Report - goat.app.link/?$urlString=airgoat://home&$desktop_url=staaperu.com/cache/auth//hf2tmk////inboundga@slurpmail.net

Report Overview

Submitted URL
goat.app.link/?$urlString=airgoat://home&$desktop_url=staaperu.com/cache/auth//hf2tmk////inboundga@slurpmail.net
IP
54.230.111.102
ASN
#16509 AMAZON-02
Submitted
2023-04-03 23:41:42
Access
public
Website Title
Final URL
Tags
suspicious
urlquery detections
Suspicious - JavaScript obfusction

Detections

urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-04-04T18:12:09Z	3.4 kB	8.9 kB	23.36.76.226
ocsp.r2m01.amazontrust.com	unknown	2022-10-12T22:43:53Z	2023-04-04T22:35:57Z	350 B	1.0 kB	54.230.80.227
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-04-04T23:34:33Z	426 B	961 B	104.18.10.207
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-04-04T22:01:39Z	392 B	31 kB	142.250.74.138
goat.app.link	899009	2017-07-01T07:09:26Z	2023-04-04T21:17:24Z	1.1 kB	1.8 kB	54.230.111.120
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-04-04T18:20:05Z	413 B	5.9 kB	34.160.144.191
s3.amazonaws.com	unknown	2020-05-13T22:53:44Z	2023-04-05T01:28:49Z	932 B	798 kB	3.5.10.12
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-04-04T18:19:16Z	606 B	238 B	34.117.65.55
code.jquery.com	634	2012-05-21T19:28:02Z	2023-04-04T00:15:20Z	1.2 kB	136 kB	69.16.175.42
aadcdn.msauth.net	1421	2018-11-19T11:50:03Z	2023-04-04T18:12:21Z	436 B	18 kB	13.107.238.53
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-04-04T18:15:04Z	432 B	7.2 kB	104.17.24.14
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-04-04T18:12:04Z	1.0 kB	2.1 kB	142.250.74.131
use.fontawesome.com	942	2017-01-30T05:43:25Z	2023-04-04T00:15:21Z	428 B	87 kB	172.64.132.15
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-04-04T18:13:55Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-04-04T18:13:50Z	333 B	391 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-04-04T13:13:40Z	3.2 kB	50 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html#inboundga@slurpmail.net	182 B	2023-03-25	2023-05-09
Pretty URL s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html#inboundga@slurpmail.net IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 23:41:30 Last Seen2023-05-09 12:47:19 Times Seen92 Hash 0e37aad4c0785e948efcb0d50726818f 84ca31647aaa3efcd3c31e9c92339ed0eaf495eb 683180eb984e2456b48e47c88ee687f62547059fdac8b29289404d0253244751 Loading...

	code.jquery.com/jquery-3.2.1.slim.min.js	70 kB	2023-03-07	2024-04-26
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-04-26 12:23:20 Times Seen106459 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	code.jquery.com/jquery-3.1.1.min.js	87 kB	2023-03-07	2024-04-26
Pretty URL code.jquery.com/jquery-3.1.1.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-26 11:00:50 Times Seen263939 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 12:27:15 Times Seen37091356 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	code.jquery.com/jquery-3.3.1.js	272 kB	2023-03-07	2024-04-26
Pretty URL code.jquery.com/jquery-3.3.1.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 12:27:15 Times Seen58992 Hash 6a07da9fae934baf3f749e876bbfdd96 46a436eba01c79acdb225757ed80bf54bad6416b d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 12:23:20 Times Seen384658 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html#inboundga@slurpmail.net	5.9 kB	2023-03-25	2023-04-05
Pretty URL s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html#inboundga@slurpmail.net IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 23:41:30 Last Seen2023-04-05 01:50:08 Times Seen78 Hash 3ee00072ef4bc3b8a7d61cd8809cd76f b200b9b1d904673a5b92b8d707cd8e8b1d0ff4d3 d291aee6f3199b62366a8b1db03f56aacde156e5fe2d6737314530f77f90db2b Loading...

	s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html#inboundga@slurpmail.net	797 kB	2023-03-25	2023-04-05
Pretty URL s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html#inboundga@slurpmail.net IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 23:49:42 Last Seen2023-04-05 01:50:08 Times Seen74 Hash f58aadfefe628572ad2f0ab4f62304d8 3fd95de433f311f2aa6d5075de813a0c9b9483cf 19f89a7433b480ea1e0711c66ef08cf9d091f279f930005a6efef53a0fa4c7c3 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	19 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-26 12:27:15 Times Seen111811 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-04-26
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-26 12:27:15 Times Seen137117 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

		Size	First Seen	Last Seen
	#1 Write - f16fb422f8ccdb860c1faa5540e85462	266 kB	2023-03-25	2023-04-05
Pretty Observations First Seen2023-03-25 23:49:42 Last Seen2023-04-05 01:50:08 Times Seen73 Hash f16fb422f8ccdb860c1faa5540e85462 3ded133e6342ac7897e8e545f090b4e71b0d6409 1d3e4d019925624a45aef63553abcf4b0add4120a27f1bad5bdf1acf926ba44f Loading...

HTTP Transactions (37)

	URL	IP	Response	Size
	goat.app.link/?$urlString=airgoat://home&$desktop_url=https://staaperu.com/cache/auth//hf2tmk////inboundga@slurpmail.net	54.230.111.120	307 Temporary Redirect	0 B
URL HTTP/1.1 goat.app.link/?$urlString=airgoat://home&$desktop_url=https://staaperu.com/cache/auth//hf2tmk////inboundga@slurpmail.net IP 54.230.111.120:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /?$urlString=airgoat://home&$desktop_url=https://staaperu.com/cache/auth//hf2tmk////inboundga@slurpmail.net HTTP/1.1 Host: goat.app.link User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 307 Temporary Redirect Transfer-Encoding: chunked Connection: keep-alive Server: openresty Date: Mon, 03 Apr 2023 23:41:30 GMT Set-Cookie: _s=AY5VLPhjrMwCyDWEbMYkZ9TjSgnvNpWYKHX9z4X4LlT29l%2FYOLNlo3S7xhwwU1WB; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Tue, 02 Apr 2024 23:41:30 GMT; Secure Location: https://goat.app.link/?$urlString=airgoat://home&$desktop_url=https://staaperu.com/cache/auth//hf2tmk////inboundga@slurpmail.net Strict-Transport-Security: max-age=31536000; includeSubDomains Accept-CH: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model X-Cache: Miss from cloudfront Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: u5w4WZfGgwu9kx-hpCrODc1diJPX9GTmmgEa604ASVE2mNUbSDIQFA==

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 0c17f530e6db706fa5f9eb36a6cca4a4 446b60a425aae47b0adf5abd7e18e9f90f52c0bc ccf1a90e945a18fb951654d29f128acdb3916d4dca315b0fad44ae8cc95be48e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "CCF1A90E945A18FB951654D29F128ACDB3916D4DCA315B0FAD44AE8CC95BE48E" Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2184 Expires: Tue, 04 Apr 2023 00:17:55 GMT Date: Mon, 03 Apr 2023 23:41:31 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 035772439731bbe3992c865f68e4b977 53fe2d0f678772b6b3e935aaca4d1ef82767e48f 9880ae6537e30af38e8d7ed612a5a44a54037d86686c63ef7eeebcc62cbda05f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "9880AE6537E30AF38E8D7ED612A5A44A54037D86686C63EF7EEEBCC62CBDA05F" Last-Modified: Sat, 01 Apr 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2167 Expires: Tue, 04 Apr 2023 00:17:38 GMT Date: Mon, 03 Apr 2023 23:41:31 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfa7240b39fdd332060e920c46349e55 4048b95ed6f1434eebbfd50296d21e3660c96448 53b261a56af518a9a5f27a6e08209e1c137d4c24947229567ee11f6b79cee7a4 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "53B261A56AF518A9A5F27A6E08209E1C137D4C24947229567EE11F6B79CEE7A4" Last-Modified: Sun, 02 Apr 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7747 Expires: Tue, 04 Apr 2023 01:50:38 GMT Date: Mon, 03 Apr 2023 23:41:31 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 29fdbcd53b5646cfcdd46510063734c4 85e3ceda5ef130219f4fe8a31e52e2690c8f7d8e 24c27586332c016685e6231fec5836e921048d8aaefbcd4cd6f88969f9d91e18 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 03 Apr 2023 23:16:34 GMT content-type: application/json age: 1497 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 95f61d351f5fc9533cc78e255ce9bc06 fba284117f347782ac23c51d141d7e3ec15a867e 7fcc5f9e52e389d8d7c6df7f1f2a1291ae0aaae8e554f3022239ab092b2ef3c3 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: exPpWHxXXymUfiuD0wOvdK+pMY59MTmC1jcHgNpNjNvmGyzMUWL4LbkutT9uqD3ojnTD1TU5PEQ+V9EmdKE7JA== x-amz-request-id: 6A8PVC88H03SY04T x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 03 Apr 2023 22:52:57 GMT age: 2914 last-modified: Fri, 31 Mar 2023 17:04:39 GMT etag: "95f61d351f5fc9533cc78e255ce9bc06" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 03 Apr 2023 23:41:31 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1c682b982d1ecaa1d27cb4da560edd95 fa046ceed7b97d3893993b65490b24f718bd1d7a 4faa28c9a8c88aa88a28e8065763938a3cf81e62a244482b280a58e825f5a904 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "4FAA28C9A8C88AA88A28E8065763938A3CF81E62A244482B280A58E825F5A904" Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7353 Expires: Tue, 04 Apr 2023 01:44:04 GMT Date: Mon, 03 Apr 2023 23:41:31 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, ETag, Cache-Control, Retry-After, Expires, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 03 Apr 2023 23:17:28 GMT age: 1443 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	push.services.mozilla.com/	34.117.65.55	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 34.117.65.55:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: TLs2iWPosuSxgS0QkL+V5A== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: bm9cxUQhtVQyzipkxcdtHzqqQm4= Date: Mon, 03 Apr 2023 23:41:31 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash bf3cc64a315bd08ebd88a0631353d52a 5de49d349f36903397cabf1c160605fa506e6834 7b468e88b3583886f3145a49bcfdc3b00e52ba51d174d906e78dfbdce2de6ce1 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "7B468E88B3583886F3145A49BCFDC3B00E52BA51D174D906E78DFBDCE2DE6CE1" Last-Modified: Mon, 03 Apr 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21600 Expires: Tue, 04 Apr 2023 05:41:32 GMT Date: Mon, 03 Apr 2023 23:41:32 GMT Connection: keep-alive`

	goat.app.link/?$urlString=airgoat://home&$desktop_url=https://staaperu.com/cache/auth//hf2tmk////inboundga@slurpmail.net	54.230.111.16	307 Temporary Redirect	0 B
URL HTTP/2 goat.app.link/?$urlString=airgoat://home&$desktop_url=https://staaperu.com/cache/auth//hf2tmk////inboundga@slurpmail.net IP 54.230.111.16:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /?$urlString=airgoat://home&$desktop_url=https://staaperu.com/cache/auth//hf2tmk////inboundga@slurpmail.net HTTP/1.1 Host: goat.app.link User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: _s=%2F31SILt7P19jZ7KS8kYPQ1uvv6lIK49jS2sQqA846IjvTr%2Fva2wjaW9hs%2FuemTYW Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 307 Temporary Redirect location: https://staaperu.com/cache/auth//hf2tmk////inboundga@slurpmail.net?%24urlString=airgoat%3A%2F%2Fhome&_branch_match_id=1062369509546216292&_branch_referrer=H4sIAAAAAAAAAz2MUQoDIRBDT2M%2Ftdj9KiylP71AD1CmrnVEHQcd71%2BXLYVAEvIIinC%2FGhMqiAZmnSMlc1N2GS0%2FpUUKK8S2z%2BpyV%2FYxhbX40yQ235NUfk1yxf3nT3QBYN%2BGdrXM6sChnw5D8HfxsVLSkQ9FetdBWwC1nHsejQvErMnLF1gi0j6iAAAA server: openresty date: Mon, 03 Apr 2023 23:41:31 GMT set-cookie: _s=%2F31SILt7P19jZ7KS8kYPQ1uvv6lIK49jS2sQqA846IjvTr%2Fva2wjaW9hs%2FuemTYW; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Tue, 02 Apr 2024 23:41:31 GMT; Secure last-modified: Mon, 03 Apr 2023 23:41:31 GMT strict-transport-security: max-age=31536000; includeSubDomains accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model x-cache: Miss from cloudfront via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: pRY6FdtVOGD1DaLlA7WmOJv_6R8mvUenNj8PopMexAB0svMAlCRPvg== X-Firefox-Spdy: h2

	ocsp.r2m01.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m01.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash a42b70e5c50f354d3a854a24465da6bd 7fc0cd9137b658c261bfe3203e51e8bbf08de3a0 ad21ec05d353eddd649ae4fb36e306aca525f11217446065e2ea76ee5e028d30 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m01.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=89789 Date: Mon, 03 Apr 2023 23:41:32 GMT Etag: "642a094e-1d7" Expires: Wed, 05 Apr 2023 00:38:01 GMT Last-Modified: Sun, 02 Apr 2023 23:01:34 GMT Server: ECAcc (nya/79F3) X-Cache: Miss from cloudfront Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: fysLmy_MQTTXqExUK1uvBjQGpe0yObatuJyHBvQLu53XDTpHmmWgLw== Age: 5787

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 869fe4a8dc549ffa1023d3adc184e4f2 37b95d88dd3f6f251bb651b130e09b202850033f 9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304" Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2614 Expires: Tue, 04 Apr 2023 00:25:07 GMT Date: Mon, 03 Apr 2023 23:41:33 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 869fe4a8dc549ffa1023d3adc184e4f2 37b95d88dd3f6f251bb651b130e09b202850033f 9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304" Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2614 Expires: Tue, 04 Apr 2023 00:25:07 GMT Date: Mon, 03 Apr 2023 23:41:33 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 869fe4a8dc549ffa1023d3adc184e4f2 37b95d88dd3f6f251bb651b130e09b202850033f 9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304" Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2614 Expires: Tue, 04 Apr 2023 00:25:07 GMT Date: Mon, 03 Apr 2023 23:41:33 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 869fe4a8dc549ffa1023d3adc184e4f2 37b95d88dd3f6f251bb651b130e09b202850033f 9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304" Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2614 Expires: Tue, 04 Apr 2023 00:25:07 GMT Date: Mon, 03 Apr 2023 23:41:33 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 869fe4a8dc549ffa1023d3adc184e4f2 37b95d88dd3f6f251bb651b130e09b202850033f 9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304" Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2614 Expires: Tue, 04 Apr 2023 00:25:07 GMT Date: Mon, 03 Apr 2023 23:41:33 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59f4c3da-c33f-44e6-8deb-eb7674fc7bb5.jpeg	34.120.237.76	200 OK	4.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59f4c3da-c33f-44e6-8deb-eb7674fc7bb5.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.9 kB (4939 bytes) Hash f7ceebf2eccd4d6061fb93eb844efbe8 d99c79d4cad47caa809909a8aff0e0992fb50ec1 214ad3948e19d8723b0ce11b6a892b1badf67ee1eaada0c7c3194a26c61c5971 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59f4c3da-c33f-44e6-8deb-eb7674fc7bb5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4939 x-amzn-requestid: e0563c56-9cb1-43fd-9414-a10105c2500a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CyhOHEF1IAMFVcQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-642a7bf3-4acdd5ed3fac5c8353ff46f2;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Mon, 03 Apr 2023 07:10:43 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: r9wNqYxDVnefqQXUUfLGNzLOfqFC6ySKQ3T3nQh37JbYlWioZKf0EQ== via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Apr 2023 07:15:24 GMT age: 59169 etag: "d99c79d4cad47caa809909a8aff0e0992fb50ec1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81b22292-2571-4b3d-aeae-f84b72b36391.jpeg	34.120.237.76	200 OK	6.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81b22292-2571-4b3d-aeae-f84b72b36391.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.1 kB (6134 bytes) Hash 0e87dbffda284dbb0008567a8d4dee30 8edeb9deea0d64ca580af16c44b99d37e918fd58 023247190546b5da51b52c452cf0ce7fe2c4a5b640d5ed682b27e80ee1b3f850 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81b22292-2571-4b3d-aeae-f84b72b36391.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6134 x-amzn-requestid: d72d8ddc-ed19-402a-b1e7-3392eacd9230 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: C0fpsGPIoAMFppA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-642b463d-4099b9bc35b52bd3297c0bbb;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Mon, 03 Apr 2023 21:33:49 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: sGdeT2q8lkX5OCuHS456z_5v7gQ-TUwyLnp3e9bE7TmOjG6SsJjLxg== via: 1.1 5502255f9557c1e2c098b94110b6151c.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Apr 2023 21:52:05 GMT age: 6568 etag: "8edeb9deea0d64ca580af16c44b99d37e918fd58" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6eccc3c-84ad-4e21-956c-e1be89a82cfa.jpeg	34.120.237.76	200 OK	4.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6eccc3c-84ad-4e21-956c-e1be89a82cfa.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.8 kB (4815 bytes) Hash bc87aa979c0767120514f1e4b758ff17 67f5976f5c3664fdddf0df409fd06c6654f2f844 6933b54d13aba860ff4e8c5978ffa4a2e546b15a17c783fcf5d87bfb817a28f7 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6eccc3c-84ad-4e21-956c-e1be89a82cfa.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4815 x-amzn-requestid: 9f83c9c3-43ef-4753-8407-8592386870f9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CvNUVHDcoAMFtNw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-642928e8-733f938a34d9987746b87996;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Sun, 02 Apr 2023 07:04:08 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: 9BppJUd9FJVFIdgyG6EjmTfnhfGUvyf2Zovd7TX2r6HndLV2zdtzpg== via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Apr 2023 07:12:56 GMT age: 59317 etag: "67f5976f5c3664fdddf0df409fd06c6654f2f844" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106409ef-b973-4018-aee9-294835a882a8.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106409ef-b973-4018-aee9-294835a882a8.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10535 bytes) Hash 790b71fc2b1faa08db8b4334c9c3f9e3 e1defe547d4ffca2560cd8f25c4f7a92a9ae87b4 eed429169c9d3feb115463d8ead934fa348cdca60aabf0c88d4553ed23575c9c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106409ef-b973-4018-aee9-294835a882a8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10535 x-amzn-requestid: 8efe600f-9818-4c23-afd3-41c5a4dece2f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: C0frbFHSoAMF8HQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-642b4648-65e8e6fd575fdc91668d6676;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Mon, 03 Apr 2023 21:34:00 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: NhzzKWFDbSlLrixhTlz5sZSW4x_TPkwj7Kzt6M2m1FmXR7ZdBCCq0w== via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Apr 2023 22:01:36 GMT age: 5997 etag: "e1defe547d4ffca2560cd8f25c4f7a92a9ae87b4" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a30869-4bc1-497b-b949-b28e531a1fc2.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a30869-4bc1-497b-b949-b28e531a1fc2.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10232 bytes) Hash 184bae5c0b52b7950ab5cf51e0dc1396 fd33e06ea59e0b19e6a0fc8ddfc36cbd7b794fd4 7ce65b19168f88b0927d873211bf387f84daea614e8b1a17228917e0908c82d0 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a30869-4bc1-497b-b949-b28e531a1fc2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10232 x-amzn-requestid: a24d45b2-133d-4b4d-9ed4-a2231c638919 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: C0f8gExvIAMFh2w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-642b46b6-3641e9da5874e4984ce403c7;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Mon, 03 Apr 2023 21:35:50 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: sxXTxkEutlg3oU0M6xr2xh9D52jPgLVpULgCPNWokzWukrCYPqVgMQ== via: 1.1 0a166b53605851fe961f5a2952e5a748.cloudfront.net (CloudFront), 1.1 f958a3846d80a3925f664b320dfad9c8.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Apr 2023 21:58:14 GMT age: 6199 etag: "fd33e06ea59e0b19e6a0fc8ddfc36cbd7b794fd4" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8d04fa2-362e-439d-98ed-32fc1bfad2f9.jpeg	34.120.237.76	200 OK	6.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8d04fa2-362e-439d-98ed-32fc1bfad2f9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.8 kB (6837 bytes) Hash e343d51715740211a5baec9b5616bc7b 465c405dd3e752086efe0128615088883e4c2f1e eef22aa63409ed9240323b8cd930db700bb727257a3d33bb84192766549d76b4 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8d04fa2-362e-439d-98ed-32fc1bfad2f9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6837 x-amzn-requestid: 1b2cce9c-d474-4cf2-b6f2-9683c6861488 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CvNwDFKHIAMFxUA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64292999-719e5afc2803d1ab6eb02668;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Sun, 02 Apr 2023 07:07:05 GMT x-amz-cf-pop: SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: fAp0vCKaqOXqpAAVYbeLVwPpd6B7QbqIypili86TyyK7Y0yrmiEz7g== via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google date: Mon, 03 Apr 2023 07:13:51 GMT age: 59262 etag: "465c405dd3e752086efe0128615088883e4c2f1e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html	3.5.10.12	200 OK	797 kB
URL HTTP/1.1 s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html IP 3.5.10.12:0 ASN #14618 AMAZON-AES File type HTML document, ASCII text, with very long lines (65505) Size 797 kB (797216 bytes) Hash dfa03637d4cf9db4b50f89ed060de298 d3b21907dc468d5b8b4150e68ad1c332671f780d e411cb9b8b171fee853baa0eaae71c6053f8ebff00cb55b45f142a0d0d6c8fe7 HTTP Headers `GET /appforest_uf/f1679291072179x882516342498883800/about.html HTTP/1.1 Host: s3.amazonaws.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK x-amz-id-2: Ji9OOvPNe1Lu48aRsjwkhckfEP4Vk+kkvRnN+haXpBJkK8CRjEq/5p0wGDqhw/KSBboxLR0Zl2od91JxkRMJLg== x-amz-request-id: 3H963MDAGWS00QJS Date: Mon, 03 Apr 2023 23:41:33 GMT Last-Modified: Mon, 20 Mar 2023 05:44:33 GMT ETag: "dfa03637d4cf9db4b50f89ed060de298" x-amz-storage-class: INTELLIGENT_TIERING x-amz-server-side-encryption: AES256 x-amz-meta-appname: customers-css Cache-Control: public,max-age=86400 x-amz-meta-app-version: test x-amz-version-id: cupHj5y1Kwo.hCBg6lH7EDUCFr3D5JSe Accept-Ranges: bytes Content-Type: text/html Server: AmazonS3 Content-Length: 797216

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	104.17.24.14	200 OK	6.2 kB
URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.24.14:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (19015) Size 6.2 kB (6157 bytes) Hash 7b4114faa411d059a9a5ac4b5b4d9dee 277da4486916fa3a4ab3375f47bc98f58dbf90f6 60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9 HTTP Headers `GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://s3.amazonaws.com Connection: keep-alive Referer: https://s3.amazonaws.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 03 Apr 2023 23:41:33 GMT content-type: application/javascript; charset=utf-8 content-length: 6157 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03fa9-4af4" last-modified: Mon, 04 May 2020 16:15:37 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 12377836 expires: Sat, 23 Mar 2024 23:41:33 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVvoNe92gFwlrxEqYCCfu6P8hcWPnQHGDg%2BlnYrCwzKDF49NKrknD4OJqNykifpgmjattxXMomGkhh1J4%2BcmvUjjo%2FjTXzFgmiSnmxlI0F%2BQXpKfXhPQKxCVnRi1mbBaLcPRluUC"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 7b2529beabff1bfe-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 30735a8260b9c875d42add2d33a9a6c0 ea1076f012420c6d3ae054f07a6948352c96a598 995b7ad71da6aa8933947de9bd441a5c4a366e143864ad4fc5a9af3c6f193aca HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 03 Apr 2023 23:41:33 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	code.jquery.com/jquery-3.2.1.slim.min.js	69.16.175.42	200 OK	24 kB
URL HTTP/2 code.jquery.com/jquery-3.2.1.slim.min.js IP 69.16.175.42:0 ASN #20446 STACKPATH-CDN File type ASCII text, with very long lines (32012) Size 24 kB (23856 bytes) Hash 30f5157a965bc792a83e9bacfe265f03 8330886371fe27f3cbac509e0ac9712207574c66 4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0 HTTP Headers `GET /jquery-3.2.1.slim.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://s3.amazonaws.com Connection: keep-alive Referer: https://s3.amazonaws.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Mon, 03 Apr 2023 23:41:33 GMT content-encoding: gzip content-length: 23856 content-type: application/javascript; charset=utf-8 last-modified: Fri, 12 Aug 2022 13:47:02 GMT accept-ranges: bytes server: nginx etag: W/"62f659d6-10fdd" cache-control: max-age=315360000, public access-control-allow-origin: * vary: Accept-Encoding x-hw: 1680565293.dop229.sk1.t,1680565293.cds021.sk1.hn,1680565293.cds235.sk1.c X-Firefox-Spdy: h2`

	code.jquery.com/jquery-3.1.1.min.js	69.16.175.42	200 OK	30 kB
URL HTTP/2 code.jquery.com/jquery-3.1.1.min.js IP 69.16.175.42:0 ASN #20446 STACKPATH-CDN File type ASCII text, with very long lines (32030) Size 30 kB (30070 bytes) Hash f7a4a283c6a5130b43ce8de3b7842078 ef243edbb67f9e50f8589885e4541f6c919ea8d7 aee9e5b2534ced87fe1e02a1a9e661468ba548e02edacbe9b68b3b247607dc4e HTTP Headers `GET /jquery-3.1.1.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://s3.amazonaws.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Mon, 03 Apr 2023 23:41:33 GMT content-encoding: gzip content-length: 30070 content-type: application/javascript; charset=utf-8 last-modified: Fri, 20 Aug 2021 17:47:53 GMT accept-ranges: bytes server: nginx etag: W/"611feac9-152b5" cache-control: max-age=315360000, public access-control-allow-origin: * vary: Accept-Encoding x-hw: 1680565293.dop211.sk1.t,1680565293.cds022.sk1.hn,1680565293.cds010.sk1.c X-Firefox-Spdy: h2`

	code.jquery.com/jquery-3.3.1.js	69.16.175.42	200 OK	80 kB
URL HTTP/2 code.jquery.com/jquery-3.3.1.js IP 69.16.175.42:0 ASN #20446 STACKPATH-CDN File type ASCII text Size 80 kB (80268 bytes) Hash 56a2feb49fe38b8ea4727d1f79c01ca3 b4853240a9b9c082060e7a40c4e6098f0ba03148 e34f47b26eab2b37ee8dab249d133b962ce02f862a6f5b30ed563a43c75f191b HTTP Headers `GET /jquery-3.3.1.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://s3.amazonaws.com Connection: keep-alive Referer: https://s3.amazonaws.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Mon, 03 Apr 2023 23:41:33 GMT content-encoding: gzip content-length: 80268 content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT accept-ranges: bytes server: nginx etag: W/"28feccc0-42587" cache-control: max-age=315360000, public access-control-allow-origin: * vary: Accept-Encoding x-hw: 1680565293.dop229.sk1.t,1680565293.cds021.sk1.hn,1680565293.cds214.sk1.c X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 30735a8260b9c875d42add2d33a9a6c0 ea1076f012420c6d3ae054f07a6948352c96a598 995b7ad71da6aa8933947de9bd441a5c4a366e143864ad4fc5a9af3c6f193aca HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 03 Apr 2023 23:41:33 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	142.250.74.138	200 OK	30 kB
URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.138:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (32065) Size 30 kB (30028 bytes) Hash 6d973c8b7e2439d958e09c0a1ab9fe50 05ae0830200c20b9a2dfd5a825adc400481a60fb f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894 HTTP Headers `GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://s3.amazonaws.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 30028 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 02 Apr 2023 11:43:17 GMT expires: Mon, 01 Apr 2024 11:43:17 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 last-modified: Tue, 03 Mar 2020 19:15:00 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding age: 129496 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 30735a8260b9c875d42add2d33a9a6c0 ea1076f012420c6d3ae054f07a6948352c96a598 995b7ad71da6aa8933947de9bd441a5c4a366e143864ad4fc5a9af3c6f193aca HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 03 Apr 2023 23:41:34 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico	13.107.238.53	200 OK	17 kB
URL HTTP/2 aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico IP 13.107.238.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data Size 17 kB (17174 bytes) Hash 12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21 HTTP Headers `GET /ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://s3.amazonaws.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK cache-control: public, max-age=604800 content-length: 17174 content-type: image/x-icon content-md5: EuPayFgGHQiAI7K9SOL6lg== last-modified: Fri, 02 Nov 2018 20:25:25 GMT etag: 0x8D6410152A9D7E1 x-cache: TCP_HIT x-ms-request-id: 47aa2536-001e-0013-4588-62fa57000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref-originshield: 0k+kkZAAAAAAol3iLP9qCRonyMUKd2WEGQU1TMDRFREdFMTgxNgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= x-azure-ref: 0LmQrZAAAAADjelkMkmfdTZ9+7lQfIpbWQ1BIMzBFREdFMDQyMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= date: Mon, 03 Apr 2023 23:41:33 GMT X-Firefox-Spdy: h2

	use.fontawesome.com/releases/v5.7.0/css/all.css	172.64.132.15	200 OK	86 kB
URL HTTP/2 use.fontawesome.com/releases/v5.7.0/css/all.css IP 172.64.132.15:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (54456) Size 86 kB (86269 bytes) Hash de1c4f0ec62bcfdf7d79d5dab0f90014 1cbbd3aeb694315b2c820c3ab456b87a815a9cbe 9ef78c0d8e2655c8d4a6209ef04755123260329f49fa259694ad31213336619f HTTP Headers `GET /releases/v5.7.0/css/all.css HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://s3.amazonaws.com Connection: keep-alive Referer: https://s3.amazonaws.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 03 Apr 2023 23:41:33 GMT content-type: text/css x-amz-id-2: RyA4EPJwjdktWEodIPVLme9GPdxpMTnslYkwbGoJ6urZ7ZIq3RxC3ZpCQmtwce8KVeKMJY+GVAg= x-amz-request-id: 5DZRKM22X1BP2P5T access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding last-modified: Wed, 30 Jun 2021 15:45:15 GMT etag: W/"251d28bd755f5269a4531df8a81d5664" cache-control: max-age=31556926 cf-cache-status: HIT age: 80469 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5782oS4z6ElIcVpz82pZC9v3evmjmEsouCM8oV4veLp8AUUrte3o86cjfAE80cuX0SuCH3AipMNL2ZRAYo4mFR7dQmiPX%2F2s5LWyCoSAv3nCJ0d8Hf9Z8tpOdpN7sL4sZUZkVN99"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7b2529bf28c788a9-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	s3.amazonaws.com/favicon.ico	3.5.10.12	403 Forbidden	255 B
URL HTTP/1.1 s3.amazonaws.com/favicon.ico IP 3.5.10.12:0 ASN #14618 AMAZON-AES File type XML 1.0 document text\012- XML document, ASCII text Size 255 B (255 bytes) Hash dea683ceee54393eadda039ae2461961 01988727b9d09e071e69c5cd58ea98d01b826c40 e5be809214a2c643d388f91fc0ed3e39a5ebe42c8e3632aff8c2ec18d97ee1ce HTTP Headers `GET /favicon.ico HTTP/1.1 Host: s3.amazonaws.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 403 Forbidden x-amz-request-id: 90QHTARSVM31NHAX x-amz-id-2: BOm/GuryP8in6XG0VxGsfkvqrCNHgsocMWcia4uAL7PmA7Y0FkV41ojp/i8RagbuUhoMvXzCHAr/NI84CvfViA== Content-Type: application/xml Transfer-Encoding: chunked Date: Mon, 03 Apr 2023 23:41:33 GMT Server: AmazonS3`

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	104.18.10.207	200 OK	0 B
URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://s3.amazonaws.com Connection: keep-alive Referer: https://s3.amazonaws.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 03 Apr 2023 23:41:33 GMT content-type: application/javascript; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17" last-modified: Mon, 25 Jan 2021 22:04:04 GMT cdn-cachedat: 11/25/2022 23:23:38 cdn-proxyver: 1.03 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 865 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-requestid: 46509e75abe3e11c236834176491a404 cdn-cache: HIT cf-cache-status: HIT age: 2483793 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 7b2529beac001bfe-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL