Report - case100056896743345.web.app/

Report Overview

Submitted URL
case100056896743345.web.app/
IP
199.36.158.100
ASN
#54113 FASTLY
Submitted
2022-08-29 08:09:52
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
tls-ech-experiment-c.cloudflareresearch.com	903035	2021-09-14T23:06:03Z	2023-02-22T07:29:41Z	488 B	149 B	162.159.138.85
ka-f.fontawesome.com	3598	2019-12-17T07:36:13Z	2023-03-06T05:09:52Z	2.4 kB	166 kB	172.67.150.137
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-06T05:09:35Z	3.2 kB	57 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-06T05:09:03Z	1.3 kB	3.5 kB	23.36.76.226
id1000543784643.adsupport.net	unknown	2022-08-25T21:16:13Z	2022-09-14T15:34:12Z	1.4 kB	14 kB	172.67.142.75
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-06T05:09:12Z	594 B	127 B	35.165.182.128
tls-ech-experiment.cloudflareresearch.com	949260	2021-09-14T23:02:13Z	2022-09-08T18:20:16Z	486 B	149 B	162.159.137.85
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-06T06:45:22Z	907 B	49 kB	151.101.85.229
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-06T09:48:42Z	393 B	32 kB	142.250.74.74
api.ipify.org	3267	2014-10-06T14:38:43Z	2023-03-06T20:00:00Z	406 B	265 B	54.91.59.199
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-06T05:09:34Z	758 B	2.7 kB	143.204.55.27
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-06T05:10:30Z	401 B	5.8 kB	143.204.55.110
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-06T05:09:43Z	321 B	229 B	34.117.237.239
kit.fontawesome.com	1868	2019-12-16T20:51:31Z	2023-03-06T05:09:52Z	414 B	13 kB	104.18.22.52
case100056896743345.web.app	unknown			792 B	1.1 kB	199.36.158.100
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-06T05:10:42Z	1.0 kB	2.1 kB	142.250.74.3
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-06T06:00:56Z	329 B	737 B	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-08-29	medium	case100056896743345.web.app	Sinkholed
2022-08-29	medium	case100056896743345.web.app	Sinkholed

JavaScript (11)

	URL	Size	First Seen	Last Seen
	kit.fontawesome.com/83fd8385f7.js	11 kB	2023-03-07	2023-03-17
Pretty URL kit.fontawesome.com/83fd8385f7.js IP 104.18.22.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:04 Last Seen2023-03-17 09:24:02 Times Seen1 Hash 2aec0f7d057267fe5e4089edbdcbab47 a782e3cba8e89dd2ea0752e24e0abeaee6265909 5edc0e009d483b5047786811a073759f8bd257f674618b2960bc5944742235c8 Loading...

	id1000543784643.adsupport.net/?fbclid=923874238921	1.1 kB	2023-03-07	2024-03-24
Pretty URL id1000543784643.adsupport.net/?fbclid=923874238921 IP 172.67.142.75 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:04 Last Seen2024-03-24 17:27:13 Times Seen2 Hash 7f71199b5aebe53c50e7a7a62fd610e1 914a7bd549ca1faa5db830cd802bfeb69de82220 025bf82819b297f8958dbdb88d7ea98e9e5749e3f55c993dc96fde689a406978 Loading...

	id1000543784643.adsupport.net/?fbclid=923874238921	1.4 kB	2023-03-07	2023-03-07
Pretty URL id1000543784643.adsupport.net/?fbclid=923874238921 IP 172.67.142.75 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:07 Last Seen2023-03-07 01:15:07 Times Seen1 Hash 1054181e98a22062af8f61de426caf6b fdc13f609886f1d4102e62d6e47dcbebff255a77 57d6696b1b5a625ae5525c149c78a8552509a0662db6c8cdb866d71747c3b5c3 Loading...

	http:blank	600 B	2023-03-07	2023-03-07
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:07 Last Seen2023-03-07 01:15:07 Times Seen1 Hash f90ac05ca8ecfef8dfe3638c15af8419 45004745ba422baf82f7f99a79628bf607a09d78 115377ea2cf91cdca9dff82a6c52333fa927130aa5b8ee0154c22305942f614c Loading...

	id1000543784643.adsupport.net/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7423ce562ac60b4d	64 kB	2023-03-07	2023-03-07
Pretty URL id1000543784643.adsupport.net/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7423ce562ac60b4d IP 172.67.142.75 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:07 Last Seen2023-03-07 01:15:07 Times Seen1 Hash ba4d404617aef7ae5e16e7a4ef413ca9 24e62591ff38728f1ca9ebd8b14504038ee93ed6 0e00f9d44d05d8113e931dd96845a347fc6a26c626f32c28a9448d2ada96e8c7 Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js	79 kB	2023-03-07	2024-04-22
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:37 Last Seen2024-04-22 19:20:18 Times Seen26367 Hash 0aa8d64e726c4a57adb5c88f9115996b 901169527507ff9e662cf64d8e361f359308970d 7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-04-23
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-23 16:53:58 Times Seen260661 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	id1000543784643.adsupport.net/?fbclid=923874238921	486 B	2023-03-07	2024-03-24
Pretty URL id1000543784643.adsupport.net/?fbclid=923874238921 IP 172.67.142.75 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:04 Last Seen2024-03-24 17:27:13 Times Seen2 Hash bb801566968f795747b5ff550e7dfc30 bea01d05409ac401a930b299a5732e67c1e0b861 0555554bf1665ae7db73e8556c26098ce6ad8e9dbf842816be73308b658b3b5e Loading...

	id1000543784643.adsupport.net/?fbclid=923874238921	8.7 kB	2023-03-07	2024-03-24
Pretty URL id1000543784643.adsupport.net/?fbclid=923874238921 IP 172.67.142.75 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:04 Last Seen2024-03-24 17:27:13 Times Seen2 Hash fcfff40ac508e2a0303f16b8a5316f4f a7e009721e947cfdcdb1fa0ebe90ddfa58c4feeb 560d02f14975e83d85b5d2349f3514e638a414151e5bd325fe5785b1034892c2 Loading...

	id1000543784643.adsupport.net/?fbclid=923874238921	2.9 kB	2023-03-07	2023-03-07
Pretty URL id1000543784643.adsupport.net/?fbclid=923874238921 IP 172.67.142.75 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:07 Last Seen2023-03-07 01:15:07 Times Seen1 Hash b81cc5b3f045508e2490061524b4e5bc a02bf48239fe31d9ef47f77e0168c578ae6cfc61 d6089f629bbbb0193b91a769e0bf584b274b85eb512d43d6df02d0b53045041c Loading...

		Size	First Seen	Last Seen
	#1 Eval - 70efa725f660990cc6701727e98c360b	769 kB	2023-03-07	2023-07-11
Pretty Observations First Seen2023-03-07 01:07:04 Last Seen2023-07-11 03:19:46 Times Seen6035 Hash 70efa725f660990cc6701727e98c360b 04f4df4180629c6a1a8648630310794bfdb39eb8 cb2789441eb37a5d5520d68b778e5e1a0743c6d105076aa2e3be07147e0dc752 Loading...

HTTP Transactions (36)

URL IP Response Size

case100056896743345.web.app/

199.36.158.100

301 Moved Permanently

0 B

URL HTTP/1.1
case100056896743345.web.app/
IP
199.36.158.100:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: case100056896743345.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: Varnish
Retry-After: 0
Location: https://case100056896743345.web.app/
Content-Length: 0
Accept-Ranges: bytes
Date: Mon, 29 Aug 2022 08:09:41 GMT
Connection: close
X-Served-By: cache-bma1647-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1661760582.640202,VS0,VE0

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 29 Aug 2022 07:25:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HSZywqQQfkT5YRjdCqcwYDhaJC2qoLpR3wTJ7UDV3zyNDcBRf11Bkw==
Age: 2665

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
21b1296f31569e4fb94048c52df34904
3e3194f640d71b9da28e809660443e332bdba310
7ebe5d06efe28c8507b4cdfbf68c6e5bbd9919ba776990fb8a22d90cca0c1c1b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7EBE5D06EFE28C8507B4CDFBF68C6E5BBD9919BA776990FB8A22D90CCA0C1C1B"
Last-Modified: Sat, 27 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3338
Expires: Mon, 29 Aug 2022 09:05:19 GMT
Date: Mon, 29 Aug 2022 08:09:41 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 28 Aug 2022 22:35:59 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XXc_lVJXZ0B64EHTL1aFYZ4JriuWGBySe_eALvVU87YmfYdbxzQyIw==
age: 34423
X-Firefox-Spdy: h2

case100056896743345.web.app/

199.36.158.100

200 OK

120 B

URL HTTP/2
case100056896743345.web.app/
IP
199.36.158.100:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
120 B (120 bytes)
Hash
4efb6667dfd2dc97c0ad3fbe0fac2ced
825e43359fff6d9a0529554f1cab6b8955245692
4fb0876cfdabc1fb492003ef3ce2e2e9798ab33e3179bdd0d9223463377d83be

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: case100056896743345.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "43142057813593bbf5d6dbcb08cb192bb7fc9865a3d5417da53c884b3020b428-br"
last-modified: Sat, 27 Aug 2022 17:12:11 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 29 Aug 2022 08:09:41 GMT
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1661760582.894652,VS0,VE88
vary: x-fh-requested-host, accept-encoding
content-length: 120
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 08:09:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4int/7ZBQLSBvJ5A

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4int/7ZBQLSBvJ5A
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5ed2a88214351ab512839d20e2f1a0e6
b60596483e8b6a324e2373c723ca360f0d579098
edcf694abd0df6fae2542a9f143483102a71bec1ed8984b5fbfbf219aad9a328

HTTP Headers

POST /s/gts1d4int/7ZBQLSBvJ5A HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 08:09:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

id1000543784643.adsupport.net/?fbclid=923874238921

172.67.142.75

503 Service Unavailable

11 kB

URL HTTP/2
id1000543784643.adsupport.net/?fbclid=923874238921
IP
172.67.142.75:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
11 kB (10984 bytes)
Hash
6d476d20783ad3b641556b3922df4b25
0e281bbb05315f317ade1698d68a93c1cb0909b4
8bb6ccae84b25c371d9bccff5b9d81dee8d76b8f39a806373bf9420ddd36a464

HTTP Headers

GET /?fbclid=923874238921 HTTP/1.1
Host: id1000543784643.adsupport.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 503 Service Unavailable
date: Mon, 29 Aug 2022 08:09:42 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lp2RUmFDX2JjxZw5VrWdh231ayIWjmUq31j9ADjgwrWgTOZZqGatXDAcJCBVSkEStP65iHUiiVmwSygGiLqUj6C5ILcjr7EFb5RdO41lEd17GS26PKgDsPcQPKEIjB4U8rjOnD2AGQA4QIP1umPPkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7423ce562ac60b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 29 Aug 2022 07:17:12 GMT
Cache-Control: max-age=3600
Expires: Mon, 29 Aug 2022 07:58:28 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: i4vE0i66alwactBqhG34y6G20rYcXe5zEf1_sgNe-LEmMosL88bGGg==
Age: 3150

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
396ffb5d17a8a353f8f748959fcf7966
8301f51528695b9c8a48de0e6e889b603f34308c
a5c0dd3453bdba148aea970cda083b70b3ba680286a6c65878cc369d20f1d216

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4068
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 08:09:42 GMT
Last-Modified: Mon, 29 Aug 2022 07:01:54 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

tls-ech-experiment-c.cloudflareresearch.com/.well-known/probe

162.159.138.85

200 OK

6 B

URL HTTP/1.1
tls-ech-experiment-c.cloudflareresearch.com/.well-known/probe
IP
162.159.138.85:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
6 B (6 bytes)
Hash
d1a7fb5eab1c16cb4f7cf341cf188c3d
9646ba13a4e8eabeca4f5259bfd7da41d368a1a6
2ec5a3f0c2fc3e6dcee0f6f3a5735a6c69d2056579a5452095b75802094043a8

HTTP Headers

POST /.well-known/probe HTTP/1.1
Host: tls-ech-experiment-c.cloudflareresearch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 47
Origin: https://id1000543784643.adsupport.net
Connection: keep-alive
Referer: https://id1000543784643.adsupport.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Content-Type: text/plain
Date: Mon, 29 Aug 2022 08:09:42 GMT
Content-Length: 6

tls-ech-experiment.cloudflareresearch.com/.well-known/probe

162.159.137.85

200 OK

6 B

URL HTTP/1.1
tls-ech-experiment.cloudflareresearch.com/.well-known/probe
IP
162.159.137.85:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
6 B (6 bytes)
Hash
d1a7fb5eab1c16cb4f7cf341cf188c3d
9646ba13a4e8eabeca4f5259bfd7da41d368a1a6
2ec5a3f0c2fc3e6dcee0f6f3a5735a6c69d2056579a5452095b75802094043a8

HTTP Headers

POST /.well-known/probe HTTP/1.1
Host: tls-ech-experiment.cloudflareresearch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 47
Origin: https://id1000543784643.adsupport.net
Connection: keep-alive
Referer: https://id1000543784643.adsupport.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Content-Type: text/plain
Date: Mon, 29 Aug 2022 08:09:42 GMT
Content-Length: 6

push.services.mozilla.com/

35.165.182.128

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.182.128:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tdin/qeAA0oWoyvf9jooDA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SVMlmCY2yVA58HJk3pTUWrHwHWc=

cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/css/bootstrap.min.css

151.101.85.229

200 OK

24 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/css/bootstrap.min.css
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65324)
Size
24 kB (23674 bytes)
Hash
31797921718705c3da1d6a8861211ab6
458e8d45976fd543e7933c24157a6675dfa0610d
57f3cf211e044d6778aac4aec7f690adfa7dc6a20001a4bec166859d9e184129

HTTP Headers

GET /npm/bootstrap@4.4.1/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://id1000543784643.adsupport.net
Connection: keep-alive
Referer: https://id1000543784643.adsupport.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.4.1
x-jsd-version-type: version
etag: W/"26f1b-0wURD7eRE6lhOUtDPYUaNBA0K4w"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 29 Aug 2022 08:09:43 GMT
age: 7715869
x-served-by: cache-fra19134-FRA, cache-bma1637-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 23674
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

151.101.85.229

200 OK

24 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
data
Size
24 kB (24073 bytes)
Hash
6ca823320f8580296b59839ab551e6bd
73a28155edba5273fad96fa8725c6197a042d079
1a8cc219c7a6014cb11c36e9929422fa99555932938fe4c6a32e6d09d8aecc4a

HTTP Headers

GET /npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://id1000543784643.adsupport.net
Connection: keep-alive
Referer: https://id1000543784643.adsupport.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 29 Aug 2022 08:09:43 GMT
age: 13906939
x-served-by: cache-fra19122-FRA, cache-bma1637-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 22442
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4b60f31bf1dfc910d0b031da4b57aeb9
b8122448f5a86c44f7016a54423d3ed40a13c97a
d90b29d7a5265652ce8ba1b77e47610dde65179be14d5e595e0cd3e214dd26b7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 08:09:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

142.250.74.74

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65447)
Size
31 kB (31017 bytes)
Hash
7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id1000543784643.adsupport.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 Aug 2022 16:54:34 GMT
expires: Sun, 27 Aug 2023 16:54:34 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 141309
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

kit.fontawesome.com/83fd8385f7.js

104.18.22.52

200 OK

12 kB

URL HTTP/2
kit.fontawesome.com/83fd8385f7.js
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
12 kB (11973 bytes)
Hash
cce72c0fa52b43aa3a69f7ef52546c32
31d59ee16fd41315fcf7c46d0aedd405590f1a2f
28a6933fba476bacc7bf5de487c7786c383c45a106bbdc19d358b1afbd29899f

HTTP Headers

GET /83fd8385f7.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://id1000543784643.adsupport.net
Connection: keep-alive
Referer: https://id1000543784643.adsupport.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 29 Aug 2022 08:09:43 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: Fw-2zL-EWOijmCYqNbmC
cf-cache-status: REVALIDATED
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 7423ce5ebe31b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4b60f31bf1dfc910d0b031da4b57aeb9
b8122448f5a86c44f7016a54423d3ed40a13c97a
d90b29d7a5265652ce8ba1b77e47610dde65179be14d5e595e0cd3e214dd26b7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 08:09:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ka-f.fontawesome.com/releases/v6.1.2/webfonts/free-fa-solid-900.woff2

172.67.150.137

200 OK

155 kB

URL HTTP/2
ka-f.fontawesome.com/releases/v6.1.2/webfonts/free-fa-solid-900.woff2
IP
172.67.150.137:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 154840, version 769.1280\012- data
Size
155 kB (154840 bytes)
Hash
13b9ba607b79e78d573e8ba00049fa14
2104eac55d7e4502bc24a40de470e35e4e87824a
3fc4c4d002d08d22e54368dbeda2c833b1fbf8246ecba14c17b51d240526c11a

HTTP Headers

GET /releases/v6.1.2/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://id1000543784643.adsupport.net
Connection: keep-alive
Referer: https://id1000543784643.adsupport.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 29 Aug 2022 08:09:43 GMT
content-type: font/woff2
content-length: 154840
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 25 Jul 2022 15:06:43 GMT
etag: "13b9ba607b79e78d573e8ba00049fa14"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: voLHOewkKKFe4qGoralHYa85HdThc2VtmBj4hkwXgnlGxGHyvfNCCg==
age: 12805
cf-cache-status: HIT
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FytL9lYQh5PWoOGU74H8yeB6uQ4aPngvEst4uLtwEfEbZ0cUkBdbptms6okMqlOEm3XDnp8AJDsWLSmDiL1udlc3HkytxTOMNTzWtgbWlvD9etxqwPv71bE4iyXf4weSd781kMMkaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7423ce601babb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.1.2/css/free-v4-shims.min.css?token=83fd8385f7

172.67.150.137

200 OK

4.8 kB

URL HTTP/2
ka-f.fontawesome.com/releases/v6.1.2/css/free-v4-shims.min.css?token=83fd8385f7
IP
172.67.150.137:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27377)
Size
4.8 kB (4804 bytes)
Hash
09f576600a1e62cf27492959985249c4
2cb191b294b83ba03005f325cbea7eb3d709d5be
a9baec0c055b448f904a974076c98953430d5248ef3e7ad7fc3e661af0ffc401

HTTP Headers

GET /releases/v6.1.2/css/free-v4-shims.min.css?token=83fd8385f7 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://id1000543784643.adsupport.net/
Origin: https://id1000543784643.adsupport.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 29 Aug 2022 08:09:43 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 25 Jul 2022 14:58:25 GMT
etag: W/"96816d3771234767a5fa14b975c670b7"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oNNXy2COh0IhTbrgQjq4WipJ5mfVqZy19npEJi01ubHebMXikeJ4qQ==
age: 12805
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NF29%2FbCFm3sv%2BN%2BIQ%2FUA80fJuC9grIPaCfwLZMgpn%2B1WFYm0YzFmAMzwebZusmMmeI6HyYsgEJaz8HqI9lAu%2F3i4%2FBUJiYegu3BzYpkzddk6AiUEB%2B%2BYa0y0eKOosIeQ1s5jVKZcpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7423ce5f5abbb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.ipify.org/?format=json

54.91.59.199

200 OK

21 B

URL HTTP/1.1
api.ipify.org/?format=json
IP
54.91.59.199:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
7d69c71af0f191e9a72db6153f8018d1
f67c5f2887bc05654b47f76e9621e53a4091aed1
5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65

HTTP Headers

GET /?format=json HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://id1000543784643.adsupport.net
Connection: keep-alive
Referer: https://id1000543784643.adsupport.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: https://id1000543784643.adsupport.net
Content-Type: application/json
Vary: Origin
Date: Mon, 29 Aug 2022 08:09:43 GMT
Content-Length: 21
Via: 1.1 vegur

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5118
Expires: Mon, 29 Aug 2022 09:35:02 GMT
Date: Mon, 29 Aug 2022 08:09:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5118
Expires: Mon, 29 Aug 2022 09:35:02 GMT
Date: Mon, 29 Aug 2022 08:09:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5118
Expires: Mon, 29 Aug 2022 09:35:02 GMT
Date: Mon, 29 Aug 2022 08:09:44 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849c6deb-3aba-41f7-a257-bf54249182ba.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849c6deb-3aba-41f7-a257-bf54249182ba.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11042 bytes)
Hash
5e0dc790ca607928d609e38f37c012d0
9d37dd425e3319fbb4248718f58371b43d513ce7
7f8ce6d77cbb4be87fb06ffd8f72ae997e006b933382c44b8b4e0a61743f24e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849c6deb-3aba-41f7-a257-bf54249182ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11042
x-amzn-requestid: c92cef27-0a2c-4f5e-86b7-eafa048932b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XgUlVFdJIAMFRKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63099aee-794a2c5c54fe181b5756e5f6;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 04:17:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v9mkgh5wKAcOaXP3AGDltgHFx1eioExP7zqPee5KQugX9SjdEhMkjg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:35:55 GMT
age: 38029
etag: "9d37dd425e3319fbb4248718f58371b43d513ce7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dab5f-3c0e-47ba-937e-a557007850cb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5091 bytes)
Hash
69474cd958f017f3b893f327f6cd5ad0
5b18bf4dbfcc47918d5e356ab5bbd42e49116c40
9d07a9918a964916b7238f63a45a635763b38d544f4916efa6c31f2cd1263202

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dab5f-3c0e-47ba-937e-a557007850cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5091
x-amzn-requestid: 424a9024-4bac-4a97-9f0b-4ee83d6953ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xl_GDGNCoAMFpEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630bdef3-4ff61815356456663e43f141;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gwiBx-i8yCC8h8ApLxpsVuawTmuoNvmNrY6wPeBje038X9vgpumjyA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:35:02 GMT
age: 38082
etag: "5b18bf4dbfcc47918d5e356ab5bbd42e49116c40"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a7959a-ba16-4840-a4e4-ca7b2c6305c1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10319 bytes)
Hash
76021ba70733e8d4647f29e4c990180c
66558c36958c9162188e7aeef27c38e0c4b37cdd
c5278295212999c6941d57d5cee8f4d33447302af0eb74985f5dae48434607c1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a7959a-ba16-4840-a4e4-ca7b2c6305c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10319
x-amzn-requestid: 4f0cb1b4-c2a6-410a-965c-4cc72459484a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XhG-yG-eIAMFbQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309eb91-58fb7017711dd2a56fe5ef79;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 10:01:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JcHN5unq1F9L9h2My0SFXdW-n06ebaRZ8jj0W0I67pTuddWWkJ9RkQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:44:40 GMT
age: 37504
etag: "66558c36958c9162188e7aeef27c38e0c4b37cdd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493207b6-dc02-49c3-8638-bc8004dcc2bf.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7905 bytes)
Hash
d4c8397d321227ef0a068caef85ca5e6
a0488ccdfed52b81651ba59fc2e335c1447fb2ac
4d5e0e9919120d7b3f7255038f91e2aa1becf1e1d379697b915ef1224529ace0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493207b6-dc02-49c3-8638-bc8004dcc2bf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7905
x-amzn-requestid: e14f435f-031f-4a7b-8766-dc52b79a80a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XfiBwEG3IAMFreg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63094a0b-60ba7e9c6bd6ebbc756fe9d4;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 22:32:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sUVF7BbaKHSfBRT6zW-oGcfU2LmF-5AaUnGr1GliU5_Z_J7FVZrcAw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 09:37:36 GMT
age: 81128
etag: "a0488ccdfed52b81651ba59fc2e335c1447fb2ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa42515d-ae2f-4b75-af96-c1bb33aa8aec.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11110 bytes)
Hash
da546949c178c4a789cfc4f59483a8cc
da842918bc49300b1ea2f5c11b072180a7afbf0a
008e42b6a798c28eeb6bf1d8502d15c6bae59961de138c087edd3ef05e758df4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa42515d-ae2f-4b75-af96-c1bb33aa8aec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11110
x-amzn-requestid: e662a2e9-4893-4086-98c3-96d56f3f38f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XfXP_Hg2oAMFYIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630938cc-2424cde53819156a15f18810;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 21:19:08 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xtpGF5NQRB3AIzR-lZl4t7LAmx_ALfXHQgrKCKdCMOrcfsubZ21bzA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 04:46:38 GMT
age: 12186
etag: "da842918bc49300b1ea2f5c11b072180a7afbf0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F019a3a4e-a5ad-42c9-9676-e06c201f0304.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4764 bytes)
Hash
bfbd0626ecb5adb59b2811a904e21554
cd601502840615ed0e7e23f8f95b5b2853d92494
0fec9f313dcac3ac74714bd4601bf6c72f4a3d9804b8b35a4c9dab0847234aa1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F019a3a4e-a5ad-42c9-9676-e06c201f0304.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4764
x-amzn-requestid: ab79456a-df36-48fa-b902-343976389a22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xg8YcGIwIAMFlEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309da9c-3850813f0a75f52c5337b6db;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 08:49:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mJXn0-w3dmbkqCJDTchnIzgRF4UiiBAo4vCtDlkPQQ6ZINaZZa2vNg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:36:15 GMT
age: 38009
etag: "cd601502840615ed0e7e23f8f95b5b2853d92494"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.1.2/css/free-v5-font-face.min.css?token=83fd8385f7

172.67.150.137

200 OK

0 B

URL HTTP/2
ka-f.fontawesome.com/releases/v6.1.2/css/free-v5-font-face.min.css?token=83fd8385f7
IP
172.67.150.137:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v6.1.2/css/free-v5-font-face.min.css?token=83fd8385f7 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://id1000543784643.adsupport.net/
Origin: https://id1000543784643.adsupport.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 29 Aug 2022 08:09:43 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 25 Jul 2022 14:58:25 GMT
etag: W/"65040fb03ef1332cf437c545afd7431f"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 50j0u7Ku-CQvwizXKLOmjUBIprZ7ViC9rLZcN4Opc55J9iqQ0JQiLQ==
age: 12805
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDtyWHEwg2zFQ4z67XKduCucKednuLDROEFT%2BinnkmRtIz1c31HVUHk1dpsM8Q7ue%2BBklY34U5bVj7zLFpVl7LtLV2PBdxO0k6yujXYLdYRQXDxlSiG8Sk4KXB5%2BJ11TyhkZJSgd1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7423ce5f5ac2b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.1.2/css/free-v4-font-face.min.css?token=83fd8385f7

172.67.150.137

200 OK

0 B

URL HTTP/2
ka-f.fontawesome.com/releases/v6.1.2/css/free-v4-font-face.min.css?token=83fd8385f7
IP
172.67.150.137:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v6.1.2/css/free-v4-font-face.min.css?token=83fd8385f7 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://id1000543784643.adsupport.net/
Origin: https://id1000543784643.adsupport.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 29 Aug 2022 08:09:43 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 25 Jul 2022 14:58:25 GMT
etag: W/"fe830daeb85511a2662ffb7f0f591490"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qCBJds5Ri7QnYetGRLX4pj0iua8n0mrabo4URfBdmdlEjV7spYaQmA==
age: 12805
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wRcpa2Zy3%2B9jo1C8%2FQ6lTP%2F4KzgvLC6TmN3WyK%2BoOQOKyiCYqYKRMyexdtlF%2BrDv8evgdqfDNnGrD8u4WwYDfRcPv4Js0rktCRMLsnqK7zhH2G63Qw%2BVgOe25DFl1PDBzad0%2BKp9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7423ce5f5abfb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

id1000543784643.adsupport.net/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7423ce562ac60b4d

172.67.142.75

200 OK

0 B

URL HTTP/2
id1000543784643.adsupport.net/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7423ce562ac60b4d
IP
172.67.142.75:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7423ce562ac60b4d HTTP/1.1
Host: id1000543784643.adsupport.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id1000543784643.adsupport.net/?fbclid=923874238921&__cf_chl_rt_tk=ICN1ohArmYaDfrtjjVNiWajy.ZqhQQ4YoMzeKnkaG4U-1661760582-0-gaNycGzNCFE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 29 Aug 2022 08:09:42 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4oFRxWacly%2BEAG%2Fz92mGVj10%2FZ%2BwyCa0AbWzC8bcM0DvFjQKaLQnwnMRFyGPmHKLxF%2BWyrhbgE0HsQIQPPgmcPkTHOobTxZo6mYCJM4PEjzizjTVA8ExN5rA6lE5FJRLH473imKhLeO2sqRJOAthXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7423ce56fc0c0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

id1000543784643.adsupport.net/favicon.ico

172.67.142.75

404 Not Found

0 B

URL HTTP/2
id1000543784643.adsupport.net/favicon.ico
IP
172.67.142.75:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: id1000543784643.adsupport.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://id1000543784643.adsupport.net/?fbclid=923874238921
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Mon, 29 Aug 2022 08:09:42 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwiuVgVClwTlJSCkChlQWwfOO4LCB9qXwwrKL9NX%2F%2FhkJWxaLO94gcebuFMLdnUy0ssfdDEjA8qXpX0UA%2B2o8%2FMHhjZyOhTG%2F1qk04hHJLByEK%2BBloynZKU9d46%2FsQesE0p0Vsjm0b6wugZRHhr17Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7423ce56cbb20b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.1.2/css/free.min.css?token=83fd8385f7

172.67.150.137

200 OK

0 B

URL HTTP/2
ka-f.fontawesome.com/releases/v6.1.2/css/free.min.css?token=83fd8385f7
IP
172.67.150.137:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v6.1.2/css/free.min.css?token=83fd8385f7 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://id1000543784643.adsupport.net/
Origin: https://id1000543784643.adsupport.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 29 Aug 2022 08:09:43 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 25 Jul 2022 14:58:26 GMT
etag: W/"0b7dc322d4f737c2bf1d43de22f920a4"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: V4QoumE8MDVFpWH2y-EsgCxrGQZRIbvQN-OCbUJxJ-0QoZRBhi6SYQ==
age: 12805
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UV9yfRki8xtKz0vx4FNZloxhyNAbVdssAxpuxOz8lkKWUt2t2nuy5z0jrPA7ErKpSf1bxn15CXv6KSIcKH6xLq%2B%2BBnP0wvROVz%2FGhFSSus7NZaUfIglYPtBhuvsAHUxr1ExjuWrZqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7423ce5f5ac5b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations