Report - biatwork.biz/

Report Overview

Submitted URL
biatwork.biz/
IP
80.211.191.223
ASN
#31034 Aruba S.p.A.
Submitted
2023-03-30 04:27:51
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
biatwork.biz	unknown	2015-07-06T16:35:20Z	2023-03-30T05:28:01Z	3.7 kB	87 kB	80.211.191.223
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-31T20:44:48Z	472 B	10 kB	142.250.74.35
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	238 B	34.117.65.55
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	3.2 kB	67 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-31T20:23:24Z	382 B	630 B	142.250.74.74
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-31T18:12:04Z	2.4 kB	6.2 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-31T18:12:03Z	1.4 kB	2.8 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-30 04:28:05	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-03-30 04:28:05	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-03-30 04:28:05	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	biatwork.biz/js/vendors/dependencies.js.pagespeed.jm.yUp8eR6LAC.js	20 kB	2023-03-23	2023-08-11
Pretty URL biatwork.biz/js/vendors/dependencies.js.pagespeed.jm.yUp8eR6LAC.js IP 80.211.191.223 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-23 08:40:08 Last Seen2023-08-11 02:22:39 Times Seen12 Hash c94a7c791e8b00283eacde959d2c22e0 f82fecaa8aea817301d12a87a7bc224bbaafc849 379f88c2d273ee1910c467174f038c27e5c413923a2af7192df1f2aec969e523 Loading...

	biatwork.biz/js/vendors/TweenMax.min.js.pagespeed.jm.fsNeKDnfk8.js	116 kB	2023-03-13	2023-08-11
Pretty URL biatwork.biz/js/vendors/TweenMax.min.js.pagespeed.jm.fsNeKDnfk8.js IP 80.211.191.223 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:04:12 Last Seen2023-08-11 02:22:39 Times Seen14 Hash 7ec35e2839df93cb71884177758bba50 8f89d7f7cc729560b4c96fe672f212cb4fb73d56 2a063d121b400db54274b37d65348a6b218e3191357970b276e1f9b41fa74907 Loading...

	biatwork.biz/js/vendors/jquery.min.js.pagespeed.jm.r0B4QCxeCQ.js	87 kB	2023-03-07	2024-05-10
Pretty URL biatwork.biz/js/vendors/jquery.min.js.pagespeed.jm.r0B4QCxeCQ.js IP 80.211.191.223 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-05-10 19:22:57 Times Seen12291 Hash af4078402c5e090d3f81d1abd71e2250 9592732de681f4365e9b7016dc5cf76e2a55ee9b 8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6 Loading...

	biatwork.biz/js/backgrounds/drifter.min.js.pagespeed.jm.1umFsGPwRQ.js	2.5 kB	2023-03-23	2023-08-11
Pretty URL biatwork.biz/js/backgrounds/drifter.min.js.pagespeed.jm.1umFsGPwRQ.js IP 80.211.191.223 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-23 08:40:08 Last Seen2023-08-11 02:22:39 Times Seen12 Hash d6e985b063f04509e0400537194ce16b 5dc804f300854da177fb9e2850539bff31b1ee46 f6eb494afb78051bd7ba8d61adaea991355f85a97449191d2fd8ecb6983896c4 Loading...

	biatwork.biz/js/main-animated.js.pagespeed.jm.bDb9jkZrQk.js	2.1 kB	2023-03-23	2023-08-11
Pretty URL biatwork.biz/js/main-animated.js.pagespeed.jm.bDb9jkZrQk.js IP 80.211.191.223 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-23 08:40:09 Last Seen2023-08-11 02:22:39 Times Seen12 Hash 6c36fd8e466b424db7720487da5ee01b e36f02beee3ab6cb7ca7e7499e38d96642391db4 a0e4513f14553d4f825080a4e447a72908c28f2fbe23e72fff111de27f1859be Loading...

HTTP Transactions (33)

	URL	IP	Response	Size
	biatwork.biz/	80.211.191.223	301 Moved Permanently	162 B
URL HTTP/1.1 biatwork.biz/ IP 80.211.191.223:0 ASN #31034 Aruba S.p.A. File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 162 B (162 bytes) Hash 4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a HTTP Headers `GET / HTTP/1.1 Host: biatwork.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Server: nginx Date: Thu, 30 Mar 2023 04:27:40 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://biatwork.biz/`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7af19a5145a4ee99bdf18831bad04bfd 7bdd2a4785b999ef54a2644211d2b2b7190fb8e1 3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0" Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13728 Expires: Thu, 30 Mar 2023 08:16:28 GMT Date: Thu, 30 Mar 2023 04:27:40 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash b93010cbf31ba3ec785b4088e5d0f529 c0f1ab8a2aae3c445a8f24959a4eea433a345caf 2cc1a5865dee7636b82a68deddd3aff8b697e846e37789a694cc3c7c47340590 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2CC1A5865DEE7636B82A68DEDDD3AFF8B697E846E37789A694CC3C7C47340590" Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12647 Expires: Thu, 30 Mar 2023 07:58:27 GMT Date: Thu, 30 Mar 2023 04:27:40 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash bc86ef2a0cee04915bc360f5821adc8f 3658f9028cce204d38f7f48fcfaa2a8e4f54383a aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Backoff, Content-Length, Retry-After, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 30 Mar 2023 04:16:03 GMT content-type: application/json age: 697 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c0d9353dc46e88bf564ed464b0b073c7 0b5ce170e7db24267a3ba5b79a48548b1acd2e5b 7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B" Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11027 Expires: Thu, 30 Mar 2023 07:31:28 GMT Date: Thu, 30 Mar 2023 04:27:41 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: f1YiqdInkvNG+aPHD96/dQHj5Ewpw583lKQ5zqpRFR7WDgpQMPgv34VGYREn8z5COaE4azDfeLI= x-amz-request-id: YNH0R8SJ2MGGWV67 x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 30 Mar 2023 04:02:46 GMT age: 1495 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Thu, 30 Mar 2023 04:27:41 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	biatwork.biz/	80.211.191.223	200 OK	1.1 kB
URL HTTP/2 biatwork.biz/ IP 80.211.191.223:0 ASN #31034 Aruba S.p.A. File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators Size 1.1 kB (1145 bytes) Hash 058744d9c893317f5fc423f548bcf44b 2b37dced61c3eaa9ee4a2147b44f53180ddcd999 00053645a22180ef740f267fb1bca6fb62a16376308e590ce490cdeb6f8a5c89 HTTP Headers `GET / HTTP/1.1 Host: biatwork.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` `HTTP/2 200 OK server: nginx date: Thu, 30 Mar 2023 04:27:41 GMT content-type: text/html; charset=UTF-8 content-length: 1145 accept-ranges: bytes x-mod-pagespeed: 1.13.35.2-0 vary: Accept-Encoding content-encoding: gzip cache-control: max-age=0, no-cache, s-maxage=10 strict-transport-security: max-age=15768000; includeSubDomains x-powered-by: PleskLin X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash d4fd78e1925a923742815feb55c9dab0 1b9fb6bb01a275ea7a74aa4185f39e4640a2c5eb 88bc292164002e5b8c4ea4dd317ff1116051a581997bd74b06d0fb231ea15b0c HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 30 Mar 2023 04:27:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	biatwork.biz/js/main-animated.js.pagespeed.jm.bDb9jkZrQk.js	80.211.191.223	200 OK	955 B
URL HTTP/2 biatwork.biz/js/main-animated.js.pagespeed.jm.bDb9jkZrQk.js IP 80.211.191.223:0 ASN #31034 Aruba S.p.A. File type ASCII text, with very long lines (2075), with no line terminators Size 955 B (955 bytes) Hash 852deb715448da9d83aeacd86a33794b 24e1ebfc33213f6218bacb0c232224810080e6df 265c73338bb9f4651e2ee1676c55b4d7952bf3f3d8cd9988d9404d6161c03774 HTTP Headers `GET /js/main-animated.js.pagespeed.jm.bDb9jkZrQk.js HTTP/1.1 Host: biatwork.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://biatwork.biz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Thu, 30 Mar 2023 04:27:41 GMT content-type: application/javascript content-length: 955 accept-ranges: bytes expires: Fri, 29 Mar 2024 04:27:38 GMT cache-control: max-age=31536000 etag: W/"0" last-modified: Thu, 30 Mar 2023 04:27:38 GMT x-original-content-length: 4605 vary: Accept-Encoding content-encoding: gzip strict-transport-security: max-age=15768000; includeSubDomains x-powered-by: PleskLin X-Firefox-Spdy: h2`

	biatwork.biz/js/vendors/dependencies.js.pagespeed.jm.yUp8eR6LAC.js	80.211.191.223	200 OK	7.1 kB
URL HTTP/2 biatwork.biz/js/vendors/dependencies.js.pagespeed.jm.yUp8eR6LAC.js IP 80.211.191.223:0 ASN #31034 Aruba S.p.A. File type ASCII text, with very long lines (19917), with no line terminators Size 7.1 kB (7076 bytes) Hash 4a30d70a1cdef21bcc25226bcfe0ca21 270a54772bb435c9f3d36d64b413ce7a5d10db76 32aeeb02c14714f80aba234525b39b5f0d2803242382c6503974cdf640777205 HTTP Headers `GET /js/vendors/dependencies.js.pagespeed.jm.yUp8eR6LAC.js HTTP/1.1 Host: biatwork.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://biatwork.biz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Thu, 30 Mar 2023 04:27:41 GMT content-type: application/javascript content-length: 7076 accept-ranges: bytes expires: Fri, 29 Mar 2024 04:27:38 GMT cache-control: max-age=31536000 etag: W/"0" last-modified: Thu, 30 Mar 2023 04:27:38 GMT x-original-content-length: 22109 vary: Accept-Encoding content-encoding: gzip strict-transport-security: max-age=15768000; includeSubDomains x-powered-by: PleskLin X-Firefox-Spdy: h2`

	biatwork.biz/js/backgrounds/drifter.min.js.pagespeed.jm.1umFsGPwRQ.js	80.211.191.223	200 OK	1.1 kB
URL HTTP/2 biatwork.biz/js/backgrounds/drifter.min.js.pagespeed.jm.1umFsGPwRQ.js IP 80.211.191.223:0 ASN #31034 Aruba S.p.A. File type ASCII text, with very long lines (2453), with no line terminators Size 1.1 kB (1096 bytes) Hash 16ac9de788d31d2cc5b06ed804483fdb 7c37664eb4abedbe3ecf7eaff1db0357690295ed fee12b889c72c785847ac32565f4a8e3e27cd7a765c66443690b8ebf57199edf HTTP Headers `GET /js/backgrounds/drifter.min.js.pagespeed.jm.1umFsGPwRQ.js HTTP/1.1 Host: biatwork.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://biatwork.biz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Thu, 30 Mar 2023 04:27:41 GMT content-type: application/javascript content-length: 1096 accept-ranges: bytes expires: Fri, 29 Mar 2024 04:27:38 GMT cache-control: max-age=31536000 etag: W/"0" last-modified: Thu, 30 Mar 2023 04:27:38 GMT x-original-content-length: 2663 vary: Accept-Encoding content-encoding: gzip strict-transport-security: max-age=15768000; includeSubDomains x-powered-by: PleskLin X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash ae064c74a3769d42109473ad05d56fb9 d48029ab8568cee6ab7416d3b476ed792d780a56 9852216f395a42f7b4792e852f9f9fa83e07d917a979237d5d7406a1d74edc4f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "9852216F395A42F7B4792E852F9F9FA83E07D917A979237D5D7406A1D74EDC4F" Last-Modified: Wed, 29 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12046 Expires: Thu, 30 Mar 2023 07:48:27 GMT Date: Thu, 30 Mar 2023 04:27:41 GMT Connection: keep-alive`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash d4fd78e1925a923742815feb55c9dab0 1b9fb6bb01a275ea7a74aa4185f39e4640a2c5eb 88bc292164002e5b8c4ea4dd317ff1116051a581997bd74b06d0fb231ea15b0c HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 30 Mar 2023 04:27:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	biatwork.biz/js/vendors/TweenMax.min.js.pagespeed.jm.fsNeKDnfk8.js	80.211.191.223	200 OK	39 kB
URL HTTP/2 biatwork.biz/js/vendors/TweenMax.min.js.pagespeed.jm.fsNeKDnfk8.js IP 80.211.191.223:0 ASN #31034 Aruba S.p.A. File type ASCII text, with very long lines (65536), with no line terminators Size 39 kB (39312 bytes) Hash c7d2a9c8d45a79155610d0db0f291f14 c3e59d3dab72e4fe192a83804e80101fc5331add d2b696d28e1cdf7e2ad4113176a5b78b42023a11890c5d5d5c588d989c6e8909 HTTP Headers `GET /js/vendors/TweenMax.min.js.pagespeed.jm.fsNeKDnfk8.js HTTP/1.1 Host: biatwork.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://biatwork.biz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Thu, 30 Mar 2023 04:27:41 GMT content-type: application/javascript content-length: 39312 accept-ranges: bytes expires: Fri, 29 Mar 2024 04:27:38 GMT cache-control: max-age=31536000 etag: W/"0" last-modified: Thu, 30 Mar 2023 04:27:38 GMT x-original-content-length: 116228 vary: Accept-Encoding content-encoding: gzip strict-transport-security: max-age=15768000; includeSubDomains x-powered-by: PleskLin X-Firefox-Spdy: h2`

	biatwork.biz/css/custom/A.index-animated.css.pagespeed.cf.faS0rCf-CZ.css	80.211.191.223	200 OK	1.6 kB
URL HTTP/2 biatwork.biz/css/custom/A.index-animated.css.pagespeed.cf.faS0rCf-CZ.css IP 80.211.191.223:0 ASN #31034 Aruba S.p.A. File type ASCII text, with very long lines (5025) Size 1.6 kB (1642 bytes) Hash d39883e33aaf031a8634b3118771d3b7 b79c0e7d9237acafd31810f36979a1f195335142 4ea387144a7ba37af4173ef61f4e884001c9dc19cc2617d0aed1691bb79fe834 HTTP Headers `GET /css/custom/A.index-animated.css.pagespeed.cf.faS0rCf-CZ.css HTTP/1.1 Host: biatwork.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://biatwork.biz/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Thu, 30 Mar 2023 04:27:41 GMT content-type: text/css content-length: 1642 accept-ranges: bytes expires: Fri, 29 Mar 2024 01:33:06 GMT cache-control: max-age=31536000 etag: W/"0" last-modified: Thu, 30 Mar 2023 01:33:06 GMT x-original-content-length: 11247 vary: Accept-Encoding content-encoding: gzip strict-transport-security: max-age=15768000; includeSubDomains x-powered-by: PleskLin X-Firefox-Spdy: h2`

	biatwork.biz/js/vendors/jquery.min.js.pagespeed.jm.r0B4QCxeCQ.js	80.211.191.223	200 OK	30 kB
URL HTTP/2 biatwork.biz/js/vendors/jquery.min.js.pagespeed.jm.r0B4QCxeCQ.js IP 80.211.191.223:0 ASN #31034 Aruba S.p.A. File type ASCII text, with very long lines (65536), with no line terminators Size 30 kB (30226 bytes) Hash 0a4f3079b053cbf3c062dbbf872ad41f ac60e92dd16b2d72ed8991f497a7be927ca135e3 242721e790c0849dc9ae9a1b972124dbc1474bf1fede2731d93d2a216722022a HTTP Headers `GET /js/vendors/jquery.min.js.pagespeed.jm.r0B4QCxeCQ.js HTTP/1.1 Host: biatwork.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://biatwork.biz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Thu, 30 Mar 2023 04:27:41 GMT content-type: application/javascript content-length: 30226 accept-ranges: bytes expires: Fri, 29 Mar 2024 04:27:38 GMT cache-control: max-age=31536000 etag: W/"0" last-modified: Thu, 30 Mar 2023 04:27:38 GMT x-original-content-length: 86927 vary: Accept-Encoding content-encoding: gzip strict-transport-security: max-age=15768000; includeSubDomains x-powered-by: PleskLin X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Last-Modified, Retry-After, Backoff, Expires, Pragma, Content-Length, Cache-Control, Alert, Content-Type, ETag content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 30 Mar 2023 04:17:26 GMT age: 615 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 21966d424aed17f9af10f69f1cb82860 87ffcdc8f4d76491bc4a5cb3a01a3923d1dff2be 6c02a4b1eee1b1c86633ef6364e6036e3f56b1eaa64a04b770d7641f7e2a2466 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 30 Mar 2023 04:27:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2	142.250.74.35	200 OK	9.6 kB
URL HTTP/2 fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2 IP 142.250.74.35:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 9588, version 1.0\012- data Size 9.6 kB (9588 bytes) Hash 55d912c794126956bb1e8f41597c131f f7ade582dbe9d0efe97ae105cab313c6e45904d4 8bea498aed7cc1366e8b966e467b98219c803107d728eab8a6c4c9b045def699 HTTP Headers `GET /s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://biatwork.biz Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 9588 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 10:26:58 GMT expires: Sat, 23 Mar 2024 10:26:58 GMT cache-control: public, max-age=31536000 last-modified: Tue, 19 Apr 2022 18:29:39 GMT content-type: font/woff2 age: 496843 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	push.services.mozilla.com/	34.117.65.55	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 34.117.65.55:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 7QsOLJMqdrR1Q5xhC3JAGg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 1cjAkJaYbQFRkSSJztY1ZBAEiZY= Date: Thu, 30 Mar 2023 04:27:41 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 21966d424aed17f9af10f69f1cb82860 87ffcdc8f4d76491bc4a5cb3a01a3923d1dff2be 6c02a4b1eee1b1c86633ef6364e6036e3f56b1eaa64a04b770d7641f7e2a2466 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 30 Mar 2023 04:27:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	biatwork.biz/images/icons/xfavicon.png.pagespeed.ic.jZwJjl1HXQ.png	80.211.191.223	200 OK	1.4 kB
URL HTTP/2 biatwork.biz/images/icons/xfavicon.png.pagespeed.ic.jZwJjl1HXQ.png IP 80.211.191.223:0 ASN #31034 Aruba S.p.A. File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data Size 1.4 kB (1406 bytes) Hash 8d9c098e5d475d0f2f3be9cab9d1502f 7820270babbaad37e0bd268188e7f6d43eab600b 6b5a1497559f3b56ccff5967f30f22a2ffe7b94a8e69d8b79f8506a418cbcd32 HTTP Headers `GET /images/icons/xfavicon.png.pagespeed.ic.jZwJjl1HXQ.png HTTP/1.1 Host: biatwork.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://biatwork.biz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Thu, 30 Mar 2023 04:27:41 GMT content-type: image/png content-length: 1406 link: <https://biatwork.biz/images/icons/favicon.png>; rel="canonical" accept-ranges: bytes expires: Thu, 28 Mar 2024 11:59:45 GMT cache-control: max-age=31536000 etag: W/"0" last-modified: Wed, 29 Mar 2023 11:59:45 GMT x-original-content-length: 1643 strict-transport-security: max-age=15768000; includeSubDomains x-powered-by: PleskLin X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18587 Expires: Thu, 30 Mar 2023 09:37:30 GMT Date: Thu, 30 Mar 2023 04:27:43 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18587 Expires: Thu, 30 Mar 2023 09:37:30 GMT Date: Thu, 30 Mar 2023 04:27:43 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18587 Expires: Thu, 30 Mar 2023 09:37:30 GMT Date: Thu, 30 Mar 2023 04:27:43 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04d24af-eb00-4c93-ab34-7efa5a5df311.png	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04d24af-eb00-4c93-ab34-7efa5a5df311.png IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11548 bytes) Hash 2eee1403498bff1763a8bc833dfeeb41 bff603c1941f0bc9dfcd4ae51af3334ff7529be4 2dab005f05aa5142ad2d132f40a5fb2b3cad7e1c82c936808c30f060eea3846e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04d24af-eb00-4c93-ab34-7efa5a5df311.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11548 x-amzn-requestid: 7695d327-93ba-4079-a512-6adfc7e3a2d6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CkAymEfnoAMFwYg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6424ae76-66e22a7d1d7cad675b9cdf27;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:38 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: YDfuRMv16MCODBqpZY9Fh1sW7r0oIuwhIID1gdjVZeyJnlHHZM4ASQ== via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 21:52:21 GMT age: 23722 etag: "bff603c1941f0bc9dfcd4ae51af3334ff7529be4" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d49d0d0-9e52-48d9-a854-20f49ed18a99.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d49d0d0-9e52-48d9-a854-20f49ed18a99.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (11118 bytes) Hash 1d109c71a6d804ac43ede46ac74f2065 251d3e3e3eadee46258a4ad9d33d5e9e83aa63b4 de2d781c75abb41ea14c0f4c072df0977562d824d81b5f4ca28c4f635067a17b HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d49d0d0-9e52-48d9-a854-20f49ed18a99.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11118 x-amzn-requestid: 71508920-b2d8-446d-a498-8bf8708af974 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CkA4qHrpoAMF-0A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6424ae9d-5191b68a4c7f1ee042a05583;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Wed, 29 Mar 2023 21:33:17 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: 3JIDZJcepJFwPc0anfKz5OO8LZY3cFMI4oljiaft8jBgltzp2iYJiA== via: 1.1 99db15345b0e5e7ad9c267ae999b8cf4.cloudfront.net (CloudFront), 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 21:55:34 GMT age: 23529 etag: "251d3e3e3eadee46258a4ad9d33d5e9e83aa63b4" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d272e70-53f2-46d1-82a2-713d0539212f.jpeg	34.120.237.76	200 OK	14 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d272e70-53f2-46d1-82a2-713d0539212f.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 14 kB (13563 bytes) Hash e17677df3c62e2528f78149356f707fa ed990a670d1b5f33e42e1927266c82d1532b2c75 3f23e0cf1a3b09c3747e5ac9917793d7035b3195a085d1e34777c5f3f09ce72c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d272e70-53f2-46d1-82a2-713d0539212f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 13563 x-amzn-requestid: 61cfd396-07a1-451f-81df-868644a5e653 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CkAymEFOIAMFW3g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6424ae76-7adecc212066dc3c5252eb2f;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:38 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: Extt8zdIR6UvGVHhCFtOEZnFHXHvS0QdwQNgFGMclIDrMdmHO-5UUg== via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 21:48:07 GMT age: 23976 etag: "ed990a670d1b5f33e42e1927266c82d1532b2c75" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10271 bytes) Hash 424b55535e5fd622b2fc96aac1246324 cf7cf08aa8969a86bf03695af2129686fd62fe86 c4bb26a7b2c431282b53b4df9999b9cc8e61369a79c606688a76499b31a65127 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10271 x-amzn-requestid: db0d1fe4-060a-4e61-90f3-ec9befee1295 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CkBoXGh5oAMFfzw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6424afce-2e9251552b4acdcb19e02dfc;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:22 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: 1cXec9_e-KpzyTwiHaNAaf0y5i12tw7BkZTXnduS5ek7yAAZ0LXTWw== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 21:48:07 GMT age: 23976 etag: "cf7cf08aa8969a86bf03695af2129686fd62fe86" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F611db66e-eb19-4ce3-9ee4-93c32afc29a5.jpeg	34.120.237.76	200 OK	8.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F611db66e-eb19-4ce3-9ee4-93c32afc29a5.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.8 kB (8795 bytes) Hash d1e861b518e06e17ce657c5f9fc15daf 214322b88798120159ab55c7121c8775727b8fc7 3438eb2b7e18d784416c139b42c036eefff3759602e4ce553815c628e1cb5016 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F611db66e-eb19-4ce3-9ee4-93c32afc29a5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8795 x-amzn-requestid: 33d91f7c-7d04-405b-8060-33e438ed09f6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CkAz2GwKoAMFW5A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6424ae7e-54ba3517206ac61c50167c3e;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:46 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: UlRpbu9inpiwKEkyo7rthLcsidkdF4_CJtp4l4Q0EbXMB-75e61rBg== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 21:54:44 GMT age: 23579 etag: "214322b88798120159ab55c7121c8775727b8fc7" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68adff46-2278-4660-8b41-0719f5eb19f2.jpeg	34.120.237.76	200 OK	5.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68adff46-2278-4660-8b41-0719f5eb19f2.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.1 kB (5108 bytes) Hash aa4bea27e3e3b648176b5d87c919422d 1aa537444512644c9e5ddbb732cb310e5d3f3a26 28706ef531eabf37199ce8160884b6abe9220809e6217000883a0d9f0a23e93d HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68adff46-2278-4660-8b41-0719f5eb19f2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5108 x-amzn-requestid: 8d187151-2480-477a-82d9-fa5c96dd61db x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CkA6THX9IAMFhrw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6424aea7-5e5a11746610faac7bb883bb;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Wed, 29 Mar 2023 21:33:28 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: RC7BCyW_QitX-xaWwVn_7qcPD_Qu2dIwr2l_rD3HvHT_812xzmU8vw== via: 1.1 ee32c7a76e2727d565413cc6c352ef48.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 21:56:53 GMT age: 23450 etag: "1aa537444512644c9e5ddbb732cb310e5d3f3a26" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Abel	142.250.74.74	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Abel IP 142.250.74.74:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Abel HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://biatwork.biz/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 30 Mar 2023 04:27:41 GMT date: Thu, 30 Mar 2023 04:27:41 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (33)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type