Report - cpapcanadasupply.com/mtm/direct/.eJx1issKAjEMRf-ly7FMXOqI3yIhRlvoI7YZ6CD-u9Gl4O7ce87TrS26xYHzDtu9Gxo1vnHjZiOoygJAgkJY8Ip9FUnbTDVbF2rXS8HMVv5JkIhFzSsPhaA5eTQdCTXWAuPz7Mbvm9Ppcd7PRz_B9KWDe70BcLg6aw:1p0lMm:xpYpsM0xWjNIoAgyAhsJREJkXkY/2

Report Overview

Submitted URL
cpapcanadasupply.com/mtm/direct/.eJx1issKAjEMRf-ly7FMXOqI3yIhRlvoI7YZ6CD-u9Gl4O7ce87TrS26xYHzDtu9Gxo1vnHjZiOoygJAgkJY8Ip9FUnbTDVbF2rXS8HMVv5JkIhFzSsPhaA5eTQdCTXWAuPz7Mbvm9Ppcd7PRz_B9KWDe70BcLg6aw:1p0lMm:xpYpsM0xWjNIoAgyAhsJREJkXkY/2
IP
45.33.23.183
ASN
#63949 Linode, LLC
Submitted
2022-12-01 15:21:08
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	68 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
www1.cpapcanadasupply.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	8.3 kB	13.248.148.254
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	112 kB	216.58.211.4
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.163.114.208
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	142.250.74.131
cpapcanadasupply.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	563 B	1.1 kB	45.33.20.235
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
d38psrni17bvxu.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	677 B	19 kB	54.230.245.138
partner.googleadservices.com	798	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	484 B	852 B	216.58.207.194
afs.googleusercontent.com	12123	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	443 B	1.1 kB	142.250.74.97

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-01	medium	cpapcanadasupply.com/mtm/direct/.eJx1issKAjEMRf-ly7FMXOqI3yIhRlvoI7YZ6CD-u9Gl4O7ce87TrS26xYHzDtu9Gxo1vnHjZiOoygJAgkJY8Ip9FUnbTDVbF2rXS8HMVv5JkIhFzSsPhaA5eTQdCTXWAuPz7Mbvm9Ppcd7PRz_B9KWDe70BcLg6aw:1p0lMm:xpYpsM0xWjNIoAgyAhsJREJkXkY/2	Phishing
2022-12-01	medium	d38psrni17bvxu.cloudfront.net/scripts/maincaf.js	Malware
2022-12-01	medium	www1.cpapcanadasupply.com/ls.php	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0	40 B	2023-03-08	2023-05-23
Pretty URL www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:24:08 Last Seen2023-05-23 17:14:04 Times Seen4695 Hash bbf1d9896eb3544c767d965a657e142c 5df55c7669b87f414501ffc91de02e4756141a83 f73cb6aef53ef853b780335ddf7d4cb319edcf02c8c050f270639a91226a09bc Loading...

	d38psrni17bvxu.cloudfront.net/scripts/maincaf.js	7.0 kB	2023-03-08	2023-03-17
Pretty URL d38psrni17bvxu.cloudfront.net/scripts/maincaf.js IP 54.230.245.138 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:52 Last Seen2023-03-17 23:32:26 Times Seen1 Hash 3c7567521347bf95b105ffa7fdc7da86 08739adacbf1300c74d8ae1cf100d00d9fbd0e5f 0e32bca6b67dfdeed3f9b988ddcec1adf0502549a130a78c4ace64c318a7ea29 Loading...

	www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0	18 B	2023-03-07	2023-03-17
Pretty URL www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:04:20 Last Seen2023-03-17 12:55:35 Times Seen1 Hash a4becae3bf036c255c5022f2645a9930 1d3cccab55ab95b98bf5d5cdd2d05261456386b2 79776de436621ce3e4c84a6f0cb35d4b9e0f2b9035ff52c3b2c64593fe873ac6 Loading...

	www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0	61 B	2023-03-08	2023-03-12
Pretty URL www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:56 Last Seen2023-03-12 09:32:36 Times Seen1 Hash ae92502b031cccdc6bff3d2c21337ea0 96e1512373b549d59d43e1ff15040a014b83ec72 4b77e53ace631ebdc77e2ee311290ed9ed19e5948aa99d9c4e426b7a444e3b53 Loading...

	www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0	71 B	2023-03-08	2024-01-04
Pretty URL www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:23:53 Last Seen2024-01-04 08:38:22 Times Seen25410 Hash 1a5a5e1b6a26f57b95e3dd42f60612f4 b62a27e55a59b49084e682bd3c1588f6a40881ab 4066da16910907c7962da8e7011bf0cd62b6f2dcddb1911e3ea2de03ce3e1dc7 Loading...

	www.google.com/adsense/domains/caf.js	147 kB	2023-03-11	2023-03-11
Pretty URL www.google.com/adsense/domains/caf.js IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:54:54 Last Seen2023-03-11 23:43:13 Times Seen1 Hash 4b4e058e39e6b36cef760592a4634db5 5321d0f813cc20d39837e5f573bfd1934fb9a412 47bb2ce5f9670fa4b98955e60e2e1cea01cea3d8806bf809d029a6759455b23d Loading...

	www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0	951 B	2023-03-11	2023-03-11
Pretty URL www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:38:57 Last Seen2023-03-11 23:38:57 Times Seen1 Hash 1b32249385df52abdc93701ee389d1d9 c4bce1547bff7225f50526d8e252a64380d388c0 f8fd752acb105e9b7f46cee518d3a19dff4333cfaee169be262cdc4178f760ad Loading...

	www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0	166 B	2023-03-07	2023-03-17
Pretty URL www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:44:55 Last Seen2023-03-17 23:32:26 Times Seen1 Hash 989c3090bdce93db83506dbbea3d636a 518f92aa83893b6c59e328112707e0023ac1fd0c d94b5f67f2517418f079ed4de6e5f09d6f64863f89648684aff4daa4edeb0ac5 Loading...

	www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0	386 B	2023-03-07	2023-03-17
Pretty URL www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:44:55 Last Seen2023-03-17 23:32:26 Times Seen1 Hash e0f461f5e786de00532cae23265f8fa7 00aeec0405f209f8e537dfce729fb7970d332c70 6cf19b1406d2f42b163e5a58b451e5e5f1c31f46e9bd30edd8a1b7ee643f987b Loading...

	www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0	3.0 kB	2023-03-11	2023-03-11
Pretty URL www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:38:57 Last Seen2023-03-11 23:38:57 Times Seen1 Hash 25e526974de76dee0ac71e34e9b7953f 4b7c0d22f3a55fd46c8d5c71edec0f8797c2ae0e 40c84d259da57cda4dce11bee4d2b3ddb20d7d7b2dbb3d8335c77b24974c5cdd Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=www1.cpapcanadasupply.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie	197 B	2023-03-11	2023-03-11
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=www1.cpapcanadasupply.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie IP 216.58.207.194 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:38:57 Last Seen2023-03-11 23:38:57 Times Seen1 Hash 872bfa005d5fbdd2c1243b6d8f437b52 1a80d7c4e6ac7bb030245ccbb3de38c611a3a5d1 5b7144941412bd26cf78753b456102d7a6e6e97772f803561ac9d1124a4b38e5 Loading...

	www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0	968 B	2023-03-08	2024-04-11
Pretty URL www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:57:23 Last Seen2024-04-11 06:35:59 Times Seen328 Hash 24452b83930060f1289852c18b9caba2 71cb3af2a5ad788c24aa97b886ea1fd0287b6e16 1c1eba3972708895d659c4582bfa642d69c9e642a9af8c0a4f5347bc59d1b30d Loading...

	www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0	1.4 kB	2023-03-11	2023-03-11
Pretty URL www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:38:57 Last Seen2023-03-11 23:38:57 Times Seen1 Hash a4b637c316fd3461900585a8f896c4a4 25b7813005f78a0b66e8d3f892855e3dc6d3b24a 52d88a0dd94f84c35d67784557a96b542f8f807d4ef7d0780825497fb4ca3445 Loading...

	www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0	387 B	2023-03-07	2023-03-17
Pretty URL www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2023-03-17 23:32:26 Times Seen1 Hash 3e73c65a22bdd2d72118af9b51b80b40 f0c600cc278c9111e0164d3d6e20966a4bc8823f 3d7df9ca4013d27166a7de884bad461d25a47400a19b542f62258b2989c9e552 Loading...

	www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0	103 B	2023-03-07	2023-03-17
Pretty URL www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-03-17 23:32:26 Times Seen1 Hash eff198359d7830815fe4e33472820d4c d0675c7fc2fa176b9b912473f6f94a56d5e02821 a1ed7e13b07622a1293006c15579645d48e9c0cc0704dfc837a19d4c88461dda Loading...

	www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet12_3ph&r=m&hl=no&terms=CPAP%20Supplies%20USA%2CCPAP%20Machines%20and%20Masks%2CMini%20Portable%20Travel%20CPAP%2CCPAP%20Cleaner%20Machine&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2283340565059714&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r4%7Cs&nocache=8351669908057254&num=0&output=afd_ads&domain_name=www1.cpapcanadasupply.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1669908057255&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=488417025&uio=--&cont=tc&jsid=caf&jsv=488417025&rurl=http%3A%2F%2Fwww1.cpapcanadasupply.com%2F%3Ftm%3D1%26subid4%3D1669908057.0480090000%26kw%3DCPAP%2BSupplies%26KW1%3DCPAP%2520Supplies%2520USA%26KW2%3DCPAP%2520Machines%2520and%2520Masks%26KW3%3DMini%2520Portable%2520Travel%2520CPAP%26KW4%3DCPAP%2520Cleaner%2520Machine%26searchbox%3D0%26domainname%3D0%26backfill%3D0&adbw=master-1%3A530	6.6 kB	2023-03-11	2023-03-11
Pretty URL www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet12_3ph&r=m&hl=no&terms=CPAP%20Supplies%20USA%2CCPAP%20Machines%20and%20Masks%2CMini%20Portable%20Travel%20CPAP%2CCPAP%20Cleaner%20Machine&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2283340565059714&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r4%7Cs&nocache=8351669908057254&num=0&output=afd_ads&domain_name=www1.cpapcanadasupply.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1669908057255&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=488417025&uio=--&cont=tc&jsid=caf&jsv=488417025&rurl=http%3A%2F%2Fwww1.cpapcanadasupply.com%2F%3Ftm%3D1%26subid4%3D1669908057.0480090000%26kw%3DCPAP%2BSupplies%26KW1%3DCPAP%2520Supplies%2520USA%26KW2%3DCPAP%2520Machines%2520and%2520Masks%26KW3%3DMini%2520Portable%2520Travel%2520CPAP%26KW4%3DCPAP%2520Cleaner%2520Machine%26searchbox%3D0%26domainname%3D0%26backfill%3D0&adbw=master-1%3A530 IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:38:57 Last Seen2023-03-11 23:38:57 Times Seen1 Hash 5ff2969a5a3389caa4662a73550f1188 39fa5d335f4002d076432774f68bf4365271445d 19caa526361b0c127e50d1683219712446a59d591c6e715068ee328426c3659b Loading...

	www.google.com/adsense/domains/caf.js	147 kB	2023-03-11	2023-03-11
Pretty URL www.google.com/adsense/domains/caf.js IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:54:52 Last Seen2023-03-11 23:41:16 Times Seen1 Hash 6a4a096cfd45d6e91ffb1265f27e27c5 075eb68b0b85f5ddf30882ea0e765a59a3e157aa 5d2dadd156f02d2b9b305f0b3e9a2a1d28c32bee19f5d44e107902e4b8727ced Loading...

	www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0	242 B	2023-03-11	2023-03-11
Pretty URL www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:38:57 Last Seen2023-03-11 23:38:57 Times Seen1 Hash 2e4bbb78d6a238c1edcc6dd504bea5f6 137aaf753f78cde229806b18c49e31c425321e05 b1068e817e04529403acb6039b88179c09a97f5fdcd74b44ae369e6c2b22c952 Loading...

HTTP Transactions (39)

URL IP Response Size

cpapcanadasupply.com/mtm/direct/.eJx1issKAjEMRf-ly7FMXOqI3yIhRlvoI7YZ6CD-u9Gl4O7ce87TrS26xYHzDtu9Gxo1vnHjZiOoygJAgkJY8Ip9FUnbTDVbF2rXS8HMVv5JkIhFzSsPhaA5eTQdCTXWAuPz7Mbvm9Ppcd7PRz_B9KWDe70BcLg6aw:1p0lMm:xpYpsM0xWjNIoAgyAhsJREJkXkY/2

45.33.20.235

302 Found

0 B

URL HTTP/1.1
cpapcanadasupply.com/mtm/direct/.eJx1issKAjEMRf-ly7FMXOqI3yIhRlvoI7YZ6CD-u9Gl4O7ce87TrS26xYHzDtu9Gxo1vnHjZiOoygJAgkJY8Ip9FUnbTDVbF2rXS8HMVv5JkIhFzSsPhaA5eTQdCTXWAuPz7Mbvm9Ppcd7PRz_B9KWDe70BcLg6aw:1p0lMm:xpYpsM0xWjNIoAgyAhsJREJkXkY/2
IP
45.33.20.235:0
ASN
#63949 Linode, LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mtm/direct/.eJx1issKAjEMRf-ly7FMXOqI3yIhRlvoI7YZ6CD-u9Gl4O7ce87TrS26xYHzDtu9Gxo1vnHjZiOoygJAgkJY8Ip9FUnbTDVbF2rXS8HMVv5JkIhFzSsPhaA5eTQdCTXWAuPz7Mbvm9Ppcd7PRz_B9KWDe70BcLg6aw:1p0lMm:xpYpsM0xWjNIoAgyAhsJREJkXkY/2 HTTP/1.1
Host: cpapcanadasupply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Thu, 01 Dec 2022 15:20:57 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0
x-mtm-path: 4
x-mtm-prov: 109:0.00;378:248.42
x-mtm-rd: 0.42
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJjcGFwY2FuYWRhc3VwcGx5LmNvbSIsImh0dHA6Ly93d3cxLmNwYXBjYW5hZGFzdXBwbHkuY29tLz90bT0xJnN1YmlkND0xNjY5OTA4MDU3LjA0ODAwOTAwMDAma3c9Q1BBUCtTdXBwbGllcyZLVzE9Q1BBUCUyMFN1cHBsaWVzJTIwVVNBJktXMj1DUEFQJTIwTWFjaGluZXMlMjBhbmQlMjBNYXNrcyZLVzM9TWluaSUyMFBvcnRhYmxlJTIwVHJhdmVsJTIwQ1BBUCZLVzQ9Q1BBUCUyMENsZWFuZXIlMjBNYWNoaW5lJnNlYXJjaGJveD0wJmRvbWFpbm5hbWU9MCZiYWNrZmlsbD0wIiwxLCIyMDIyLTEyLTAxIDE1OjIwOjU3IiwxLCIxNjY5OTA4MDU3LjA0ODAwOTAwMDAiLDM3OCxudWxsLG51bGxd:1p0lMv:UoOo3Vn7PD2LqmmbzhdXD9y-aMU; expires=Thu, 01-Dec-2022 16:20:57 GMT; Max-Age=3600; Path=/
connection: close

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2931
Expires: Thu, 01 Dec 2022 16:09:48 GMT
Date: Thu, 01 Dec 2022 15:20:57 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 551
Cache-Control: max-age=155966
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 15:20:57 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 10:40:23 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 15:18:08 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 169
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8372
Expires: Thu, 01 Dec 2022 17:40:29 GMT
Date: Thu, 01 Dec 2022 15:20:57 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: kkUnjKgaFa51zdKXDVAH6yCIK7W/uv3XjC1cc+V3Btfmw7XtkiJvxohM11eJtbjtyukYXdiWwAs=
x-amz-request-id: XHWT4HBKG4JM1XKV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 14:45:42 GMT
age: 2115
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 15:20:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0

13.248.148.254

200 OK

5.7 kB

URL HTTP/1.1
www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0
IP
13.248.148.254:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2834)
Size
5.7 kB (5682 bytes)
Hash
2e521d8c60f20bc9951741a8e1bc7cd5
13de10af11a1edcb9dbcac396673d17d05dffbdf
33427d1ccbdbbe180541b1fb33ea491c572113e159fc6c3c5c08b4936ec60b10

HTTP Headers

GET /?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0 HTTP/1.1
Host: www1.cpapcanadasupply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 15:20:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket102
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_abFbTosBlssVURPXzYovCZct5vK8bC+gazcqdczj969Y4cKLhJAS0F/XR/yCLQgo/Vc8qsZuREIHeTHZQ68s0Q==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip

d38psrni17bvxu.cloudfront.net/scripts/maincaf.js

54.230.245.138

200 OK

7.0 kB

URL HTTP/1.1
d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
IP
54.230.245.138:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (316)
Size
7.0 kB (7006 bytes)
Hash
3c7567521347bf95b105ffa7fdc7da86
08739adacbf1300c74d8ae1cf100d00d9fbd0e5f
0e32bca6b67dfdeed3f9b988ddcec1adf0502549a130a78c4ace64c318a7ea29

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /scripts/maincaf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.cpapcanadasupply.com/

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7006
Connection: keep-alive
Server: nginx
Date: Thu, 01 Dec 2022 02:41:50 GMT
Last-Modified: Tue, 15 Nov 2022 15:10:24 GMT
Accept-Ranges: bytes
ETag: "6373abe0-1b5e"
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7VIc7NG3-zVACyAbyQOzTJjPKJN4EHOqlz4_DIHRZU2x0JF4U3i6Ig==
Age: 45547

www.google.com/adsense/domains/caf.js

216.58.211.4

200 OK

54 kB

URL HTTP/1.1
www.google.com/adsense/domains/caf.js
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1885)
Size
54 kB (53467 bytes)
Hash
462bba5f993424bda6f956b04e3f859f
060e342ded2b4e995f68d37d60b221839f53b836
3fe743e8858e3866f8cb26cc533ab8bb870fd5da00bd3a7dbd738e5d4065688d

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.cpapcanadasupply.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Thu, 01 Dec 2022 15:20:57 GMT
Expires: Thu, 01 Dec 2022 15:20:57 GMT
Cache-Control: private, max-age=3600
ETag: "4818219838129849631"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 15:08:56 GMT
cache-control: public,max-age=3600
age: 722
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 552
Cache-Control: max-age=150903
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 15:20:58 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:16:01 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png

54.230.245.138

200 OK

11 kB

URL HTTP/1.1
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
IP
54.230.245.138:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11375 bytes)
Hash
0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865

HTTP Headers

GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.cpapcanadasupply.com/

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11375
Connection: keep-alive
Server: nginx
Date: Thu, 01 Dec 2022 02:14:23 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Accept-Ranges: bytes
ETag: "62b4441b-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aJVD8u6I954fU87qB6ip61yFfzccQTKD5EO2_ZlwYbfwKTSMb7HXMw==
Age: 47195

www1.cpapcanadasupply.com/track.php?domain=cpapcanadasupply.com&toggle=browserjs&uid=MTY2OTkwODA1Ny42NTg0OjNiYjg0NWM2YTNiMzk5MjY2NTlkM2QxNzkxM2E5N2I3N2ZiYWUzYzg0M2M3YjE0MzcyZTMyM2JhMmY5Nzg4ZGE6NjM4OGM2NTlhMGMwYg%3D%3D

13.248.148.254

200 OK

20 B

URL HTTP/1.1
www1.cpapcanadasupply.com/track.php?domain=cpapcanadasupply.com&toggle=browserjs&uid=MTY2OTkwODA1Ny42NTg0OjNiYjg0NWM2YTNiMzk5MjY2NTlkM2QxNzkxM2E5N2I3N2ZiYWUzYzg0M2M3YjE0MzcyZTMyM2JhMmY5Nzg4ZGE6NjM4OGM2NTlhMGMwYg%3D%3D
IP
13.248.148.254:0
ASN
#16509 AMAZON-02

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /track.php?domain=cpapcanadasupply.com&toggle=browserjs&uid=MTY2OTkwODA1Ny42NTg0OjNiYjg0NWM2YTNiMzk5MjY2NTlkM2QxNzkxM2E5N2I3N2ZiYWUzYzg0M2M3YjE0MzcyZTMyM2JhMmY5Nzg4ZGE6NjM4OGM2NTlhMGMwYg%3D%3D HTTP/1.1
Host: www1.cpapcanadasupply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 15:20:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

www1.cpapcanadasupply.com/favicon.ico

13.248.148.254

200 OK

0 B

URL HTTP/1.1
www1.cpapcanadasupply.com/favicon.ico
IP
13.248.148.254:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www1.cpapcanadasupply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 15:20:58 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes

push.services.mozilla.com/

35.163.114.208

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.114.208:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yFA3ZRxdg0rJVkJd/ldDNA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YUwf39YhjKel1S9rviGd6ImaLg8=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
16c3ad4a2bc7f419fb354b37778f8b2f
d193a1336556dcf6b4975a057e7c849037eef0ff
5993deb5a53b2e844b9027a6b6906c718f6e9f69c27388199c4343a80ef067f6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 15:20:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2127bde04ad44ce578c974ce17014430
0671da7ac6281e7666378aec875006158b784931
e7353f4f5fdb557bbc3ed7b6c74c9a79d1bb7ef966f5bd471382feb82234bd93

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 15:20:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet12_3ph&r=m&hl=no&terms=CPAP%20Supplies%20USA%2CCPAP%20Machines%20and%20Masks%2CMini%20Portable%20Travel%20CPAP%2CCPAP%20Cleaner%20Machine&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2283340565059714&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r4%7Cs&nocache=8351669908057254&num=0&output=afd_ads&domain_name=www1.cpapcanadasupply.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1669908057255&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=488417025&uio=--&cont=tc&jsid=caf&jsv=488417025&rurl=http%3A%2F%2Fwww1.cpapcanadasupply.com%2F%3Ftm%3D1%26subid4%3D1669908057.0480090000%26kw%3DCPAP%2BSupplies%26KW1%3DCPAP%2520Supplies%2520USA%26KW2%3DCPAP%2520Machines%2520and%2520Masks%26KW3%3DMini%2520Portable%2520Travel%2520CPAP%26KW4%3DCPAP%2520Cleaner%2520Machine%26searchbox%3D0%26domainname%3D0%26backfill%3D0&adbw=master-1%3A530

216.58.211.4

200 OK

2.3 kB

URL HTTP/2
www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet12_3ph&r=m&hl=no&terms=CPAP%20Supplies%20USA%2CCPAP%20Machines%20and%20Masks%2CMini%20Portable%20Travel%20CPAP%2CCPAP%20Cleaner%20Machine&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2283340565059714&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r4%7Cs&nocache=8351669908057254&num=0&output=afd_ads&domain_name=www1.cpapcanadasupply.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1669908057255&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=488417025&uio=--&cont=tc&jsid=caf&jsv=488417025&rurl=http%3A%2F%2Fwww1.cpapcanadasupply.com%2F%3Ftm%3D1%26subid4%3D1669908057.0480090000%26kw%3DCPAP%2BSupplies%26KW1%3DCPAP%2520Supplies%2520USA%26KW2%3DCPAP%2520Machines%2520and%2520Masks%26KW3%3DMini%2520Portable%2520Travel%2520CPAP%26KW4%3DCPAP%2520Cleaner%2520Machine%26searchbox%3D0%26domainname%3D0%26backfill%3D0&adbw=master-1%3A530
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6514)
Size
2.3 kB (2252 bytes)
Hash
6fee02cc4286c2313c4f2e02c3386f65
0a66402a3a7a6508de8eddfa84d972fac71632a6
966acd5abe3220a9f6c00b5a20762a730f5cbf62633c5bb71b59b5389c0aa0d2

HTTP Headers

GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet12_3ph&r=m&hl=no&terms=CPAP%20Supplies%20USA%2CCPAP%20Machines%20and%20Masks%2CMini%20Portable%20Travel%20CPAP%2CCPAP%20Cleaner%20Machine&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2283340565059714&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r4%7Cs&nocache=8351669908057254&num=0&output=afd_ads&domain_name=www1.cpapcanadasupply.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1669908057255&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=488417025&uio=--&cont=tc&jsid=caf&jsv=488417025&rurl=http%3A%2F%2Fwww1.cpapcanadasupply.com%2F%3Ftm%3D1%26subid4%3D1669908057.0480090000%26kw%3DCPAP%2BSupplies%26KW1%3DCPAP%2520Supplies%2520USA%26KW2%3DCPAP%2520Machines%2520and%2520Masks%26KW3%3DMini%2520Portable%2520Travel%2520CPAP%26KW4%3DCPAP%2520Cleaner%2520Machine%26searchbox%3D0%26domainname%3D0%26backfill%3D0&adbw=master-1%3A530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.cpapcanadasupply.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Thu, 01 Dec 2022 15:20:58 GMT
expires: Thu, 01 Dec 2022 15:20:58 GMT
cache-control: private, max-age=3600
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2252
x-xss-protection: 0
set-cookie: CONSENT=PENDING+677; expires=Sat, 30-Nov-2024 15:20:58 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

partner.googleadservices.com/gampad/cookie.js?domain=www1.cpapcanadasupply.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie

216.58.207.194

200 OK

189 B

URL HTTP/2
partner.googleadservices.com/gampad/cookie.js?domain=www1.cpapcanadasupply.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie
IP
216.58.207.194:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
189 B (189 bytes)
Hash
8849fef282a8827b4195c635d0f567fc
ac6864cedea248715ce15917ec61111656a3d03a
7a1ad9b212f968b616f5edd022c87e49ac1a2d3033100e3bcebd9c7a59366a81

HTTP Headers

GET /gampad/cookie.js?domain=www1.cpapcanadasupply.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.cpapcanadasupply.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 01 Dec 2022 15:20:58 GMT
server: cafe
cache-control: private
content-length: 189
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 15:20:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2127bde04ad44ce578c974ce17014430
0671da7ac6281e7666378aec875006158b784931
e7353f4f5fdb557bbc3ed7b6c74c9a79d1bb7ef966f5bd471382feb82234bd93

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 15:20:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e7e19607943d3a3770dd76e619af315d
78a4ef394f6fcbaa6b5abaa41f80eb9bce6bf06e
bafb86050e74ea34fc7206ec495f56d82f536245a1f23502eef3f3b7871ffea3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 15:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e7e19607943d3a3770dd76e619af315d
78a4ef394f6fcbaa6b5abaa41f80eb9bce6bf06e
bafb86050e74ea34fc7206ec495f56d82f536245a1f23502eef3f3b7871ffea3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 15:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/adsense/domains/caf.js

216.58.211.4

200 OK

54 kB

URL HTTP/2
www.google.com/adsense/domains/caf.js
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1885)
Size
54 kB (53720 bytes)
Hash
74e4ca9eb4e54a4b565cc1ebf53b5ce2
62fc8da582705aa63aeb9aece51b8dfb5099aca4
72ae3a5fb80b59aa4c4716ca2ae4d8ca429b0237b31c6ebd8e5faa0e6214eb14

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 01 Dec 2022 15:20:58 GMT
expires: Thu, 01 Dec 2022 15:20:58 GMT
cache-control: private, max-age=3600
etag: "14850336586422826086"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

142.250.74.97

200 OK

174 B

URL HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
174 B (174 bytes)
Hash
4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 20:59:49 GMT
expires: Thu, 01 Dec 2022 19:59:49 GMT
cache-control: public, max-age=82800
age: 66070
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www1.cpapcanadasupply.com/ls.php

13.248.148.254

201 Created

0 B

URL HTTP/1.1
www1.cpapcanadasupply.com/ls.php
IP
13.248.148.254:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /ls.php HTTP/1.1
Host: www1.cpapcanadasupply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 2786
Origin: http://www1.cpapcanadasupply.com
Connection: keep-alive
Referer: http://www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0

HTTP/1.1 201 Created
Date: Thu, 01 Dec 2022 15:20:59 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 6388c65a1483785c7b7b380c
Charset: utf-8
Access-Control-Allow-Origin: http://www1.cpapcanadasupply.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_f+rDyWWUpv0kFrJ2d9QdoXOaBFPXSOV6EVtuYQu6YBOpC0+7/tDVySe81GEtpQiclmA3RH3rImpFzViUqNDqdw==

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e7e19607943d3a3770dd76e619af315d
78a4ef394f6fcbaa6b5abaa41f80eb9bce6bf06e
bafb86050e74ea34fc7206ec495f56d82f536245a1f23502eef3f3b7871ffea3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 15:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www1.cpapcanadasupply.com/track.php?domain=cpapcanadasupply.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2OTkwODA1Ny42NTg0OjNiYjg0NWM2YTNiMzk5MjY2NTlkM2QxNzkxM2E5N2I3N2ZiYWUzYzg0M2M3YjE0MzcyZTMyM2JhMmY5Nzg4ZGE6NjM4OGM2NTlhMGMwYg%3D%3D

13.248.148.254

200 OK

20 B

URL HTTP/1.1
www1.cpapcanadasupply.com/track.php?domain=cpapcanadasupply.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2OTkwODA1Ny42NTg0OjNiYjg0NWM2YTNiMzk5MjY2NTlkM2QxNzkxM2E5N2I3N2ZiYWUzYzg0M2M3YjE0MzcyZTMyM2JhMmY5Nzg4ZGE6NjM4OGM2NTlhMGMwYg%3D%3D
IP
13.248.148.254:0
ASN
#16509 AMAZON-02

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /track.php?domain=cpapcanadasupply.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2OTkwODA1Ny42NTg0OjNiYjg0NWM2YTNiMzk5MjY2NTlkM2QxNzkxM2E5N2I3N2ZiYWUzYzg0M2M3YjE0MzcyZTMyM2JhMmY5Nzg4ZGE6NjM4OGM2NTlhMGMwYg%3D%3D HTTP/1.1
Host: www1.cpapcanadasupply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.cpapcanadasupply.com/?tm=1&subid4=1669908057.0480090000&kw=CPAP+Supplies&KW1=CPAP%20Supplies%20USA&KW2=CPAP%20Machines%20and%20Masks&KW3=Mini%20Portable%20Travel%20CPAP&KW4=CPAP%20Cleaner%20Machine&searchbox=0&domainname=0&backfill=0
Cookie: __gsas=ID=da09cc164054f806:T=1669908058:S=ALNI_MaKQNPYuHaBtrI_Rk4gsxySkstmzA

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 15:20:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3066
Expires: Thu, 01 Dec 2022 16:12:06 GMT
Date: Thu, 01 Dec 2022 15:21:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3066
Expires: Thu, 01 Dec 2022 16:12:06 GMT
Date: Thu, 01 Dec 2022 15:21:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3066
Expires: Thu, 01 Dec 2022 16:12:06 GMT
Date: Thu, 01 Dec 2022 15:21:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3066
Expires: Thu, 01 Dec 2022 16:12:06 GMT
Date: Thu, 01 Dec 2022 15:21:00 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4762 bytes)
Hash
d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: b7c0e28a-de0d-443d-8bf4-900a964bf110
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uSFcMoAMF2CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc1-7abade3a670201cf1906b79f;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gZSkafSw8cXo9AChLOTVJW7r_hHLW8kaHlA-ED2_zFJwuUk1uS3VRw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:29:36 GMT
age: 6684
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16038 bytes)
Hash
ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 63327
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9674 bytes)
Hash
5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:44:47 GMT
age: 63373
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12898 bytes)
Hash
820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gsn5uUFEzDZDOMPTvW9UQxtccvRfJKUM4eJ8U99jvUGzNIKkF9SzeA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:20 GMT
age: 63100
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8740 bytes)
Hash
26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7SqHjYIAMF8xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 12:31:43 GMT
age: 10157
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9459 bytes)
Hash
e1e6b6ba4f82221b41c3d9129008c76d
2f9532d698b4c28df23e18bbb66399ec776d5b9f
218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: c08f55b2-7ac6-4dec-b53c-fd3f4533f9c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpBiGoHIAMFR2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bba3-69c2c2d05e55fd745caf1dce;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:09:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_Mb-0pBwp-pUyU2bdJ8MhrGHkk6VQgJmcGV9MfHwj_yGUMIYZkyrg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 10:48:24 GMT
age: 16356
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations