Report - cd.leadmobc.com/?a=167385&c=160654&co=217044&mt=21&s2=ovoh7k2l03m3

Report Overview

Submitted URL
cd.leadmobc.com/?a=167385&c=160654&co=217044&mt=21&s2=ovoh7k2l03m3
IP
34.249.227.220
ASN
#16509 AMAZON-02
Submitted
2022-10-29 07:53:55
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-10T14:35:32Z	340 B	964 B	172.64.155.188
port13.govisibl.com	unknown	2020-09-24T04:42:19Z	2023-02-02T12:10:54Z	922 B	992 B	107.170.154.51
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.7 kB	5.6 kB	142.250.74.35
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	35.80.175.197
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	1.6 kB	58 kB	142.250.74.164
partner.googleadservices.com	798	2012-10-03T03:04:21Z	2023-03-10T06:40:47Z	454 B	842 B	172.217.21.162
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	483 B	18 kB	216.58.207.195
cd.leadmobc.com	unknown	2022-06-29T03:49:28Z	2023-03-10T02:49:31Z	397 B	4.4 kB	34.249.227.220
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.0 kB	5.3 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	2.7 kB	68 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	401 B	1.3 kB	142.250.74.10
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	682 B	1.6 kB	93.184.220.29
monktraff.com	171770	2019-12-30T23:18:39Z	2023-03-04T21:34:43Z	3.5 kB	39 kB	199.59.243.222
afs.googleusercontent.com	12123	2013-05-06T21:11:00Z	2023-03-10T11:12:37Z	456 B	1.2 kB	142.250.74.33

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-29	medium	leadmobc.com	Sinkholed

JavaScript (8)

	URL	Size	First Seen	Last Seen
	port13.govisibl.com/dlv/c.php?cca=57438&ccz=1873&r=cc517ad751d14adf9acd816f9b1cb7abbe72&siteid=167385	441 B	2023-03-10	2023-03-10
Pretty URL port13.govisibl.com/dlv/c.php?cca=57438&ccz=1873&r=cc517ad751d14adf9acd816f9b1cb7abbe72&siteid=167385 IP 107.170.154.51 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 17:22:53 Last Seen2023-03-10 17:22:53 Times Seen1 Hash b3270acbbde1006eae0d444f6219b1e5 a951ef54d5e998523b7914694260bc28943e878b 4c568f365ed082f32ddfada13e8d060fbe524bd4696048256e2d936858b2b37c Loading...

	monktraff.com/l/26590535e3809b41c6cd?sub=021205570000330574382913231873c7c502120422&source=57438	1.2 kB	2023-03-10	2023-03-10
Pretty URL monktraff.com/l/26590535e3809b41c6cd?sub=021205570000330574382913231873c7c502120422&source=57438 IP 199.59.243.222 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 17:22:53 Last Seen2023-03-10 17:22:53 Times Seen1 Hash f6c303b0547c5847dcefa530b0986fc3 a55128956aaccb95fcf57fb92222cbecf37a3b18 768a117c04d6ceb5d1526c52f1534aed0a7987d433cc25d966b7e27962d51720 Loading...

	monktraff.com/js/parking.2.99.2.js	69 kB	2023-03-10	2023-03-10
Pretty URL monktraff.com/js/parking.2.99.2.js IP 199.59.243.222 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:48:17 Last Seen2023-03-10 19:24:55 Times Seen1 Hash 9aa0a521c6a8437147c258a1e324e076 a963edd08690671ab3c25158584c674851ce1f5c d914dc5b504e31d9c9316a0d627091e3d81879a3cfd617a003d0e568a0b28048 Loading...

	www.google.com/adsense/domains/caf.js	150 kB	2023-03-10	2023-03-10
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:55:11 Last Seen2023-03-10 20:03:56 Times Seen1 Hash 310ef477b7b155e30d71293ffcfdd595 82e1df0b03d0c533c9f271f81dd26d13fcf755e9 5e681d491d1f4812b4230be3e538d00fe448fd1007a05dc9b3c70c2e36b6cd47 Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=monktraff.com&client=dp-bodis31_3ph&product=SAS&callback=__sasCookie	190 B	2023-03-10	2023-03-10
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=monktraff.com&client=dp-bodis31_3ph&product=SAS&callback=__sasCookie IP 172.217.21.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 17:22:53 Last Seen2023-03-10 17:22:53 Times Seen1 Hash 5068ab113d660bfe017a28bf16ed0b91 2c5d4d5be5a30ffff7a8ed943d3c472013a1648f 82f0a62d046bf88609efbb0595a4826ae145c81fb7de4985e5d903234a502bc6 Loading...

	www.google.com/afs/ads?adtest=off&psid=7049491253&pcsa=false&channel=pid-bodis-gcontrol85%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol431&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2708093962197658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956%2C17301094%2C17301097&format=r3&nocache=5401667030024404&num=0&output=afd_ads&domain_name=monktraff.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1667030024405&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1264&psh=141&frm=0&cl=483384212&uio=-&cont=rs&jsid=caf&jsv=483384212&rurl=https%3A%2F%2Fmonktraff.com%2Fl%2F26590535e3809b41c6cd%3Fsub%3D021205570000330574382913231873c7c502120422%26source%3D57438&referer=https%3A%2F%2Fport13.govisibl.com%2F&adbw=master-1%3A1264	5.6 kB	2023-03-10	2023-03-10
Pretty URL www.google.com/afs/ads?adtest=off&psid=7049491253&pcsa=false&channel=pid-bodis-gcontrol85%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol431&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2708093962197658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956%2C17301094%2C17301097&format=r3&nocache=5401667030024404&num=0&output=afd_ads&domain_name=monktraff.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1667030024405&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1264&psh=141&frm=0&cl=483384212&uio=-&cont=rs&jsid=caf&jsv=483384212&rurl=https%3A%2F%2Fmonktraff.com%2Fl%2F26590535e3809b41c6cd%3Fsub%3D021205570000330574382913231873c7c502120422%26source%3D57438&referer=https%3A%2F%2Fport13.govisibl.com%2F&adbw=master-1%3A1264 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 17:22:53 Last Seen2023-03-10 17:22:53 Times Seen1 Hash 166147ad23f2d00345f97127691a2016 692085b8b7ed088d030eb716adf87880230aaa19 c3148f995220904cd86f7f70c3884cf78cc5371c7f174c6ab7ef7dc8927ac6d7 Loading...

		Size	First Seen	Last Seen
	#1 Eval - b9a635f2466e01a7794b8ce7a8ccf959	1.1 kB	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:11:24 Last Seen2023-03-17 12:43:02 Times Seen1 Hash b9a635f2466e01a7794b8ce7a8ccf959 d7fcee61337a33b528cb5114b33b7427376f6e54 5561dc8cce5afb82997a3e2f8174668f9b8123fa59c87eae80798173c6c5e717 Loading...

		Size	First Seen	Last Seen
	#1 Write - 9acf5427c0193ef960072ced72c93ae4	172 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 12:23:43 Last Seen2023-03-17 10:39:42 Times Seen1 Hash 9acf5427c0193ef960072ced72c93ae4 bfc1c6acd8ec8222272f3fdb43df70c462d1ac7a 9501c9889a0c2771c77ca8d2b5c2f82d4202806e87a13ba9b1a005fd975d7ccd Loading...

HTTP Transactions (40)

URL IP Response Size

cd.leadmobc.com/?a=167385&c=160654&co=217044&mt=21&s2=ovoh7k2l03m3

34.249.227.220

302 Found

271 B

URL HTTP/1.1
cd.leadmobc.com/?a=167385&c=160654&co=217044&mt=21&s2=ovoh7k2l03m3
IP
34.249.227.220:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
271 B (271 bytes)
Hash
da1d23265a6815a3ac12b08d97549ee7
174196e42b88dd85ce13eebc24a166394d7e75a7
4d526b3a0bb285f6221729f88f13563d64fc26d5c4891776de680d4fdf560d47

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?a=167385&c=160654&co=217044&mt=21&s2=ovoh7k2l03m3 HTTP/1.1
Host: cd.leadmobc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Sat, 29 Oct 2022 07:53:44 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Set-Cookie: gdm_click_adv_freq_v2_1_001=Hd/k4mfUbY5nMUCFT8dqJLCcZNf/1tcmTL8ErR3xAVKcI2rFK+O8PWAYCZl1auy6; Domain=.leadmobc.com; Expires=Fri, 27-Jan-2023 07:53:44 GMT; Path=/; Secure; SameSite=None
gdm_uid_v1_1_001=nd45BvX2zcfKRQn4MPesZO98UFv564tIyKwxgsCfqALoN01p4BcJTC2vM67pG9xS; Domain=.leadmobc.com; Expires=Fri, 27-Jan-2023 07:53:44 GMT; Path=/
gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.leadmobc.com; Expires=Fri, 27-Jan-2023 07:53:44 GMT; Path=/; Secure; SameSite=None
gdm_sid_v2_3_001=mS3OVXRpdSt5LVBB8OKFkVSk9h0PY0xcfrcfzZABQ8QWu3e4SiK8QhpkXoW2S4EWrjERg01a2FL8fqWRXRY9S2hI79yyMmRk75XbU4HxILQ//VXlWI/hEiCTNxP6AAuu/jG1Ws5n7qq+py80uu4Tgyz12BvRl1/LAoVi13iYB3hL+A5Qv9t/SZEp7Jerl+SMskZyUbeQMtsJqLvYnBn/8f2ga1jh7UtcENUYsC8pja7aaHficPMAcOZvCmM7ciSDwsf52B0T5UVNaFEoBxVDfXOSFaJ+ORESXMdZCp0umW65r+M6aJlM5NDDyrKuhUiB56yWxqxrG3d0QR1lOaA06bQrXNmN5sSCVGdtyQZG0pzTE7w81qXv2MPUgQNLdKkBcln8uDROXU58pI26YJ7ehwuF1BgquYZ0dY90XlmoWDP62GoJZWunkI+gb11IKmBwG1z/TKVdYdZmAlbXyIqZQjoU6/sDJgIVlHPHZUxZ1RDcF19dUOtHXMBttSx1Mw7UmfMyGdGi98ne4/0LxapPLzt3o4A8eCFhLW2Lon5FCWhIDNAut8ojG0o4OncMT7Tfa7wWC5begddm7ooq68iy+R1UnPakcPmPBQJQS65CbTeN8fEqYalNmCPQTTx4znDLHFXzPlLm0oOEG2/LJNm5eHqxQIamHGUu+FLaRtWSu4l7ss0nsFfy0A6iYhKTrsWoaljYXCMxOAY37mes5FRfR/69eWyG7uu5E5wlJrV5Q8J1zfp61HowrTHdlZbJKcJyf06nk9ZFc71bdTbTb8DjJrwktfAG++2i69SIxOf5rx6U+8xkTpyQ2KyHVsjzoQJwuTefjuvZi7jHTzUiTPOHqrkblFkHdRQNPm+dcnY1roFPR5WyT5jVulW5VKqvl9CO55AfY755rIZHY5gPsnn7bXCw8WVzsAzhhIRVZyq+JulpI+o/GdQpcAD+o/rwfi5JCRJmJ0Ak0BTY9DN7iBNvG7DIXpMV/kxSnBLmeIUSnDYGPIA3yBw1Z/2m4kCFkfXYJRSYI2ZiQLGKRULNsVsSVw==; Domain=.leadmobc.com; Expires=Fri, 27-Jan-2023 07:53:44 GMT; Path=/; Secure; SameSite=None
gdm_uid_v2_1_001=nd45BvX2zcfKRQn4MPesZO98UFv564tIyKwxgsCfqALoN01p4BcJTC2vM67pG9xS; Domain=.leadmobc.com; Expires=Fri, 27-Jan-2023 07:53:44 GMT; Path=/; Secure; SameSite=None
gdm_click_freq_v1_1_001=xhGiS4NyMUmOfQKdVwUkQ4C4Ew6QeVZRT/BBy1jXUp4uRc2AFnX2PKqCmSBrMHnC; Domain=.leadmobc.com; Expires=Fri, 27-Jan-2023 07:53:44 GMT; Path=/
gdm_click_adv_freq_v1_1_001=Hd/k4mfUbY5nMUCFT8dqJLCcZNf/1tcmTL8ErR3xAVKcI2rFK+O8PWAYCZl1auy6; Domain=.leadmobc.com; Expires=Fri, 27-Jan-2023 07:53:44 GMT; Path=/
gdm_click_freq_v2_1_001=xhGiS4NyMUmOfQKdVwUkQ4C4Ew6QeVZRT/BBy1jXUp4uRc2AFnX2PKqCmSBrMHnC; Domain=.leadmobc.com; Expires=Fri, 27-Jan-2023 07:53:44 GMT; Path=/; Secure; SameSite=None
gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.leadmobc.com; Expires=Fri, 27-Jan-2023 07:53:44 GMT; Path=/
gdm_sid_v1_3_001=mS3OVXRpdSt5LVBB8OKFkVSk9h0PY0xcfrcfzZABQ8QWu3e4SiK8QhpkXoW2S4EWrjERg01a2FL8fqWRXRY9S2hI79yyMmRk75XbU4HxILQ//VXlWI/hEiCTNxP6AAuu/jG1Ws5n7qq+py80uu4Tgyz12BvRl1/LAoVi13iYB3hL+A5Qv9t/SZEp7Jerl+SMskZyUbeQMtsJqLvYnBn/8f2ga1jh7UtcENUYsC8pja7aaHficPMAcOZvCmM7ciSDwsf52B0T5UVNaFEoBxVDfXOSFaJ+ORESXMdZCp0umW65r+M6aJlM5NDDyrKuhUiB56yWxqxrG3d0QR1lOaA06bQrXNmN5sSCVGdtyQZG0pzTE7w81qXv2MPUgQNLdKkBcln8uDROXU58pI26YJ7ehwuF1BgquYZ0dY90XlmoWDP62GoJZWunkI+gb11IKmBwG1z/TKVdYdZmAlbXyIqZQjoU6/sDJgIVlHPHZUxZ1RDcF19dUOtHXMBttSx1Mw7UmfMyGdGi98ne4/0LxapPLzt3o4A8eCFhLW2Lon5FCWhIDNAut8ojG0o4OncMT7Tfa7wWC5begddm7ooq68iy+R1UnPakcPmPBQJQS65CbTeN8fEqYalNmCPQTTx4znDLHFXzPlLm0oOEG2/LJNm5eHqxQIamHGUu+FLaRtWSu4l7ss0nsFfy0A6iYhKTrsWoaljYXCMxOAY37mes5FRfR/69eWyG7uu5E5wlJrV5Q8J1zfp61HowrTHdlZbJKcJyf06nk9ZFc71bdTbTb8DjJrwktfAG++2i69SIxOf5rx6U+8xkTpyQ2KyHVsjzoQJwuTefjuvZi7jHTzUiTPOHqrkblFkHdRQNPm+dcnY1roFPR5WyT5jVulW5VKqvl9CO55AfY755rIZHY5gPsnn7bXCw8WVzsAzhhIRVZyq+JulpI+o/GdQpcAD+o/rwfi5JCRJmJ0Ak0BTY9DN7iBNvG7DIXpMV/kxSnBLmeIUSnDYGPIA3yBw1Z/2m4kCFkfXYJRSYI2ZiQLGKRULNsVsSVw==; Domain=.leadmobc.com; Expires=Fri, 27-Jan-2023 07:53:44 GMT; Path=/
Location: https://port13.govisibl.com/dlv/c.php?cca=57438&ccz=1873&r=cc517ad751d14adf9acd816f9b1cb7abbe72&siteid=167385
Content-Language: en-US
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
82788b8b26eeba7f492106ea47729bbb
823b2d3c336d11064a6b809057bed46bb65a7969
7671d088ba1420ffa01dbd63c5f7ab28d52d3591bc04c4cc182d1f9e64a7f2f8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7671D088BA1420FFA01DBD63C5F7AB28D52D3591BC04C4CC182D1F9E64A7F2F8"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2527
Expires: Sat, 29 Oct 2022 08:35:51 GMT
Date: Sat, 29 Oct 2022 07:53:44 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
922281894182eba1fc67c2d8678e3238
e169209341b09bf4f14ebb3fc7c07b03f2121bf1
37516083f7655af68d7e426efca6f9f3709a80318ac7bb8cc492c183916141b1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5173
Cache-Control: max-age=97416
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 07:53:44 GMT
Etag: "635ba15b-1d7"
Expires: Sun, 30 Oct 2022 10:57:20 GMT
Last-Modified: Fri, 28 Oct 2022 09:31:07 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
42d84e61e6aa4d3cce623adccfafc3e2
0dba69e98be53c153a6726ff934b2d55feb20d75
2f53662c68c9ea7be85837310861c8007fd039e5e4d8eb8f0d8948d5d1571a03

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F53662C68C9EA7BE85837310861C8007FD039E5E4D8EB8F0D8948D5D1571A03"
Last-Modified: Thu, 27 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5543
Expires: Sat, 29 Oct 2022 09:26:07 GMT
Date: Sat, 29 Oct 2022 07:53:44 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 62H1p2hujVAJe7YlP9lpK0+ZUjzNVj71Qw57ULugoU83Xar8hLdMwmTjK/DTDIMyjsog2F7U0u0=
x-amz-request-id: VN9514CJKRAW7CWC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 29 Oct 2022 07:43:58 GMT
age: 586
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 29 Oct 2022 07:53:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d8f4bc91f58db2782901b28c99ec4e1a
aa04d4b3cfd1d8594262ea7291e733fab3ee47be
fa72d5c5987edc38715fce80a39b7d51c2a20df14f0713d1d855a65c0c2d2cf1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 07:53:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 23:18:31 GMT
Expires: Tue, 01 Nov 2022 23:18:30 GMT
Etag: "aa04d4b3cfd1d8594262ea7291e733fab3ee47be"
Cache-Control: max-age=314085,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 761a56d7ac4b0b3d-OSL

port13.govisibl.com/dlv/c.php?cca=57438&ccz=1873&r=cc517ad751d14adf9acd816f9b1cb7abbe72&siteid=167385

107.170.154.51

200 OK

620 B

URL HTTP/1.1
port13.govisibl.com/dlv/c.php?cca=57438&ccz=1873&r=cc517ad751d14adf9acd816f9b1cb7abbe72&siteid=167385
IP
107.170.154.51:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
620 B (620 bytes)
Hash
63245c747540cb7b9dab4d80887d7de5
a34f504e003a02f13838075db2e7d86c1569123a
63ebd067baa25b70b4c71798a239ba05f5bc169437f58f94b7df3653ef5735df

HTTP Headers

GET /dlv/c.php?cca=57438&ccz=1873&r=cc517ad751d14adf9acd816f9b1cb7abbe72&siteid=167385 HTTP/1.1
Host: port13.govisibl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Content-Length: 620
Date: Sat, 29 Oct 2022 07:53:45 GMT

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
6b7c0ce49b8ebb90707ec439581bc979
1affe02f362f59f8acaaa2cc16185fc2942a82cf
99057099a66b378f0825443f175ad6f84a9f69c0abb8f8db546eb348de4facb4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3115
Cache-Control: max-age=90298
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 07:53:45 GMT
Etag: "635b8d98-1d7"
Expires: Sun, 30 Oct 2022 08:58:43 GMT
Last-Modified: Fri, 28 Oct 2022 08:06:48 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.80.175.197

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.80.175.197:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: w8Ext5UguSMUdb0bXh7Wow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rzaTcm1aq8zThKz6b/2OTixHp+Y=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d23134bfda9f88072b8496f5c3b1776b
f149c0c16f511d6da87f3bad9c025963ac803185
a1b2127e8483b28dca6ebbb022825ae2d97b9ecf8e7b70b04cebeab2f0b997ce

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1B2127E8483B28DCA6EBBB022825AE2D97B9ECF8E7B70B04CEBEAB2F0B997CE"
Last-Modified: Sat, 29 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21541
Expires: Sat, 29 Oct 2022 13:52:46 GMT
Date: Sat, 29 Oct 2022 07:53:45 GMT
Connection: keep-alive

monktraff.com/px.gif?ch=1&rn=10.574066254560858

199.59.243.222

200 OK

42 B

URL HTTP/2
monktraff.com/px.gif?ch=1&rn=10.574066254560858
IP
199.59.243.222:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /px.gif?ch=1&rn=10.574066254560858 HTTP/1.1
Host: monktraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monktraff.com/l/26590535e3809b41c6cd?sub=021205570000330574382913231873c7c502120422&source=57438
Cookie: parking_session=7176b947-fefb-5aad-b8c4-589f20f91536
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 29 Oct 2022 07:53:46 GMT
content-type: image/gif
content-length: 42
last-modified: Wed, 15 Sep 2021 19:38:30 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ranges: bytes
X-Firefox-Spdy: h2

monktraff.com/js/parking.2.99.2.js

199.59.243.222

200 OK

22 kB

URL HTTP/2
monktraff.com/js/parking.2.99.2.js
IP
199.59.243.222:0
ASN
#16509 AMAZON-02

File type
data
Size
22 kB (22282 bytes)
Hash
a4271dd71ac65d7b5718db5fcd004a69
5a36e421efe1da39cc6022075026ac6b6266c957
46f8b2aa95e2a9d72df953fa4a9e58043cafed6739edd9aae646e54f457fa460

HTTP Headers

GET /js/parking.2.99.2.js HTTP/1.1
Host: monktraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monktraff.com/l/26590535e3809b41c6cd?sub=021205570000330574382913231873c7c502120422&source=57438
Cookie: parking_session=7176b947-fefb-5aad-b8c4-589f20f91536
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 29 Oct 2022 07:53:46 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 27 Oct 2022 20:40:31 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

monktraff.com/_fd?sub=021205570000330574382913231873c7c502120422&source=57438

199.59.243.222

200 OK

3.5 kB

URL HTTP/2
monktraff.com/_fd?sub=021205570000330574382913231873c7c502120422&source=57438
IP
199.59.243.222:0
ASN
#16509 AMAZON-02

File type
data
Size
3.5 kB (3496 bytes)
Hash
44455ad09e609400ca3254cf728d9579
2a4611b75d716ae87c09d0ee3d275abd06147d28
13fe8d426fff4b1eb99c9cce91fcd80f96f7183f406f7f5e175920fad97c2167

HTTP Headers

POST /_fd?sub=021205570000330574382913231873c7c502120422&source=57438 HTTP/1.1
Host: monktraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://monktraff.com/l/26590535e3809b41c6cd?sub=021205570000330574382913231873c7c502120422&source=57438
Content-Type: application/json
Origin: https://monktraff.com
Connection: keep-alive
Cookie: parking_session=7176b947-fefb-5aad-b8c4-589f20f91536
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: openresty
content-type: text/html; charset=UTF-8
date: Sat, 29 Oct 2022 07:53:46 GMT
x-version: 2.99.2
set-cookie: parking_session=7176b947-fefb-5aad-b8c4-589f20f91536; expires=Sat, 29-Oct-2022 08:08:46 GMT; Max-Age=900; path=/; httponly
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

monktraff.com/favicon.ico

199.59.243.222

200 OK

0 B

URL HTTP/2
monktraff.com/favicon.ico
IP
199.59.243.222:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: monktraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monktraff.com/l/26590535e3809b41c6cd?sub=021205570000330574382913231873c7c502120422&source=57438
Cookie: parking_session=7176b947-fefb-5aad-b8c4-589f20f91536
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 29 Oct 2022 07:53:46 GMT
content-type: image/x-icon
content-length: 0
last-modified: Wed, 15 Sep 2021 19:38:30 GMT
etag: "61424bb6-0"
x-backend-server: ip-10-201-16-222.ec2.internal
accept-ranges: bytes
X-Firefox-Spdy: h2

www.google.com/adsense/domains/caf.js

142.250.74.164

200 OK

55 kB

URL HTTP/2
www.google.com/adsense/domains/caf.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
data
Size
55 kB (55018 bytes)
Hash
3426746805d3b5d785f3ac6c704cdd54
38feacbe9572bad6abdaa304782217ee920ca89b
b6aeccf6b91597701da4fcfa6322c7b4f5d7f3a3668511598d265b21109b6515

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monktraff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 29 Oct 2022 07:53:46 GMT
expires: Sat, 29 Oct 2022 07:53:46 GMT
cache-control: private, max-age=3600
etag: "9861639881549890283"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

monktraff.com/l/26590535e3809b41c6cd?sub=021205570000330574382913231873c7c502120422&source=57438

199.59.243.222

200 OK

1.7 kB

URL HTTP/2
monktraff.com/l/26590535e3809b41c6cd?sub=021205570000330574382913231873c7c502120422&source=57438
IP
199.59.243.222:0
ASN
#16509 AMAZON-02

File type
data
Size
1.7 kB (1722 bytes)
Hash
d32a0174857d5bf884eeb62b9d01d299
953af89054fad2a2f089ed88e4f7c50937ac8cc2
958970cdd925d73109c637af465344a63585f667089c3b53d9f6f86f0579c702

HTTP Headers

GET /l/26590535e3809b41c6cd?sub=021205570000330574382913231873c7c502120422&source=57438 HTTP/1.1
Host: monktraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://port13.govisibl.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Sat, 29 Oct 2022 07:53:45 GMT
content-type: text/html; charset=UTF-8
set-cookie: parking_session=7176b947-fefb-5aad-b8c4-589f20f91536; expires=Sat, 29-Oct-2022 08:08:45 GMT; Max-Age=900; path=/; HttpOnly
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_PzQxQl+7ffHfJLco6XRpmV+SEpFx+hTBfA5UGYsVaTqS0JD1d3xhbE0RElgBDpiyATikm/kDdIor6ukyvnYZSg==
accept-ch: sec-ch-prefers-color-scheme
critical-ch: sec-ch-prefers-color-scheme
vary: sec-ch-prefers-color-scheme
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

partner.googleadservices.com/gampad/cookie.js?domain=monktraff.com&client=dp-bodis31_3ph&product=SAS&callback=__sasCookie

172.217.21.162

200 OK

179 B

URL HTTP/2
partner.googleadservices.com/gampad/cookie.js?domain=monktraff.com&client=dp-bodis31_3ph&product=SAS&callback=__sasCookie
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
179 B (179 bytes)
Hash
de088529a0799311344c941d8115bfc1
4e97b21838e1185986074584be117fab4d7181d7
b61b522d8558d41af6d26f6db97dedda72bcb5fc6d04a6ba1070a5e4f889903f

HTTP Headers

GET /gampad/cookie.js?domain=monktraff.com&client=dp-bodis31_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monktraff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 29 Oct 2022 07:53:46 GMT
server: cafe
cache-control: private
content-length: 179
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/afs/ads?adtest=off&psid=7049491253&pcsa=false&channel=pid-bodis-gcontrol85%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol431&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2708093962197658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956%2C17301094%2C17301097&format=r3&nocache=5401667030024404&num=0&output=afd_ads&domain_name=monktraff.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1667030024405&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1264&psh=141&frm=0&cl=483384212&uio=-&cont=rs&jsid=caf&jsv=483384212&rurl=https%3A%2F%2Fmonktraff.com%2Fl%2F26590535e3809b41c6cd%3Fsub%3D021205570000330574382913231873c7c502120422%26source%3D57438&referer=https%3A%2F%2Fport13.govisibl.com%2F&adbw=master-1%3A1264

142.250.74.164

200 OK

2.0 kB

URL HTTP/2
www.google.com/afs/ads?adtest=off&psid=7049491253&pcsa=false&channel=pid-bodis-gcontrol85%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol431&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2708093962197658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956%2C17301094%2C17301097&format=r3&nocache=5401667030024404&num=0&output=afd_ads&domain_name=monktraff.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1667030024405&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1264&psh=141&frm=0&cl=483384212&uio=-&cont=rs&jsid=caf&jsv=483384212&rurl=https%3A%2F%2Fmonktraff.com%2Fl%2F26590535e3809b41c6cd%3Fsub%3D021205570000330574382913231873c7c502120422%26source%3D57438&referer=https%3A%2F%2Fport13.govisibl.com%2F&adbw=master-1%3A1264
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5513)
Size
2.0 kB (1976 bytes)
Hash
8529a3a7eedf4c93c07eb12e18bd5805
88339f485af35b49b13abc67c2cbce7a271fcb77
ab178aa129dd190a1ed26f23d574867d2d008b3376d6d2371c05f6b7a6b98714

HTTP Headers

GET /afs/ads?adtest=off&psid=7049491253&pcsa=false&channel=pid-bodis-gcontrol85%2Cpid-bodis-gcontrol47%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol431&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2708093962197658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956%2C17301094%2C17301097&format=r3&nocache=5401667030024404&num=0&output=afd_ads&domain_name=monktraff.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1667030024405&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1264&psh=141&frm=0&cl=483384212&uio=-&cont=rs&jsid=caf&jsv=483384212&rurl=https%3A%2F%2Fmonktraff.com%2Fl%2F26590535e3809b41c6cd%3Fsub%3D021205570000330574382913231873c7c502120422%26source%3D57438&referer=https%3A%2F%2Fport13.govisibl.com%2F&adbw=master-1%3A1264 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monktraff.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Sat, 29 Oct 2022 07:53:46 GMT
expires: Sat, 29 Oct 2022 07:53:46 GMT
cache-control: private, max-age=3600
content-encoding: br
server: gws
content-length: 1976
x-xss-protection: 0
set-cookie: CONSENT=PENDING+192; expires=Mon, 28-Oct-2024 07:53:46 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f6ab627ba19225222c26438a29dbe2c3
3c81d7b000dd4850e15e5dde6b6606ec5bff6a6f
5e728e49761b3fe1872e83a623e4d9e28ffc050111616204a0a49f0848df79ea

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 07:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a34a3d6697eb937f0b134e68e9fb2b99
dc432dc7c8692383d17e593a93e60857d9398082
e11fbf49eb07b649e29e7965e888397956e4476873c9e55812ef10f722bbc994

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 07:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a34a3d6697eb937f0b134e68e9fb2b99
dc432dc7c8692383d17e593a93e60857d9398082
e11fbf49eb07b649e29e7965e888397956e4476873c9e55812ef10f722bbc994

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 07:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
115118d741217da2a43d96b7774fd1c3
7f0c574508211feb10409a086d3f85e8010a0f3a
b8c6ac91728af372cadd6b02c3501cee33c06186951b9cb16e09668192124599

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 07:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
89643d2109e09c2c32f8e67de2d35df0
7d57d55fe52e166f75f93efab1a784e840c25757
672d341ec656ed18d6484ab814ab4f888b37624bfb49e9c2d95860168246b46b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 07:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
115118d741217da2a43d96b7774fd1c3
7f0c574508211feb10409a086d3f85e8010a0f3a
b8c6ac91728af372cadd6b02c3501cee33c06186951b9cb16e09668192124599

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 07:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff

142.250.74.33

200 OK

278 B

URL HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (306)
Size
278 B (278 bytes)
Hash
bb7fc36f627255dd4783f849dca0932e
80e89ef8f3c2c8ee982523757fce214ea7323a69
735f48c2876099e6a731c65fc46ec1ec133c316e0997d04eb0ee246741bee647

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 278
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 29 Oct 2022 04:48:58 GMT
expires: Sun, 30 Oct 2022 03:48:58 GMT
cache-control: public, max-age=82800
age: 11088
last-modified: Tue, 09 Feb 2021 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\012- data
Size
17 kB (17156 bytes)
Hash
402cbe860d64ae2e13145e34cbc7889c
7af4691dc306b7583365b9ff2ead0c1f6db017c5
da748253b458c5fc9c9a5e3c108b1cda280f52df4008702b9cea695ec23332aa

HTTP Headers

GET /s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Oct 2022 21:54:03 GMT
expires: Fri, 27 Oct 2023 21:54:03 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 14:38:29 GMT
content-type: font/woff2
age: 122383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Michroma&display=swap

142.250.74.10

200 OK

552 B

URL HTTP/2
fonts.googleapis.com/css?family=Michroma&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (390)
Size
552 B (552 bytes)
Hash
3ae821533645aa6e503e21990703c050
7f98fde15e93e75afad6c3b8738e9d6ae7e53e46
2cad3d8109f565218b15713f3c3992b8301f949fc73dd8b28b8bb2a41887350f

HTTP Headers

GET /css?family=Michroma&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 29 Oct 2022 07:53:46 GMT
date: Sat, 29 Oct 2022 07:53:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
115118d741217da2a43d96b7774fd1c3
7f0c574508211feb10409a086d3f85e8010a0f3a
b8c6ac91728af372cadd6b02c3501cee33c06186951b9cb16e09668192124599

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 07:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
89643d2109e09c2c32f8e67de2d35df0
7d57d55fe52e166f75f93efab1a784e840c25757
672d341ec656ed18d6484ab814ab4f888b37624bfb49e9c2d95860168246b46b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 07:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10049
Expires: Sat, 29 Oct 2022 10:41:15 GMT
Date: Sat, 29 Oct 2022 07:53:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10049
Expires: Sat, 29 Oct 2022 10:41:15 GMT
Date: Sat, 29 Oct 2022 07:53:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10049
Expires: Sat, 29 Oct 2022 10:41:15 GMT
Date: Sat, 29 Oct 2022 07:53:46 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc477e6f4-5465-4015-8cda-b0b253104c06.gif

34.120.237.76

200 OK

34 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc477e6f4-5465-4015-8cda-b0b253104c06.gif
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 296 x 148\012- data
Size
34 kB (34164 bytes)
Hash
423fe309a7d018c0564073e394e3f08a
be17adacd18cd27ee9eab147ee4f32580b81a3eb
be1e605b8b0a99b36e840b4e68a51406f1939d4ec336e198d732ae5bc65e3a3e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc477e6f4-5465-4015-8cda-b0b253104c06.gif HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 34164
x-amzn-requestid: 3d1d19d6-daee-41df-a204-e5535c2afca0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aIlA0GVGIAMFqZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634ce86b-4fc7c6c975e48aea30d0438f;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 05:30:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HMhfM9y-b5bsT7vHJDTTnhawI3CcI5xPM3e-QqEJjtZYxGXit33V9g==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:51:37 GMT
age: 36129
etag: "be17adacd18cd27ee9eab147ee4f32580b81a3eb"
content-type: image/gif
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F087a7ae4-930b-4ade-b76a-2bea8e8c749c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7756 bytes)
Hash
5221269870bbc55bc34388d08f33fd00
0500c515c850a432ff22c4f628f927455a3d0098
85a1e402bd31703bd2e8df1f9b1e1107cafa27c676616f935b57a40ca8d97ee0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F087a7ae4-930b-4ade-b76a-2bea8e8c749c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7756
x-amzn-requestid: e2e241bc-ebdb-4f8f-b0c8-cd72f60d3b78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCGnEb3IAMF0KQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a2a-4906240d1e7d27e002fd50a9;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:22 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yJynrO1Ya513sMsGsQaxY6P8TS1CRJ8BxHJxFVLsQ8xz6EjZr-XIZA==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:51:41 GMT
age: 36125
etag: "0500c515c850a432ff22c4f628f927455a3d0098"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb0edd4c-e6e8-4c25-ac9a-e3701004e856.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7098 bytes)
Hash
a11bf07ea9377fadcb6cd7b343e56d4b
4f2f2d1fc8b0fc43c469672e884d57ae9e974368
a6804985570e25c066108b1fb8555ab6d67c533b370ff66fec7736f7fb52b9c6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb0edd4c-e6e8-4c25-ac9a-e3701004e856.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7098
x-amzn-requestid: 175c4749-cc9f-40b8-af93-cd69f62d06a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCGnE-NoAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a2a-64c4923c2850cc467b738450;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZcPPBppGPiPvF-2m_kkPWS4xxJcSMEzA9JXQ-hOtgbHnYLfIiVLidQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:50:01 GMT
age: 36225
etag: "4f2f2d1fc8b0fc43c469672e884d57ae9e974368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

monktraff.com/_tr

199.59.243.222

200 OK

8.8 kB

URL HTTP/2
monktraff.com/_tr
IP
199.59.243.222:0
ASN
#16509 AMAZON-02

File type
data
Size
8.8 kB (8794 bytes)
Hash
582bd92744d274f6bc26bbdb4de5cd85
edf0e6f3024c9b91140e96de69d010f8235ad80d
05230a35d629fb314855e9546e00659a5a7efedbc716fe62f383012d583ffce7

HTTP Headers

POST /_tr HTTP/1.1
Host: monktraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://monktraff.com/l/26590535e3809b41c6cd?sub=021205570000330574382913231873c7c502120422&source=57438
Content-Type: application/json
Origin: https://monktraff.com
Content-Length: 2425
Connection: keep-alive
Cookie: parking_session=7176b947-fefb-5aad-b8c4-589f20f91536; __gsas=ID=c51016206eb8050a:T=1667030026:S=ALNI_MbA_6uAsbFRTZk80NqQkmj4riuwdQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
content-type: text/html; charset=UTF-8
date: Sat, 29 Oct 2022 07:53:46 GMT
x-version: 2.99.2
set-cookie: parking_session=7176b947-fefb-5aad-b8c4-589f20f91536; expires=Sat, 29-Oct-2022 08:08:46 GMT; Max-Age=900; path=/; httponly
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeda76f5-b5fb-4f5b-ab0d-9b70604a9001.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.1 kB (4059 bytes)
Hash
961d75546dcb911d8c4eabdf92e2346c
0b14fc9db8520e7d65dc5517cfb1f5f2b63773b1
28f3c64fa9a4ea9af8a3e0455842c7174b6ca0b7ba017c05cf4b40b8bc95fd15

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeda76f5-b5fb-4f5b-ab0d-9b70604a9001.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4059
x-amzn-requestid: 7efeb95f-2f14-4a8b-8a5b-facb6de9044e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3yJDGNToAMFpjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634630a0-0a42c04e037908c2198b6f5b;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 03:12:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: d-Cmw4a8ppeJUO5fFH-xqsNTIEAp21Z-MhrmmtflGdz0JY2emCIwMg==
via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 22:16:05 GMT
age: 34661
etag: "0b14fc9db8520e7d65dc5517cfb1f5f2b63773b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9460 bytes)
Hash
fb1110221ffc54766308cbf62f94cd9f
926f36919d5875592200b78d286edcb4c3ba884c
8344d57bc8358da2a5911c62a344a3dcf819ce44dac0da0624c73ab40ac1ef44

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9460
x-amzn-requestid: c1eef336-bec0-47f0-bd30-17de593de8f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: asgW3E8uIAMFpgg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635b475e-60346ff475ec335e0499d17f;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 03:07:10 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P3-UxGtr6HKLtsZUHXV_4CgAd3LQBceo_1NUwrfWhWoGoTEKS7KGAw==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:44:56 GMT
age: 36530
etag: "926f36919d5875592200b78d286edcb4c3ba884c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

port13.govisibl.com/favicon.ico

107.170.154.51

200 OK

0 B

URL HTTP/1.1
port13.govisibl.com/favicon.ico
IP
107.170.154.51:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: port13.govisibl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://port13.govisibl.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"21630-1465191654000"
Last-Modified: Mon, 06 Jun 2016 05:40:54 GMT
Content-Type: image/x-icon
Content-Length: 21630
Date: Sat, 29 Oct 2022 07:53:45 GMT

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (40)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers