Report - init.huntingtonhospital.net/

Report Overview

Submitted URL
init.huntingtonhospital.net/
IP
208.91.197.27
ASN
#40034 CONFLUENCE-NETWORK-INC
Submitted
2023-04-01 04:27:38
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.google.com	7	2015-05-10T13:11:19Z	2023-03-31T20:35:26Z	1.9 kB	60 kB	216.58.207.228
afs.googleusercontent.com	12123	2013-05-06T21:11:00Z	2023-03-31T19:12:06Z	885 B	2.5 kB	142.250.74.97
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	3.2 kB	51 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150
i.cdnpark.com	93792	2014-04-23T00:29:22Z	2019-03-24T18:17:58Z	622 B	4.1 kB	143.204.55.68
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-31T18:12:03Z	3.4 kB	7.0 kB	142.250.74.131
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-31T20:23:24Z	403 B	1.5 kB	142.250.74.106
js.parkingcrew.net	94546	2017-01-29T18:23:38Z	2023-04-01T05:18:18Z	2.1 kB	8.2 kB	185.53.178.30
partner.googleadservices.com	798	2012-10-03T03:04:21Z	2023-03-31T18:16:57Z	488 B	795 B	216.58.207.226
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-31T18:12:04Z	3.0 kB	8.0 kB	23.36.77.32
init.huntingtonhospital.net	unknown	2023-02-14T06:34:26Z	2023-03-16T13:18:57Z	1.3 kB	4.0 kB	208.91.197.27
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-31T20:44:48Z	992 B	17 kB	216.58.207.227
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	127 B	35.82.254.251
d38psrni17bvxu.cloudfront.net	unknown	2022-09-22T18:48:38Z	2023-03-31T18:52:42Z	1.7 kB	31 kB	54.230.245.22
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-04-01	medium	init.huntingtonhospital.net/	Phishing
2023-04-01	medium	init.huntingtonhospital.net/px.js?ch=1	Phishing
2023-04-01	medium	init.huntingtonhospital.net/px.js?ch=2	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	init.huntingtonhospital.net/	200 B	2023-03-07	2023-04-01
Pretty URL init.huntingtonhospital.net/ IP 208.91.197.27 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:02 Last Seen2023-04-01 11:18:24 Times Seen6 Hash 83d6fa76bf8baf74a5f8942096c3b563 da9bfd017a760a89f80ad6513d23d2caca62d08f f87ba116ab4eba732d014d1361f515299e60808dd14b5a5d198aab2639a3dbb4 Loading...

	init.huntingtonhospital.net/	200 B	2023-03-07	2023-04-05
Pretty URL init.huntingtonhospital.net/ IP 208.91.197.27 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:23 Last Seen2023-04-05 02:03:50 Times Seen166 Hash c429efc5787431634ecb929d6e4b8602 59b6c748ad6bfd673ea5a50542a7f1849ead0700 5c04aa5569f70ca0c1c9a1bcad0146729297cf2dbac755415c04576e7b95faad Loading...

	js.parkingcrew.net/jsparkcaf.php?_v=3&regcn=401543&_h=init.huntingtonhospital.net&_t=1680323247497&_qs=	3.6 kB	2023-04-01	2023-04-01
Pretty URL js.parkingcrew.net/jsparkcaf.php?_v=3&regcn=401543&_h=init.huntingtonhospital.net&_t=1680323247497&_qs= IP 185.53.178.30 ASN #19905 NEUSTAR-AS6 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:18:24 Last Seen2023-04-01 11:18:24 Times Seen1 Hash d48286058dd7ce8841c798ee62938d18 dba727f935e80bf35780ac76c286f842aa6e41ae 22bc35e59b6722c2fe2e3ba0e4818a93bac9c7cb4c0ddc3e03e797fda8369ae8 Loading...

	d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js	5.6 kB	2023-03-07	2023-09-26
Pretty URL d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js IP 54.230.245.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:07 Last Seen2023-09-26 11:43:53 Times Seen10069 Hash 6f95d346f97b06c2d81a5cb147d35de0 c591eaa19ed0d227b4555f5e699b668b05aa40b0 35ca990c39f9194a5a17ff664a0fdcc7dfb6cb433ea6844e2960d9744bd9b9b6 Loading...

	js.parkingcrew.net/assets/scripts/registrar-caf/401543.js	2.3 kB	2023-03-07	2023-08-09
Pretty URL js.parkingcrew.net/assets/scripts/registrar-caf/401543.js IP 185.53.178.30 ASN #19905 NEUSTAR-AS6 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:02 Last Seen2023-08-09 09:58:34 Times Seen296 Hash 10c5efa6881cd919a596b4cf6e4e2a32 4861e817ed211e50461802fc9381306e3850c3f2 2480146df67cf549768f1f3e6acd33716562fd5bd6286978b026a85e0f624944 Loading...

	init.huntingtonhospital.net/	8 B	2023-03-07	2024-04-22
Pretty URL init.huntingtonhospital.net/ IP 208.91.197.27 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-22 01:24:18 Times Seen10767 Hash 883fa82f6169ed5ddd95e0c34cf36450 52fcfe1e375b542d4847a9c963bff266b98bfbc2 dca6253c1f2bdadb922b559c83bee52fbe1411e3a159adcb922ff3b45c623185 Loading...

	i.cdnpark.com/registrar/v3/loader.js	2.2 kB	2023-03-07	2023-09-27
Pretty URL i.cdnpark.com/registrar/v3/loader.js IP 143.204.55.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:34:15 Last Seen2023-09-27 00:44:23 Times Seen918 Hash 6a8a5ac701875e082ba567dc1e31dc47 270e11322a98d1f93377df4da2db08e3907db01c ccc86bccd7817aaa981c28c56fa002ec8f305d81433312e8299ce70fc8d70c7e Loading...

	d38psrni17bvxu.cloudfront.net/registrar/v3/content/401543	2.9 kB	2023-03-07	2023-07-25
Pretty URL d38psrni17bvxu.cloudfront.net/registrar/v3/content/401543 IP 54.230.245.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:35:28 Last Seen2023-07-25 21:45:42 Times Seen230 Hash c5a7fc92817bc1fdcd0e7ba01f9d1dc8 5368bf74f0b18c4db6f375d2105fd08a2a1d94b6 7a90b10f1abaef9b9d9a3ccf71bcf1b999742d75df174927c66b57be8747c839 Loading...

	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 11:18:50 Times Seen37018782 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	init.huntingtonhospital.net/	77 B	2023-03-07	2024-04-17
Pretty URL init.huntingtonhospital.net/ IP 208.91.197.27 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:26 Last Seen2024-04-17 04:25:09 Times Seen346 Hash d5630c59e7893a1368ebb34a973c8956 fdb0bc9c507522a0b946c99bae6bda6fa96a690e 01d9b1f2503cb005dbd83ba5643ca5ab30c7c6a2abe967ab704873d62aabc0e3 Loading...

	www.google.com/afs/ads/i/iframe.html	1.3 kB	2023-03-07	2023-04-05
Pretty URL www.google.com/afs/ads/i/iframe.html IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2023-04-05 02:11:22 Times Seen1911 Hash 53a557946308585635eb80aec5326b9e 544b125203bfbb516566a63c9ef3dc57e9c06df9 eff95f5e15f8aa8c8b8c0f3aaeedba0091c1ec9732d78b6594c9ceb26c8eff28 Loading...

	www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Finit.huntingtonhospital.net%2F%3Fcaf%26skrghlp%3DghevcQl%252Bb6F4wruPU6KHejtKRaLZY%252FjXh3%252BgJMpSZ%252BuVwI6dxHqxDRVWbP2AduYq&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2217778716944488&oe=UTF-8&ie=UTF-8&fexp=21404&format=r5%7Cs&nocache=5121680323248533&num=0&output=afd_ads&domain_name=init.huntingtonhospital.net&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1680323248537&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=771&frm=0&cl=518347065&uio=--&cont=tc&jsid=caf&jsv=518347065&rurl=http%3A%2F%2Finit.huntingtonhospital.net%2F&adbw=slave-1-1%3A465%2Cmaster-1%3A466	6.1 kB	2023-04-01	2023-04-01
Pretty URL www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Finit.huntingtonhospital.net%2F%3Fcaf%26skrghlp%3DghevcQl%252Bb6F4wruPU6KHejtKRaLZY%252FjXh3%252BgJMpSZ%252BuVwI6dxHqxDRVWbP2AduYq&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2217778716944488&oe=UTF-8&ie=UTF-8&fexp=21404&format=r5%7Cs&nocache=5121680323248533&num=0&output=afd_ads&domain_name=init.huntingtonhospital.net&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1680323248537&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=771&frm=0&cl=518347065&uio=--&cont=tc&jsid=caf&jsv=518347065&rurl=http%3A%2F%2Finit.huntingtonhospital.net%2F&adbw=slave-1-1%3A465%2Cmaster-1%3A466 IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:18:24 Last Seen2023-04-01 11:18:24 Times Seen1 Hash f48d6ab9ef2101e2de8471eec0cf48b4 b276fac5735249233c01516f1e619bc97e9e7f8d b4c1e180a9476be91577c42ad55c5e21c205956d3213d4f2709f5b792a0dc9ee Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-04-01	2023-04-05
Pretty URL www.google.com/adsense/domains/caf.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:46:18 Last Seen2023-04-05 02:07:13 Times Seen185 Hash d825bff3eb54482f3e5ec364d9798240 2412479b41cb0d4f98d980a52e682dedc2989290 9221512d6c6d833a835a16fc713dc57ccdcd7c8d64ff96be52dcf0649dcd173d Loading...

	init.huntingtonhospital.net/px.js?ch=1	346 B	2023-03-07	2024-04-22
Pretty URL init.huntingtonhospital.net/px.js?ch=1 IP 208.91.197.27 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-22 01:24:18 Times Seen43431 Hash f84f931c0dd37448e03f0dabf4e4ca9f 9c2c50edcf576453ccc07bf65668bd23c76e8663 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584 Loading...

	init.huntingtonhospital.net/	519 B	2023-04-01	2023-04-01
Pretty URL init.huntingtonhospital.net/ IP 208.91.197.27 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:18:24 Last Seen2023-04-01 11:18:24 Times Seen1 Hash b1ed8b0ac1dd1c40a6a03d8083c22642 67fe50409837aee7cf4239517354a14dc1cf3a05 f4ebdb3a54f4f07414d38261041a585066f003bc2040414488a0bfb64ca79d35 Loading...

	init.huntingtonhospital.net/	134 B	2023-03-08	2023-04-01
Pretty URL init.huntingtonhospital.net/ IP 208.91.197.27 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:03:04 Last Seen2023-04-01 11:18:24 Times Seen2 Hash d280e36c41d65cee155bd1ee363aee84 c313cf2b15d9d3591d6f19e3f07904748e8db6df 003c3767fde61f946b8738e7c49026215ed1531646f61b250e17fe369093b0cb Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=init.huntingtonhospital.net&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie	384 B	2023-04-01	2023-04-01
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=init.huntingtonhospital.net&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie IP 216.58.207.226 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:18:24 Last Seen2023-04-01 11:18:24 Times Seen1 Hash 9c766bc612a567d030ef488aa84c3a56 2862e9528285e6f15867f8888f127e4b73936d40 1ffd1e616e9174c31aa6e908e49f4d1ac6049693f09a7a74cd348d6d280e9a55 Loading...

		Size	First Seen	Last Seen
	#1 Write - 38cd9463cfd81c97218fd596f4a5ede1	76 B	2023-03-07	2023-09-26
Pretty Observations First Seen2023-03-07 18:52:18 Last Seen2023-09-26 11:43:53 Times Seen5434 Hash 38cd9463cfd81c97218fd596f4a5ede1 7e4a49ebcc195fc07468badbee81aea7d4c14c8f 6f9c01bfa9404b8a13f98b0befe67694ae9e479f6b1066c1779d1c737af78231 Loading...

	#2 Write - b2c982747f7cd6b15fc1566f39e6afa1	88 B	2023-03-07	2023-07-25
Pretty Observations First Seen2023-03-07 13:00:02 Last Seen2023-07-25 21:45:42 Times Seen126 Hash b2c982747f7cd6b15fc1566f39e6afa1 d264d43f99e89a1653ef2c2fe83997c81c9993f6 5bebf1cb27ecfc2bfac314df7a17d2f227c395bf4bd3c90cb470d49141444a4f Loading...

	#3 Write - 7c19e7894df90e34ce5b464559d5e0db	83 B	2023-03-07	2023-07-25
Pretty Observations First Seen2023-03-07 22:35:28 Last Seen2023-07-25 21:45:42 Times Seen126 Hash 7c19e7894df90e34ce5b464559d5e0db 109dc2618926ccb91536daf245ecf3534a96bf7b 1fe9ecaa99a880f47c6e2ce39f134fde32f7fcc55d18f2df8bece0097feb50a9 Loading...

	#4 Write - c30ac9aff359270de6c3f4cd42f50724	134 B	2023-04-01	2023-04-01
Pretty Observations First Seen2023-04-01 11:18:24 Last Seen2023-04-01 11:18:24 Times Seen1 Hash c30ac9aff359270de6c3f4cd42f50724 535d54bf54a4d7f5881a5e526d7a1c3adc74e159 518437f0d855b1ecf19aae62f3f0264918546b9646c2f6e74ecdf79b96791f9d Loading...

	#5 Write - 6e176d2c0274c39178c0d7a2e8b884b8	2.9 kB	2023-03-07	2023-07-25
Pretty Observations First Seen2023-03-07 22:35:28 Last Seen2023-07-25 21:45:42 Times Seen126 Hash 6e176d2c0274c39178c0d7a2e8b884b8 f001325c84bfe1dca67781cfc29f38a4d714272e 58b6d4c81d5b2f41fc0a664170b752a6150f18198968ad34bbe80c3aa4937dbd Loading...

	#6 Write - fceabde14f5dce3e6e930e3d0838dcef	185 B	2023-04-01	2023-04-01
Pretty Observations First Seen2023-04-01 11:18:24 Last Seen2023-04-01 11:18:24 Times Seen1 Hash fceabde14f5dce3e6e930e3d0838dcef 198d4121686a914463007847a8e104449893b9ad 72354b5d64fb89861c66c27d65ca3f08493dad6a7fd0d8803e8af40aa9f79acb Loading...

	#7 Write - 58909f7a8f9d6f81fd53aabc82acd4f9	69 B	2023-03-13	2023-09-26
Pretty Observations First Seen2023-03-13 14:03:50 Last Seen2023-09-26 11:43:53 Times Seen5434 Hash 58909f7a8f9d6f81fd53aabc82acd4f9 5b0209eb64794c055142858fed1207d5398cb837 c321c2a6c6bf4db2cc23a72b8df7734b0da497fae55543b1606d1fdffbc70a68 Loading...

HTTP Transactions (55)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19558
Expires: Sat, 01 Apr 2023 09:53:26 GMT
Date: Sat, 01 Apr 2023 04:27:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
034b06325b334948200ef1d79d4ddeb7
b9a3c93cff37cbaaf20cca79b965b1a21c525ce8
417ce2093027b05cc34199c75e6b29f155c4dd3150651b6b3dbe8564098c4143

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "417CE2093027B05CC34199C75E6B29F155C4DD3150651B6B3DBE8564098C4143"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21550
Expires: Sat, 01 Apr 2023 10:26:38 GMT
Date: Sat, 01 Apr 2023 04:27:28 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Length, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 01 Apr 2023 04:16:13 GMT
content-type: application/json
age: 675
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a57eb49c1ac36edd2db6573eb357bd87
592724177530a39ce4af02874beb776b91fefbbe
0dd258adc062ad2b6f5ce8fec0457e55e594c942817f37509ca2d1f2e8152edf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0DD258ADC062AD2B6F5CE8FEC0457E55E594C942817F37509CA2D1F2E8152EDF"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9147
Expires: Sat, 01 Apr 2023 06:59:55 GMT
Date: Sat, 01 Apr 2023 04:27:28 GMT
Connection: keep-alive

init.huntingtonhospital.net/

208.91.197.27

200 OK

2.1 kB

URL HTTP/1.1
init.huntingtonhospital.net/
IP
208.91.197.27:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (802), with CRLF, LF line terminators
Size
2.1 kB (2131 bytes)
Hash
3a6393b323b3679d5e1befd36162259b
7ca2dbb435d215af8423f57dc281767124b8f2c0
50b38a341f82fd83b9a4aba604e1b7c452ed9f448832219fa4f7dd99bd827a5b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: init.huntingtonhospital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 01 Apr 2023 04:27:28 GMT
Server: Apache
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_FQyKp7hsVbiQkhNWdyONPAo9ET1xYbZ+u/Q9OoAB9upsx+iXrBLxh6EmWAqV4YFzVeGoCZZ4/U/O2YwJ6f1Ofw==
Content-Length: 2131
Keep-Alive: timeout=5, max=14
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: cHaBKhAxPl886T+0lPMtUlywaQJE5Myl+klovYCwFS+1WMrrNyC2LGn4BEYQwj1wvdEzRmG0IkQ=
x-amz-request-id: 5V7F8G65P6RR2W0Z
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 01 Apr 2023 04:12:27 GMT
age: 901
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 01 Apr 2023 04:27:28 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

i.cdnpark.com/registrar/v3/loader.js

143.204.55.68

200 OK

2.2 kB

URL HTTP/1.1
i.cdnpark.com/registrar/v3/loader.js
IP
143.204.55.68:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text
Size
2.2 kB (2195 bytes)
Hash
6a8a5ac701875e082ba567dc1e31dc47
270e11322a98d1f93377df4da2db08e3907db01c
ccc86bccd7817aaa981c28c56fa002ec8f305d81433312e8299ce70fc8d70c7e

HTTP Headers

GET /registrar/v3/loader.js HTTP/1.1
Host: i.cdnpark.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/

HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Sat, 01 Apr 2023 01:08:33 GMT
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ifcqjoiyjSWTbEUyipbjUHB-NwQg_XTSyzFkm5j2df5zkcBc7vk-HA==
Age: 11935

i.cdnpark.com/themes/registrar/401543.css

143.204.55.68

200 OK

1.1 kB

URL HTTP/1.1
i.cdnpark.com/themes/registrar/401543.css
IP
143.204.55.68:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
1.1 kB (1058 bytes)
Hash
69d88c7ebc8bb3c25a4705df68359443
279d4fc997ad44f8091439166b5a255ef0e3d666
ad5dc13a24b57ff9b82b1d3d3d9892998944aa331fb85816fc6039b5a6941203

HTTP Headers

GET /themes/registrar/401543.css HTTP/1.1
Host: i.cdnpark.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/

HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 28 Nov 2022 10:41:35 GMT
Content-Encoding: gzip
Date: Fri, 31 Mar 2023 19:26:24 GMT
ETag: W/"6384905f-bc6"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: S4qJHE2_VwLpm_JLcIcERJD-6FW93eTVdmz27PA-4nx--S9f95uCOg==
Age: 33777

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a5ac29d7d71ef6c0cc7547974c8c4f7b
29108a8370757ef63f347d1fd2ae696f5842342c
3371093d6dab54c7c3b612e3774435f0a592bee4e40fbcc2edd55d29d7715c26

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 04:27:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

init.huntingtonhospital.net/px.js?ch=1

208.91.197.27

200 OK

346 B

URL HTTP/1.1
init.huntingtonhospital.net/px.js?ch=1
IP
208.91.197.27:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
ASCII text, with very long lines (346), with no line terminators
Size
346 B (346 bytes)
Hash
f84f931c0dd37448e03f0dabf4e4ca9f
9c2c50edcf576453ccc07bf65668bd23c76e8663
5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /px.js?ch=1 HTTP/1.1
Host: init.huntingtonhospital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/

HTTP/1.1 200 OK
Date: Sat, 01 Apr 2023 04:27:28 GMT
Server: Apache
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: application/javascript

fonts.googleapis.com/css?family=Poppins:300

142.250.74.106

200 OK

858 B

URL HTTP/2
fonts.googleapis.com/css?family=Poppins:300
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
858 B (858 bytes)
Hash
bf0133a5aac5ae360422e56e3ca43a76
8fc56903c92d7caa453a46b653e93a82fc379221
40e4a3558cf5653f12b669e023d17ed261aca422fb5b054aceb8a963506ee87c

HTTP Headers

GET /css?family=Poppins:300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 01 Apr 2023 04:27:28 GMT
date: Sat, 01 Apr 2023 04:27:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

init.huntingtonhospital.net/px.js?ch=2

208.91.197.27

200 OK

346 B

URL HTTP/1.1
init.huntingtonhospital.net/px.js?ch=2
IP
208.91.197.27:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
ASCII text, with very long lines (346), with no line terminators
Size
346 B (346 bytes)
Hash
f84f931c0dd37448e03f0dabf4e4ca9f
9c2c50edcf576453ccc07bf65668bd23c76e8663
5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /px.js?ch=2 HTTP/1.1
Host: init.huntingtonhospital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/

HTTP/1.1 200 OK
Date: Sat, 01 Apr 2023 04:27:28 GMT
Server: Apache
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ff36ec2657d8ee3b0f78d0a8b2bc9c96
7ce770b27771a2417292364a24af2d65bb9085a5
7c6a6029f3d8b5c88c0d52cfa1d8a6d79fe57080cbd88951ce40456d1ae214e0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 04:27:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

216.58.207.227

200 OK

7.8 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Size
7.8 kB (7840 bytes)
Hash
8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://init.huntingtonhospital.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:32:01 GMT
expires: Wed, 27 Mar 2024 10:32:01 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
age: 323727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d38psrni17bvxu.cloudfront.net/registrar/v3/content/401543

54.230.245.22

200 OK

2.9 kB

URL HTTP/1.1
d38psrni17bvxu.cloudfront.net/registrar/v3/content/401543
IP
54.230.245.22:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2899)
Size
2.9 kB (2942 bytes)
Hash
c5a7fc92817bc1fdcd0e7ba01f9d1dc8
5368bf74f0b18c4db6f375d2105fd08a2a1d94b6
7a90b10f1abaef9b9d9a3ccf71bcf1b999742d75df174927c66b57be8747c839

HTTP Headers

GET /registrar/v3/content/401543 HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/

HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Sat, 01 Apr 2023 02:41:34 GMT
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: B5J_CxsC45m8gjBpVAYEmjOIOQ31ZZjJwVFH4SnpvhhSL87kiGyEwA==
Age: 6354

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ff36ec2657d8ee3b0f78d0a8b2bc9c96
7ce770b27771a2417292364a24af2d65bb9085a5
7c6a6029f3d8b5c88c0d52cfa1d8a6d79fe57080cbd88951ce40456d1ae214e0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 04:27:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

js.parkingcrew.net/jsparkcaf.php?_v=3&regcn=401543&_h=init.huntingtonhospital.net&_t=1680323247497&_qs=

185.53.178.30

200 OK

3.6 kB

URL HTTP/1.1
js.parkingcrew.net/jsparkcaf.php?_v=3&regcn=401543&_h=init.huntingtonhospital.net&_t=1680323247497&_qs=
IP
185.53.178.30:0
ASN
#19905 NEUSTAR-AS6

File type
HTML document, ASCII text, with very long lines (3001)
Size
3.6 kB (3633 bytes)
Hash
d48286058dd7ce8841c798ee62938d18
dba727f935e80bf35780ac76c286f842aa6e41ae
22bc35e59b6722c2fe2e3ba0e4818a93bac9c7cb4c0ddc3e03e797fda8369ae8

HTTP Headers

GET /jsparkcaf.php?_v=3&regcn=401543&_h=init.huntingtonhospital.net&_t=1680323247497&_qs= HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Apr 2023 04:27:29 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Language: norwegian
X-Domain: huntingtonhospital.net
X-Subdomain: init
X-Template: tpl_CleanPeppermintBlack_twoclick

d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js

54.230.245.22

200 OK

5.6 kB

URL HTTP/1.1
d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js
IP
54.230.245.22:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
5.6 kB (5638 bytes)
Hash
6f95d346f97b06c2d81a5cb147d35de0
c591eaa19ed0d227b4555f5e699b668b05aa40b0
35ca990c39f9194a5a17ff664a0fdcc7dfb6cb433ea6844e2960d9744bd9b9b6

HTTP Headers

GET /scripts/jsparkcaf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 5638
Connection: keep-alive
Server: nginx
Date: Sat, 01 Apr 2023 00:52:27 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Accept-Ranges: bytes
ETag: "5ebab1f0-1606"
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oSjDzLGFXJx7OYZmXIr-TfViQM1Hltligtby2TwP0RE2ZajajhkKyw==
Age: 12902

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Expires, Cache-Control, Content-Length, Retry-After, Last-Modified, Pragma, ETag, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 01 Apr 2023 04:17:27 GMT
age: 602
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.google.com/adsense/domains/caf.js?abp=1

216.58.207.228

200 OK

54 kB

URL HTTP/1.1
www.google.com/adsense/domains/caf.js?abp=1
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2193)
Size
54 kB (53928 bytes)
Hash
33a303de4587283138be86dd3b4ce295
586447b51b740e4a322f05f4472cbcec68770bf3
adb6ba3ea00b43c4edc86def8916031c528f74ccb4558f97a6a9f79f99748a84

HTTP Headers

GET /adsense/domains/caf.js?abp=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Sat, 01 Apr 2023 04:27:29 GMT
Expires: Sat, 01 Apr 2023 04:27:29 GMT
Cache-Control: private, max-age=3600
ETag: "15648507436981654811"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0

js.parkingcrew.net/ls.php?t=6427b2b1&token=6b08c47984cf101c50141a018d5de3a84517c929

185.53.178.30

201 Created

16 B

URL HTTP/1.1
js.parkingcrew.net/ls.php?t=6427b2b1&token=6b08c47984cf101c50141a018d5de3a84517c929
IP
185.53.178.30:0
ASN
#19905 NEUSTAR-AS6

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

HTTP Headers

GET /ls.php?t=6427b2b1&token=6b08c47984cf101c50141a018d5de3a84517c929 HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://init.huntingtonhospital.net
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/

HTTP/1.1 201 Created
Server: nginx
Date: Sat, 01 Apr 2023 04:27:29 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 6427b2b1544c404726748cf4
Charset: utf-8
Access-Control-Allow-Origin: http://init.huntingtonhospital.net
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Qeoe3OMBikYHF3SndCTXrTXEEtPZCQq6kh5RR/wEMkU0Rlmh3YREkos+T3v6xOJY5ZDnyGSW/dnA8erqqUN8QA==

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
782ca4845ea5e0ec981e33231b1e61cb
032116b75e124c57877524e9e4f523b6d7c65820
94d007862fc7a4cd67f582ff22f2339619177435559c1dd5075a08c7240f3520

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94D007862FC7A4CD67F582FF22F2339619177435559C1DD5075A08C7240F3520"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8609
Expires: Sat, 01 Apr 2023 06:50:58 GMT
Date: Sat, 01 Apr 2023 04:27:29 GMT
Connection: keep-alive

push.services.mozilla.com/

35.82.254.251

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.82.254.251:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JnlmKxM2MyTr7UDUfwgz2A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JABN9xe3mD6QdWLhEymVLRbGaJs=

d38psrni17bvxu.cloudfront.net/themes/registrar/images/logo_netsol.gif

54.230.245.22

200 OK

3.2 kB

URL HTTP/1.1
d38psrni17bvxu.cloudfront.net/themes/registrar/images/logo_netsol.gif
IP
54.230.245.22:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 109 x 31\012- data
Size
3.2 kB (3245 bytes)
Hash
3f1d1a5754772fa3109d47f1a3ec8da4
19483553c2413bfbbeee73644f991a9e7123add0
9572e3ec056ce723f2a980a44358e9040e7c8f03f238109a5b260cd81c584f62

HTTP Headers

GET /themes/registrar/images/logo_netsol.gif HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 3245
Connection: keep-alive
Server: nginx
Date: Sat, 01 Apr 2023 02:03:46 GMT
Last-Modified: Thu, 14 Jan 2021 10:54:01 GMT
Accept-Ranges: bytes
ETag: "600022c9-cad"
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ma2RvTnALFILh-dAnk_7-KGEIhV8sO7bAl7MDNesgna5WYKaVpYysQ==
Age: 8623

d38psrni17bvxu.cloudfront.net/themes/registrar/images/logo_netsol_icon.gif

54.230.245.22

200 OK

4.0 kB

URL HTTP/1.1
d38psrni17bvxu.cloudfront.net/themes/registrar/images/logo_netsol_icon.gif
IP
54.230.245.22:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 58 x 55\012- data
Size
4.0 kB (4023 bytes)
Hash
ca5fa546488d6996c87716f3d6a0e892
a5536547da5034b1c9ca065471d256d94ae971b2
69a76f86743d2926937de3826f9fbf26fc99f4c67e495228ddefb8f05956518b

HTTP Headers

GET /themes/registrar/images/logo_netsol_icon.gif HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 4023
Connection: keep-alive
Server: nginx
Date: Sat, 01 Apr 2023 01:16:27 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Accept-Ranges: bytes
ETag: "5ebab1f0-fb7"
X-Cache: Hit from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0Q85aZazytdyar7DgSsxW9LB79XZEeeXthWYJApnJhqyVLUpSkviSA==
Age: 11462

js.parkingcrew.net/track.php?domain=huntingtonhospital.net&toggle=browserjs&uid=MTY4MDMyMzI0OS4wMTg5Ojc0ZTdhYmEzYTBjMWRiNGFkZmE5ODZiMGM5MDMyOWQ5MmRlYzA5ZjRlN2I4ZTIxZDJlNjBhY2NiMDMxMjU3MmI6NjQyN2IyYjEwNDliZA%3D%3D

185.53.178.30

200 OK

20 B

URL HTTP/1.1
js.parkingcrew.net/track.php?domain=huntingtonhospital.net&toggle=browserjs&uid=MTY4MDMyMzI0OS4wMTg5Ojc0ZTdhYmEzYTBjMWRiNGFkZmE5ODZiMGM5MDMyOWQ5MmRlYzA5ZjRlN2I4ZTIxZDJlNjBhY2NiMDMxMjU3MmI6NjQyN2IyYjEwNDliZA%3D%3D
IP
185.53.178.30:0
ASN
#19905 NEUSTAR-AS6

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /track.php?domain=huntingtonhospital.net&toggle=browserjs&uid=MTY4MDMyMzI0OS4wMTg5Ojc0ZTdhYmEzYTBjMWRiNGFkZmE5ODZiMGM5MDMyOWQ5MmRlYzA5ZjRlN2I4ZTIxZDJlNjBhY2NiMDMxMjU3MmI6NjQyN2IyYjEwNDliZA%3D%3D HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://init.huntingtonhospital.net
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Apr 2023 04:27:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

js.parkingcrew.net/assets/scripts/registrar-caf/401543.js

185.53.178.30

200 OK

2.3 kB

URL HTTP/1.1
js.parkingcrew.net/assets/scripts/registrar-caf/401543.js
IP
185.53.178.30:0
ASN
#19905 NEUSTAR-AS6

File type
ASCII text
Size
2.3 kB (2307 bytes)
Hash
10c5efa6881cd919a596b4cf6e4e2a32
4861e817ed211e50461802fc9381306e3850c3f2
2480146df67cf549768f1f3e6acd33716562fd5bd6286978b026a85e0f624944

HTTP Headers

GET /assets/scripts/registrar-caf/401543.js HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Apr 2023 04:27:29 GMT
Content-Type: application/javascript
Content-Length: 2307
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-903"
Accept-Ranges: bytes

d38psrni17bvxu.cloudfront.net/themes/registrar/images/colored-pointers_arrows.png

54.230.245.22

200 OK

13 kB

URL HTTP/1.1
d38psrni17bvxu.cloudfront.net/themes/registrar/images/colored-pointers_arrows.png
IP
54.230.245.22:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Size
13 kB (13234 bytes)
Hash
48a0af9c74f0de453e7d868c1d3174e2
708e2a89317302ba67e65d84b855f7aeb0cc113e
c9c53c9ea6a1565e7d7a382d60c95f2dec6add1ca5d66b1ec2db33184a12a0bc

HTTP Headers

GET /themes/registrar/images/colored-pointers_arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://i.cdnpark.com/

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 13234
Connection: keep-alive
Server: nginx
Date: Sat, 01 Apr 2023 02:03:46 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Accept-Ranges: bytes
ETag: "5ebab1f0-33b2"
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uaAbmX7PQRF_BadP2WugLPeMBtrg1eSLEt2Az84uEv0O87MtUhl7zg==
Age: 8623

init.huntingtonhospital.net/favicon.ico

208.91.197.27

404 Not Found

10 B

URL HTTP/1.1
init.huntingtonhospital.net/favicon.ico
IP
208.91.197.27:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
ASCII text, with no line terminators
Size
10 B (10 bytes)
Hash
6608dd3e21ca3beabd4bdfa625a0b221
e926d0f8694a4bc4013308afaca7af51e4c9fd9f
c75eb01138771bfb2a5517aeae882356733782767c4560cc9601c34d2591ca75

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: init.huntingtonhospital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/

HTTP/1.1 404 Not Found
Date: Sat, 01 Apr 2023 04:27:29 GMT
Server: Apache
Content-Length: 10
Keep-Alive: timeout=5, max=7
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
13aea90b56c70f627cf1b6cf76bc9317
3a4a5bf198962f4898565cb59d36c840dbfb455f
e687f0b713563125f2e84ac8ed135c56fd2ed704de83a2597695979df25f8864

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 04:27:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
741a2f47aab81a2c7ed0fadaa1fa74e3
be34e0df4a5f272589a017ce77ece974d890f27c
4ea1737c8246072ea1072314ae684c1f7e518a81a5200c46374e47378bfb6b63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 04:27:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

partner.googleadservices.com/gampad/cookie.js?domain=init.huntingtonhospital.net&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie

216.58.207.226

200 OK

248 B

URL HTTP/2
partner.googleadservices.com/gampad/cookie.js?domain=init.huntingtonhospital.net&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
IP
216.58.207.226:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (384), with no line terminators
Size
248 B (248 bytes)
Hash
a21ee4c220116aef8e458a02805f9478
c86f012823a4169567e4c1158bd6f8cae4d52b69
49348d641c767b760bf9b2655cb8f92384205c70dfeeb68be559bd40c6103355

HTTP Headers

GET /gampad/cookie.js?domain=init.huntingtonhospital.net&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 01 Apr 2023 04:27:29 GMT
server: cafe
cache-control: private
content-length: 248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/afs/ads/i/iframe.html

216.58.207.228

200 OK

728 B

URL HTTP/2
www.google.com/afs/ads/i/iframe.html
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1559)
Size
728 B (728 bytes)
Hash
257c391c42bba1e5e50e5b6701f91b1c
0cd385a2d3e08d7d4cbd1d44727c3aa535d47ec5
3d45d893338fa88d2b99d6141f07e4f57f178abe7439277fd6badc577f7ceb29

HTTP Headers

GET /afs/ads/i/iframe.html HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-vIFIkok9yCfd_yJIj406Tw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-length: 728
date: Sat, 01 Apr 2023 04:27:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 18 Oct 2021 14:30:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
13aea90b56c70f627cf1b6cf76bc9317
3a4a5bf198962f4898565cb59d36c840dbfb455f
e687f0b713563125f2e84ac8ed135c56fd2ed704de83a2597695979df25f8864

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 04:27:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
02ddc021542aadb090aa31099f7b9267
cb2091bff4ad6c225faa4c0c02182217bcdc502c
dcca0f6c051c27f611b9e51981fb34bd0c82a317c2e3ae3412ec6de80c596d24

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 04:27:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Finit.huntingtonhospital.net%2F%3Fcaf%26skrghlp%3DghevcQl%252Bb6F4wruPU6KHejtKRaLZY%252FjXh3%252BgJMpSZ%252BuVwI6dxHqxDRVWbP2AduYq&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2217778716944488&oe=UTF-8&ie=UTF-8&fexp=21404&format=r5%7Cs&nocache=5121680323248533&num=0&output=afd_ads&domain_name=init.huntingtonhospital.net&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1680323248537&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=771&frm=0&cl=518347065&uio=--&cont=tc&jsid=caf&jsv=518347065&rurl=http%3A%2F%2Finit.huntingtonhospital.net%2F&adbw=slave-1-1%3A465%2Cmaster-1%3A466

216.58.207.228

200 OK

2.5 kB

URL HTTP/2
www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Finit.huntingtonhospital.net%2F%3Fcaf%26skrghlp%3DghevcQl%252Bb6F4wruPU6KHejtKRaLZY%252FjXh3%252BgJMpSZ%252BuVwI6dxHqxDRVWbP2AduYq&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2217778716944488&oe=UTF-8&ie=UTF-8&fexp=21404&format=r5%7Cs&nocache=5121680323248533&num=0&output=afd_ads&domain_name=init.huntingtonhospital.net&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1680323248537&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=771&frm=0&cl=518347065&uio=--&cont=tc&jsid=caf&jsv=518347065&rurl=http%3A%2F%2Finit.huntingtonhospital.net%2F&adbw=slave-1-1%3A465%2Cmaster-1%3A466
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5962)
Size
2.5 kB (2453 bytes)
Hash
660616698743b91470a02b4c325b564f
44f8c0fcdf173d9163fd61d434c69e791e998b5d
8ff50b0b1e415057081cdb7f93f1fdbd2b442efca5038c3d6d03c83233a8cb8f

HTTP Headers

GET /afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Finit.huntingtonhospital.net%2F%3Fcaf%26skrghlp%3DghevcQl%252Bb6F4wruPU6KHejtKRaLZY%252FjXh3%252BgJMpSZ%252BuVwI6dxHqxDRVWbP2AduYq&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2217778716944488&oe=UTF-8&ie=UTF-8&fexp=21404&format=r5%7Cs&nocache=5121680323248533&num=0&output=afd_ads&domain_name=init.huntingtonhospital.net&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1680323248537&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=771&frm=0&cl=518347065&uio=--&cont=tc&jsid=caf&jsv=518347065&rurl=http%3A%2F%2Finit.huntingtonhospital.net%2F&adbw=slave-1-1%3A465%2Cmaster-1%3A466 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Sat, 01 Apr 2023 04:27:30 GMT
expires: Sat, 01 Apr 2023 04:27:30 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-KkR-XRVBJ-8vcs754gkPYA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 2453
x-xss-protection: 0
set-cookie: NID=511=EtYoAjZRJhdxHnuKPWVHXYEgpYX93R6v9CPkvN5WtZX39AdeMrGmjADVsP4MLdvfG-UWxUC5PwD8khXCjYodNyNrxR01Y7yWaz7t59WjoqoVyRK6Ne4Vew8t7u89vGjBMt8eSTrkPQ2Ei3wZih3hhy00bUoiJ-WhAaIwiWmNQkg; expires=Sun, 01-Oct-2023 04:27:30 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+849; expires=Mon, 31-Mar-2025 04:27:30 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:31:24 GMT
expires: Wed, 27 Mar 2024 10:31:24 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
age: 323766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

js.parkingcrew.net/track.php?domain=huntingtonhospital.net&caf=1&toggle=answercheck&answer=yes&uid=MTY4MDMyMzI0OS4wMTg5Ojc0ZTdhYmEzYTBjMWRiNGFkZmE5ODZiMGM5MDMyOWQ5MmRlYzA5ZjRlN2I4ZTIxZDJlNjBhY2NiMDMxMjU3MmI6NjQyN2IyYjEwNDliZA%3D%3D

185.53.178.30

200 OK

20 B

URL HTTP/1.1
js.parkingcrew.net/track.php?domain=huntingtonhospital.net&caf=1&toggle=answercheck&answer=yes&uid=MTY4MDMyMzI0OS4wMTg5Ojc0ZTdhYmEzYTBjMWRiNGFkZmE5ODZiMGM5MDMyOWQ5MmRlYzA5ZjRlN2I4ZTIxZDJlNjBhY2NiMDMxMjU3MmI6NjQyN2IyYjEwNDliZA%3D%3D
IP
185.53.178.30:0
ASN
#19905 NEUSTAR-AS6

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /track.php?domain=huntingtonhospital.net&caf=1&toggle=answercheck&answer=yes&uid=MTY4MDMyMzI0OS4wMTg5Ojc0ZTdhYmEzYTBjMWRiNGFkZmE5ODZiMGM5MDMyOWQ5MmRlYzA5ZjRlN2I4ZTIxZDJlNjBhY2NiMDMxMjU3MmI6NjQyN2IyYjEwNDliZA%3D%3D HTTP/1.1
Host: js.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://init.huntingtonhospital.net
Connection: keep-alive
Referer: http://init.huntingtonhospital.net/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Apr 2023 04:27:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0a48144d6cda73ca7d9de96dd6a73409
d6892e6fb892edaab9a53eb240de03553efa3cb1
0da835f0eafe277c7480efdfd80f52d73aeab2894db42827c120423bb7a187be

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 04:27:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0a48144d6cda73ca7d9de96dd6a73409
d6892e6fb892edaab9a53eb240de03553efa3cb1
0da835f0eafe277c7480efdfd80f52d73aeab2894db42827c120423bb7a187be

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 04:27:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2

142.250.74.97

200 OK

555 B

URL HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
555 B (555 bytes)
Hash
c07b4eddcc984c8fcf1c60b8dffedd91
a7d6d3faceb25ed75231e36d2dc6df31aa689844
d4d174d8ee2cac30ce732797d5b474b96608e289c54f63f2ea4e71310dd42d0f

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 31 Mar 2023 08:31:11 GMT
expires: Sat, 01 Apr 2023 07:31:11 GMT
cache-control: public, max-age=82800
age: 71779
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2

142.250.74.97

200 OK

273 B

URL HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Size
273 B (273 bytes)
Hash
4879b4bfc581cab5b5c803866211a36e
e1705c1fa9103a1a9f82a1bb5cd44c8e45bd520a
6ad1ffb79c80d41ec978dd45defe97ee70d0e2efd01bfe678198248819d1b98a

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 273
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 31 Mar 2023 18:06:18 GMT
expires: Sat, 01 Apr 2023 17:06:18 GMT
cache-control: public, max-age=82800
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 37272
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0a48144d6cda73ca7d9de96dd6a73409
d6892e6fb892edaab9a53eb240de03553efa3cb1
0da835f0eafe277c7480efdfd80f52d73aeab2894db42827c120423bb7a187be

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 04:27:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3074
Expires: Sat, 01 Apr 2023 05:18:44 GMT
Date: Sat, 01 Apr 2023 04:27:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3074
Expires: Sat, 01 Apr 2023 05:18:44 GMT
Date: Sat, 01 Apr 2023 04:27:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3074
Expires: Sat, 01 Apr 2023 05:18:44 GMT
Date: Sat, 01 Apr 2023 04:27:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3074
Expires: Sat, 01 Apr 2023 05:18:44 GMT
Date: Sat, 01 Apr 2023 04:27:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3074
Expires: Sat, 01 Apr 2023 05:18:44 GMT
Date: Sat, 01 Apr 2023 04:27:30 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa438448b-437b-48c9-af47-94514486c67e.jpeg

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa438448b-437b-48c9-af47-94514486c67e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8513 bytes)
Hash
0ee37ccafa69e9c352768fa30819a54f
c5268d4749fa57e8602fcb12fd11d5ffb10d0503
4186438aaede57d6b47306caa12a61328fdc83f421cecce44337ff6df9c8c028

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa438448b-437b-48c9-af47-94514486c67e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8513
x-amzn-requestid: c96fbbef-3321-40ca-9f82-79db833d14ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CqnXDEcQoAMFZkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64275293-75f3dfe836f9fb52292e0c21;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:37:23 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: _X7O9XKZJkC5d0gdV6D__yO7FMPXC2KhJtE6V9LVHgWlaRcyBe7eEQ==
via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:47:43 GMT
age: 23987
etag: "c5268d4749fa57e8602fcb12fd11d5ffb10d0503"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fb8174c-0fbe-4857-bc0b-3e50751be490.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.8 kB (3800 bytes)
Hash
ddcef2c96778d9fdee670e187a43ab32
e8c98891a1ffdbb6d30cf8746e067d56fe65d964
4e6fb506079b1daab0b1913a31c6252452f133af9276e18d25fe6fb622ce54ec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fb8174c-0fbe-4857-bc0b-3e50751be490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3800
x-amzn-requestid: a182fb32-649a-4228-a591-080aae8c053a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm9VEY2oAMFf5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751ee-3a1abb584aa61a954dbd52c1;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 8_m0xs9JUsoheDqkfPQdh3kzcE3zhX2Io1kl_Y4sDqLr2_03TiK2eA==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:50:35 GMT
etag: "e8c98891a1ffdbb6d30cf8746e067d56fe65d964"
content-type: image/jpeg
age: 23815
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24171d10-56ac-40e7-9d10-77b9e948da6e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10128 bytes)
Hash
c193cd4520e8ee5d17cd1f3faadc1c73
b46effcb93e0ad066474ec1f67bcd54020615caf
bc824341b884278e7e69ae3bb87484ad914e5909544959ebc8f8661a545cb929

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24171d10-56ac-40e7-9d10-77b9e948da6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10128
x-amzn-requestid: bdd46a1d-4b43-4450-be32-3e3947d2fcd7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm9VELdIAMFmmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751ee-346e92d143f6fcf46db741c8;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: TzZpij5xeF-mrrMvpNNPJQA62GcNd0qPNAh_7IAme7SI3WwmZ4itcg==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:47:54 GMT
etag: "b46effcb93e0ad066474ec1f67bcd54020615caf"
content-type: image/jpeg
age: 23976
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F808d12ec-c97a-4c49-976e-6025ea897112.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5950 bytes)
Hash
800c2662fd6ab8829a02b7d63084c38d
0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239
76545e9f75dc558fdb7b54550934c7775318fb4150a9309f60e65d982d2e576e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F808d12ec-c97a-4c49-976e-6025ea897112.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5950
x-amzn-requestid: 5d5a94f5-db2f-4c4c-9c9f-08c14b0ccd80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm7NG2NIAMF-sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751e1-57c957f442c42fe148e66831;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:25 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: k7ZzBBGmbX5OCG_u8RwOqyLQBvohNe643wpsd3Srg2hoxh55aqSV6A==
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:38:48 GMT
etag: "0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239"
content-type: image/jpeg
age: 24522
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0797be4-c308-47e3-9657-c929f7be021e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10139 bytes)
Hash
ba8077c110172a232340b8c843c21704
110ce19838f6050e0df60240211e66bb95659018
ed614253863b689b947ee48c384b0d96360730d25c6a573a8f1776c0f31b4c4c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0797be4-c308-47e3-9657-c929f7be021e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10139
x-amzn-requestid: a65e17df-5f88-4840-a573-8820b3734e82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CqnHJE9AoAMFdwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6427522d-13577a7f180985f20a340c8e;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:35:41 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: pCHOy35HMhXe7y4p5HZcpSVBS8BEEh0stYUpY7BpLJTD0sHa7xmEgw==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:50:28 GMT
age: 23822
etag: "110ce19838f6050e0df60240211e66bb95659018"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95196399-f417-4284-9902-cf35b1e83360.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5830 bytes)
Hash
deb930830ac86ec8ace6a232f67810ba
d084bf4331446c35236019010b2bcf82d45dad1c
bb81782bf590d601110ec8fb891f701e0f5084bda46370d30345bd81403a33ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95196399-f417-4284-9902-cf35b1e83360.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5830
x-amzn-requestid: 0897bf26-6156-48d3-ba67-596cc326dddc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CqnHHG0JoAMF87w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6427522d-6f380d901d9d6b737ec19d6d;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:35:41 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Bn3MbOV7qxTzTjDiOpS3qgs61KZJTe8bY6sHQa_68HPqyLaL-ZsI3Q==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:50:38 GMT
age: 23812
etag: "d084bf4331446c35236019010b2bcf82d45dad1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML