Report - ng-app.com/VasDigimobility/BettingTips-24-No-23401220000029483-web?trxId=b189beea-7876-45c7-9a18-db56967169a5

Report Overview

Submitted URL
ng-app.com/VasDigimobility/BettingTips-24-No-23401220000029483-web?trxId=b189beea-7876-45c7-9a18-db56967169a5
IP
91.241.95.201
ASN
#49582 Upstream Telecommunications And Software Systems S.A.
Submitted
2023-01-04 20:51:22
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.166.172.24
analytics-ng-mtn.securewebfraud.io	922989	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	513 B	91.241.94.108
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ng-app.com	592925	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	96 kB	91.241.95.201
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
web-ng-mtn.secure-d.io	840647	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	501 B	91.241.95.160
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.33.119.27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-04 20:51:02	low	91.241.95.201	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
2023-01-04 20:51:02	low	91.241.95.201	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
2023-01-04 20:51:02	low	91.241.95.201	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5	777 B	2023-03-07	2024-03-20
Pretty URL ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5 IP 91.241.95.201 ASN #49582 Upstream Telecommunications And Software Systems S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59:03 Last Seen2024-03-20 09:51:32 Times Seen329 Hash ef8d4945b0b20991590e9a82b904db21 70be9dc83cb1f1727de348ffd65c157a562f4405 1eb70772138a3ca48f7ccc6b27ed5091c30de111640300597070ee940e8e7b7a Loading...

	ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5	912 B	2023-03-07	2023-10-24
Pretty URL ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5 IP 91.241.95.201 ASN #49582 Upstream Telecommunications And Software Systems S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59:03 Last Seen2023-10-24 00:28:33 Times Seen168 Hash d7baad856d4d470554bc945072e57d0f 6b6aebe1c3211bc55466e76ccd0d118fee5558d7 99acbdb4240db1216b0073fc5dd928c98baf36eca990ed565182f7afb664dcc9 Loading...

	ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5	57 B	2023-03-07	2024-03-20
Pretty URL ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5 IP 91.241.95.201 ASN #49582 Upstream Telecommunications And Software Systems S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59:03 Last Seen2024-03-20 09:51:32 Times Seen329 Hash 0f7acf59c8cc3232cd2bbf877ed46769 0b4de026524c4e2e6f2cc10eb75f99c1c687b91c e5cda8b9fb1becbaef8eeff46dda0c12db2decf878ecd3af5d704c3a6d5aec01 Loading...

	ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5	130 kB	2023-03-12	2023-03-12
Pretty URL ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5 IP 91.241.95.201 ASN #49582 Upstream Telecommunications And Software Systems S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:27:34 Last Seen2023-03-12 14:27:34 Times Seen1 Hash e1ac3974aaf52d805514780ecc5ae734 ba135a002e695d791f16a3348fcdaa1a3ab36764 2b6a6cf0b4db5715d44508cf1841248a18caf56140353a7234598ff3f257df3b Loading...

	ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5	75 B	2023-03-07	2024-04-18
Pretty URL ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5 IP 91.241.95.201 ASN #49582 Upstream Telecommunications And Software Systems S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:38 Last Seen2024-04-18 12:30:04 Times Seen649 Hash 219540904c0178c788f7876c475cf695 34be8b20e8abc01ba107bb54f70c2319511043b7 328ca9901193cec5051c6c7fe1404faf85e4ce1cfed2d9bb7bc429a8573d90ca Loading...

	ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5	255 B	2023-03-12	2023-03-13
Pretty URL ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5 IP 91.241.95.201 ASN #49582 Upstream Telecommunications And Software Systems S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:56:50 Last Seen2023-03-13 21:07:30 Times Seen1 Hash 3283c4c6e1553e091d4aca7231f2b1cd 3a57125ab811fa9253d4fdca1ad0b674a8f7dd41 f376323d2d2d5d12ad4e9d17248989d299841a162673992caf7cb16043774106 Loading...

	ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5	268 B	2023-03-10	2024-03-13
Pretty URL ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5 IP 91.241.95.201 ASN #49582 Upstream Telecommunications And Software Systems S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 03:25:28 Last Seen2024-03-13 01:50:33 Times Seen229 Hash 7f77c9ebb9538e166cc16e0d8c0bfb9a c5ce5fa1a76e7571661b4867df523d0bb79e30cc 8e10e9cd836c51e95c90039cd0b8b04d2a4042de97d7827982282876f4f362b7 Loading...

	ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5	1.3 kB	2023-03-07	2024-04-18
Pretty URL ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5 IP 91.241.95.201 ASN #49582 Upstream Telecommunications And Software Systems S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:38 Last Seen2024-04-18 12:30:04 Times Seen642 Hash 32107fcc1984fa62bea9d7dbbf932c08 ea6c30a9630a580a1656fb7360431afaf7bd9416 984649f7580993dc5ffefe351760e74f630f271d6593c7dde254f044a5fd4380 Loading...

HTTP Transactions (27)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 16803ffa29e10ee999c43eb4e4acfe92 a5ede865a388fa440f20994b43c417d403e9a493 08de8f6abb622e84d2cb6e88dee8fc7c408147ac43da9c24d4cde510ed36b53a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "08DE8F6ABB622E84D2CB6E88DEE8FC7C408147AC43DA9C24D4CDE510ED36B53A" Last-Modified: Mon, 02 Jan 2023 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3275 Expires: Wed, 04 Jan 2023 21:45:47 GMT Date: Wed, 04 Jan 2023 20:51:12 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash ce8af3d72e7e9af609039abee59c8b87 8e1b16591fbc632df35f15e23da55ee86af31bc3 52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC" Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9677 Expires: Wed, 04 Jan 2023 23:32:29 GMT Date: Wed, 04 Jan 2023 20:51:12 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash da484f5e9c6805745e063b236fb81473 ae454bf4a7ae0e96935afc81ee0f89c049097b15 068d0da23acbe7f6b600c4e7dbe9c81d3ad78c8afd122255bbf3550e8a290686 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "068D0DA23ACBE7F6B600C4E7DBE9C81D3AD78C8AFD122255BBF3550E8A290686" Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9766 Expires: Wed, 04 Jan 2023 23:33:58 GMT Date: Wed, 04 Jan 2023 20:51:12 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash b1fcd419a4245617397846e8d17233f6 2a037ce244587640b27ead9a0ec2af4f862d91b2 e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: LWrYYybqtG9QRFCaJd66NFNC8KPW9um2gAriRHcCu4KgGCj/TA2OMAv4M5cL+tNix8m/mbZPyOM= x-amz-request-id: J4ZJY0E0XB9X7SRE content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 04 Jan 2023 20:01:26 GMT age: 2986 last-modified: Tue, 20 Dec 2022 14:47:58 GMT etag: "b1fcd419a4245617397846e8d17233f6" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash ff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 04 Jan 2023 20:47:46 GMT content-type: application/json age: 206 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	ng-app.com/VasDigimobility/BettingTips-24-No-23401220000029483-web?trxId=b189beea-7876-45c7-9a18-db56967169a5	91.241.95.201	302 Found	726 B
URL HTTP/1.1 ng-app.com/VasDigimobility/BettingTips-24-No-23401220000029483-web?trxId=b189beea-7876-45c7-9a18-db56967169a5 IP 91.241.95.201:0 ASN #49582 Upstream Telecommunications And Software Systems S.A. File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 726 B (726 bytes) Hash 392e247ae279e37b1ffbbb31ab71e092 84b2401da77a61acc7f9fa3dab6534d8a40d99a2 e96c725f834a5945fd461d417dab41e0e88059c55e23ee5fc2f0bfa7f5034f2e HTTP Headers `GET /VasDigimobility/BettingTips-24-No-23401220000029483-web?trxId=b189beea-7876-45c7-9a18-db56967169a5 HTTP/1.1 Host: ng-app.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 302 Found Date: Wed, 04 Jan 2023 20:51:11 GMT Cache-Control: no-cache, private Location: http://ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5 Content-Type: text/html; charset=UTF-8 X-Varnish: 462706871 Age: 0 Via: 1.1 varnish (Varnish/6.0) X-Cache: MISS Access-Control-Allow-Origin: * Set-Cookie: ng_session=eyJpdiI6IlJkMXhEVlJlaW5DZG5sYlFvR1B2RFE9PSIsInZhbHVlIjoidlRaOWppeG5nY2k3WHZlRlFiLzFydGJxemN0VFppN2ZRdGQvOXBJZWs4OTg0R3dkZ24xczNXMUdZME9NVWp0cTBSNGErY0ZoaGs2WThTQm81TDFqajFWcjh2U0dwU0FuSjVuSUVtZnBaV2VPMWJUTW54a25oUXlqTFM0RWtVdUwiLCJtYWMiOiI1ZWU1ODIwYWMzMzg2ZmNiMzY3OTA2OGQzNWUxMjdhYzAwMGQzN2IwMDhmMThjODc3ZmY1ZmE1YTkzM2Y4ZGZjIiwidGFnIjoiIn0%3D; expires=Thu, 05-Jan-2023 02:51:12 GMT; Max-Age=21600; path=/; httponly; samesite=lax ctxid=eyJpdiI6InZDTy8zMTIyb3Z6ejVvNkF6SHpzQ1E9PSIsInZhbHVlIjoiM3ZheFlETFhMeUNEeTJnRHVXeWQ0OFdVRTUrcDVrN2l5M1lnY3NFdGJxbnFWTS9BTFBYUTBpOGd5NXF4Tm9HNXhYUVVySWR1eHZWdzNNbnVCT1RxWElza21pS3J0WDN4WlVUckdJRExoVjQ9IiwibWFjIjoiMTgxN2MwMTEzNmRlN2U2MjE5YzUzZWMyYzYwYjkyZTA2YTUzYjlhNGUzMDViOTVhMmY4ZWU1NWUzMzYzYjY3NyIsInRhZyI6IiJ9; expires=Sat, 01-Jan-2033 20:51:11 GMT; Max-Age=315359999; path=/; httponly; samesite=lax rd=deleted; expires=Tue, 04-Jan-2022 20:51:11 GMT; Max-Age=0; path=/; httponly; samesite=lax userSessionID=eyJpdiI6IllEWEg3Q0VYQzNxY2tjdEpuUUJCSkE9PSIsInZhbHVlIjoiaElRd0RKdjF0U1N6aG8xaUpQVmJjcFk0NVpRTWFtR2RCU0J5eWVZdGFPL3JLT1pOYmxSMjJURUZLREc3REM2OGNjMCsrNDhCM3kxVTJyL2VvVUxYQUVFOHJmTUhWR3RBbjFzWCtPemo1eG89IiwibWFjIjoiZDY4MjYyZGRjNDE3MmMyNDAwZmU0ODQ0N2E2MjczZWVmNzhmNmQ3ZmIxNGNkNjdiZTJmMzJiZTYyM2JhZTExOSIsInRhZyI6IiJ9; expires=Wed, 04-Jan-2023 21:21:11 GMT; Max-Age=1799; path=/; httponly; samesite=lax userPermID=eyJpdiI6IkxNN3BaQUpyc1pNV0Q5SGIzdWxPb2c9PSIsInZhbHVlIjoib0dxTnZYZit1OFhhaGNKTXpNTm1WNzd0NDFkekJYdlNhTDRjbW5ycnVCNXEwL2FudXgzdkliTk0zZVVwRFg1K091bEhVaTZicHJoZTZMMEc0Uys2M1A3NGNoU1pUSlZnOTBDUGV6c1RqdTA9IiwibWFjIjoiZmIwNWQ4ZGNhZjUyNjBiODk4OGViZGRlMjdjZWIyYmU4MzQ1MTg2YmU4Y2RkYzYyYjhlNzc5NDE0Yjk4YjU0OSIsInRhZyI6IiJ9; expires=Sat, 01-Jan-2033 20:51:11 GMT; Max-Age=315359999; path=/; httponly; samesite=lax TS01e2a186=01b02e3e89d740647b58ff766b9d9d277627acf3bfbe58f43830e1ddd68c4fb0ddd6424d236393c5766dd8947a90914b02fa661b90; Path=/; Domain=.ng-app.com Keep-Alive: timeout=5, max=1000 Connection: Keep-Alive Transfer-Encoding: chunked

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Wed, 04 Jan 2023 20:51:12 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 04 Jan 2023 20:08:11 GMT age: 2581 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash fe74c226e54f2f382d278b594df930ae 4e4ebc661443f56b74d7c924ddae50bcb107f0af 511f11fe968867447f6d7e5862d8003e3a5fc18bdb62496ea09d140e9a11f53b HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1041 Cache-Control: max-age=131580 Content-Type: application/ocsp-response Date: Wed, 04 Jan 2023 20:51:12 GMT Etag: "63b541ab-1d7" Expires: Fri, 06 Jan 2023 09:24:12 GMT Last-Modified: Wed, 04 Jan 2023 09:06:51 GMT Server: ECS (ska/F710) X-Cache: HIT Content-Length: 471`

	ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5	91.241.95.201	200 OK	43 kB
URL HTTP/1.1 ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5 IP 91.241.95.201:0 ASN #49582 Upstream Telecommunications And Software Systems S.A. File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (62427) Size 43 kB (42982 bytes) Hash 3e01ebc1a79f4d9f97680d1c1c97c821 aa1cbadc499d8d430a2cb1928090bdfdf3d9c445 445c8bed2232a5814c5df452fdc7640050a0d1814f786d85482ffe8fd3a06a0d HTTP Headers GET /VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5 HTTP/1.1 Host: ng-app.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Cookie: ng_session=eyJpdiI6IlJkMXhEVlJlaW5DZG5sYlFvR1B2RFE9PSIsInZhbHVlIjoidlRaOWppeG5nY2k3WHZlRlFiLzFydGJxemN0VFppN2ZRdGQvOXBJZWs4OTg0R3dkZ24xczNXMUdZME9NVWp0cTBSNGErY0ZoaGs2WThTQm81TDFqajFWcjh2U0dwU0FuSjVuSUVtZnBaV2VPMWJUTW54a25oUXlqTFM0RWtVdUwiLCJtYWMiOiI1ZWU1ODIwYWMzMzg2ZmNiMzY3OTA2OGQzNWUxMjdhYzAwMGQzN2IwMDhmMThjODc3ZmY1ZmE1YTkzM2Y4ZGZjIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6InZDTy8zMTIyb3Z6ejVvNkF6SHpzQ1E9PSIsInZhbHVlIjoiM3ZheFlETFhMeUNEeTJnRHVXeWQ0OFdVRTUrcDVrN2l5M1lnY3NFdGJxbnFWTS9BTFBYUTBpOGd5NXF4Tm9HNXhYUVVySWR1eHZWdzNNbnVCT1RxWElza21pS3J0WDN4WlVUckdJRExoVjQ9IiwibWFjIjoiMTgxN2MwMTEzNmRlN2U2MjE5YzUzZWMyYzYwYjkyZTA2YTUzYjlhNGUzMDViOTVhMmY4ZWU1NWUzMzYzYjY3NyIsInRhZyI6IiJ9; userSessionID=eyJpdiI6IllEWEg3Q0VYQzNxY2tjdEpuUUJCSkE9PSIsInZhbHVlIjoiaElRd0RKdjF0U1N6aG8xaUpQVmJjcFk0NVpRTWFtR2RCU0J5eWVZdGFPL3JLT1pOYmxSMjJURUZLREc3REM2OGNjMCsrNDhCM3kxVTJyL2VvVUxYQUVFOHJmTUhWR3RBbjFzWCtPemo1eG89IiwibWFjIjoiZDY4MjYyZGRjNDE3MmMyNDAwZmU0ODQ0N2E2MjczZWVmNzhmNmQ3ZmIxNGNkNjdiZTJmMzJiZTYyM2JhZTExOSIsInRhZyI6IiJ9; userPermID=eyJpdiI6IkxNN3BaQUpyc1pNV0Q5SGIzdWxPb2c9PSIsInZhbHVlIjoib0dxTnZYZit1OFhhaGNKTXpNTm1WNzd0NDFkekJYdlNhTDRjbW5ycnVCNXEwL2FudXgzdkliTk0zZVVwRFg1K091bEhVaTZicHJoZTZMMEc0Uys2M1A3NGNoU1pUSlZnOTBDUGV6c1RqdTA9IiwibWFjIjoiZmIwNWQ4ZGNhZjUyNjBiODk4OGViZGRlMjdjZWIyYmU4MzQ1MTg2YmU4Y2RkYzYyYjhlNzc5NDE0Yjk4YjU0OSIsInRhZyI6IiJ9; TS01e2a186=01b02e3e89d740647b58ff766b9d9d277627acf3bfbe58f43830e1ddd68c4fb0ddd6424d236393c5766dd8947a90914b02fa661b90 Upgrade-Insecure-Requests: 1 HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 20:51:12 GMT Cache-Control: no-cache, private X-Frame-Options: DENY Vary: Accept-Encoding Content-Encoding: gzip Content-Type: text/html; charset=UTF-8 X-Varnish: 457892643 Age: 0 Via: 1.1 varnish (Varnish/6.0) X-Cache: MISS Access-Control-Allow-Origin: * Accept-Ranges: bytes Set-Cookie: ng_session=eyJpdiI6Ijg0bGtrV1BzUVZmMzB6MFJVVDlzL2c9PSIsInZhbHVlIjoiSDFROHF3ajJhV3Q0VERSQ1BKa3QyYXNKU3NtOHlaRzk4UzBPbDlDcFArcjJBMC80blI2dkppMWRJRHNZb0RNV3E3NzVnT1E4WGNSTnZyYVp6T3l0K1pMNmNUWkh3QkY5ZW1OUVV2bkpicUIrbUZSTDE0KzJSeGNTTFA4OCtBS0YiLCJtYWMiOiI5OGU0M2RkYmQyNmZhM2RiMzQ2NWVkODdmYTBkOWI0ZmQ3YTcwOTRhYzM5MmQ3NmNiY2FhYmYwYmZlODQ2YmVjIiwidGFnIjoiIn0%3D; expires=Thu, 05-Jan-2023 02:51:12 GMT; Max-Age=21600; path=/; httponly; samesite=lax userPermID=eyJpdiI6Iit3cnpqN1FWd0tVZEMwR2JRNytDU2c9PSIsInZhbHVlIjoia21NejZ5UDluc2lVU2t1UHkvL2lwdzNLYVdLd1VUVVhjUVZFLysrSGc5b0V2Nk14emV1eVI2dEpYL1B1dE1LUXMzUzkzamxjMVBoRUo5V3g3VndnVitya0g3aHZGc29sNjJwTStocSs4bTQ9IiwibWFjIjoiZTc1ZGZlZGNlYWQ3ZDY0Nzg0Nzg1Njg5YmE2Yjc5MjQ0YzBjOTgxNWFkMjMwYWNlNjFkZGIzYWMxNzAzNjhkOCIsInRhZyI6IiJ9; expires=Sat, 01-Jan-2033 20:51:12 GMT; Max-Age=315360000; path=/; httponly; samesite=lax userSessionID=eyJpdiI6Ik1TTjRRdHUvbnBnb2hMS0l6UU9udGc9PSIsInZhbHVlIjoia09QMnZ3NldYclg3SHpyS2FJbXUwYy9tenNrK2Q2NnM4NWZJNUE5QkdCRXN1KzI0R00zMzU5dEFJempTeEQ1UTU4WUZRamNuSWVDNjlnMVB4NmNXMGo2Q3hOdTZtT2h1TkpXcEVqMXBvemc9IiwibWFjIjoiOGZiZDc3M2M5NmFjNGQ2MWNlZjJiNDYyN2ZjOWU1NWY3MjI5ZTVmNTNhZTU2YmZlOWIzYjBjMzAzYzY0ZDIzNSIsInRhZyI6IiJ9; expires=Wed, 04-Jan-2023 21:21:12 GMT; Max-Age=1800; path=/; httponly; samesite=lax ctxid=eyJpdiI6Ii9lUmJKaVRzbEVyelVOZ0N2TW4xb2c9PSIsInZhbHVlIjoiRENZQ1lpNEZUSWpJQWZaelk0Q09GSTBBSnk5V3NCUTVMZjRVeURWdGRXWU55Z0NKQUcrWlZ2UjFpK05nVzNCbTZZV3RoRmlBak9OdENaVm9VODZhdXpnamc3WEsyYlVQcTJ5NVRWUzdtSGs9IiwibWFjIjoiY2JkYzg2NTkwZjVlZTEzM2NmZWI1ZDg5YjQ5OTliMDY3ZDIxOTA3NzQ2MjJlOTc0YjYxOWI0MDAwOWE4OTkzNyIsInRhZyI6IiJ9; expires=Sat, 01-Jan-2033 20:51:12 GMT; Max-Age=315360000; path=/; httponly; samesite=lax rd=deleted; expires=Tue, 04-Jan-2022 20:51:11 GMT; Max-Age=0; path=/; httponly; samesite=lax TS01e2a186=01b02e3e89d740647b58ff766b9d9d277627acf3bfbe58f43830e1ddd68c4fb0ddd6424d236393c5766dd8947a90914b02fa661b90; Path=/; Domain=.ng-app.com Keep-Alive: timeout=5, max=999 Connection: Keep-Alive Transfer-Encoding: chunked

	ng-app.com/VasDigimobility/assets/VasDigimobility-bettingtips-24-no-23401220000029483-otp-web.css?ver=10	91.241.95.201	200 OK	3.0 kB
URL HTTP/1.1 ng-app.com/VasDigimobility/assets/VasDigimobility-bettingtips-24-no-23401220000029483-otp-web.css?ver=10 IP 91.241.95.201:0 ASN #49582 Upstream Telecommunications And Software Systems S.A. File type ASCII text Size 3.0 kB (3036 bytes) Hash c70ff0dd3de01b0a7b27b343ce312d51 e68de4aca84c2db8ae2221d3420fc94513e00a86 0e564d27773f299f3d41ed2f36790800dc5ea744a6c99d0260a11e6179c5ab4d HTTP Headers GET /VasDigimobility/assets/VasDigimobility-bettingtips-24-no-23401220000029483-otp-web.css?ver=10 HTTP/1.1 Host: ng-app.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5 Cookie: ng_session=eyJpdiI6Ijg0bGtrV1BzUVZmMzB6MFJVVDlzL2c9PSIsInZhbHVlIjoiSDFROHF3ajJhV3Q0VERSQ1BKa3QyYXNKU3NtOHlaRzk4UzBPbDlDcFArcjJBMC80blI2dkppMWRJRHNZb0RNV3E3NzVnT1E4WGNSTnZyYVp6T3l0K1pMNmNUWkh3QkY5ZW1OUVV2bkpicUIrbUZSTDE0KzJSeGNTTFA4OCtBS0YiLCJtYWMiOiI5OGU0M2RkYmQyNmZhM2RiMzQ2NWVkODdmYTBkOWI0ZmQ3YTcwOTRhYzM5MmQ3NmNiY2FhYmYwYmZlODQ2YmVjIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6Ii9lUmJKaVRzbEVyelVOZ0N2TW4xb2c9PSIsInZhbHVlIjoiRENZQ1lpNEZUSWpJQWZaelk0Q09GSTBBSnk5V3NCUTVMZjRVeURWdGRXWU55Z0NKQUcrWlZ2UjFpK05nVzNCbTZZV3RoRmlBak9OdENaVm9VODZhdXpnamc3WEsyYlVQcTJ5NVRWUzdtSGs9IiwibWFjIjoiY2JkYzg2NTkwZjVlZTEzM2NmZWI1ZDg5YjQ5OTliMDY3ZDIxOTA3NzQ2MjJlOTc0YjYxOWI0MDAwOWE4OTkzNyIsInRhZyI6IiJ9; userSessionID=eyJpdiI6Ik1TTjRRdHUvbnBnb2hMS0l6UU9udGc9PSIsInZhbHVlIjoia09QMnZ3NldYclg3SHpyS2FJbXUwYy9tenNrK2Q2NnM4NWZJNUE5QkdCRXN1KzI0R00zMzU5dEFJempTeEQ1UTU4WUZRamNuSWVDNjlnMVB4NmNXMGo2Q3hOdTZtT2h1TkpXcEVqMXBvemc9IiwibWFjIjoiOGZiZDc3M2M5NmFjNGQ2MWNlZjJiNDYyN2ZjOWU1NWY3MjI5ZTVmNTNhZTU2YmZlOWIzYjBjMzAzYzY0ZDIzNSIsInRhZyI6IiJ9; userPermID=eyJpdiI6Iit3cnpqN1FWd0tVZEMwR2JRNytDU2c9PSIsInZhbHVlIjoia21NejZ5UDluc2lVU2t1UHkvL2lwdzNLYVdLd1VUVVhjUVZFLysrSGc5b0V2Nk14emV1eVI2dEpYL1B1dE1LUXMzUzkzamxjMVBoRUo5V3g3VndnVitya0g3aHZGc29sNjJwTStocSs4bTQ9IiwibWFjIjoiZTc1ZGZlZGNlYWQ3ZDY0Nzg0Nzg1Njg5YmE2Yjc5MjQ0YzBjOTgxNWFkMjMwYWNlNjFkZGIzYWMxNzAzNjhkOCIsInRhZyI6IiJ9; TS01e2a186=01b02e3e89d740647b58ff766b9d9d277627acf3bfbe58f43830e1ddd68c4fb0ddd6424d236393c5766dd8947a90914b02fa661b90 `HTTP/1.1 200 OK Date: Wed, 04 Jan 2023 20:51:12 GMT Last-Modified: Thu, 15 Dec 2022 12:01:28 GMT ETag: "59ab-5efdc9cf0cf1f-gzip" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3036 Content-Type: text/css X-Varnish: 441089800 Age: 0 Via: 1.1 varnish (Varnish/6.0) X-Cache: MISS Access-Control-Allow-Origin: * Accept-Ranges: bytes Keep-Alive: timeout=5, max=1000 Connection: Keep-Alive`

	ng-app.com/VasDigimobility/assets/images/fallback-logo.png	91.241.95.201	200 OK	3.2 kB
URL HTTP/1.1 ng-app.com/VasDigimobility/assets/images/fallback-logo.png IP 91.241.95.201:0 ASN #49582 Upstream Telecommunications And Software Systems S.A. File type PNG image data, 125 x 50, 8-bit/color RGBA, non-interlaced\012- data Size 3.2 kB (3224 bytes) Hash 579588795c312127d2e053a39a4a8d1a 7b5e21df2cab8bbb9dbd134a7c0ccf815065c432 54e5589e7d70511ebfce74fff2d9b168870a8973e39ee78693c06ca3aa7398fd HTTP Headers GET /VasDigimobility/assets/images/fallback-logo.png HTTP/1.1 Host: ng-app.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5 Cookie: ng_session=eyJpdiI6Ijg0bGtrV1BzUVZmMzB6MFJVVDlzL2c9PSIsInZhbHVlIjoiSDFROHF3ajJhV3Q0VERSQ1BKa3QyYXNKU3NtOHlaRzk4UzBPbDlDcFArcjJBMC80blI2dkppMWRJRHNZb0RNV3E3NzVnT1E4WGNSTnZyYVp6T3l0K1pMNmNUWkh3QkY5ZW1OUVV2bkpicUIrbUZSTDE0KzJSeGNTTFA4OCtBS0YiLCJtYWMiOiI5OGU0M2RkYmQyNmZhM2RiMzQ2NWVkODdmYTBkOWI0ZmQ3YTcwOTRhYzM5MmQ3NmNiY2FhYmYwYmZlODQ2YmVjIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6Ii9lUmJKaVRzbEVyelVOZ0N2TW4xb2c9PSIsInZhbHVlIjoiRENZQ1lpNEZUSWpJQWZaelk0Q09GSTBBSnk5V3NCUTVMZjRVeURWdGRXWU55Z0NKQUcrWlZ2UjFpK05nVzNCbTZZV3RoRmlBak9OdENaVm9VODZhdXpnamc3WEsyYlVQcTJ5NVRWUzdtSGs9IiwibWFjIjoiY2JkYzg2NTkwZjVlZTEzM2NmZWI1ZDg5YjQ5OTliMDY3ZDIxOTA3NzQ2MjJlOTc0YjYxOWI0MDAwOWE4OTkzNyIsInRhZyI6IiJ9; userSessionID=eyJpdiI6Ik1TTjRRdHUvbnBnb2hMS0l6UU9udGc9PSIsInZhbHVlIjoia09QMnZ3NldYclg3SHpyS2FJbXUwYy9tenNrK2Q2NnM4NWZJNUE5QkdCRXN1KzI0R00zMzU5dEFJempTeEQ1UTU4WUZRamNuSWVDNjlnMVB4NmNXMGo2Q3hOdTZtT2h1TkpXcEVqMXBvemc9IiwibWFjIjoiOGZiZDc3M2M5NmFjNGQ2MWNlZjJiNDYyN2ZjOWU1NWY3MjI5ZTVmNTNhZTU2YmZlOWIzYjBjMzAzYzY0ZDIzNSIsInRhZyI6IiJ9; userPermID=eyJpdiI6Iit3cnpqN1FWd0tVZEMwR2JRNytDU2c9PSIsInZhbHVlIjoia21NejZ5UDluc2lVU2t1UHkvL2lwdzNLYVdLd1VUVVhjUVZFLysrSGc5b0V2Nk14emV1eVI2dEpYL1B1dE1LUXMzUzkzamxjMVBoRUo5V3g3VndnVitya0g3aHZGc29sNjJwTStocSs4bTQ9IiwibWFjIjoiZTc1ZGZlZGNlYWQ3ZDY0Nzg0Nzg1Njg5YmE2Yjc5MjQ0YzBjOTgxNWFkMjMwYWNlNjFkZGIzYWMxNzAzNjhkOCIsInRhZyI6IiJ9; TS01e2a186=01b02e3e89d740647b58ff766b9d9d277627acf3bfbe58f43830e1ddd68c4fb0ddd6424d236393c5766dd8947a90914b02fa661b90 `HTTP/1.1 200 OK Date: Mon, 26 Dec 2022 11:00:26 GMT Last-Modified: Mon, 04 Jan 2021 16:46:25 GMT ETag: "c98-5b815d4b01334" Content-Length: 3224 Cache-Control: max-age=5184000 Expires: Fri, 24 Feb 2023 11:00:26 GMT Content-Type: image/png X-Varnish: 449094467 341454124 Age: 813046 Via: 1.1 varnish (Varnish/6.0) X-Cache: HIT Access-Control-Allow-Origin: * Accept-Ranges: bytes Keep-Alive: timeout=5, max=998 Connection: Keep-Alive`

	ng-app.com/VasDigimobility/assets/images/fallback-image-320x160.jpg	91.241.95.201	200 OK	8.5 kB
URL HTTP/1.1 ng-app.com/VasDigimobility/assets/images/fallback-image-320x160.jpg IP 91.241.95.201:0 ASN #49582 Upstream Telecommunications And Software Systems S.A. File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 320x160, components 3\012- data Size 8.5 kB (8455 bytes) Hash 764ab790ccaf1fdf6d5cda9da8b50f25 eb0851a3014bdd702969617797fa7365924be932 f3b71c1e48bf1c7c2d944829c7a90f472058cde3bab7e6e4f62a0b25ad94df15 HTTP Headers GET /VasDigimobility/assets/images/fallback-image-320x160.jpg HTTP/1.1 Host: ng-app.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5 Cookie: ng_session=eyJpdiI6Ijg0bGtrV1BzUVZmMzB6MFJVVDlzL2c9PSIsInZhbHVlIjoiSDFROHF3ajJhV3Q0VERSQ1BKa3QyYXNKU3NtOHlaRzk4UzBPbDlDcFArcjJBMC80blI2dkppMWRJRHNZb0RNV3E3NzVnT1E4WGNSTnZyYVp6T3l0K1pMNmNUWkh3QkY5ZW1OUVV2bkpicUIrbUZSTDE0KzJSeGNTTFA4OCtBS0YiLCJtYWMiOiI5OGU0M2RkYmQyNmZhM2RiMzQ2NWVkODdmYTBkOWI0ZmQ3YTcwOTRhYzM5MmQ3NmNiY2FhYmYwYmZlODQ2YmVjIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6Ii9lUmJKaVRzbEVyelVOZ0N2TW4xb2c9PSIsInZhbHVlIjoiRENZQ1lpNEZUSWpJQWZaelk0Q09GSTBBSnk5V3NCUTVMZjRVeURWdGRXWU55Z0NKQUcrWlZ2UjFpK05nVzNCbTZZV3RoRmlBak9OdENaVm9VODZhdXpnamc3WEsyYlVQcTJ5NVRWUzdtSGs9IiwibWFjIjoiY2JkYzg2NTkwZjVlZTEzM2NmZWI1ZDg5YjQ5OTliMDY3ZDIxOTA3NzQ2MjJlOTc0YjYxOWI0MDAwOWE4OTkzNyIsInRhZyI6IiJ9; userSessionID=eyJpdiI6Ik1TTjRRdHUvbnBnb2hMS0l6UU9udGc9PSIsInZhbHVlIjoia09QMnZ3NldYclg3SHpyS2FJbXUwYy9tenNrK2Q2NnM4NWZJNUE5QkdCRXN1KzI0R00zMzU5dEFJempTeEQ1UTU4WUZRamNuSWVDNjlnMVB4NmNXMGo2Q3hOdTZtT2h1TkpXcEVqMXBvemc9IiwibWFjIjoiOGZiZDc3M2M5NmFjNGQ2MWNlZjJiNDYyN2ZjOWU1NWY3MjI5ZTVmNTNhZTU2YmZlOWIzYjBjMzAzYzY0ZDIzNSIsInRhZyI6IiJ9; userPermID=eyJpdiI6Iit3cnpqN1FWd0tVZEMwR2JRNytDU2c9PSIsInZhbHVlIjoia21NejZ5UDluc2lVU2t1UHkvL2lwdzNLYVdLd1VUVVhjUVZFLysrSGc5b0V2Nk14emV1eVI2dEpYL1B1dE1LUXMzUzkzamxjMVBoRUo5V3g3VndnVitya0g3aHZGc29sNjJwTStocSs4bTQ9IiwibWFjIjoiZTc1ZGZlZGNlYWQ3ZDY0Nzg0Nzg1Njg5YmE2Yjc5MjQ0YzBjOTgxNWFkMjMwYWNlNjFkZGIzYWMxNzAzNjhkOCIsInRhZyI6IiJ9; TS01e2a186=01b02e3e89d740647b58ff766b9d9d277627acf3bfbe58f43830e1ddd68c4fb0ddd6424d236393c5766dd8947a90914b02fa661b90 `HTTP/1.1 200 OK Date: Wed, 09 Nov 2022 10:49:42 GMT Last-Modified: Mon, 04 Jan 2021 16:42:04 GMT ETag: "2107-5b815c51c8497" Content-Length: 8455 Cache-Control: max-age=5184000 Expires: Sun, 08 Jan 2023 10:49:42 GMT Content-Type: image/jpeg X-Varnish: 451652718 87429040 Age: 4874490 Via: 1.1 varnish (Varnish/6.0) X-Cache: HIT Access-Control-Allow-Origin: * Accept-Ranges: bytes Keep-Alive: timeout=5, max=999 Connection: Keep-Alive`

	push.services.mozilla.com/	35.166.172.24	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.166.172.24:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: Qmusa+3TzqJXMMB0fBFnMw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: STlJedFoL+z+rFfW9R+NhWkjl1U=`

	ng-app.com/assets/images/NMD/BettingTips-logo.jpg	91.241.95.201	200 OK	10 kB
URL HTTP/1.1 ng-app.com/assets/images/NMD/BettingTips-logo.jpg IP 91.241.95.201:0 ASN #49582 Upstream Telecommunications And Software Systems S.A. File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.4 (Windows), datetime=2022:08:15 15:28:01], progressive, precision 8, 235x50, components 3\012- data Size 10 kB (10494 bytes) Hash 6e5077e13e01cd9f984b1c021224485a 1f3324904bff52cdeddd8a0f69ef650822a9ef70 5e805b89daabe9a8adc2549a184ab9711ae8dd529cad911dad6905cb069f0824 HTTP Headers GET /assets/images/NMD/BettingTips-logo.jpg HTTP/1.1 Host: ng-app.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5 Cookie: ng_session=eyJpdiI6Ijg0bGtrV1BzUVZmMzB6MFJVVDlzL2c9PSIsInZhbHVlIjoiSDFROHF3ajJhV3Q0VERSQ1BKa3QyYXNKU3NtOHlaRzk4UzBPbDlDcFArcjJBMC80blI2dkppMWRJRHNZb0RNV3E3NzVnT1E4WGNSTnZyYVp6T3l0K1pMNmNUWkh3QkY5ZW1OUVV2bkpicUIrbUZSTDE0KzJSeGNTTFA4OCtBS0YiLCJtYWMiOiI5OGU0M2RkYmQyNmZhM2RiMzQ2NWVkODdmYTBkOWI0ZmQ3YTcwOTRhYzM5MmQ3NmNiY2FhYmYwYmZlODQ2YmVjIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6Ii9lUmJKaVRzbEVyelVOZ0N2TW4xb2c9PSIsInZhbHVlIjoiRENZQ1lpNEZUSWpJQWZaelk0Q09GSTBBSnk5V3NCUTVMZjRVeURWdGRXWU55Z0NKQUcrWlZ2UjFpK05nVzNCbTZZV3RoRmlBak9OdENaVm9VODZhdXpnamc3WEsyYlVQcTJ5NVRWUzdtSGs9IiwibWFjIjoiY2JkYzg2NTkwZjVlZTEzM2NmZWI1ZDg5YjQ5OTliMDY3ZDIxOTA3NzQ2MjJlOTc0YjYxOWI0MDAwOWE4OTkzNyIsInRhZyI6IiJ9; userSessionID=eyJpdiI6Ik1TTjRRdHUvbnBnb2hMS0l6UU9udGc9PSIsInZhbHVlIjoia09QMnZ3NldYclg3SHpyS2FJbXUwYy9tenNrK2Q2NnM4NWZJNUE5QkdCRXN1KzI0R00zMzU5dEFJempTeEQ1UTU4WUZRamNuSWVDNjlnMVB4NmNXMGo2Q3hOdTZtT2h1TkpXcEVqMXBvemc9IiwibWFjIjoiOGZiZDc3M2M5NmFjNGQ2MWNlZjJiNDYyN2ZjOWU1NWY3MjI5ZTVmNTNhZTU2YmZlOWIzYjBjMzAzYzY0ZDIzNSIsInRhZyI6IiJ9; userPermID=eyJpdiI6Iit3cnpqN1FWd0tVZEMwR2JRNytDU2c9PSIsInZhbHVlIjoia21NejZ5UDluc2lVU2t1UHkvL2lwdzNLYVdLd1VUVVhjUVZFLysrSGc5b0V2Nk14emV1eVI2dEpYL1B1dE1LUXMzUzkzamxjMVBoRUo5V3g3VndnVitya0g3aHZGc29sNjJwTStocSs4bTQ9IiwibWFjIjoiZTc1ZGZlZGNlYWQ3ZDY0Nzg0Nzg1Njg5YmE2Yjc5MjQ0YzBjOTgxNWFkMjMwYWNlNjFkZGIzYWMxNzAzNjhkOCIsInRhZyI6IiJ9; TS01e2a186=01b02e3e89d740647b58ff766b9d9d277627acf3bfbe58f43830e1ddd68c4fb0ddd6424d236393c5766dd8947a90914b02fa661b90 `HTTP/1.1 200 OK Date: Tue, 15 Nov 2022 10:29:48 GMT Last-Modified: Wed, 07 Sep 2022 07:31:14 GMT ETag: "28fe-5e8114c40e4fd" Content-Length: 10494 Cache-Control: max-age=5184000 Expires: Sat, 14 Jan 2023 10:29:48 GMT Content-Type: image/jpeg X-Varnish: 450258657 113337501 Age: 4357284 Via: 1.1 varnish (Varnish/6.0) X-Cache: HIT Access-Control-Allow-Origin: * Accept-Ranges: bytes Keep-Alive: timeout=5, max=998 Connection: Keep-Alive`

	ng-app.com/assets/images/NMD/BettingTips-image-320x160.jpg	91.241.95.201	200 OK	20 kB
URL HTTP/1.1 ng-app.com/assets/images/NMD/BettingTips-image-320x160.jpg IP 91.241.95.201:0 ASN #49582 Upstream Telecommunications And Software Systems S.A. File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, orientation=upper-left], baseline, precision 8, 320x160, components 3\012- data Size 20 kB (20337 bytes) Hash 81d34e4725e31667d00aa173931d0851 fc557ba54159891b31389c5421fd1b853decc304 1ac371b36a09febef50765d13a9d8a305ccf1f29cf52809a8127de84fd03c091 HTTP Headers GET /assets/images/NMD/BettingTips-image-320x160.jpg HTTP/1.1 Host: ng-app.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ng-app.com/VasDigimobility/bettingtips-24-no-23401220000029483-otp-web?trxId=b189beea-7876-45c7-9a18-db56967169a5 Cookie: ng_session=eyJpdiI6Ijg0bGtrV1BzUVZmMzB6MFJVVDlzL2c9PSIsInZhbHVlIjoiSDFROHF3ajJhV3Q0VERSQ1BKa3QyYXNKU3NtOHlaRzk4UzBPbDlDcFArcjJBMC80blI2dkppMWRJRHNZb0RNV3E3NzVnT1E4WGNSTnZyYVp6T3l0K1pMNmNUWkh3QkY5ZW1OUVV2bkpicUIrbUZSTDE0KzJSeGNTTFA4OCtBS0YiLCJtYWMiOiI5OGU0M2RkYmQyNmZhM2RiMzQ2NWVkODdmYTBkOWI0ZmQ3YTcwOTRhYzM5MmQ3NmNiY2FhYmYwYmZlODQ2YmVjIiwidGFnIjoiIn0%3D; ctxid=eyJpdiI6Ii9lUmJKaVRzbEVyelVOZ0N2TW4xb2c9PSIsInZhbHVlIjoiRENZQ1lpNEZUSWpJQWZaelk0Q09GSTBBSnk5V3NCUTVMZjRVeURWdGRXWU55Z0NKQUcrWlZ2UjFpK05nVzNCbTZZV3RoRmlBak9OdENaVm9VODZhdXpnamc3WEsyYlVQcTJ5NVRWUzdtSGs9IiwibWFjIjoiY2JkYzg2NTkwZjVlZTEzM2NmZWI1ZDg5YjQ5OTliMDY3ZDIxOTA3NzQ2MjJlOTc0YjYxOWI0MDAwOWE4OTkzNyIsInRhZyI6IiJ9; userSessionID=eyJpdiI6Ik1TTjRRdHUvbnBnb2hMS0l6UU9udGc9PSIsInZhbHVlIjoia09QMnZ3NldYclg3SHpyS2FJbXUwYy9tenNrK2Q2NnM4NWZJNUE5QkdCRXN1KzI0R00zMzU5dEFJempTeEQ1UTU4WUZRamNuSWVDNjlnMVB4NmNXMGo2Q3hOdTZtT2h1TkpXcEVqMXBvemc9IiwibWFjIjoiOGZiZDc3M2M5NmFjNGQ2MWNlZjJiNDYyN2ZjOWU1NWY3MjI5ZTVmNTNhZTU2YmZlOWIzYjBjMzAzYzY0ZDIzNSIsInRhZyI6IiJ9; userPermID=eyJpdiI6Iit3cnpqN1FWd0tVZEMwR2JRNytDU2c9PSIsInZhbHVlIjoia21NejZ5UDluc2lVU2t1UHkvL2lwdzNLYVdLd1VUVVhjUVZFLysrSGc5b0V2Nk14emV1eVI2dEpYL1B1dE1LUXMzUzkzamxjMVBoRUo5V3g3VndnVitya0g3aHZGc29sNjJwTStocSs4bTQ9IiwibWFjIjoiZTc1ZGZlZGNlYWQ3ZDY0Nzg0Nzg1Njg5YmE2Yjc5MjQ0YzBjOTgxNWFkMjMwYWNlNjFkZGIzYWMxNzAzNjhkOCIsInRhZyI6IiJ9; TS01e2a186=01b02e3e89d740647b58ff766b9d9d277627acf3bfbe58f43830e1ddd68c4fb0ddd6424d236393c5766dd8947a90914b02fa661b90 `HTTP/1.1 200 OK Date: Tue, 15 Nov 2022 10:29:48 GMT Last-Modified: Wed, 07 Sep 2022 07:31:14 GMT ETag: "4f71-5e8114c40e4fd" Content-Length: 20337 Cache-Control: max-age=5184000 Expires: Sat, 14 Jan 2023 10:29:48 GMT Content-Type: image/jpeg X-Varnish: 449094468 117199399 Age: 4357284 Via: 1.1 varnish (Varnish/6.0) X-Cache: HIT Access-Control-Allow-Origin: * Accept-Ranges: bytes Keep-Alive: timeout=5, max=1000 Connection: Keep-Alive`

	analytics-ng-mtn.securewebfraud.io/web/v1/content/view/Confirmation/ng_mtn/AQ4z3kk0iU21Jc-wfK8FwYLT6qM7uBZGxeN1Du3dz0EQkoXxunG8RJH04pHjiuHEDUPT	91.241.94.108	200	51 B
URL HTTP/1.1 analytics-ng-mtn.securewebfraud.io/web/v1/content/view/Confirmation/ng_mtn/AQ4z3kk0iU21Jc-wfK8FwYLT6qM7uBZGxeN1Du3dz0EQkoXxunG8RJH04pHjiuHEDUPT IP 91.241.94.108:0 ASN #49582 Upstream Telecommunications And Software Systems S.A. File type GIF image data, version 89a, 1 x 1\012- data Size 51 B (51 bytes) Hash 49cdc214849d5ced018d230677b14076 0e75513436e6b01963759f6a88282445ff2e5b3a 7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675 HTTP Headers `GET /web/v1/content/view/Confirmation/ng_mtn/AQ4z3kk0iU21Jc-wfK8FwYLT6qM7uBZGxeN1Du3dz0EQkoXxunG8RJH04pHjiuHEDUPT HTTP/1.1 Host: analytics-ng-mtn.securewebfraud.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ng-app.com/` `HTTP/1.1 200 Date: Wed, 04 Jan 2023 20:51:13 GMT Cache-Control: no-store, private Content-Disposition: attachment; filename="pixel" Pragma: no-cache Accept-Ranges: bytes Content-Type: image/gif Content-Length: 51 Keep-Alive: timeout=5, max=1000 Connection: Keep-Alive Set-Cookie: TS01835365=01b02e3e89a0cee42d7cefc86e47868c61b98f14c88c0bdb731704f9b98ebd0497fc675bbadd2a5b5ab6f25e402d1f8dc22b9f9a7d; Path=/; Domain=.analytics-ng-mtn.securewebfraud.io`

	web-ng-mtn.secure-d.io/web/v1/content/view/Confirmation/ng_mtn/AQ4z3kk0iU21Jc-wfK8FwYLT6qM7uBZGxeN1Du3dz0EQkoXxunG8RJH04pHjiuHEDUPT	91.241.95.160	200	51 B
URL HTTP/1.1 web-ng-mtn.secure-d.io/web/v1/content/view/Confirmation/ng_mtn/AQ4z3kk0iU21Jc-wfK8FwYLT6qM7uBZGxeN1Du3dz0EQkoXxunG8RJH04pHjiuHEDUPT IP 91.241.95.160:0 ASN #49582 Upstream Telecommunications And Software Systems S.A. File type GIF image data, version 89a, 1 x 1\012- data Size 51 B (51 bytes) Hash 49cdc214849d5ced018d230677b14076 0e75513436e6b01963759f6a88282445ff2e5b3a 7455bacb03f7ef04d79010638db14d8434cf7a349914c2ee99eb5d4220338675 HTTP Headers `GET /web/v1/content/view/Confirmation/ng_mtn/AQ4z3kk0iU21Jc-wfK8FwYLT6qM7uBZGxeN1Du3dz0EQkoXxunG8RJH04pHjiuHEDUPT HTTP/1.1 Host: web-ng-mtn.secure-d.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ng-app.com/` `HTTP/1.1 200 Date: Wed, 04 Jan 2023 20:51:13 GMT Cache-Control: no-store, private Content-Disposition: attachment; filename="pixel" Pragma: no-cache Accept-Ranges: bytes Content-Type: image/gif Content-Length: 51 Keep-Alive: timeout=5, max=1000 Connection: Keep-Alive Set-Cookie: TS01ca423b=01b02e3e8966d1f5340c7b1420c193828ee070f9abbe1d1cdcb8e2171fa5b420b7615f45e2add6268915edc34c536d603bc3db104d; Path=/; Domain=.web-ng-mtn.secure-d.io`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 872ad13c3966689cbd481bebca0b21f8 2a052c414b68b9e71b00fa3903995e8bdd22a81c bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA" Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15094 Expires: Thu, 05 Jan 2023 01:02:48 GMT Date: Wed, 04 Jan 2023 20:51:14 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 872ad13c3966689cbd481bebca0b21f8 2a052c414b68b9e71b00fa3903995e8bdd22a81c bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA" Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15094 Expires: Thu, 05 Jan 2023 01:02:48 GMT Date: Wed, 04 Jan 2023 20:51:14 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 872ad13c3966689cbd481bebca0b21f8 2a052c414b68b9e71b00fa3903995e8bdd22a81c bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA" Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15094 Expires: Thu, 05 Jan 2023 01:02:48 GMT Date: Wed, 04 Jan 2023 20:51:14 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03ececd-3935-4a1b-ae41-45a5aea9ebe3.jpeg	34.120.237.76	200 OK	5.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03ececd-3935-4a1b-ae41-45a5aea9ebe3.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.0 kB (5018 bytes) Hash af78916e285d0f6c5c5a5ff33894e108 96df0d8c10c666811cfeb98187ca93e65480c2ff 7bcb20dc641e46d033dee76b3d92b701b31aecfbf88241a5a95dfdc1c5e95885 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03ececd-3935-4a1b-ae41-45a5aea9ebe3.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5018 x-amzn-requestid: 7a68cfb1-dedd-4f08-8d99-4678c1087422 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: eL3HtFHkoAMFwYQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63b49efd-7880e5f93c99cc794f9a03bb;Sampled=0 x-amzn-remapped-date: Tue, 03 Jan 2023 21:32:45 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: MvV5dXthUr0Qo499_5eG6Z_yW0gmflen3kRBrse7ngQjUgOVA0OMvg== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google date: Tue, 03 Jan 2023 21:50:49 GMT age: 82825 etag: "96df0d8c10c666811cfeb98187ca93e65480c2ff" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8476606b-7383-49cb-8c93-76705bedbbb8.webp	34.120.237.76	200 OK	8.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8476606b-7383-49cb-8c93-76705bedbbb8.webp IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.1 kB (8148 bytes) Hash 0f7ef195ef59caf6b47f13ceae04987f dbff30aac035b502e27a3a538dbdfd475d3fc1d4 b31c198d6b76827201a870da6f9fe9b28c2cffe0d3f7f3d8e0530223ea8fc9d9 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8476606b-7383-49cb-8c93-76705bedbbb8.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8148 x-amzn-requestid: 7712cf7e-ea08-47da-876a-ba70c723b68b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: eL33cHXsIAMFhhw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63b4a02f-3c965abb517a33ce31cbdf4c;Sampled=0 x-amzn-remapped-date: Tue, 03 Jan 2023 21:37:51 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: oJ4e7NUOg62KQDiD04fLCiSoQgBO_AQGw6mrIYbqcgdrylEMwoDQUA== via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google date: Tue, 03 Jan 2023 21:50:17 GMT age: 82857 etag: "dbff30aac035b502e27a3a538dbdfd475d3fc1d4" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3928383c-cf5a-464c-89b1-7e655cdac6a9.jpeg	34.120.237.76	200 OK	7.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3928383c-cf5a-464c-89b1-7e655cdac6a9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.5 kB (7521 bytes) Hash f0bcde39691c9f7ffe3c4a31d919394a 9ab1417dd6266da8da799ebc8bdd3dc869b85ef9 557ab2dd06a693547e7b41cdc2463b304692d41bf3ea3ede1dbe11e9652bd0a6 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3928383c-cf5a-464c-89b1-7e655cdac6a9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7521 x-amzn-requestid: 7a5d2e74-05ce-4705-a70a-81fd5a2b84bb x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: eJy91EspoAMFisA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63b3cb8b-66a0cf6e491395c44964fdc1;Sampled=0 x-amzn-remapped-date: Tue, 03 Jan 2023 06:30:35 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 4SHjznuM8mYVHIZsZroQIOXhYIWQSpVLXjD1TWrjutelKtCvPxyDiQ== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google date: Wed, 04 Jan 2023 20:46:23 GMT age: 80969 etag: "9ab1417dd6266da8da799ebc8bdd3dc869b85ef9" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7367913c-a0ac-494d-9929-dad9f308a082.jpeg	34.120.237.76	200 OK	7.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7367913c-a0ac-494d-9929-dad9f308a082.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.1 kB (7126 bytes) Hash 366b35900303af09c9dd28131a105a66 34b2acc4195a5e36f0acbd10669219c7ef14a5fa 5b7c3e9920d5058a2342a3e85e3046de75c3f8ff88bc55099f5cfc3ad5041b69 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7367913c-a0ac-494d-9929-dad9f308a082.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7126 x-amzn-requestid: 48f19ee3-5b35-438b-b088-91297ef2c816 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: eMUhEG5wIAMFu5Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63b4ce06-08436eaf7f54288c4a258770;Sampled=0 x-amzn-remapped-date: Wed, 04 Jan 2023 00:53:26 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Z3YUeSR6ZBHfxf2lswIkBhlBSdSuwLkDx60bSkYA2MVUqnsvUHkfkg== via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google date: Wed, 04 Jan 2023 05:08:25 GMT age: 56569 etag: "34b2acc4195a5e36f0acbd10669219c7ef14a5fa" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11877 bytes) Hash 359f30e64bec00d0a01acd69a08b684d ac965c8642c4d1e47713965060fa2fc8f19088b1 fff1b001462468cc953092a2312650c03f307e95c40e2c6bb7356e2a8b9b0283 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11877 x-amzn-requestid: 884b9243-6a8a-4434-9b2a-e5eff84d4e99 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: eL33bFnDoAMFpoQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63b4a02f-3f7043ae29d21e010ddc1ff9;Sampled=0 x-amzn-remapped-date: Tue, 03 Jan 2023 21:37:51 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: WcUVY1LHWCEWWyJZEhS8M5tlXhx5WDnIr9RmxLMvqIilnREfwORJew== via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google date: Tue, 03 Jan 2023 22:12:53 GMT age: 81501 etag: "ac965c8642c4d1e47713965060fa2fc8f19088b1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b11930d-f72d-464d-8f7d-bbd0bb247c74.jpeg	34.120.237.76	200 OK	14 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b11930d-f72d-464d-8f7d-bbd0bb247c74.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 14 kB (13546 bytes) Hash 235b1a6e2b61b3068bf7a8e7a2607634 0df6f090574996e472064765c6f27b6b8e012414 6e6061581018dc0ec494631e7861cf2e44f82ac94d1b0056679555ff6dae5f8e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b11930d-f72d-464d-8f7d-bbd0bb247c74.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 13546 x-amzn-requestid: 6758cca7-bc06-43dd-8545-3e05aa760218 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: eL3p7GYjIAMFw7A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63b49fd8-038317190f3df26f13c9d961;Sampled=0 x-amzn-remapped-date: Tue, 03 Jan 2023 21:36:25 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: _ppyHa_jCBaOxdhFxe2mk83Tk35L97BMENr5W2wsMFHmtTnVXy2bFg== via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google date: Tue, 03 Jan 2023 21:54:33 GMT age: 82601 etag: "0df6f090574996e472064765c6f27b6b8e012414" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations