Report - runsafeads.com/l/5095209e6e7fe182cb?code=nojs&

Report Overview

Submitted URL
runsafeads.com/l/5095209e6e7fe182cb?code=nojs&
IP
62.212.87.244
ASN
#60781 LeaseWeb Netherlands B.V.
Submitted
2023-02-01 21:11:59
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
7
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	983 B	452 B	216.239.34.36
runsafeads.com	60005	2021-02-17T12:30:01Z	2023-03-11T06:11:32Z	377 B	367 B	62.212.87.243
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	722 B	3.8 kB	104.18.21.226
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	686 B	1.4 kB	142.250.74.131
notify.dcbprotect.com	112896	2018-06-07T00:28:10Z	2023-03-13T00:03:49Z	520 B	300 B	54.155.29.255
promo.mondiamedia.com	641366	2018-07-01T17:28:08Z	2023-03-02T18:12:16Z	696 B	526 B	104.20.27.241
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.40.68.141
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	387 B	45 kB	142.250.74.168
img.dcbprotect.com	unknown	2022-09-22T09:55:48Z	2023-03-11T13:26:35Z	948 B	1.0 kB	54.155.29.255
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	700 B	1.9 kB	54.230.245.118
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	67 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-01 21:12:13	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-02-01 21:12:13	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-02-01 21:12:13	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-02-01 21:12:13	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-02-01 21:12:14	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-02-01 21:12:16	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-02-01 21:12:19	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	promo.mondiamedia.com/ls-vc-games/api/check.js?subsTypeId=57020020&utm_source=7730&utm_campaign=LS_Vf_playinc_d_EN&track_id=track_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae&utm_sub_source=&utm_id=50952&agency=opticks	97 kB	2023-03-13	2023-03-13
Pretty URL promo.mondiamedia.com/ls-vc-games/api/check.js?subsTypeId=57020020&utm_source=7730&utm_campaign=LS_Vf_playinc_d_EN&track_id=track_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae&utm_sub_source=&utm_id=50952&agency=opticks IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:27:08 Last Seen2023-03-13 14:27:08 Times Seen1 Hash 6f7901f07548f9489a888e0042f7849f e78c3866d1c8f9f16e656612210dd1491d94b147 af9dccdeae3f24ecd21cfb9f3ec3834d46b3e102b267a2f9fba1503a27a49283 Loading...

	promo.mondiamedia.com/ls-vc-games/proxy/promo-ssa/ssa/mm-lp/ls/vc/playinc/generic/04/en/?subsTypeId=57020020&utm_source=7730&utm_campaign=LS_Vf_playinc_d_EN&track_id=track_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae&utm_sub_source=&utm_id=50952&agency=opticks	343 B	2023-03-13	2023-05-19
Pretty URL promo.mondiamedia.com/ls-vc-games/proxy/promo-ssa/ssa/mm-lp/ls/vc/playinc/generic/04/en/?subsTypeId=57020020&utm_source=7730&utm_campaign=LS_Vf_playinc_d_EN&track_id=track_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae&utm_sub_source=&utm_id=50952&agency=opticks IP 104.20.27.241 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:27:08 Last Seen2023-05-19 22:04:25 Times Seen2 Hash 0eed14199389d3258e9ad43a472c5774 2547e3ce2001ab56abb198c77ae300f377ec13b8 a645607b6b1723378edde7b2f5c03437b7555983e2c09b55d00bc625095f972c Loading...

	promo.mondiamedia.com/ls-vc-games/proxy/promo-ssa/ssa/mm-lp/ls/vc/playinc/generic/04/en/?subsTypeId=57020020&utm_source=7730&utm_campaign=LS_Vf_playinc_d_EN&track_id=track_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae&utm_sub_source=&utm_id=50952&agency=opticks	178 B	2023-03-12	2024-03-05
Pretty URL promo.mondiamedia.com/ls-vc-games/proxy/promo-ssa/ssa/mm-lp/ls/vc/playinc/generic/04/en/?subsTypeId=57020020&utm_source=7730&utm_campaign=LS_Vf_playinc_d_EN&track_id=track_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae&utm_sub_source=&utm_id=50952&agency=opticks IP 104.20.27.241 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:02:12 Last Seen2024-03-05 13:43:57 Times Seen27 Hash 65c8aa24796ed3bdd121990e641f7a48 edab3097f80e50129d1be11a8f3ab5663fe125f9 4c0559375352a419681d3278eb2a71ecb6310f5c9f43f40830acec78f530573f Loading...

	promo.mondiamedia.com/ls-vc-games/proxy/promo-ssa/ssa/mm-lp/ls/vc/playinc/generic/04/en/?subsTypeId=57020020&utm_source=7730&utm_campaign=LS_Vf_playinc_d_EN&track_id=track_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae&utm_sub_source=&utm_id=50952&agency=opticks	765 B	2023-03-12	2024-01-27
Pretty URL promo.mondiamedia.com/ls-vc-games/proxy/promo-ssa/ssa/mm-lp/ls/vc/playinc/generic/04/en/?subsTypeId=57020020&utm_source=7730&utm_campaign=LS_Vf_playinc_d_EN&track_id=track_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae&utm_sub_source=&utm_id=50952&agency=opticks IP 104.20.27.241 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:02:12 Last Seen2024-01-27 00:41:46 Times Seen25 Hash 91a51f410a727543cfbb3f757b11d43c 840bf66d226955f83ee9d2c8f448e74bd283b22b 47ab72acdf99ad4f180e92d4381300d2477f9baa8eb5637a4c9beaf78d893aa8 Loading...

	promo.mondiamedia.com/public/assets/js/jquery.min.js	86 kB	2023-03-07	2024-04-06
Pretty URL promo.mondiamedia.com/public/assets/js/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:36 Last Seen2024-04-06 16:59:42 Times Seen111 Hash c01c2bd743766d00cd5b91bb029a4656 212c27cf14c8e52a00392521319462f0a660fee3 633ba16fa4ae95cc60b2a7dd1dceff0a235d31edc5340e6249ee9c0fcd96d0c8 Loading...

	promo.mondiamedia.com/ls-vc-games/proxy/promo-ssa/ssa/mm-lp/ls/vc/playinc/generic/04/en/?subsTypeId=57020020&utm_source=7730&utm_campaign=LS_Vf_playinc_d_EN&track_id=track_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae&utm_sub_source=&utm_id=50952&agency=opticks	2.4 kB	2023-03-13	2023-03-13
Pretty URL promo.mondiamedia.com/ls-vc-games/proxy/promo-ssa/ssa/mm-lp/ls/vc/playinc/generic/04/en/?subsTypeId=57020020&utm_source=7730&utm_campaign=LS_Vf_playinc_d_EN&track_id=track_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae&utm_sub_source=&utm_id=50952&agency=opticks IP 104.20.27.241 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:27:08 Last Seen2023-03-13 14:27:08 Times Seen1 Hash eff0b9997faca4050f383ed891ee8366 3c5a81623b29ec9a97e6edd588f5af8861db2803 6cc5f318c74cfd67e8e1455b91341dd27f8468008f6cef1f62737b1be349ca22 Loading...

	promo.mondiamedia.com/ls-vc-games/proxy/promo-ssa/ssa/mm-lp/ls/vc/playinc/generic/04/en/?subsTypeId=57020020&utm_source=7730&utm_campaign=LS_Vf_playinc_d_EN&track_id=track_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae&utm_sub_source=&utm_id=50952&agency=opticks	128 B	2023-03-13	2023-05-19
Pretty URL promo.mondiamedia.com/ls-vc-games/proxy/promo-ssa/ssa/mm-lp/ls/vc/playinc/generic/04/en/?subsTypeId=57020020&utm_source=7730&utm_campaign=LS_Vf_playinc_d_EN&track_id=track_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae&utm_sub_source=&utm_id=50952&agency=opticks IP 104.20.27.241 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:27:08 Last Seen2023-05-19 22:04:25 Times Seen2 Hash 7d8e9d75fde024d474936d1a8a3aef93 3ed19852464f03e3503c763b3deb550989d698e2 42ad0dfc598742c3fca8586723f797b85f8a4c3ed7c3a5717bfa2460d15b7536 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5GH985M	121 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5GH985M IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:27:08 Last Seen2023-03-13 14:27:08 Times Seen1 Hash ed802a963cbf9073aef2884a83754384 594132316dd3c23843e548dd88baf18f7ef83ad7 a151eeadfc93324680593a8be72fd3bdb5ece8554df91b0bca954b424c63e5ce Loading...

	www.googletagmanager.com/gtag/js?id=G-K540BT2NZ0&l=dataLayer&cx=c	223 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-K540BT2NZ0&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:27:08 Last Seen2023-03-13 14:27:08 Times Seen1 Hash fc75995b9f8b2af4c25a166706e8108f a72571dcc9cc0c36cb183c7e20837f74fd7eefaa 2d234bd1a21dd01b3efb6cd6680f116db9f550434660401c99cb07f07dbd5dd9 Loading...

	promo.mondiamedia.com/ls-vc-games/proxy/promo-ssa/ssa/mm-lp/ls/vc/playinc/generic/04/en/?subsTypeId=57020020&utm_source=7730&utm_campaign=LS_Vf_playinc_d_EN&track_id=track_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae&utm_sub_source=&utm_id=50952&agency=opticks	316 B	2023-03-13	2023-03-13
Pretty URL promo.mondiamedia.com/ls-vc-games/proxy/promo-ssa/ssa/mm-lp/ls/vc/playinc/generic/04/en/?subsTypeId=57020020&utm_source=7730&utm_campaign=LS_Vf_playinc_d_EN&track_id=track_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae&utm_sub_source=&utm_id=50952&agency=opticks IP 104.20.27.241 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:27:08 Last Seen2023-03-13 14:27:08 Times Seen1 Hash 7af5e33c2a4e3f416bc76c361e7d0770 80a06038435bcbf4e456ffb9561f5e38dc7711bb 830160b4fec616bc0282a28114992505d844b43325b55d88d86c637ef3d9644f Loading...

		Size	First Seen	Last Seen
	#1 Eval - fd9a6ad8235a5b1f8291a0f682c4e641	60 B	2023-03-07	2024-03-23
Pretty Observations First Seen2023-03-07 12:57:29 Last Seen2024-03-23 17:52:27 Times Seen385 Hash fd9a6ad8235a5b1f8291a0f682c4e641 68be4f3dee54bfba9dbb673003d30cbc4c2663ae a5febe3286b6a155c7ff728e6cdac57d3cd37b93db132ec24e8f6e78c24e64a1 Loading...

HTTP Transactions (31)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 62de35a6c8e4efd7633fc5236b5b086f 6a92912a86dfcd0330d040cef06bef36889c76ab ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC" Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4358 Expires: Wed, 01 Feb 2023 22:24:26 GMT Date: Wed, 01 Feb 2023 21:11:48 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7e05c8461bd2dc5a149f71e2c465ea29 705983959c887e243cb55a8a1796757b579ee977 4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922" Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8755 Expires: Wed, 01 Feb 2023 23:37:43 GMT Date: Wed, 01 Feb 2023 21:11:48 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a8d45deaa7ebfcd996c2055dae592ab8 55befe074589fe7b39757c145968058162a8fc6b 50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7" Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6646 Expires: Wed, 01 Feb 2023 23:02:34 GMT Date: Wed, 01 Feb 2023 21:11:48 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 01 Feb 2023 20:36:02 GMT content-type: application/json age: 2146 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: PqxN1Xv5O8RNfz0xVq7xx7Nz6oyZk1z/A8pIsbUumR5hBBN+diebUB/x6bN/NjWp/dB0HTgWEPM= x-amz-request-id: ZWVXNXRW37NA7VDM content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 01 Feb 2023 20:22:48 GMT age: 2940 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Wed, 01 Feb 2023 21:11:48 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 01 Feb 2023 20:49:05 GMT age: 1363 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.globalsign.com/alphasslcasha256g4	104.18.21.226	200 OK	1.4 kB
URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.4 kB (1437 bytes) Hash a6f7fe7931bd734a9d8d75d9af5e6259 594c6f6e223df422a9df326fa1b48fab801c28ec 298df4fca330d67d104e200b1e7ec6c6d7ad87a3e96960fa406dc760e97770e2 HTTP Headers `POST /alphasslcasha256g4 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 01 Feb 2023 21:11:48 GMT Content-Type: application/ocsp-response Content-Length: 1437 Connection: keep-alive Expires: Sun, 05 Feb 2023 18:14:03 GMT ETag: "594c6f6e223df422a9df326fa1b48fab801c28ec" Last-Modified: Wed, 01 Feb 2023 18:14:04 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: REVALIDATED Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 792dae7f5eae0b61-OSL`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 8913af0be619500295008bb91f506660 a7b8068ba9aa506205a295b24458c2616997a0d1 6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A" Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19204 Expires: Thu, 02 Feb 2023 02:31:53 GMT Date: Wed, 01 Feb 2023 21:11:49 GMT Connection: keep-alive`

	ocsp.globalsign.com/alphasslcasha256g4	104.18.21.226	200 OK	1.4 kB
URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.4 kB (1437 bytes) Hash a6f7fe7931bd734a9d8d75d9af5e6259 594c6f6e223df422a9df326fa1b48fab801c28ec 298df4fca330d67d104e200b1e7ec6c6d7ad87a3e96960fa406dc760e97770e2 HTTP Headers `POST /alphasslcasha256g4 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 01 Feb 2023 21:11:49 GMT Content-Type: application/ocsp-response Content-Length: 1437 Connection: keep-alive Expires: Sun, 05 Feb 2023 18:14:03 GMT ETag: "594c6f6e223df422a9df326fa1b48fab801c28ec" Last-Modified: Wed, 01 Feb 2023 18:14:04 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 1 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 792dae853dba0b61-OSL`

	push.services.mozilla.com/	52.40.68.141	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 52.40.68.141:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 0gJ3q0iseFW09LlrU/CIXg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: UK0Ux/Qg3jFKSwKXu7e48eXdNa0=`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 2751084b42dd111d0a7f28241a77201b 680a9ac2f4cf451c9a8449c4df3587595ed9cc4c 1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 01 Feb 2023 21:11:49 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.googletagmanager.com/gtm.js?id=GTM-5GH985M	142.250.74.168	200 OK	45 kB
URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5GH985M IP 142.250.74.168:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (4534) Size 45 kB (44825 bytes) Hash f8b1acaf07ead7275b658847746ec121 d6b819d195afc55646ccaa1ebf3538d0e687366f 17c48c237903ca48495f6830b90412dfdbb76be669e82bbbc31eeb387b1d851d HTTP Headers `GET /gtm.js?id=GTM-5GH985M HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://promo.mondiamedia.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Wed, 01 Feb 2023 21:11:49 GMT expires: Wed, 01 Feb 2023 21:11:49 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 44825 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 2751084b42dd111d0a7f28241a77201b 680a9ac2f4cf451c9a8449c4df3587595ed9cc4c 1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 01 Feb 2023 21:11:50 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.sca1b.amazontrust.com/	54.230.245.118	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.118:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 0b2408f2553ff6caa44f43122152b18a 579f4f6ad357e52d6289d3d25a0e7b700ed0d24b 94bce097b7c77d299b29a40d6e4c50404306890721c41ebfda6d2e1145ad212c HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Wed, 01 Feb 2023 21:11:50 GMT Last-Modified: Wed, 01 Feb 2023 19:29:44 GMT Server: ECS (nyb/1D08) X-Cache: Miss from cloudfront Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: Rddzj7Zn28HFk9HmC21uulZz8_PeDmnSz4gFqUugFTuGcU8VKug_Tw== Age: 6126`

	ocsp.sca1b.amazontrust.com/	54.230.245.118	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.118:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 0b2408f2553ff6caa44f43122152b18a 579f4f6ad357e52d6289d3d25a0e7b700ed0d24b 94bce097b7c77d299b29a40d6e4c50404306890721c41ebfda6d2e1145ad212c HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Wed, 01 Feb 2023 21:11:50 GMT Last-Modified: Wed, 01 Feb 2023 19:41:49 GMT Server: ECS (dcb/7F83) X-Cache: Miss from cloudfront Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: XORJsbHRGgimIs-_K67nyU2mJdodvjWkXmUOqGP4Uh1scecafXhcWg== Age: 5401`

	img.dcbprotect.com/A370381590892574326402624422022468002400662662086/eyJ0aW1lIjoyNDQsInNpZ25hdHVyZSI6IjE2OTMifQ==	54.155.29.255	200 OK	189 B
URL HTTP/1.1 img.dcbprotect.com/A370381590892574326402624422022468002400662662086/eyJ0aW1lIjoyNDQsInNpZ25hdHVyZSI6IjE2OTMifQ== IP 54.155.29.255:0 ASN #16509 AMAZON-02 File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with no line terminators Size 189 B (189 bytes) Hash 350f3f42fe4bac928be53d4d54014f95 f77c6c8bc575e0652111475d769019c2f9976e5f 6188dd65f314b66f9a73b8aa9844191fc5e433cf3cc52d10452989d90b84c5c8 HTTP Headers `GET /A370381590892574326402624422022468002400662662086/eyJ0aW1lIjoyNDQsInNpZ25hdHVyZSI6IjE2OTMifQ== HTTP/1.1 Host: img.dcbprotect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://promo.mondiamedia.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Date: Wed, 01 Feb 2023 21:11:50 GMT Content-Type: image/svg+xml Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept`

	img.dcbprotect.com/pixel.ico	54.155.29.255	200 OK	189 B
URL HTTP/1.1 img.dcbprotect.com/pixel.ico IP 54.155.29.255:0 ASN #16509 AMAZON-02 File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with no line terminators Size 189 B (189 bytes) Hash 350f3f42fe4bac928be53d4d54014f95 f77c6c8bc575e0652111475d769019c2f9976e5f 6188dd65f314b66f9a73b8aa9844191fc5e433cf3cc52d10452989d90b84c5c8 HTTP Headers `GET /pixel.ico HTTP/1.1 Host: img.dcbprotect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Language: A370381590892574326402624422022468002400662662086 Origin: https://promo.mondiamedia.com Connection: keep-alive Referer: https://promo.mondiamedia.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Date: Wed, 01 Feb 2023 21:11:50 GMT Content-Type: image/svg+xml Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept,Content-Language ETag: bf9d7b0d49e86b6ccbbf72ce0e9d05e4fdbbd8e10fda5606a6fe1faf49837a3c5ccd37f3da7e16bcc540cfd67e3377a9fcbb71c785f09815f2030613a140cd99`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2607 Expires: Wed, 01 Feb 2023 21:55:17 GMT Date: Wed, 01 Feb 2023 21:11:50 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2607 Expires: Wed, 01 Feb 2023 21:55:17 GMT Date: Wed, 01 Feb 2023 21:11:50 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2607 Expires: Wed, 01 Feb 2023 21:55:17 GMT Date: Wed, 01 Feb 2023 21:11:50 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg	34.120.237.76	200 OK	14 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 14 kB (14041 bytes) Hash 78fe9a77211d6f9a462f625af0c6f9bc ac0b58423d7578e7a1b60a62220c0a57924dda82 e047466c3ae0a55509f4ace49d0476f94271b5a25e71caa3b06ec468a238b652 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 14041 x-amzn-requestid: 2be6655d-3b0e-4e65-b44b-11682610b640 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: foJaRGFpIAMFbMQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d9890e-5554d18d5db235913afa77a2;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: Km0BBaLEp1c0ILsoxXxRrZSDz4DlkTzb3PZVawZIaEqhf6GILtNdcw== via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google date: Wed, 01 Feb 2023 06:36:17 GMT age: 52533 etag: "ac0b58423d7578e7a1b60a62220c0a57924dda82" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg	34.120.237.76	200 OK	9.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.6 kB (9600 bytes) Hash 3366ef4f8733cb9c89a5c88f63a0a441 7da46843b6d885f38a4759a08e6c899906ab7b97 7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9600 x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fVsWcFN7IAMF2pg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0 x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Wed, 01 Feb 2023 02:29:58 GMT age: 67312 etag: "7da46843b6d885f38a4759a08e6c899906ab7b97" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg	34.120.237.76	200 OK	6.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.8 kB (6819 bytes) Hash ec7e808a5e82552c46c3417a5b32b836 f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd f16d982224dfeb0753eaf9d4eb87d80fd1111f682fd8fa36f3177aad5bf926a4 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6819 x-amzn-requestid: a0368695-4182-40bd-9a28-c50ae783a7a5 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: foJaRHGnoAMF0Ow= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d9890e-624285eb16110b8c2360dec5;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: daAf58GNG6Oy-ov_8TUeXnTcvZyW5eL_qwWz7dapr2Sy_5XSiS-3Mw== via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 21:42:56 GMT age: 84534 etag: "f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg	34.120.237.76	200 OK	5.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.7 kB (5736 bytes) Hash 2998f7f50ac0eec931c348e8a0fb0c60 f5e411cda74cb7fb4a662f4787e9543b9749c8b5 0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5736 x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ffEtEGk_oAMFYPA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 4yxwz2MFTdpb8I56VVbFU2Zz0qG_uHcYc3aDtn6boQPjhw7UFLLnYw== via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google date: Wed, 01 Feb 2023 10:37:09 GMT age: 38081 etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg	34.120.237.76	200 OK	16 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 16 kB (15857 bytes) Hash 4bb3a6fba496d54cdbbccaf2b9600386 8e30002699e9fbf2047f9ac11a36d2175fc9c591 927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 15857 x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fmJ2JGGWoAMFSLA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: pU_436f27nMZKPxZZWqZekERHFTvcG5NT5p_CYEXHRPtIWjDtSA-uA== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Wed, 01 Feb 2023 07:27:41 GMT age: 49449 etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg	34.120.237.76	200 OK	8.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.6 kB (8597 bytes) Hash 27e95b7912edc909d6b031e36fe83534 eb27fae0bb17dbe0929a620002195233ef50c1d0 b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8597 x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fcRaNEW4IAMFatA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0 x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google date: Wed, 01 Feb 2023 12:57:00 GMT age: 29690 etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	region1.google-analytics.com/g/collect?v=2&tid=G-K540BT2NZ0&gtm=2oe1u0&_p=2112987037&cid=7936225.1675285934&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675285933&sct=1&seg=0&dl=https%3A%2F%2Fpromo.mondiamedia.com%2Fls-vc-games%2Fproxy%2Fpromo-ssa%2Fssa%2Fmm-lp%2Fls%2Fvc%2Fplayinc%2Fgeneric%2F04%2Fen%2F%3FsubsTypeId%3D57020020%26utm_source%3D7730%26utm_campaign%3DLS_Vf_playinc_d_EN%26track_id%3Dtrack_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae%26utm_sub_source%3D%26utm_id%3D50952%26agency%3Dopticks&dt=Vodacom_playinc_VC_LS_Vodacom%20Playinc_en_4&en=page_view&_fv=1&_nsi=1&_ss=1	216.239.34.36	204 No Content	0 B
URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-K540BT2NZ0&gtm=2oe1u0&_p=2112987037&cid=7936225.1675285934&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675285933&sct=1&seg=0&dl=https%3A%2F%2Fpromo.mondiamedia.com%2Fls-vc-games%2Fproxy%2Fpromo-ssa%2Fssa%2Fmm-lp%2Fls%2Fvc%2Fplayinc%2Fgeneric%2F04%2Fen%2F%3FsubsTypeId%3D57020020%26utm_source%3D7730%26utm_campaign%3DLS_Vf_playinc_d_EN%26track_id%3Dtrack_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae%26utm_sub_source%3D%26utm_id%3D50952%26agency%3Dopticks&dt=Vodacom_playinc_VC_LS_Vodacom%20Playinc_en_4&en=page_view&_fv=1&_nsi=1&_ss=1 IP 216.239.34.36:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /g/collect?v=2&tid=G-K540BT2NZ0&gtm=2oe1u0&_p=2112987037&cid=7936225.1675285934&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675285933&sct=1&seg=0&dl=https%3A%2F%2Fpromo.mondiamedia.com%2Fls-vc-games%2Fproxy%2Fpromo-ssa%2Fssa%2Fmm-lp%2Fls%2Fvc%2Fplayinc%2Fgeneric%2F04%2Fen%2F%3FsubsTypeId%3D57020020%26utm_source%3D7730%26utm_campaign%3DLS_Vf_playinc_d_EN%26track_id%3Dtrack_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae%26utm_sub_source%3D%26utm_id%3D50952%26agency%3Dopticks&dt=Vodacom_playinc_VC_LS_Vodacom%20Playinc_en_4&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://promo.mondiamedia.com Connection: keep-alive Referer: https://promo.mondiamedia.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 204 No Content access-control-allow-origin: https://promo.mondiamedia.com date: Wed, 01 Feb 2023 21:11:51 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	notify.dcbprotect.com/A370381590892574326402624422022468002400662662086	54.155.29.255	200 OK	20 B
URL HTTP/1.1 notify.dcbprotect.com/A370381590892574326402624422022468002400662662086 IP 54.155.29.255:0 ASN #16509 AMAZON-02 File type data Size 20 B (20 bytes) Hash 7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2 HTTP Headers POST /A370381590892574326402624422022468002400662662086 HTTP/1.1 Host: notify.dcbprotect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded Content-Length: 23775 Origin: https://promo.mondiamedia.com Connection: keep-alive Referer: https://promo.mondiamedia.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site `HTTP/1.1 200 OK Date: Wed, 01 Feb 2023 21:11:51 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept Content-Encoding: gzip`

	runsafeads.com/l/5095209e6e7fe182cb?code=nojs&	62.212.87.243	303 See Other	0 B
URL HTTP/1.1 runsafeads.com/l/5095209e6e7fe182cb?code=nojs& IP 62.212.87.243:0 ASN #60781 LeaseWeb Netherlands B.V. File type Size 0 B (0 bytes) Hash HTTP Headers `GET /l/5095209e6e7fe182cb?code=nojs& HTTP/1.1 Host: runsafeads.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 303 See Other Connection: close Date: Wed, 01 Feb 2023 21:11:48 GMT Location: https://promo.mondiamedia.com/ls-vc-games/proxy/promo-ssa/ssa/mm-lp/ls/vc/playinc/generic/04/en/?subsTypeId=57020020&utm_source=7730&utm_campaign=LS_Vf_playinc_d_EN&track_id=track_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae&utm_sub_source=&utm_id=50952&agency=opticks`

	promo.mondiamedia.com/ls-vc-games/proxy/promo-ssa/ssa/mm-lp/ls/vc/playinc/generic/04/en/?subsTypeId=57020020&utm_source=7730&utm_campaign=LS_Vf_playinc_d_EN&track_id=track_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae&utm_sub_source=&utm_id=50952&agency=opticks	104.20.27.241	200 OK	0 B
URL HTTP/2 promo.mondiamedia.com/ls-vc-games/proxy/promo-ssa/ssa/mm-lp/ls/vc/playinc/generic/04/en/?subsTypeId=57020020&utm_source=7730&utm_campaign=LS_Vf_playinc_d_EN&track_id=track_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae&utm_sub_source=&utm_id=50952&agency=opticks IP 104.20.27.241:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /ls-vc-games/proxy/promo-ssa/ssa/mm-lp/ls/vc/playinc/generic/04/en/?subsTypeId=57020020&utm_source=7730&utm_campaign=LS_Vf_playinc_d_EN&track_id=track_20230201211148_e55951aa_4a1d_4420_a07a_95007f7204ae&utm_sub_source=&utm_id=50952&agency=opticks HTTP/1.1 Host: promo.mondiamedia.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 200 OK date: Wed, 01 Feb 2023 21:11:49 GMT content-type: text/html; charset=utf-8 x-frame-options: DENY content-security-policy: frame-ancestors 'none'; cache-control: public, max-age=1800 x-mm-isfp: false x-xss-protection: 1; mode=block x-content-type-options: nosniff vary: accept-encoding cf-cache-status: MISS last-modified: Wed, 01 Feb 2023 21:11:49 GMT server: cloudflare cf-ray: 792dae831d26b51d-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML