.36.76.186

200 OK

588 B

URL HTTP/2
use.typekit.net/zyw6mds.css
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
588 B (588 bytes)
Hash
79acdfd15125acfe766f860f0685b52f
05ff60088da4d12ca19317d6c20a2c700f24e1b3
e517920dfc67f60d71fabf6eabe1af66fd1e303dc4f161f1f14fe2190936826d

HTTP Headers

GET /zyw6mds.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.hugedomains.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 588
date: Tue, 04 Oct 2022 12:01:25 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7033
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 12:01:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7033
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 12:01:25 GMT
Connection: keep-alive

p.typekit.net/p.css?s=1&k=zyw6mds&ht=tk&f=40411&a=11744788&app=typekit&e=css

23.36.76.186

200 OK

5 B

URL HTTP/2
p.typekit.net/p.css?s=1&k=zyw6mds&ht=tk&f=40411&a=11744788&app=typekit&e=css
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=zyw6mds&ht=tk&f=40411&a=11744788&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Tue, 04 Oct 2022 12:01:25 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7033
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 12:01:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7033
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 12:01:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7033
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 12:01:25 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5504 bytes)
Hash
6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 48726
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4151 bytes)
Hash
24a4a122273ef9f772852031eb13114a
c20f1fac9020eb4bd6c84583f73872979639b991
8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7H1QKlOtoBoVz93G5lddxHSGiTjtMnHJCZX5FhwqhNPkspslaDoFQA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:57:01 GMT
age: 50664
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3430 bytes)
Hash
488ec5b4267ccb1cdc4e6e08556f7f3b
42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88
d9b05fe92962a58b9a8e8dbd4757969aa361be12018107ae649ffcdb8a0f8d84

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3430
x-amzn-requestid: 22a0e400-1567-4c9c-aca9-782f3f81a8ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKLCrEn4IAMFZWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f210-11fa888c78719c44160accf8;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 69u2trVvquFefzPFeOg_AuyzqQ6EBpY_ok9d9RXv71NE3TB_qELdtg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 16:24:09 GMT
age: 70636
etag: "42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11955 bytes)
Hash
54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tJwzKfs7HnQ7dVcINwnlzxTChXiEi4JPj8jrS8p5KhurRx_o3ZVOZQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
age: 49826
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4858 bytes)
Hash
6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 50679
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

static.hugedomains.com/css/hdv3-css/style.css?r=20201105a

172.67.70.191

200 OK

37 kB

URL HTTP/2
static.hugedomains.com/css/hdv3-css/style.css?r=20201105a
IP
172.67.70.191:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
37 kB (37112 bytes)
Hash
42d0588a07f6ce2859a669244c3f11b0
a919bb87793c0a28b0f13629572daf2c67362136
cc928ef32046b54cf542f01983a785ab8252b542acbb92cd860a3db5548590c4

HTTP Headers

GET /css/hdv3-css/style.css?r=20201105a HTTP/1.1
Host: static.hugedomains.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; sc_is_visitor_unique=rx5694535.1654525580.A6FC6F7B0E844FA056AA6FAA902E9B06.2.2.2.2.2.2.1.1.1; _gid=GA1.2.1080360224.1664883452
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:01:25 GMT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=220140
etag: W/"803a6d05a80d81:0"
last-modified: Wed, 15 Jun 2022 01:48:25 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBULNC943%2BKX4dG%2BY9ffIA154hHLGWp8zw3vbFRpasYeSBF636fOsGfn062cEmBOAbtXxy6bBJ0yZ4gVTk4cjcmbaSGo%2FygtlOSvlXafxW8%2BCNdHxC7DKYKFbHf8vJr6NY27CYwp65s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dc345ff60b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2

use.typekit.net/af/a91117/00000000000000003b9b257c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3

23.36.76.186

200 OK

20 kB

URL HTTP/2
use.typekit.net/af/a91117/00000000000000003b9b257c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 19608, version 1.0\012- data
Size
20 kB (19608 bytes)
Hash
067422192cbb34922cab0a5cf0614816
f019792c33d128b074a639935cba0b585f5beb0e
cfa0e92aa58452201274b8ef57ba1066a5465809a6937a24ee224052ca6d71e0

HTTP Headers

GET /af/a91117/00000000000000003b9b257c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hugedomains.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 19608
etag: "98e73879b397d0b98b8a96538c3271fce677cf5c"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 04 Oct 2022 12:01:25 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

1.2 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
1.2 kB (1156 bytes)
Hash
9d7b7962577a48a4129f0b0b55111479
8421311446c4865c1a08e6c11eb2b4c8931821a8
5dfb16af65fa651107a728673d0c3bbc27fe6f8419de3febead47bac7161ff01

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:01:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:01:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js

142.250.74.163

200 OK

159 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (711)
Size
159 kB (158844 bytes)
Hash
b4ed95d4318e3b78b936c9c0f1ffa96e
b53c9376b1459afb07fb4b5c2e8d8dad776d3a02
3c21880cb7be6bec40f9d40c23ad39c9758999cf950cec07b86c83b21fde175f

HTTP Headers

GET /recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hugedomains.com
Connection: keep-alive
Referer: https://www.hugedomains.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 01:05:31 GMT
expires: Sun, 01 Oct 2023 01:05:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
content-type: text/javascript
age: 298554
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:01:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e13df37c7a0102aa69d97512e4f3bad4
2c3019bef2f4bc34b3f3dc212b30d4fad04f8b37
cfbc8bfd83a8eb63bf5d189e398e1373222f1d1bde223fba70e3c7b560c708aa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:01:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.hugedomains.com/css/hdv3-css/reboot.min.css

172.67.70.191

200 OK

0 B

URL HTTP/2
static.hugedomains.com/css/hdv3-css/reboot.min.css
IP
172.67.70.191:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/hdv3-css/reboot.min.css HTTP/1.1
Host: static.hugedomains.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; sc_is_visitor_unique=rx5694535.1654525580.A6FC6F7B0E844FA056AA6FAA902E9B06.2.2.2.2.2.2.1.1.1; _gid=GA1.2.1080360224.1664883452
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:01:25 GMT
content-type: text/css
last-modified: Mon, 20 Jul 2020 17:04:26 GMT
etag: W/"09a4d2b75ed61:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5214
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEszmCcwZ28gsbflC8%2B5%2F%2BgrPTmrTNQYu8EREZ8hyg8Md%2FgXTmkG%2FC3W3qgyDo4FZKCFUh1ZIIQUJYmJllpLLlxVKB%2Fd0ijDaUyL2e4yb0G9IIjxcDky5FthrPLIHb8%2FwhxtaAJumqQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dc345ff63b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.hugedomains.com/js/hdv3-js/script.js

172.67.70.191

200 OK

0 B

URL HTTP/2
static.hugedomains.com/js/hdv3-js/script.js
IP
172.67.70.191:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/hdv3-js/script.js HTTP/1.1
Host: static.hugedomains.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; sc_is_visitor_unique=rx5694535.1654525580.A6FC6F7B0E844FA056AA6FAA902E9B06.2.2.2.2.2.2.1.1.1; _gid=GA1.2.1080360224.1664883452
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:01:25 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=16653
etag: W/"02345af103fd81:0"
last-modified: Wed, 23 Mar 2022 23:49:50 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5214
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYa8Zj65qLtx3vzaQO5gGlWPFXNiert9KHb5QziXs8Ibvao%2FhFnC8LJU3I4JqyVMNgFTpyjtfAZMCDaeZY1PWjMePlIrQzOSyH64ud9TaVOKBMt92UmteoyW3pdySO9pLQOFzkh%2Fknw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dc3460f80b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.hugedomains.com/css/hdv3-css/responsive.css?r=20201105a

172.67.70.191

200 OK

0 B

URL HTTP/2
static.hugedomains.com/css/hdv3-css/responsive.css?r=20201105a
IP
172.67.70.191:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/hdv3-css/responsive.css?r=20201105a HTTP/1.1
Host: static.hugedomains.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; sc_is_visitor_unique=rx5694535.1654525580.A6FC6F7B0E844FA056AA6FAA902E9B06.2.2.2.2.2.2.1.1.1; _gid=GA1.2.1080360224.1664883452
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:01:25 GMT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=86637
etag: W/"8017f8114580d81:0"
last-modified: Tue, 14 Jun 2022 23:18:35 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzABZo4E6xZ5M41pGYER5fc7HKD5wwRRlf5kACrO5e%2BhSr8ZK14eFi7IQhgAEKHsqKjDnGD2OCzrvZGhWbFzDm8k0ZgXQ07V47yEA%2ByxMfdVnkzx0uSA2J1zyESusyyVoJpG5XKEKPE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dc3460f65b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.hugedomains.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664884800

172.67.70.191

200 OK

0 B

URL HTTP/2
www.hugedomains.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664884800
IP
172.67.70.191:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664884800 HTTP/1.1
Host: www.hugedomains.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: site_version_phase=108; site_version=HDv3; HD=5AF5169D45CF49129DAECA323D08C2B0050; _ga=GA1.2.1987687633.1654109076; HDS=CF007C19EBF336E7781E2D34C1192F5621074E6A28B450787663CB58260A1DED191BFFEE1D7EDE0DAF670BED68273848; _gid=GA1.2.1080360224.1664883452; sc_is_visitor_unique=rx5694535.1664884885.A6FC6F7B0E844FA056AA6FAA902E9B06.3.3.3.3.3.3.2.2.2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:01:25 GMT
content-type: application/javascript; charset=UTF-8
x-control-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vj9nn8T92WQC%2BnTIC69qsj%2B1Cs2G6raRY9JBqaCIC0FnCcvjZfjualnnR7AxgeIHH6BJkTrW9AhETDBnePX8Z6%2FXtKaB7%2BJgM4Q%2BogbrpYNpHM5cnjVt%2Bdm9E12rlYnKlKNnJas%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dc3490b5fb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2

c.statcounter.com/t.php?sc_project=5694535&u1=A6FC6F7B0E844FA056AA6FAA902E9B06&java=1&security=91f91c19&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=10359305&rr=3.3.3.3.3.3.2.2.2&resolution=1280&h=1024&camefrom=&u=https%3A//www.hugedomains.com/domain_profile.cfm%3Fd%3Dthenineep.com&t=HugeDomains.com&invisible=1&sc_rum_e_s=2606&sc_rum_e_e=2613&sc_rum_f_s=0&sc_rum_f_e=2595&get_config=true

104.20.229.67

200 OK

0 B

URL HTTP/2
c.statcounter.com/t.php?sc_project=5694535&u1=A6FC6F7B0E844FA056AA6FAA902E9B06&java=1&security=91f91c19&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=10359305&rr=3.3.3.3.3.3.2.2.2&resolution=1280&h=1024&camefrom=&u=https%3A//www.hugedomains.com/domain_profile.cfm%3Fd%3Dthenineep.com&t=HugeDomains.com&invisible=1&sc_rum_e_s=2606&sc_rum_e_e=2613&sc_rum_f_s=0&sc_rum_f_e=2595&get_config=true
IP
104.20.229.67:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /t.php?sc_project=5694535&u1=A6FC6F7B0E844FA056AA6FAA902E9B06&java=1&security=91f91c19&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=10359305&rr=3.3.3.3.3.3.2.2.2&resolution=1280&h=1024&camefrom=&u=https%3A//www.hugedomains.com/domain_profile.cfm%3Fd%3Dthenineep.com&t=HugeDomains.com&invisible=1&sc_rum_e_s=2606&sc_rum_e_e=2613&sc_rum_f_s=0&sc_rum_f_e=2595&get_config=true HTTP/1.1
Host: c.statcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hugedomains.com
Connection: keep-alive
Referer: https://www.hugedomains.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:01:26 GMT
content-type: application/json
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: is_unique=sc5694535.1664884886.0; SameSite=None; Secure; Expires=Sunday, 03-Oct-2027 06:01:26 MDT; Path=/; Domain=.statcounter.com
access-control-allow-origin: https://www.hugedomains.com
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754dc349184e0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.hugedomains.com/favicon.ico

172.67.70.191

200 OK

0 B

URL HTTP/2
www.hugedomains.com/favicon.ico
IP
172.67.70.191:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.hugedomains.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/domain_profile.cfm?d=thenineep.com
Cookie: site_version_phase=108; site_version=HDv3; HD=5AF5169D45CF49129DAECA323D08C2B0050; _ga=GA1.2.1987687633.1654109076; HDS=CF007C19EBF336E7781E2D34C1192F5621074E6A28B450787663CB58260A1DED191BFFEE1D7EDE0DAF670BED68273848; _gid=GA1.2.1080360224.1664883452; sc_is_visitor_unique=rx5694535.1664884885.A6FC6F7B0E844FA056AA6FAA902E9B06.3.3.3.3.3.3.2.2.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:01:26 GMT
content-type: image/x-icon
cache-control: private
last-modified: Mon, 20 Jul 2020 17:04:28 GMT
etag: W/"036d5d3b75ed61:0"
access-control-allow-origin: *
x-lbdetail: nonimg 1150 ctimage/x-icon
x-powered-by: ASP.NET
lb: TclPrdLbHd1
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VosH2fEqrpiyXJXc6A5Ktp4fFeVr4B2aYwe4yZECf5mCgrtzkHyL2byKl%2F%2Fe08vJYynfpoK7NsQATbHYzBRDud1%2BasWXi3E4JG1%2BONAfilUIpnhCH6OLflFmwfRaM8PVIn0J7fI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754dc3491b65b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.hugedomains.com/domain_profile.cfm?d=thenineep.com

172.67.70.191

200 OK

0 B

URL HTTP/2
www.hugedomains.com/domain_profile.cfm?d=thenineep.com
IP
172.67.70.191:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /domain_profile.cfm?d=thenineep.com HTTP/1.1
Host: www.hugedomains.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: site_version_phase=108; site_version=HDv3; HD=5AF5169D45CF49129DAECA323D08C2B0050; _ga=GA1.2.1987687633.1654109076; HDS=CF007C19EBF336E7781E2D34C1192F5621074E6A28B450787663CB58260A1DED191BFFEE1D7EDE0DAF670BED68273848; sc_is_visitor_unique=rx5694535.1654525580.A6FC6F7B0E844FA056AA6FAA902E9B06.2.2.2.2.2.2.1.1.1; _gid=GA1.2.1080360224.1664883452
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:01:25 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: captcha-tracker=; expires=Mon, 03-Oct-2022 12:01:25 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwRwkGXsF66X2rGswbZ9aUmuKwqmjnrJyNokpENeuqw78x4OHxMDIuNKxX%2BQZsoOwShq%2B5EGO7ZW4uVcOsCxqwRz636hPo%2FQh1qiYzVh1EC22CUiwYU6S8qh%2FDs3vnnAwUKArJc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dc3449d78b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.hugedomains.com/js/hdv3-js/jquery.min.js

172.67.70.191

200 OK

0 B

URL HTTP/2
static.hugedomains.com/js/hdv3-js/jquery.min.js
IP
172.67.70.191:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/hdv3-js/jquery.min.js HTTP/1.1
Host: static.hugedomains.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Cookie: _ga=GA1.2.1987687633.1654109076; sc_is_visitor_unique=rx5694535.1654525580.A6FC6F7B0E844FA056AA6FAA902E9B06.2.2.2.2.2.2.1.1.1; _gid=GA1.2.1080360224.1664883452
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:01:25 GMT
content-type: application/javascript
last-modified: Mon, 20 Jul 2020 17:04:33 GMT
etag: W/"8026d0d6b75ed61:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5214
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2Cgo5o5YO%2FhRRhZG0%2FPdft8MuRilmJwxVMRZ4AndseTkmVKPYyA15aOh8%2Farb7FIaXMG%2FXi5fGdVqclSnEvXIB8Z3wyyXo6NpN6NziPzM%2BD5T12PMD0BtTXwf80h5Poj77yKnoiuuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dc3460f7fb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2

secure.statcounter.com/counter/counter.js

104.20.229.67

200 OK

0 B

URL HTTP/2
secure.statcounter.com/counter/counter.js
IP
104.20.229.67:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /counter/counter.js HTTP/1.1
Host: secure.statcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hugedomains.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:01:25 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 03 Oct 2022 14:33:33 GMT
etag: W/"633af2bd-aa70"
expires: Tue, 04 Oct 2022 17:42:50 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 22715
server: cloudflare
cf-ray: 754dc348bff10b02-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML