Report - za.continuetoplay.com/5mxi0/w/2149803/

Report Overview

Submitted URL
za.continuetoplay.com/5mxi0/w/2149803/
IP
54.230.111.8
ASN
#16509 AMAZON-02
Submitted
2023-03-26 12:06:55
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
7
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
api.basebone.com	756673	2013-04-18T14:15:14Z	2023-03-27T21:43:13Z	408 B	296 B	80.74.141.5
notify.dcbprotect.com	112896	2018-06-07T00:28:10Z	2023-03-28T09:47:56Z	440 B	300 B	54.155.29.255
region1.analytics.google.com	unknown	2022-03-17T12:26:33Z	2023-03-29T09:02:58Z	1.2 kB	451 B	216.239.34.36
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.4 kB	6.2 kB	23.36.77.32
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	44.226.75.135
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	52 kB	34.120.237.76
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-29T13:00:14Z	1.4 kB	2.4 kB	139.45.195.8
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	2.1 kB	4.2 kB	142.250.74.131
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-29T09:59:29Z	489 B	578 B	216.58.207.227
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-29T09:08:31Z	496 B	451 B	173.194.221.155
za.continuetoplay.com	unknown	2022-06-02T21:35:46Z	2023-03-27T15:07:55Z	1.2 kB	47 kB	54.230.111.8
www.googleoptimize.com	1604	2019-07-16T12:17:19Z	2023-03-29T14:00:31Z	389 B	46 kB	142.250.74.46
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-29T05:44:04Z	386 B	63 kB	142.250.74.168
basebonecdn.com	unknown	2018-05-03T19:05:33Z	2023-03-27T21:43:10Z	691 B	51 kB	104.21.10.184

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-26 12:07:00	high	Client IP	108.177.14.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-03-26 12:07:00	high	Client IP	108.177.14.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-03-26 12:07:00	high	Client IP	108.177.14.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-03-26 12:07:01	high	Client IP	108.177.14.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-03-26 12:07:02	high	Client IP	108.177.14.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-03-26 12:07:03	high	Client IP	108.177.14.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-03-26 12:07:06	high	Client IP	108.177.14.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=G-LF1R1KY13H	224 kB	2023-03-29	2023-03-29
Pretty URL www.googletagmanager.com/gtag/js?id=G-LF1R1KY13H IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:00:10 Last Seen2023-03-29 23:00:10 Times Seen1 Hash 450c9807976daa7e28355bfb49818d15 a30c5427576a768db88fb14b934a43eeb88b564b 251bd1cf562067806f3aa152e9518344a4c3dcd76ddde2393b0b226d2dd139c1 Loading...

	za.continuetoplay.com/5mxi0/w/2149803/	1.2 kB	2023-03-29	2023-03-29
Pretty URL za.continuetoplay.com/5mxi0/w/2149803/ IP 54.230.111.8 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:00:10 Last Seen2023-03-29 23:00:10 Times Seen1 Hash 22d3b04d1c2ad4276013d6a068a25ec6 31a3c04d17f4e7ccc1f3209a1d750c329cf6ce4d e9ce0070448c3ee9a15f7246aa76df84bfed557b4e17eb8094417b9012e3c210 Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 12:40:09 Times Seen37038629 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	za.continuetoplay.com/5mxi0/w/2149803/	1.6 kB	2023-03-29	2023-03-29
Pretty URL za.continuetoplay.com/5mxi0/w/2149803/ IP 54.230.111.8 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:00:10 Last Seen2023-03-29 23:00:10 Times Seen1 Hash 13991f3d49dad9086ac4f047c48520b7 49ee1ddeba83c138cb086c0a174b74583fd1ea15 8fa4fac77891f1323294de3f5b2327518afb7fd432e295fcefeca0e409caff7f Loading...

	za.continuetoplay.com/5mxi0/w/2149803/	2.4 kB	2023-03-29	2023-03-29
Pretty URL za.continuetoplay.com/5mxi0/w/2149803/ IP 54.230.111.8 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:00:10 Last Seen2023-03-29 23:00:10 Times Seen1 Hash b9f8181ef9500169b60bbe507a60ea9f e4a0f90ba49db961a648f928bd5dd169ea1fbd6e 5d184ce3eb50c01595d8d1453ed84b9787b173c437564729953f29787fd7dafa Loading...

	www.googletagmanager.com/gtm.js?id=GTM-MF387SN	201 kB	2023-03-29	2023-03-29
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-MF387SN IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:00:10 Last Seen2023-03-29 23:00:10 Times Seen1 Hash abbdb4364b06ce39f5e1a99dedeb3e3a 527fc1fcb5bac1337511e0e94bf47c96a9bb3509 88e301fd59289e7a2f0b1289c42f214d56e3894cf22b1a9993130d93db4d8477 Loading...

	za.continuetoplay.com/5mxi0/w/2149803/	49 B	2023-03-08	2023-08-27
Pretty URL za.continuetoplay.com/5mxi0/w/2149803/ IP 54.230.111.8 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:58:21 Last Seen2023-08-27 23:38:32 Times Seen46 Hash a7e996682c93b4ec672497e5ab58f19e e735feeb2126261122fe38efd9e27286aebcf195 460a77a747e0fc9bbfbc8e338c44a2e50a81a5f099c0904ef8b6de6ba455350f Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=e4433d196201dabb3d3131ccb7cd09dc39b5898761466ff24d75e42ccade3155	697 B	2023-03-08	2023-08-11
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=e4433d196201dabb3d3131ccb7cd09dc39b5898761466ff24d75e42ccade3155 IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:09:58 Last Seen2023-08-11 04:20:15 Times Seen16 Hash a6d255f2eb0b2c7d64159cef20667aec 14c29b6145a612e72bd1dc59bb0ccb55415c530b 910c9a08dbacc4603c934adbc5b6f057c2c37833d1e0bc5bee5465eee94bfea9 Loading...

	www.googletagmanager.com/gtag/js?id=G-LF1R1KY13H&l=dataLayer&cx=c	224 kB	2023-03-29	2023-03-29
Pretty URL www.googletagmanager.com/gtag/js?id=G-LF1R1KY13H&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:00:10 Last Seen2023-03-29 23:00:10 Times Seen1 Hash f67edea5703da8ca46bf9c02de09c7b3 0a480f89e34bcdfd9b6bc433414c94132c35a0d3 d77801460ed7e2c8641a9d698a63ade20ff7419321b6e98b9ba311fce3eb9e22 Loading...

	za.continuetoplay.com/5mxi0/w/2149803/	675 B	2023-03-09	2023-06-09
Pretty URL za.continuetoplay.com/5mxi0/w/2149803/ IP 54.230.111.8 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 04:07:36 Last Seen2023-06-09 15:19:48 Times Seen5 Hash a19c771dadf81b8480c7631e183bc477 23caf0421fdcf77ca0873e3a7ca760643a0e77e9 abd8a13ededd82c15dc89544fec43f10b3e5f28e6ab201e1b80526678175615e Loading...

	za.continuetoplay.com/5mxi0/w/2149803/	6.3 kB	2023-03-29	2023-08-12
Pretty URL za.continuetoplay.com/5mxi0/w/2149803/ IP 54.230.111.8 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:54:54 Last Seen2023-08-12 15:28:42 Times Seen24 Hash 1659ce984ca6bd0139ebb7009f125246 bb92268a99e2e9f099b1f9ff08725b403063bdf4 097d2fc9610c71da9e1abf1211d4055fd71ef40419da9ba55b1573275ff37959 Loading...

	za.continuetoplay.com/5mxi0/w/2149803/	1.4 kB	2023-03-08	2023-08-11
Pretty URL za.continuetoplay.com/5mxi0/w/2149803/ IP 54.230.111.8 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:58:21 Last Seen2023-08-11 04:20:15 Times Seen23 Hash 1cd64d160c9378f6f62e46872807a64e 1b0d870f8c4283cac1f82fda13f395040b97fc96 3c6c5e02bfbed4de0ddf0d5c49fe3a4f948cabedc6205a116e76e6322e2884fa Loading...

	www.googleoptimize.com/optimize.js?id=OPT-WTX2SLW	115 kB	2023-03-29	2023-03-29
Pretty URL www.googleoptimize.com/optimize.js?id=OPT-WTX2SLW IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:00:10 Last Seen2023-03-29 23:23:29 Times Seen2 Hash c4559ec99c945d368169ca3dc0fdb44d 20b8578c0030f9bd2b17cabdce43b7e788518f8d 708012837be931da9fc581a783f44e5d90ec7c7d96578603ee09a82fc82e2a5e Loading...

	www.googletagmanager.com/gtag/destination?id=G-LF1R1KY13H&l=dataLayer&cx=c	224 kB	2023-03-29	2023-03-29
Pretty URL www.googletagmanager.com/gtag/destination?id=G-LF1R1KY13H&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:00:10 Last Seen2023-03-29 23:00:10 Times Seen1 Hash 769efd2ccca7afb27b9d09115f2e6347 1ab790cc7da44cd009f842d3e8a5b8faf2a1569b 0b11be5171cc55d1323832cdfadc2fa254ac5f10015c3efdba10058ebb2cc41a Loading...

		Size	First Seen	Last Seen
	#1 Write - 8117ae749a27148da404ea59c6ecbaec	424 B	2023-03-14	2023-04-02
Pretty Observations First Seen2023-03-14 07:56:07 Last Seen2023-04-02 21:29:09 Times Seen84 Hash 8117ae749a27148da404ea59c6ecbaec 19746beac6d71e0d5081a9c4f9d8bf1572fb5d1a c22eeb931e61dfd5806e0d51723d903f97779d7aaa54c806ddfb32bec49d028c Loading...

HTTP Transactions (39)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5d9435c884bf4a0777fdf4b57079ae09 7f04b9db47ffeec90ac6397416b7553e5336a550 fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084" Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4802 Expires: Sun, 26 Mar 2023 13:26:46 GMT Date: Sun, 26 Mar 2023 12:06:44 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfd491ebe7381221b3674c2c8bf9e566 d2ac5badf17f348c28a52e9db10e6eb80e5a231a 34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C" Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6778 Expires: Sun, 26 Mar 2023 13:59:42 GMT Date: Sun, 26 Mar 2023 12:06:44 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1313ee2f06606d09c45b06ff9e8e1001 285ca89d1d3ea45d35832bc6d9827f834b3bfe21 63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0" Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17973 Expires: Sun, 26 Mar 2023 17:06:17 GMT Date: Sun, 26 Mar 2023 12:06:44 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 84db75194692d4afe13196bda6f22da8 4c1f49bc973a4917f146d93c8d598344edc021f6 a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 26 Mar 2023 11:15:35 GMT content-type: application/json age: 3069 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: zqD8MTgHHSXfTHvTj3UK+7xovsvzAqwGmGoEQSmU86zCxZjay5tEpLgmSW5YTuDayuq4iws15HU= x-amz-request-id: PXWWHGDZAAVB5ZVZ x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 26 Mar 2023 11:55:18 GMT age: 686 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sun, 26 Mar 2023 12:06:44 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	za.continuetoplay.com/5mxi0/w/2149803/	54.230.111.8	200 OK	44 kB
URL HTTP/1.1 za.continuetoplay.com/5mxi0/w/2149803/ IP 54.230.111.8:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (57957) Size 44 kB (44025 bytes) Hash 831e8bef337a7ba6eb7ad9236377069c a536d5d748bdbaded35ec97c4df9e757253544ab 455ea01f9d2ea1aeb15ce74353aacc1a575431247d8ee626ccea512e2a788311 HTTP Headers `GET /5mxi0/w/2149803/ HTTP/1.1 Host: za.continuetoplay.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Content-Length: 44025 Connection: keep-alive Date: Sun, 26 Mar 2023 12:06:44 GMT Server: Apache Set-Cookie: router_id=b1045257d485339; expires=Sun, 02-Apr-2023 12:06:44 GMT; Max-Age=604800; path=/ SES=4848166193; expires=Mon, 27-Mar-2023 12:06:44 GMT; Max-Age=86400; path=/5mxi0/w/2149803/ uv=1; path=/ LPSID=CB3; path=/ Expires: Sat, 26 Jul 1997 05:00:00 GMT Cache-Control: no-cache, must-revalidate, no-transform X-Frame-Options: DENY Content-Security-Policy: frame-ancestors 'none' X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none Vary: Accept-Encoding Content-Encoding: gzip X-Cache: Miss from cloudfront Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: dX9RiYcYQl50IGvotIy56-BY0H7Q0O-a2bKd8B66-RNi1fIceLlp1g==

	za.continuetoplay.com/ui/device/	54.230.111.8	200 OK	0 B
URL HTTP/1.1 za.continuetoplay.com/ui/device/ IP 54.230.111.8:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /ui/device/ HTTP/1.1 Host: za.continuetoplay.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Is-Ajax: true Content-Type: application/x-www-form-urlencoded Content-Length: 156 Origin: http://za.continuetoplay.com Connection: keep-alive Referer: http://za.continuetoplay.com/5mxi0/w/2149803/ Cookie: router_id=b1045257d485339; uv=1; LPSID=CB3` HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive Date: Sun, 26 Mar 2023 12:06:45 GMT Server: Apache Set-Cookie: router_id=b1045257d485339; expires=Sun, 02-Apr-2023 12:06:45 GMT; Max-Age=604800; path=/ Access-Control-Allow-Origin: http://za.continuetoplay.com Access-Control-Allow-Methods: POST X-Cache: Miss from cloudfront Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 9hklmU5rRs4pqyo5zdP55NHjMlVi4NgvkwwUQQRe97eVgVwTTZJ-FA==

	my.rtmark.net/p.js?f=sync&lr=1&partner=e4433d196201dabb3d3131ccb7cd09dc39b5898761466ff24d75e42ccade3155	139.45.195.8	302 Moved Temporarily	138 B
URL HTTP/1.1 my.rtmark.net/p.js?f=sync&lr=1&partner=e4433d196201dabb3d3131ccb7cd09dc39b5898761466ff24d75e42ccade3155 IP 139.45.195.8:0 ASN #9002 RETN Limited File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 138 B (138 bytes) Hash aff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0 HTTP Headers `GET /p.js?f=sync&lr=1&partner=e4433d196201dabb3d3131ccb7cd09dc39b5898761466ff24d75e42ccade3155 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://za.continuetoplay.com/` `HTTP/1.1 302 Moved Temporarily Server: nginx Date: Sun, 26 Mar 2023 12:06:45 GMT Content-Type: text/html Content-Length: 138 Connection: keep-alive Location: https://my.rtmark.net/p.js?f=sync&lr=1&partner=e4433d196201dabb3d3131ccb7cd09dc39b5898761466ff24d75e42ccade3155 Strict-Transport-Security: max-age=1 X-Content-Type-Options: nosniff Timing-Allow-Origin: *`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash e6775cb573aaee995c89d41b6be93723 cad165485f34023136370b32999077f4928c68c5 c14056ae20c7cd552209571a3430df2711ec94a5f8ee42c1693a3bf2d04b30ce HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 26 Mar 2023 12:06:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.googleoptimize.com/optimize.js?id=OPT-WTX2SLW	142.250.74.46	200 OK	45 kB
URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-WTX2SLW IP 142.250.74.46:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (2206) Size 45 kB (44943 bytes) Hash 1af588736052481f7619ac87c24f4dd2 d024dd3255ddb8eb894fd42c02d68a82b6d577b8 893883b6f23868deefb2accff77b52536c4e5f2f8528a3aa652b35b6ce3f2066 HTTP Headers `GET /optimize.js?id=OPT-WTX2SLW HTTP/1.1 Host: www.googleoptimize.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://za.continuetoplay.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 26 Mar 2023 12:06:45 GMT expires: Sun, 26 Mar 2023 12:06:45 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 44943 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtm.js?id=GTM-MF387SN	142.250.74.168	200 OK	62 kB
URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MF387SN IP 142.250.74.168:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (40004) Size 62 kB (62072 bytes) Hash 9105810853e671084c9c5fafc102ab6d 7adc0bf6cb243e8759377fdf850b226d542ea9d7 4785ab7d8f7aa21f5ab3c78bead8a56e16bff99df1042256fd4d4bb3d075c88f HTTP Headers `GET /gtm.js?id=GTM-MF387SN HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://za.continuetoplay.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 26 Mar 2023 12:06:45 GMT expires: Sun, 26 Mar 2023 12:06:45 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 62072 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash d770f5584a4585480ee500b7f0a98127 130c174d0f9dc2e24ec054f907b2de52fc2e9136 a7101799b8895a3395bf5feac2258c577e513f577d75768ee6fa41ca89027f20 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A7101799B8895A3395BF5FEAC2258C577E513F577D75768EE6FA41CA89027F20" Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3548 Expires: Sun, 26 Mar 2023 13:05:53 GMT Date: Sun, 26 Mar 2023 12:06:45 GMT Connection: keep-alive`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash e6775cb573aaee995c89d41b6be93723 cad165485f34023136370b32999077f4928c68c5 c14056ae20c7cd552209571a3430df2711ec94a5f8ee42c1693a3bf2d04b30ce HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 26 Mar 2023 12:06:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	my.rtmark.net/p.js?f=sync&lr=1&partner=e4433d196201dabb3d3131ccb7cd09dc39b5898761466ff24d75e42ccade3155	139.45.195.8	200 OK	697 B
URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=e4433d196201dabb3d3131ccb7cd09dc39b5898761466ff24d75e42ccade3155 IP 139.45.195.8:0 ASN #9002 RETN Limited File type ASCII text Size 697 B (697 bytes) Hash a6d255f2eb0b2c7d64159cef20667aec 14c29b6145a612e72bd1dc59bb0ccb55415c530b 910c9a08dbacc4603c934adbc5b6f057c2c37833d1e0bc5bee5465eee94bfea9 HTTP Headers `GET /p.js?f=sync&lr=1&partner=e4433d196201dabb3d3131ccb7cd09dc39b5898761466ff24d75e42ccade3155 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://za.continuetoplay.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: nginx date: Sun, 26 Mar 2023 12:06:45 GMT content-type: text/javascript content-length: 697 access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2

	basebonecdn.com/media/images/logos/2022/stream.baseplay.co_logo_white.svg	104.21.10.184	200 OK	2.5 kB
URL HTTP/1.1 basebonecdn.com/media/images/logos/2022/stream.baseplay.co_logo_white.svg IP 104.21.10.184:0 ASN #13335 CLOUDFLARENET File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (5439), with no line terminators Size 2.5 kB (2518 bytes) Hash 3766b2f4fc55c86584bdd0e524ae3849 42ef69b9658c160c50c59cf69e696727b2d54a92 00dfdad9bdfb9e85f6850e149392dabcf68ce2a0948f4a2fe267ffadb01cbded HTTP Headers `GET /media/images/logos/2022/stream.baseplay.co_logo_white.svg HTTP/1.1 Host: basebonecdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://za.continuetoplay.com/` HTTP/1.1 200 OK Date: Sun, 26 Mar 2023 12:06:45 GMT Content-Type: image/svg+xml Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Tue, 03 May 2022 06:55:44 GMT x-amz-version-id: jk8FXp_YQU07nKfA5pdjIBHbKgD4aiwQ Content-Encoding: gzip ETag: W/"7a866746db91970a763e0e4720370124" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 780489eb078b12b535ed56179d4e97fe.cloudfront.net (CloudFront) X-Amz-Cf-Pop: VIE50-P1 X-Amz-Cf-Id: I_aY7hnxVSSX93liU6j-HYfs5wO4sdkO4W1WaMV8koywnMZsvb5ViQ== Cache-Control: max-age=86400 CF-Cache-Status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FANg528AtnxaRIVsfKQXvUWUEFixWQr%2B9yE7NLiVPjs6MF5A3Ob61L4VRRBYw5%2Fbg0rQNTW6m6QQVT99STwCjyKQuoY8r%2B4GpN3r9RHS4kWIPhfVTFVS9XnXO4vYqEfv3RM%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7adf44f4ee7cb500-OSL alt-svc: h2=":443"; ma=60

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 26 Mar 2023 11:17:24 GMT age: 2961 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	basebonecdn.com/media/images/music/music_lp_za_9_3_2.gif	104.21.10.184	200 OK	47 kB
URL HTTP/1.1 basebonecdn.com/media/images/music/music_lp_za_9_3_2.gif IP 104.21.10.184:0 ASN #13335 CLOUDFLARENET File type GIF image data, version 89a, 228 x 230\012- data Size 47 kB (46586 bytes) Hash 0b2b309ea02f5ac5e493c18962e4cab9 007aa1913b8ed35dab2499d38c640ce580cbaea4 4e9376d8d48ce970597616126e772990fcc07d4809ea07084dc3288ca2f3d2f8 HTTP Headers `GET /media/images/music/music_lp_za_9_3_2.gif HTTP/1.1 Host: basebonecdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://za.continuetoplay.com/` HTTP/1.1 200 OK Date: Sun, 26 Mar 2023 12:06:45 GMT Content-Type: image/gif Content-Length: 46586 Connection: keep-alive Last-Modified: Tue, 21 May 2019 13:58:23 GMT ETag: "0b2b309ea02f5ac5e493c18962e4cab9" x-amz-version-id: ajKZxG20.VDKj7coGQGuXIO4q0jQ3Jtb X-Cache: Miss from cloudfront Via: 1.1 1c6954b6a2b349a78fb0daa669c3e984.cloudfront.net (CloudFront) X-Amz-Cf-Pop: VIE50-P1 X-Amz-Cf-Id: 2x1XTEFyWejlsFt02oswKAbL-floaRv-13M1jeaJ7Z2BgfKjkwB1Zg== Cache-Control: max-age=86400 CF-Cache-Status: MISS Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y107tqS2DbgrFu2kw9isWFzAhv%2F0zWJ%2Brf88YhtReYfQKdt8Xkpg07JUubFM1MCrclTZfKALbESNE7%2FgyyPJ%2Bv%2FirLAdmA1SvHUzUzKOS9Z35Vt6k83IhAW0SnnGzzuYl2g%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7adf44f4ec5b0b41-OSL alt-svc: h2=":443"; ma=60

	za.continuetoplay.com/favicon.ico	54.230.111.8	200 OK	1.4 kB
URL HTTP/1.1 za.continuetoplay.com/favicon.ico IP 54.230.111.8:0 ASN #16509 AMAZON-02 File type MS Windows icon resource - 1 icon, 16x16\012- data Size 1.4 kB (1406 bytes) Hash 011201ab56695ce86ea2f190bce2670b bb8fad6accf293e619360935047c23f00da3c769 a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e HTTP Headers `GET /favicon.ico HTTP/1.1 Host: za.continuetoplay.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://za.continuetoplay.com/5mxi0/w/2149803/ Cookie: router_id=b1045257d485339; uv=1; LPSID=CB3` `HTTP/1.1 200 OK Content-Type: image/vnd.microsoft.icon Content-Length: 1406 Connection: keep-alive Date: Sun, 26 Mar 2023 12:06:45 GMT Server: Apache Last-Modified: Thu, 15 Dec 2022 11:13:00 GMT ETag: "57e-5efdbef99b86b" Accept-Ranges: bytes X-Cache: Miss from cloudfront Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: K30ABG2FK2OaQ9c1NCgyaf_8mqHqmbRoA-QHVr8w-dnvA5Rx_kzeOg==`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 717ebcc65cb1390c2509851bac7b5878 1e04e3058329f3809bc01022d441172dcacc1aaa 3c8d41efe14dc75e001ce50aae65e133d90bcb2e2f86b2426cefe7abe4c7b588 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "3C8D41EFE14DC75E001CE50AAE65E133D90BCB2E2F86B2426CEFE7ABE4C7B588" Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9965 Expires: Sun, 26 Mar 2023 14:52:50 GMT Date: Sun, 26 Mar 2023 12:06:45 GMT Connection: keep-alive`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ef8608ef03d2e48c9cd6b665e8b3a946 894e7d4897dabb155138a7cbad323943c0c95122 b1a0d70bdae876e192cb4b9ba7c7f8fb7064ef3796a5d48e14c7b014789f63c8 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 26 Mar 2023 12:06:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	my.rtmark.net/img.gif?f=sync&partner=e4433d196201dabb3d3131ccb7cd09dc39b5898761466ff24d75e42ccade3155&ttl=&rurl=http%3A%2F%2Fza.continuetoplay.com%2F5mxi0%2Fw%2F2149803%2F	139.45.195.8	200 OK	43 B
URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=e4433d196201dabb3d3131ccb7cd09dc39b5898761466ff24d75e42ccade3155&ttl=&rurl=http%3A%2F%2Fza.continuetoplay.com%2F5mxi0%2Fw%2F2149803%2F IP 139.45.195.8:0 ASN #9002 RETN Limited File type GIF image data, version 89a, 1 x 1\012- data Size 43 B (43 bytes) Hash b4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 HTTP Headers GET /img.gif?f=sync&partner=e4433d196201dabb3d3131ccb7cd09dc39b5898761466ff24d75e42ccade3155&ttl=&rurl=http%3A%2F%2Fza.continuetoplay.com%2F5mxi0%2Fw%2F2149803%2F HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://za.continuetoplay.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK server: nginx date: Sun, 26 Mar 2023 12:06:46 GMT content-type: image/gif content-length: 43 access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=958e7dadca474c878004580787715f8c; expires=Mon, 25 Mar 2024 12:06:46 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2

	push.services.mozilla.com/	44.226.75.135	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 44.226.75.135:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: cfUl9xX9//k12NQ8RHfg0w== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: MOO0vlHIQspFFwjw1n/HLcsivgk=`

	www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LF1R1KY13H&cid=1303820237.1679832421&gtm=45je33m0&aip=1&z=1216702422	216.58.207.227	200 OK	42 B
URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LF1R1KY13H&cid=1303820237.1679832421&gtm=45je33m0&aip=1&z=1216702422 IP 216.58.207.227:0 ASN #15169 GOOGLE File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers `GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LF1R1KY13H&cid=1303820237.1679832421&gtm=45je33m0&aip=1&z=1216702422 HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://za.continuetoplay.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Sun, 26 Mar 2023 12:06:46 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-type: image/gif x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ef8608ef03d2e48c9cd6b665e8b3a946 894e7d4897dabb155138a7cbad323943c0c95122 b1a0d70bdae876e192cb4b9ba7c7f8fb7064ef3796a5d48e14c7b014789f63c8 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 26 Mar 2023 12:06:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash b62c9b9530dd66bb7f03ba2ce3d835da bf8560766de78dd925e395f59610ab2f1335e565 62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D" Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6070 Expires: Sun, 26 Mar 2023 13:47:56 GMT Date: Sun, 26 Mar 2023 12:06:46 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash b62c9b9530dd66bb7f03ba2ce3d835da bf8560766de78dd925e395f59610ab2f1335e565 62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D" Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6070 Expires: Sun, 26 Mar 2023 13:47:56 GMT Date: Sun, 26 Mar 2023 12:06:46 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa47e8d1c-6343-48dc-966b-71e83875b350.jpeg	34.120.237.76	200 OK	7.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa47e8d1c-6343-48dc-966b-71e83875b350.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.8 kB (7778 bytes) Hash 1782dd235045315ec9b8d127a4a61dfd 4242d3ff0a1ca9f76166585532a815c4b1f15175 c404e097daf50098edf2d46b1d314fb2ab95f1d655293f0a9e123867fc11a982 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa47e8d1c-6343-48dc-966b-71e83875b350.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7778 x-amzn-requestid: 5794fe13-ddf8-4a4d-86e3-53da34af0c98 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CW2QAF91IAMFoNg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641f6a66-1f6247aa2651e9a35dbccec7;Sampled=0 x-amzn-remapped-date: Sat, 25 Mar 2023 21:40:54 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: ym5ku830id9iQl1QzIRpIo1jrMq7KILCx91VgOKApAkkDpEdLi_lug== via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Mar 2023 22:12:28 GMT age: 50058 etag: "4242d3ff0a1ca9f76166585532a815c4b1f15175" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg	34.120.237.76	200 OK	3.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.6 kB (3589 bytes) Hash 1ec08d4bd079a92161fc80f41281b5a9 bf61369962342cce85de8f48942b4b150fd2721e 8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3589 x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CW1uyE2joAMF50g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0 x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: Olik0rOopNpu03_GQWvvGeuS0D579nAdtuk9RGWUQSopMavKHDn1cQ== via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Mar 2023 21:53:15 GMT age: 51211 etag: "bf61369962342cce85de8f48942b4b150fd2721e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c1b9b23-a69e-4b1e-84d5-d7f840d9e026.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c1b9b23-a69e-4b1e-84d5-d7f840d9e026.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10327 bytes) Hash 213ded5820ff11a18bf9c374d5ea86ca c3b4003e8f2b394ed8ad5e2d33fb04d6458a64c2 d9bbe5babe57b151d133b65eed68acc69ca294df77b22f04857a15a67dd50efa HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c1b9b23-a69e-4b1e-84d5-d7f840d9e026.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10327 x-amzn-requestid: 6b71b02f-f694-4dc5-a49d-8246a4ba0e95 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CW2BmGzBIAMF6AA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641f6a09-028b3d525ba3abe42b19ff0d;Sampled=0 x-amzn-remapped-date: Sat, 25 Mar 2023 21:39:22 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: TzkqKPYBlUIoiuuJhYNBSklMNwukg6gmZ9mwpTm3HC3QklhH8Bk7-Q== via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Mar 2023 22:23:47 GMT age: 49379 etag: "c3b4003e8f2b394ed8ad5e2d33fb04d6458a64c2" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg	34.120.237.76	200 OK	5.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.6 kB (5556 bytes) Hash c831201ad81f55c63c1b101ce854a810 0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5 c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5556 x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM69eHE3IAMF0Yw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: CgU9j02Bnw0UdIwQ3sRCDvJoPitHIAUTRDhLH_PMXYlAPoAwSbv6Iw== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Mar 2023 06:24:41 GMT age: 20525 etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc872b459-32b1-4ecb-a595-95cee4c53ca4.jpeg	34.120.237.76	200 OK	13 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc872b459-32b1-4ecb-a595-95cee4c53ca4.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 13 kB (12991 bytes) Hash 8e19767dbe464134f0ab81b0eadb98fa 007758853c1d1605db69131eb50ff433a4da5f8c 63f1f08cd038e7b6d3316bbdc59a598b01c3bedd1ef04ba1986152e239fa128c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc872b459-32b1-4ecb-a595-95cee4c53ca4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 12991 x-amzn-requestid: 16bc16bf-b87e-4ed7-a559-3e900595928e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CW1smH_kIAMF5oA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641f6983-21e7ce61788315866c752f28;Sampled=0 x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:07 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: 0XTrJJ-Z6-GCn2VJUUt8tqhvG4E8b_TYTBiDBu1Qr35g7THOqp5Zkg== via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Mar 2023 21:51:13 GMT age: 51333 etag: "007758853c1d1605db69131eb50ff433a4da5f8c" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04ca104-da87-4364-a700-7fc01e351308.jpeg	34.120.237.76	200 OK	5.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04ca104-da87-4364-a700-7fc01e351308.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.4 kB (5408 bytes) Hash 30183c6c59b8fc603d77773182f50202 8942515b5abe11d1a81b19dcde4b525aa1d26671 d218a7991efd84f78d4ed1925ca943788de99f5b5558440593d648f2965ecfaa HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04ca104-da87-4364-a700-7fc01e351308.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5408 x-amzn-requestid: 15377820-5f38-46a5-aa36-321322cef223 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CW1hLEFVoAMF7wg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641f693a-1329e52e5c1c6ba738a79b2d;Sampled=0 x-amzn-remapped-date: Sat, 25 Mar 2023 21:35:54 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: QREbrxk2bvFoRnvQW-MohNtqORKmXNFLN7t-b7PIJ-Wcy3Qht6Rfsw== via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Mar 2023 21:49:34 GMT age: 51432 etag: "8942515b5abe11d1a81b19dcde4b525aa1d26671" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	api.basebone.com/frontend/google/ga4.php	80.74.141.5	200 OK	27 B
URL HTTP/1.1 api.basebone.com/frontend/google/ga4.php IP 80.74.141.5:0 ASN #21069 METANET AG File type ASCII text, with no line terminators Size 27 B (27 bytes) Hash 399089a5a4aa675f2de0020c0d2dfe56 4bb635c9d4d04ad3937179af9084cbe3b4a01a0a 4f4cc2c452d815cfc35c7cbaa804b74337b980231bc0a0dd1405ac93f80d82bf HTTP Headers `POST /frontend/google/ga4.php HTTP/1.1 Host: api.basebone.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded Content-Length: 126 Origin: http://za.continuetoplay.com Connection: keep-alive Referer: http://za.continuetoplay.com/` `HTTP/1.1 200 OK Date: Sun, 26 Mar 2023 12:06:46 GMT Server: Apache Access-Control-Allow-Origin: * Access-Control-Allow-Headers: Content-Type Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Content-Encoding: gzip Set-Cookie: LPSID=CB6; path=/`

	notify.dcbprotect.com/A233375979254372202464608868662686088444224206028	54.155.29.255	200 OK	20 B
URL HTTP/1.1 notify.dcbprotect.com/A233375979254372202464608868662686088444224206028 IP 54.155.29.255:0 ASN #16509 AMAZON-02 File type data Size 20 B (20 bytes) Hash 7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2 HTTP Headers `POST /A233375979254372202464608868662686088444224206028 HTTP/1.1 Host: notify.dcbprotect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-type: application/x-www-form-urlencoded Content-Length: 7464 Origin: http://za.continuetoplay.com Connection: keep-alive Referer: http://za.continuetoplay.com/` `HTTP/1.1 200 OK Date: Sun, 26 Mar 2023 12:06:46 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept Content-Encoding: gzip`

	region1.analytics.google.com/g/collect?v=2&tid=G-LF1R1KY13H&gtm=45je33m0&_p=2121584011&_gaz=1&cid=1303820237.1679832421&ul=en-us&sr=1280x1024&_s=1&sid=1679832421&sct=1&seg=0&dl=http%3A%2F%2Fza.continuetoplay.com%2F5mxi0%2Fw%2F2149803%2F&dt=Download%20music&en=virtual_page_view&_fv=1&_nsi=1&_ss=1&ep.page_type=visit_landing&epn.context_id=4848166193&ep.alias=5mxi0&ep.advertising_campaign_id=98156&ep.webad=2149803&ep.flow_page=index&ep.messaging_platform_id=79&ep.product_id=13&ep.publisher_id=20223&ep.sub_affiliate_id=not_set&ep.monetization_channel=network&ep.traffic_source=ad_networks&ep.template_id=16851&ep.monetization_type=internal&ep.page_path=%2F5mxi0%2Fw%2F2149803%2F&upn.country_id=27&up.country_iso=ZA&upn.network_id=103&up.network_name=internet	216.239.34.36	204 No Content	0 B
URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-LF1R1KY13H&gtm=45je33m0&_p=2121584011&_gaz=1&cid=1303820237.1679832421&ul=en-us&sr=1280x1024&_s=1&sid=1679832421&sct=1&seg=0&dl=http%3A%2F%2Fza.continuetoplay.com%2F5mxi0%2Fw%2F2149803%2F&dt=Download%20music&en=virtual_page_view&_fv=1&_nsi=1&_ss=1&ep.page_type=visit_landing&epn.context_id=4848166193&ep.alias=5mxi0&ep.advertising_campaign_id=98156&ep.webad=2149803&ep.flow_page=index&ep.messaging_platform_id=79&ep.product_id=13&ep.publisher_id=20223&ep.sub_affiliate_id=not_set&ep.monetization_channel=network&ep.traffic_source=ad_networks&ep.template_id=16851&ep.monetization_type=internal&ep.page_path=%2F5mxi0%2Fw%2F2149803%2F&upn.country_id=27&up.country_iso=ZA&upn.network_id=103&up.network_name=internet IP 216.239.34.36:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /g/collect?v=2&tid=G-LF1R1KY13H&gtm=45je33m0&_p=2121584011&_gaz=1&cid=1303820237.1679832421&ul=en-us&sr=1280x1024&_s=1&sid=1679832421&sct=1&seg=0&dl=http%3A%2F%2Fza.continuetoplay.com%2F5mxi0%2Fw%2F2149803%2F&dt=Download%20music&en=virtual_page_view&_fv=1&_nsi=1&_ss=1&ep.page_type=visit_landing&epn.context_id=4848166193&ep.alias=5mxi0&ep.advertising_campaign_id=98156&ep.webad=2149803&ep.flow_page=index&ep.messaging_platform_id=79&ep.product_id=13&ep.publisher_id=20223&ep.sub_affiliate_id=not_set&ep.monetization_channel=network&ep.traffic_source=ad_networks&ep.template_id=16851&ep.monetization_type=internal&ep.page_path=%2F5mxi0%2Fw%2F2149803%2F&upn.country_id=27&up.country_iso=ZA&upn.network_id=103&up.network_name=internet HTTP/1.1 Host: region1.analytics.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://za.continuetoplay.com Connection: keep-alive Referer: http://za.continuetoplay.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 204 No Content access-control-allow-origin: http://za.continuetoplay.com date: Sun, 26 Mar 2023 12:06:46 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 5716bd17f0cc1d649bcba4a6400ad0fa 752def7b1cf7d2f2e8213b28cb17f93e1015d333 ef78bd37975cc2a43c78562c8fcd9977f92a2ef525b87cfcef89f114f28eac3b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 26 Mar 2023 12:06:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	stats.g.doubleclick.net/g/collect?v=2&tid=G-LF1R1KY13H&cid=1303820237.1679832421&gtm=45je33m0&aip=1	173.194.221.155	204 No Content	0 B
URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-LF1R1KY13H&cid=1303820237.1679832421&gtm=45je33m0&aip=1 IP 173.194.221.155:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /g/collect?v=2&tid=G-LF1R1KY13H&cid=1303820237.1679832421&gtm=45je33m0&aip=1 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://za.continuetoplay.com Connection: keep-alive Referer: http://za.continuetoplay.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0` `HTTP/2 204 No Content access-control-allow-origin: http://za.continuetoplay.com date: Sun, 26 Mar 2023 12:06:46 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 5716bd17f0cc1d649bcba4a6400ad0fa 752def7b1cf7d2f2e8213b28cb17f93e1015d333 ef78bd37975cc2a43c78562c8fcd9977f92a2ef525b87cfcef89f114f28eac3b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 26 Mar 2023 12:06:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL