search.packageintransit.com/?source=googledisplay-googledisplay-v1&uid=ec867440-9c7f-4744-8208-dbb881ecd5c3&uc=20180122&ap=appfocus1&i_id=packages__1.30
35.168.105.221302 Found 293 B URL HTTP/1.1 search.packageintransit.com/?source=googledisplay-googledisplay-v1&uid=ec867440-9c7f-4744-8208-dbb881ecd5c3&uc=20180122&ap=appfocus1&i_id=packages__1.30
IP 35.168.105.221:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash dd8ae9da4261833e6f1ddd196b50066d
6153e3ebbe353e787e988d5319c4642fa5204a7d
f712bcfcd2e35b2517ce17e4b90f2effa4904d69bc6dc9e5bf8de78021e78a1a
GET /?source=googledisplay-googledisplay-v1&uid=ec867440-9c7f-4744-8208-dbb881ecd5c3&uc=20180122&ap=appfocus1&i_id=packages__1.30 HTTP/1.1
Host: search.packageintransit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Sep 2022 02:21:42 GMT
Location: https://search.packageintransit.com/?source=googledisplay-googledisplay-v1&uid=ec867440-9c7f-4744-8208-dbb881ecd5c3&uc=20180122&ap=appfocus1&i_id=packages__1.30
X-Content-Type-Options: nosniff
Content-Length: 293
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 02:10:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CTqL58jtmPYuMoJzrnTcz3dJnnI4oDc-w44hn5RI9PM9o8jfvi0ANw==
Age: 700
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6716f88f982aa553eaf5de31b2629224
97ab757b0a059027ffb04675114e5c55738fccaf
06af9ae9fc72a3aeb4be2b742128a0cb8ea4aff348afe2e4490d3639b3b377d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06AF9AE9FC72A3AEB4BE2B742128A0CB8EA4AFF348AFE2E4490D3639B3B377D9"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10594
Expires: Thu, 15 Sep 2022 05:18:24 GMT
Date: Thu, 15 Sep 2022 02:21:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zFEQAKfJUoWaIdLbq5Usw06scfli2OiUSrBFmzBgoZDXhQNFtMEsxg==
age: 78395
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 02:21:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 722514de85f99e0dc5000db1c94d1541
a6a6c9069fa400d7ef5fa9409444c4d432827fb0
95e91a4c23d9477e5654a9c8194f4a6b21038d66228238df224b59fadcc189ec
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 02:21:50 GMT
Last-Modified: Thu, 15 Sep 2022 00:37:08 GMT
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hv22YsiysvvywD8mJoIJ8GSVgej2iqWmH9_wkVFP905j6hhixKDb-Q==
Age: 6283
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 15 Sep 2022 02:03:23 GMT
Cache-Control: max-age=3600
Expires: Thu, 15 Sep 2022 02:46:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6CuIpfgC_-kgtex1mnyJuzzJN2vg4mDmMvtS8fGdtmmORZICZhAKmw==
Age: 1108
search.packageintransit.com/?source=googledisplay-googledisplay-v1&uid=ec867440-9c7f-4744-8208-dbb881ecd5c3&uc=20180122&ap=appfocus1&i_id=packages__1.30
35.168.105.221200 OK 12 kB URL HTTP/1.1 search.packageintransit.com/?source=googledisplay-googledisplay-v1&uid=ec867440-9c7f-4744-8208-dbb881ecd5c3&uc=20180122&ap=appfocus1&i_id=packages__1.30
IP 35.168.105.221:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (617), with CRLF line terminators
Hash 3a7300ad2167b2fc71d52292dd8a0bf0
1b439b4a8c89c819c7ad8aab2c3b9e054a39d1f8
df3a4fb305b4e7a770fc434f20275ac9cdcb997745bd62f43c008265c3178f46
GET /?source=googledisplay-googledisplay-v1&uid=ec867440-9c7f-4744-8208-dbb881ecd5c3&uc=20180122&ap=appfocus1&i_id=packages__1.30 HTTP/1.1
Host: search.packageintransit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Sep 2022 02:21:47 GMT
Set-Cookie: user_id=ec867440-9c7f-4744-8208-dbb881ecd5c3; domain=packageintransit.com; expires=Fri, 16-Sep-2022 02:21:47 GMT; path=/
nts=t; domain=packageintransit.com; path=/
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 12261
Connection: keep-alive
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.226.52200 OK 3.3 kB URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.226.52:0
File type ASCII text, with very long lines (9097)
Hash 8ebdffa5970d7175eb3442d089657a8d
ef21f165e3b8ec7724d02da06e874ba34e2603a0
86efb2da2502276a5735df4d852fd66fbf94daafbe00a70cb0da4da3fbceedec
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 02:21:50 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 849
expires: Sun, 18 Sep 2022 02:21:50 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 74ade4286b8ab4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ed1a966e9770807ef8b4f57a5113d29a
d843a3d371ee0424004f68ccc32ce06e6bc6e6c7
4932c01d3db39a9ac2f0f7e2693af95e5a334697edfd8d078fd52e421ba43721
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
search.packageintransit.com/styles/home/packages_upgraded?v=zLWcpxDqwZPATKGr6fv0oy-Ll7dLziOtBQeNJ3d4WCI1
35.168.105.221200 OK 8.1 kB URL HTTP/1.1 search.packageintransit.com/styles/home/packages_upgraded?v=zLWcpxDqwZPATKGr6fv0oy-Ll7dLziOtBQeNJ3d4WCI1
IP 35.168.105.221:0
File type ASCII text, with very long lines (420), with CRLF line terminators
Hash 8a147dc0ac47111a197cad921ad0bfa2
c73d80ba6ae2e4695be72647f8b0a4deb4249b23
0db116d12bd1dfc11e891a422e7c6236e2c4b25101ee2c1d99150fa7dae73055
Analyzer Verdict Alert fortinet Malware
GET /styles/home/packages_upgraded?v=zLWcpxDqwZPATKGr6fv0oy-Ll7dLziOtBQeNJ3d4WCI1 HTTP/1.1
Host: search.packageintransit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/?source=googledisplay-googledisplay-v1&uid=ec867440-9c7f-4744-8208-dbb881ecd5c3&uc=20180122&ap=appfocus1&i_id=packages__1.30
Cookie: user_id=ec867440-9c7f-4744-8208-dbb881ecd5c3; nts=t
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Encoding: gzip
Content-Type: text/css; charset=utf-8
Date: Thu, 15 Sep 2022 02:21:51 GMT
Expires: Fri, 15 Sep 2023 02:21:51 GMT
Last-Modified: Thu, 15 Sep 2022 02:21:51 GMT
Vary: User-Agent,Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 8060
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-178002442-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-178002442-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 35b8d32f29287b873e19c74635aa68f4
7354d05a407aeb8befe7913cc2ed0f339ed344c7
fda7650a480d1fde259598248d56f6680fe1c023bb3b2b854405649741182eed
GET /gtag/js?id=UA-178002442-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 15 Sep 2022 02:21:50 GMT
expires: Thu, 15 Sep 2022 02:21:50 GMT
cache-control: private, max-age=900
last-modified: Thu, 15 Sep 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42353
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3ac56507d17ffff5e8b486406985d68
17d26336cd8ea65af3f23db166945f1b3fbbfbab
e7e321340eed681c1269f715b0214e1511d5762fffbe930e7c157b800afa9a39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3269
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:50 GMT
Last-Modified: Thu, 15 Sep 2022 01:27:21 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ed1a966e9770807ef8b4f57a5113d29a
d843a3d371ee0424004f68ccc32ce06e6bc6e6c7
4932c01d3db39a9ac2f0f7e2693af95e5a334697edfd8d078fd52e421ba43721
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d5a5d04d15c71a4e71821b6ddd4110e0
7c5495f9d4165a90ce681ddd1b330675e55a4993
545c765db5e55c1d89bc56d93a3cde1a3b6f5c9d741ad9b58253f9fd7ab24457
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
search.packageintransit.com/scripts/home/header_common?v=AAAAH_DbLIleWj0eIMkM9tOvY9PBuu50aQKW3Tf5CW81
35.168.105.221200 OK 421 B URL HTTP/1.1 search.packageintransit.com/scripts/home/header_common?v=AAAAH_DbLIleWj0eIMkM9tOvY9PBuu50aQKW3Tf5CW81
IP 35.168.105.221:0
File type ASCII text, with very long lines (560), with no line terminators
Hash 50821b2ae2f8b7dd5b80519c11040d2f
6ba789085bf9d1c8a76ce2cf17a8c52a329f367f
2baff6c467b31af830126841e27cf44ca1ca58af27dbf85aa9b27a1fd5160201
Analyzer Verdict Alert fortinet Malware
GET /scripts/home/header_common?v=AAAAH_DbLIleWj0eIMkM9tOvY9PBuu50aQKW3Tf5CW81 HTTP/1.1
Host: search.packageintransit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/?source=googledisplay-googledisplay-v1&uid=ec867440-9c7f-4744-8208-dbb881ecd5c3&uc=20180122&ap=appfocus1&i_id=packages__1.30
Cookie: user_id=ec867440-9c7f-4744-8208-dbb881ecd5c3; nts=t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
Date: Thu, 15 Sep 2022 02:21:43 GMT
Expires: Fri, 15 Sep 2023 02:21:43 GMT
Last-Modified: Thu, 15 Sep 2022 02:21:43 GMT
Vary: User-Agent,Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 421
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto:300,400,700
142.250.74.10200 OK 47 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700
IP 142.250.74.10:0
Hash dc010e857131cb206875a3e596aed2f3
1249c22464935f6d61cd45f041937d70b514e5bf
fadf574dd8b922e5b7566f5b1cc869a6215eaf0a86d2b8268e4568c914caff2f
GET /css?family=Roboto:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Sep 2022 02:21:50 GMT
date: Thu, 15 Sep 2022 02:21:50 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://search.packageintransit.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 24462
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d5a5d04d15c71a4e71821b6ddd4110e0
7c5495f9d4165a90ce681ddd1b330675e55a4993
545c765db5e55c1d89bc56d93a3cde1a3b6f5c9d741ad9b58253f9fd7ab24457
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
search.packageintransit.com/get/js/impression?uc=20180122&ap=appfocus1&source=googledisplay-googledisplay-v1&uid=ec867440-9c7f-4744-8208-dbb881ecd5c3&i_id=packages__1.30&cid=app@PackageInTransit
35.168.105.221200 OK 670 B URL HTTP/1.1 search.packageintransit.com/get/js/impression?uc=20180122&ap=appfocus1&source=googledisplay-googledisplay-v1&uid=ec867440-9c7f-4744-8208-dbb881ecd5c3&i_id=packages__1.30&cid=app@PackageInTransit
IP 35.168.105.221:0
File type ASCII text, with CRLF line terminators
Hash b3f25824028dcf1a5564ea32b6541467
f5f86f93ae61ec82a1d787074943569d7c1230d0
a591ebccb1e4f8be9cf42ede8c08fdd196103f503c3007a2be594a98f852a6e5
GET /get/js/impression?uc=20180122&ap=appfocus1&source=googledisplay-googledisplay-v1&uid=ec867440-9c7f-4744-8208-dbb881ecd5c3&i_id=packages__1.30&cid=app@PackageInTransit HTTP/1.1
Host: search.packageintransit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/?source=googledisplay-googledisplay-v1&uid=ec867440-9c7f-4744-8208-dbb881ecd5c3&uc=20180122&ap=appfocus1&i_id=packages__1.30
Cookie: user_id=ec867440-9c7f-4744-8208-dbb881ecd5c3; nts=t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
Date: Thu, 15 Sep 2022 02:21:52 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 670
Connection: keep-alive
search.packageintransit.com/styles/home/monetizedquicklinks_newui?v=otmUZsU2sBVz24nuFVUejS6SXRGxA-bTYy8sctyWSkc1
35.168.105.221200 OK 3.0 kB URL HTTP/1.1 search.packageintransit.com/styles/home/monetizedquicklinks_newui?v=otmUZsU2sBVz24nuFVUejS6SXRGxA-bTYy8sctyWSkc1
IP 35.168.105.221:0
File type ASCII text, with very long lines (18181), with no line terminators
Hash 8733dfcee1c8457cbf71bdbaf530c2d5
ee2ea9c563ca7a3ffd7279392695a557c33ac81c
b1bbe444c30697e64bb696f79a2695f0016ed503c7602c34601ed3f7e154c8df
GET /styles/home/monetizedquicklinks_newui?v=otmUZsU2sBVz24nuFVUejS6SXRGxA-bTYy8sctyWSkc1 HTTP/1.1
Host: search.packageintransit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/?source=googledisplay-googledisplay-v1&uid=ec867440-9c7f-4744-8208-dbb881ecd5c3&uc=20180122&ap=appfocus1&i_id=packages__1.30
Cookie: user_id=ec867440-9c7f-4744-8208-dbb881ecd5c3; nts=t
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Encoding: gzip
Content-Type: text/css; charset=utf-8
Date: Thu, 15 Sep 2022 02:21:48 GMT
Expires: Fri, 15 Sep 2023 02:21:48 GMT
Last-Modified: Thu, 15 Sep 2022 02:21:48 GMT
Vary: User-Agent,Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 2983
Connection: keep-alive
search.packageintransit.com/styles/home/setting?v=4zdb4ueXjnD1KRFeKu4pG2a0S4xjPxg0WvfkuLV9DDY1
35.168.105.221200 OK 936 B URL HTTP/1.1 search.packageintransit.com/styles/home/setting?v=4zdb4ueXjnD1KRFeKu4pG2a0S4xjPxg0WvfkuLV9DDY1
IP 35.168.105.221:0
File type ASCII text, with very long lines (1976), with no line terminators
Hash 7db3d6f103920aabd2a91b70b5462629
04405431b5350cff5e35129912fc903443472fb7
0e7938bc70225c1f4d8d5d2267b47fc06dc2193ae0550e23445db5623f720a2e
GET /styles/home/setting?v=4zdb4ueXjnD1KRFeKu4pG2a0S4xjPxg0WvfkuLV9DDY1 HTTP/1.1
Host: search.packageintransit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/?source=googledisplay-googledisplay-v1&uid=ec867440-9c7f-4744-8208-dbb881ecd5c3&uc=20180122&ap=appfocus1&i_id=packages__1.30
Cookie: user_id=ec867440-9c7f-4744-8208-dbb881ecd5c3; nts=t
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Encoding: gzip
Content-Type: text/css; charset=utf-8
Date: Thu, 15 Sep 2022 02:21:51 GMT
Expires: Fri, 15 Sep 2023 02:21:52 GMT
Last-Modified: Thu, 15 Sep 2022 02:21:52 GMT
Vary: User-Agent,Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 936
Connection: keep-alive
push.services.mozilla.com/
54.148.77.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.77.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hQ8CFQK1NpnNPjqr74gRJA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UMpjIQ5undMMyX1ni75zrMYsng4=
search.packageintransit.com/Content/Home/Shared/Images/gear-icon.png
35.168.105.221200 OK 1.9 kB URL HTTP/1.1 search.packageintransit.com/Content/Home/Shared/Images/gear-icon.png
IP 35.168.105.221:0
File type PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash c191c48cdc9a12101c96bac13a3a672e
b75a7ee6c62fc63201399401ebe1824b95f24ead
19fce2176cb990c4773742094923ccdd17d778fd050b675b0c8ff16b945e95ca
GET /Content/Home/Shared/Images/gear-icon.png HTTP/1.1
Host: search.packageintransit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/?source=googledisplay-googledisplay-v1&uid=ec867440-9c7f-4744-8208-dbb881ecd5c3&uc=20180122&ap=appfocus1&i_id=packages__1.30
Cookie: user_id=ec867440-9c7f-4744-8208-dbb881ecd5c3; nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Type: image/png
Date: Thu, 15 Sep 2022 02:21:52 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 1866
Connection: keep-alive
search.packageintransit.com/Content/Home/Packages/img/packages-upgrade-sprite.png
35.168.105.221200 OK 9.8 kB URL HTTP/1.1 search.packageintransit.com/Content/Home/Packages/img/packages-upgrade-sprite.png
IP 35.168.105.221:0
File type PNG image data, 192 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash 30fb096d0210e67c1cbed981706b02a1
4f807423d636b1832e390cbadb6ba64fa9ec58b1
1ba3fd3b2b2cfce93671c08f1c4f485923773882faf2668c0f5ae75d4a8b1410
GET /Content/Home/Packages/img/packages-upgrade-sprite.png HTTP/1.1
Host: search.packageintransit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/styles/home/packages_upgraded?v=zLWcpxDqwZPATKGr6fv0oy-Ll7dLziOtBQeNJ3d4WCI1
Cookie: user_id=ec867440-9c7f-4744-8208-dbb881ecd5c3; nts=t; _gcl_au=1.1.1280927420.1663208496
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Type: image/png
Date: Thu, 15 Sep 2022 02:21:51 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 9829
Connection: keep-alive
search.packageintransit.com/Content/img/icons/packagesIcon.png
35.168.105.221200 OK 2.0 kB URL HTTP/1.1 search.packageintransit.com/Content/img/icons/packagesIcon.png
IP 35.168.105.221:0
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 42d35d817f2708ff1a17a36027a9c9f8
e4ccbbb8b2e2673d55ae4c7e49612989392f6e64
a1f89e9f303a214721a86e66471a3700df0ff8ae95ea248f27524482879030e4
GET /Content/img/icons/packagesIcon.png HTTP/1.1
Host: search.packageintransit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/styles/home/monetizedquicklinks_newui?v=otmUZsU2sBVz24nuFVUejS6SXRGxA-bTYy8sctyWSkc1
Cookie: user_id=ec867440-9c7f-4744-8208-dbb881ecd5c3; nts=t; _gcl_au=1.1.1280927420.1663208496
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Type: image/png
Date: Thu, 15 Sep 2022 02:21:44 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:03 GMT
X-Content-Type-Options: nosniff
Content-Length: 1955
Connection: keep-alive
search.packageintransit.com/Content/Home/Email/Sprites/Sprite_Email_V6.png
35.168.105.221200 OK 24 kB URL HTTP/1.1 search.packageintransit.com/Content/Home/Email/Sprites/Sprite_Email_V6.png
IP 35.168.105.221:0
File type PNG image data, 1000 x 172, 8-bit colormap, non-interlaced\012- data
Hash 2c6d975eb6589294fbfb84009c3ccdba
3c31726a2645066354bff61df290218435abbb47
ea3f816af3b13fa98012e35790d0ae4eef65a570edff5408eed840118b8badc3
GET /Content/Home/Email/Sprites/Sprite_Email_V6.png HTTP/1.1
Host: search.packageintransit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/styles/home/packages_upgraded?v=zLWcpxDqwZPATKGr6fv0oy-Ll7dLziOtBQeNJ3d4WCI1
Cookie: user_id=ec867440-9c7f-4744-8208-dbb881ecd5c3; nts=t; _gcl_au=1.1.1280927420.1663208496
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Type: image/png
Date: Thu, 15 Sep 2022 02:21:48 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:01 GMT
X-Content-Type-Options: nosniff
Content-Length: 23739
Connection: keep-alive
search.packageintransit.com/scripts/home/common?v=B7zJOOuKRrdwmvF4UcJQiySHI7Ajpy7ToqWFreccUXs1
35.168.105.221200 OK 165 kB URL HTTP/1.1 search.packageintransit.com/scripts/home/common?v=B7zJOOuKRrdwmvF4UcJQiySHI7Ajpy7ToqWFreccUXs1
IP 35.168.105.221:0
File type ASCII text, with very long lines (32024), with CRLF line terminators
Size 165 kB (164624 bytes)
Hash 22ff489212a3aaae8c765322231b02c6
1c220a1abfc65da6460ccb39689336f8f3ce41cd
63dc1db4c9e719624eba52210c75aa378c4cc27365df6d3ff4830b1f4fd9ba30
GET /scripts/home/common?v=B7zJOOuKRrdwmvF4UcJQiySHI7Ajpy7ToqWFreccUXs1 HTTP/1.1
Host: search.packageintransit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/?source=googledisplay-googledisplay-v1&uid=ec867440-9c7f-4744-8208-dbb881ecd5c3&uc=20180122&ap=appfocus1&i_id=packages__1.30
Cookie: user_id=ec867440-9c7f-4744-8208-dbb881ecd5c3; nts=t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
Date: Thu, 15 Sep 2022 02:21:43 GMT
Expires: Fri, 15 Sep 2023 02:21:44 GMT
Last-Modified: Thu, 15 Sep 2022 02:21:44 GMT
Vary: User-Agent,Accept-Encoding
X-Content-Type-Options: nosniff
transfer-encoding: chunked
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash ad7510fb88fa7d1cd3a57710ea9965de
d920694c7adb2a6ac1bb6c01bf0eaa3cf040a1e4
f5ee20defdf57c75c975eb049fef6aea13d843aad0c52b1c7674ec8f6f1faaa5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 02:21:51 GMT
Last-Modified: Thu, 15 Sep 2022 00:40:39 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hZsP9BlzAtxq6q9ZkFRkqVBPINu6tmTdjd_z9JF9D3uqj4S06Ftivg==
Age: 6072
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash ad7510fb88fa7d1cd3a57710ea9965de
d920694c7adb2a6ac1bb6c01bf0eaa3cf040a1e4
f5ee20defdf57c75c975eb049fef6aea13d843aad0c52b1c7674ec8f6f1faaa5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 02:21:51 GMT
Last-Modified: Thu, 15 Sep 2022 01:44:22 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fzAo8JhAj-cE6v6-udBwzTBt33dF1xwO2oSdX5DJn7iHbR4WdbavtQ==
Age: 2249
imp.onesearch.org/impression.do?event=ex_ql_impression&user_id=ec867440-9c7f-4744-8208-dbb881ecd5c3&source=googledisplay-googledisplay-v1&traffic_source=appfocus1&subid=20180122&implementation_id=packages_&page=totalpackagetracker::usps::fedex::myemailsimplified::nationalweatheragency::early_chirp&referrer=&offer_id=~app@PackageInTransit
44.199.122.180503 Service Unavailable 162 B URL HTTP/2 imp.onesearch.org/impression.do?event=ex_ql_impression&user_id=ec867440-9c7f-4744-8208-dbb881ecd5c3&source=googledisplay-googledisplay-v1&traffic_source=appfocus1&subid=20180122&implementation_id=packages_&page=totalpackagetracker::usps::fedex::myemailsimplified::nationalweatheragency::early_chirp&referrer=&offer_id=~app@PackageInTransit
IP 44.199.122.180:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 81df4d3863debf3eceb5cf84251fd472
4ba7843a4cc062123f5f4caacbb9a3fa7d381eac
258c66556e2e065b0d04f6ae39a98fcf182e3e584cd0b7bdb20d0a395796347b
GET /impression.do?event=ex_ql_impression&user_id=ec867440-9c7f-4744-8208-dbb881ecd5c3&source=googledisplay-googledisplay-v1&traffic_source=appfocus1&subid=20180122&implementation_id=packages_&page=totalpackagetracker::usps::fedex::myemailsimplified::nationalweatheragency::early_chirp&referrer=&offer_id=~app@PackageInTransit HTTP/1.1
Host: imp.onesearch.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 503 Service Unavailable
server: awselb/2.0
date: Thu, 15 Sep 2022 02:21:51 GMT
content-type: text/html
content-length: 162
X-Firefox-Spdy: h2
imp.onesearch.org/impression.do?event=ex_banner_show&user_id=ec867440-9c7f-4744-8208-dbb881ecd5c3&source=googledisplay-googledisplay-v1&traffic_source=appfocus1&subid=20180122&implementation_id=packages_&page=adm&referrer=&offer_id=~app@PackageInTransit
44.199.122.180503 Service Unavailable 162 B URL HTTP/2 imp.onesearch.org/impression.do?event=ex_banner_show&user_id=ec867440-9c7f-4744-8208-dbb881ecd5c3&source=googledisplay-googledisplay-v1&traffic_source=appfocus1&subid=20180122&implementation_id=packages_&page=adm&referrer=&offer_id=~app@PackageInTransit
IP 44.199.122.180:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 81df4d3863debf3eceb5cf84251fd472
4ba7843a4cc062123f5f4caacbb9a3fa7d381eac
258c66556e2e065b0d04f6ae39a98fcf182e3e584cd0b7bdb20d0a395796347b
GET /impression.do?event=ex_banner_show&user_id=ec867440-9c7f-4744-8208-dbb881ecd5c3&source=googledisplay-googledisplay-v1&traffic_source=appfocus1&subid=20180122&implementation_id=packages_&page=adm&referrer=&offer_id=~app@PackageInTransit HTTP/1.1
Host: imp.onesearch.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 503 Service Unavailable
server: awselb/2.0
date: Thu, 15 Sep 2022 02:21:51 GMT
content-type: text/html
content-length: 162
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 97c6f98caadbd5ab949c1e48f310e5d9
eb9e321d545d650bd9ad894daedc0af47046d8e9
2df18cef2f4bd82065d48cd8ea62ab79140d6951491d3bf86c1f47488fc893f0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 02:21:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 18:44:08 GMT
Expires: Tue, 20 Sep 2022 18:44:07 GMT
Etag: "eb9e321d545d650bd9ad894daedc0af47046d8e9"
Cache-Control: max-age=490335,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ade42dca16b518-OSL
internal_banner.tiles.ampfeed.com/tiles?partner=internal_banner&v=1.3&sub1=10055&sub2=packages&results=10&BOC=1663208496961&callback=amp_fn
104.110.26.15200 OK 20 B URL HTTP/2 internal_banner.tiles.ampfeed.com/tiles?partner=internal_banner&v=1.3&sub1=10055&sub2=packages&results=10&BOC=1663208496961&callback=amp_fn
IP 104.110.26.15:0
File type ASCII text, with no line terminators
Hash 7f3ddf32c69b12d8da247ab32bcf7c0a
e0d8baa7114b5126d38cf731ad44527af3467280
f1a514c273a93178f053ad889969bb58d6d5c44e913cbf3abbbbb667b4acda48
GET /tiles?partner=internal_banner&v=1.3&sub1=10055&sub2=packages&results=10&BOC=1663208496961&callback=amp_fn HTTP/1.1
Host: internal_banner.tiles.ampfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
server: akka-http/10.0.0
content-type: application/json
content-length: 20
x-country-check: NO, NO
x-ip-check: 91.90.42.154, 127.0.0.1, 91.90.42.154
date: Thu, 15 Sep 2022 02:21:51 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 79cd59ab5d003e34ce3c9504be8eea00
e03386a1f87f25b7477ee58c413355a4f1a855e8
5724641af62b79483e642c5ac59d1f90d3bad735e0b1cd4d3fdbfed28d9807f9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 02:21:51 GMT
Last-Modified: Thu, 15 Sep 2022 00:56:15 GMT
Server: ECS (dcb/7F15)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0oKKSskossVCv5DcTt_W-6yL2biLzWze2-dOT8pPB7hcIPeau2TCtw==
Age: 5136
api.openweathermap.org/data/2.5/weather?appid=beac7c40c6ebee3f7f54a7a3544c9986&lat=59.9452&lon=10.7559&_=1663208496917
37.139.1.159200 OK 520 B URL HTTP/1.1 api.openweathermap.org/data/2.5/weather?appid=beac7c40c6ebee3f7f54a7a3544c9986&lat=59.9452&lon=10.7559&_=1663208496917
IP 37.139.1.159:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (520), with no line terminators
Hash 2bfba07bac8de989e754cfaca8b2dbb4
9a06fd3fb00d0c744e7af5badb8eec754e181604
9639142a0fb2459da4abf88444ddb1368dd96c1427efeca01f20a28cbe83d0bb
GET /data/2.5/weather?appid=beac7c40c6ebee3f7f54a7a3544c9986&lat=59.9452&lon=10.7559&_=1663208496917 HTTP/1.1
Host: api.openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://search.packageintransit.com
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 15 Sep 2022 02:21:51 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 520
Connection: keep-alive
X-Cache-Key: /data/2.5/weather?_=1663208496917&lat=59.95&lon=10.76
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST
internal_tiles.tiles.ampfeed.com/tiles?partner=internal_tiles&v=1.3&sub1=10058&sub2=packages&results=10&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F71.0.3578.80%20Safari%2F537.36&BOC=1663208496961&callback=admtilecallback
104.110.26.15200 OK 46 B URL HTTP/2 internal_tiles.tiles.ampfeed.com/tiles?partner=internal_tiles&v=1.3&sub1=10058&sub2=packages&results=10&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F71.0.3578.80%20Safari%2F537.36&BOC=1663208496961&callback=admtilecallback
IP 104.110.26.15:0
File type ASCII text, with no line terminators
Hash fe5db27d2eae551ca45d872688cc2bcb
5a99184fde35329d754349c64a45bb5ba64b4252
1f7af0b538726086e9bb5ce0c8fd64ca0a7baab3e6ae4d725979abf1014f48d9
GET /tiles?partner=internal_tiles&v=1.3&sub1=10058&sub2=packages&results=10&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F71.0.3578.80%20Safari%2F537.36&BOC=1663208496961&callback=admtilecallback HTTP/1.1
Host: internal_tiles.tiles.ampfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
server: akka-http/10.0.0
content-type: application/json
content-encoding: gzip
content-length: 46
x-country-check: NO, NO
x-ip-check: 91.90.42.154, 127.0.0.1, 91.90.42.154
date: Thu, 15 Sep 2022 02:21:51 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
imp.onesearch.org/impression.do?event=push_modal_shown&page=search.packageintransit.com&source=googledisplay-googledisplay-v1&subid=20180122&i_id=packages_
44.199.122.180503 Service Unavailable 162 B URL HTTP/2 imp.onesearch.org/impression.do?event=push_modal_shown&page=search.packageintransit.com&source=googledisplay-googledisplay-v1&subid=20180122&i_id=packages_
IP 44.199.122.180:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 81df4d3863debf3eceb5cf84251fd472
4ba7843a4cc062123f5f4caacbb9a3fa7d381eac
258c66556e2e065b0d04f6ae39a98fcf182e3e584cd0b7bdb20d0a395796347b
GET /impression.do?event=push_modal_shown&page=search.packageintransit.com&source=googledisplay-googledisplay-v1&subid=20180122&i_id=packages_ HTTP/1.1
Host: imp.onesearch.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 503 Service Unavailable
server: awselb/2.0
date: Thu, 15 Sep 2022 02:21:51 GMT
content-type: text/html
content-length: 162
X-Firefox-Spdy: h2
dap2y8k6nefku.cloudfront.net/quicklinkicons/usps.png
143.204.42.118200 OK 2.1 kB URL HTTP/2 dap2y8k6nefku.cloudfront.net/quicklinkicons/usps.png
IP 143.204.42.118:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 28cdb48e0623a27a86a3650c0bd65d8c
9008a19ef832dd48f5be8ebcc45dfcf08b9f0fb5
c2384dd10b28bfaf0b03871247560a49aae95208e4c606fca35de74f6b216db6
GET /quicklinkicons/usps.png HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 2127
last-modified: Fri, 07 Aug 2020 13:46:55 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 03:22:48 GMT
etag: "28cdb48e0623a27a86a3650c0bd65d8c"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8gcZ0yceddh2U8VvlwdbuKAX_0JsS96aP5dnvxWV9jvvBcDxr1ixHg==
age: 82744
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 74cf77ca0dd7e4f96dfea6ceb4536e65
fa0492bed3fa3b15cc0380e3692320088aa7b217
94f64669694fa90640f8ee8c22f1cb792166c18bab72200a991bc6eaf8f09453
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4178
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:51 GMT
Last-Modified: Thu, 15 Sep 2022 01:12:13 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
dailyfeature.net/dailyfeature/df?url=packageintransit.com&uc=20180122&cid=app@PackageInTransit&purpose=hp&type=internal
35.172.80.40200 OK 760 B URL HTTP/1.1 dailyfeature.net/dailyfeature/df?url=packageintransit.com&uc=20180122&cid=app@PackageInTransit&purpose=hp&type=internal
IP 35.172.80.40:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash efd1bf6d750263b2dc6085e301e5c7d2
e27581e40d6f54f5cb7ce99eed27a9f442bad018
dc0f877177e30bac0c894643188151b5e5d3231549262d506b6fe08bb77766ff
GET /dailyfeature/df?url=packageintransit.com&uc=20180122&cid=app@PackageInTransit&purpose=hp&type=internal HTTP/1.1
Host: dailyfeature.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Sep 2022 02:21:53 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 760
Connection: keep-alive
dap2y8k6nefku.cloudfront.net/quicklinkicons/early_chirp.png
143.204.42.118200 OK 11 kB URL HTTP/2 dap2y8k6nefku.cloudfront.net/quicklinkicons/early_chirp.png
IP 143.204.42.118:0
File type PNG image data, 361 x 361, 8-bit/color RGB, non-interlaced\012- data
Hash 2d9855aaf48a48f9ed6f205c93ea73ff
109080dd51f9466fcc19a872f8db84fa93848de9
39fd4d8ea8a16bccf296cd5aed492305fab38e4d5d42d99a9c897111ed3d66ef
GET /quicklinkicons/early_chirp.png HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 10871
last-modified: Thu, 21 Jul 2022 21:16:06 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 03:26:10 GMT
etag: "2d9855aaf48a48f9ed6f205c93ea73ff"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: S3GSSf0jyDyhIOKnL8iFiM-exJ5And58FQD0bIKDsxo1q5Fs8R_icw==
age: 82542
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Thu, 15 Sep 2022 00:41:12 GMT
expires: Thu, 15 Sep 2022 02:41:12 GMT
cache-control: public, max-age=7200
age: 6039
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dap2y8k6nefku.cloudfront.net/quicklinkicons/myemailsimplified.png
143.204.42.118200 OK 9.5 kB URL HTTP/2 dap2y8k6nefku.cloudfront.net/quicklinkicons/myemailsimplified.png
IP 143.204.42.118:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 063b92388bbb111681700e7062987557
47103c8f873ca823c5a3b9fcbdd915b68d4f5f57
b4a6b476a91fb8abd5f39ffdd574172963fada2f561b94f5fbb85379f60874c4
GET /quicklinkicons/myemailsimplified.png HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 9460
last-modified: Wed, 05 Jun 2019 15:29:36 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 02:47:47 GMT
etag: "063b92388bbb111681700e7062987557"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ch571FX8MLteEXZVXUECfphToilRgmeKXvI6LZ1pb7jkWfIwgvOMRQ==
age: 84845
X-Firefox-Spdy: h2
d3ff8olul1r3ot.cloudfront.net/packages.png
54.230.245.141200 OK 14 kB URL HTTP/2 d3ff8olul1r3ot.cloudfront.net/packages.png
IP 54.230.245.141:0
Hash 8b9bc834a51f88de2473ec089b08a49a
5d8904de29925037db357c4edf810ca4cbb337b4
767dc10ad72b3325386bf3f9879aed5068de8514d9481c9ac9ea23ea43579e8e
GET /packages.png HTTP/1.1
Host: d3ff8olul1r3ot.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 4797
last-modified: Sun, 13 Aug 2017 06:34:57 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 22:58:13 GMT
etag: "124aa7599ad1f18e508c5841f16aa3e0"
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 31GA0Ci6ySnKjFr4I1CS9NnEs689CWCZCHqWhzWo5hdXK_voEq4W6w==
age: 12218
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ed97a4b82680caefc4ffdebf786e12fc
a638a68f346844709bac57a92bf3d2c28043165e
b81ed44963f5d8b54c62e7fe18db301d3c8eeaf8fbbfb099270562156e12fdc9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash ecb99528d18dbe7952eac9618eaf2d8e
eb59bf3afc849403fa3dde09b75b5fc51f29e7b5
bcecfe43bf3e0f22ff425fe630e189d28fc3ecdc9764dd1686599e5ce59f40cc
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: HYC7rQ3z+tGJmtgLdDZfZfP9Rr/ceyHA/kLUdpUrKGcgxsap/tZprKI/o/w1vUXaWNgREpVLDT2shJP9HF6QhA==
priority: u=3,i
content-length: 26872
x-fb-trip-id: 1904183273
date: Thu, 15 Sep 2022 02:21:51 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dap2y8k6nefku.cloudfront.net/quicklinkicons/totalpackagetracker.png
143.204.42.118200 OK 2.0 kB URL HTTP/2 dap2y8k6nefku.cloudfront.net/quicklinkicons/totalpackagetracker.png
IP 143.204.42.118:0
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 8facfe950eec3fae336ecd9638be6aa0
ddf17eda833161a6c19e80a6f7cf9b7b7fec4db7
6aada99725a75b42eea8dba4dd094a81cd3d33878ef67346c83911027ec48bf2
GET /quicklinkicons/totalpackagetracker.png HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1992
last-modified: Wed, 12 Aug 2020 15:39:44 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 02:38:20 GMT
etag: "8facfe950eec3fae336ecd9638be6aa0"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iF41rTF8twyJWfK9WGXCLBLa21bAVu4uYMm-qjvcovtjL9nrSyNTnA==
age: 85412
X-Firefox-Spdy: h2
dap2y8k6nefku.cloudfront.net/js/term_mappings.json
143.204.42.118200 OK 163 kB URL HTTP/2 dap2y8k6nefku.cloudfront.net/js/term_mappings.json
IP 143.204.42.118:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size 163 kB (163302 bytes)
Hash ad5616114dc91d3881715e52566797b3
312f6d64483c845bafcf351900fc693edede7844
ac1495485cd9445d294d444b352b4c109f5f0e341e92e6451b0853a6759e5948
GET /js/term_mappings.json HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://search.packageintransit.com/
Origin: https://search.packageintransit.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 163302
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Fri, 30 Apr 2021 12:58:49 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 01:13:55 GMT
etag: "ad5616114dc91d3881715e52566797b3"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: n1R9tvUHShzRAlTOl2R2wGrk8CiEA2VkudaKBEDM_vwcEdjTVbD9kA==
age: 6215
X-Firefox-Spdy: h2
dap2y8k6nefku.cloudfront.net/quicklinkicons/fedex.png
143.204.42.118200 OK 1.3 kB URL HTTP/2 dap2y8k6nefku.cloudfront.net/quicklinkicons/fedex.png
IP 143.204.42.118:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e24dc26b1c202dd18ae276d2842b127
8fc891454749278663dfd4b7a1300efcd9be518d
3ab812c0dd00e7dbc73d4ad9438c613591f597c062bdb1c9919aeb13e9f84c94
GET /quicklinkicons/fedex.png HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1320
last-modified: Fri, 07 Aug 2020 13:46:55 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 02:38:20 GMT
etag: "2e24dc26b1c202dd18ae276d2842b127"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mhngMsSIW5C6aBljQUJ5Y5FZsvk-Q0hTf-SWLGLKnymoKcMMheEMzg==
age: 85413
X-Firefox-Spdy: h2
dap2y8k6nefku.cloudfront.net/quicklinkicons/nationalweatheragency.png
143.204.42.118200 OK 15 kB URL HTTP/2 dap2y8k6nefku.cloudfront.net/quicklinkicons/nationalweatheragency.png
IP 143.204.42.118:0
File type PNG image data, 48 x 48, 8-bit/color RGB, non-interlaced\012- data
Hash 8f8b4cbfe11392e4f33d47ab000e6a17
3c36a8ac3a0cc4e7f95e2ce75150a456031f3717
37fc00df7da62179f86c3010973bc56ed486593117deb5c0e9ed6ec6fb57ad06
GET /quicklinkicons/nationalweatheragency.png HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 15419
last-modified: Wed, 05 Jun 2019 15:31:44 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 02:21:52 GMT
etag: "8f8b4cbfe11392e4f33d47ab000e6a17"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lpHr67iHxHtIotBonaXU7nG5FqFfUZoAp97-lq3HMXGKPI54o-EoHQ==
age: 228
X-Firefox-Spdy: h2
search.packageintransit.com/favicon.ico
35.168.105.221200 OK 112 kB URL HTTP/1.1 search.packageintransit.com/favicon.ico
IP 35.168.105.221:0
File type MS Windows icon resource - 6 icons, 16x16, 32 bits/pixel, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel\012- data
Size 112 kB (112173 bytes)
Hash 504432c83a7a355782213f5aa620b13f
faba34469d9f116310c066caf098ecf9441147f1
df4276e18285a076a1a8060047fbb08e1066db2b9180863ec14a055a0c8e33f1
GET /favicon.ico HTTP/1.1
Host: search.packageintransit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/?source=googledisplay-googledisplay-v1&uid=ec867440-9c7f-4744-8208-dbb881ecd5c3&uc=20180122&ap=appfocus1&i_id=packages__1.30
Cookie: user_id=ec867440-9c7f-4744-8208-dbb881ecd5c3; nts=t; _gcl_au=1.1.1280927420.1663208496
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Type: image/x-icon
Date: Thu, 15 Sep 2022 02:21:53 GMT
ETag: "342c678ef699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:06 GMT
X-Content-Type-Options: nosniff
Content-Length: 112173
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 74cf77ca0dd7e4f96dfea6ceb4536e65
fa0492bed3fa3b15cc0380e3692320088aa7b217
94f64669694fa90640f8ee8c22f1cb792166c18bab72200a991bc6eaf8f09453
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4179
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:52 GMT
Last-Modified: Thu, 15 Sep 2022 01:12:13 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1623)
Hash 4738d969770682feba80f04bf171d65b
be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7
1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 15 Sep 2022 02:21:52 GMT
expires: Thu, 15 Sep 2022 02:21:52 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 39aa25d8411997d98f9093c19b0ccbca
3cb31e92d707cd561897042ed1a09de5a79e7108
f1b7b71241b580ec34281f5addc49d716eac9ecc46a3217e646c76e6dc8d4578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
openweathermap.org/img/w/04n.png
138.201.197.100200 OK 2.8 kB URL HTTP/1.1 openweathermap.org/img/w/04n.png
IP 138.201.197.100:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 346f20bb618e7f86dcb32eac361ae541
95d193d618f4a2ed45610df889d652339445fa1e
154cd42c57aa253ece6e86d291c77b06c1d09ec824459e977dceb5a411b2ddb5
GET /img/w/04n.png HTTP/1.1
Host: openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty/1.9.7.1
Date: Thu, 15 Sep 2022 02:21:52 GMT
Content-Type: image/png
Content-Length: 2773
Last-Modified: Thu, 22 Sep 2016 11:59:54 GMT
Connection: keep-alive
ETag: "57e3c7ba-ad5"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Thu, 22 Sep 2022 02:21:52 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0dfd060e0fb8dec42e8f52f8db247b61
d6f33b6390aa9a4b34375d58009977926bc1fff3
17e3d9698e2cd4caf0cbf66b71393b473300fb9a8a4b6f7b97f421e93d54ec44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0dfd060e0fb8dec42e8f52f8db247b61
d6f33b6390aa9a4b34375d58009977926bc1fff3
17e3d9698e2cd4caf0cbf66b71393b473300fb9a8a4b6f7b97f421e93d54ec44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/713545727/?random=1663208497449&cv=9&fst=1663208497449&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsearch.packageintransit.com%2F%3Fsource%3Dgoogledisplay-googledisplay-v1%26uid%3Dec867440-9c7f-4744-8208-dbb881ecd5c3%26uc%3D20180122%26ap%3Dappfocus1%26i_id%3Dpackages__1.30&tiba=Package%20In%20Transit&auid=1280927420.1663208496&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/713545727/?random=1663208497449&cv=9&fst=1663208497449&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsearch.packageintransit.com%2F%3Fsource%3Dgoogledisplay-googledisplay-v1%26uid%3Dec867440-9c7f-4744-8208-dbb881ecd5c3%26uc%3D20180122%26ap%3Dappfocus1%26i_id%3Dpackages__1.30&tiba=Package%20In%20Transit&auid=1280927420.1663208496&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2552), with no line terminators
Hash 79d125565b2b469d5ab987ddb18f209c
07c21143bf27246872b33942f0fc4ff885993dd7
9a68ef5c6afd4b4a6f5c2972520697880cf7082bb528d02eb48cfd2cd59929ef
GET /pagead/viewthroughconversion/713545727/?random=1663208497449&cv=9&fst=1663208497449&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsearch.packageintransit.com%2F%3Fsource%3Dgoogledisplay-googledisplay-v1%26uid%3Dec867440-9c7f-4744-8208-dbb881ecd5c3%26uc%3D20180122%26ap%3Dappfocus1%26i_id%3Dpackages__1.30&tiba=Package%20In%20Transit&auid=1280927420.1663208496&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 02:21:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1120
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 15-Sep-2022 02:36:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/713545727/?random=1663208497451&cv=9&fst=1663208497451&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&ig=0&data=event%3DHomepageView%3Bevent_category%3Dpackages_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fsearch.packageintransit.com%2F%3Fsource%3Dgoogledisplay-googledisplay-v1%26uid%3Dec867440-9c7f-4744-8208-dbb881ecd5c3%26uc%3D20180122%26ap%3Dappfocus1%26i_id%3Dpackages__1.30&tiba=Package%20In%20Transit&auid=1280927420.1663208496&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/713545727/?random=1663208497451&cv=9&fst=1663208497451&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&ig=0&data=event%3DHomepageView%3Bevent_category%3Dpackages_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fsearch.packageintransit.com%2F%3Fsource%3Dgoogledisplay-googledisplay-v1%26uid%3Dec867440-9c7f-4744-8208-dbb881ecd5c3%26uc%3D20180122%26ap%3Dappfocus1%26i_id%3Dpackages__1.30&tiba=Package%20In%20Transit&auid=1280927420.1663208496&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2682), with no line terminators
Hash df2a17c48b8b818c202f6c783c89cf51
dcd0d418242dd48cfd5b84923a68f2e14465bd16
e22e18ff7263649e97b727f2ab3b6d53613ec5382071a30011c97b8b587750fc
GET /pagead/viewthroughconversion/713545727/?random=1663208497451&cv=9&fst=1663208497451&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&ig=0&data=event%3DHomepageView%3Bevent_category%3Dpackages_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fsearch.packageintransit.com%2F%3Fsource%3Dgoogledisplay-googledisplay-v1%26uid%3Dec867440-9c7f-4744-8208-dbb881ecd5c3%26uc%3D20180122%26ap%3Dappfocus1%26i_id%3Dpackages__1.30&tiba=Package%20In%20Transit&auid=1280927420.1663208496&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 02:21:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1154
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 15-Sep-2022 02:36:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0dfd060e0fb8dec42e8f52f8db247b61
d6f33b6390aa9a4b34375d58009977926bc1fff3
17e3d9698e2cd4caf0cbf66b71393b473300fb9a8a4b6f7b97f421e93d54ec44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a8b2bb270d78a6dddeb5b7fa01bd896c
eee28c4dd10c090f100c6ed383392b67d9fb9200
5c929c1a5e85ed508916eda62cccedb3ef1a5f407468596fa2726c476e2a9340
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a8b2bb270d78a6dddeb5b7fa01bd896c
eee28c4dd10c090f100c6ed383392b67d9fb9200
5c929c1a5e85ed508916eda62cccedb3ef1a5f407468596fa2726c476e2a9340
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/713545727/?random=1663208497449&cv=9&fst=1663207200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsearch.packageintransit.com%2F%3Fsource%3Dgoogledisplay-googledisplay-v1%26uid%3Dec867440-9c7f-4744-8208-dbb881ecd5c3%26uc%3D20180122%26ap%3Dappfocus1%26i_id%3Dpackages__1.30&tiba=Package%20In%20Transit&async=1&fmt=3&is_vtc=1&random=2263755263&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/713545727/?random=1663208497449&cv=9&fst=1663207200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsearch.packageintransit.com%2F%3Fsource%3Dgoogledisplay-googledisplay-v1%26uid%3Dec867440-9c7f-4744-8208-dbb881ecd5c3%26uc%3D20180122%26ap%3Dappfocus1%26i_id%3Dpackages__1.30&tiba=Package%20In%20Transit&async=1&fmt=3&is_vtc=1&random=2263755263&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/713545727/?random=1663208497449&cv=9&fst=1663207200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsearch.packageintransit.com%2F%3Fsource%3Dgoogledisplay-googledisplay-v1%26uid%3Dec867440-9c7f-4744-8208-dbb881ecd5c3%26uc%3D20180122%26ap%3Dappfocus1%26i_id%3Dpackages__1.30&tiba=Package%20In%20Transit&async=1&fmt=3&is_vtc=1&random=2263755263&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 02:21:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/713545727/?random=1663208497451&cv=9&fst=1663207200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&data=event%3DHomepageView%3Bevent_category%3Dpackages_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fsearch.packageintransit.com%2F%3Fsource%3Dgoogledisplay-googledisplay-v1%26uid%3Dec867440-9c7f-4744-8208-dbb881ecd5c3%26uc%3D20180122%26ap%3Dappfocus1%26i_id%3Dpackages__1.30&tiba=Package%20In%20Transit&async=1&fmt=3&is_vtc=1&random=2072006801&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/713545727/?random=1663208497451&cv=9&fst=1663207200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&data=event%3DHomepageView%3Bevent_category%3Dpackages_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fsearch.packageintransit.com%2F%3Fsource%3Dgoogledisplay-googledisplay-v1%26uid%3Dec867440-9c7f-4744-8208-dbb881ecd5c3%26uc%3D20180122%26ap%3Dappfocus1%26i_id%3Dpackages__1.30&tiba=Package%20In%20Transit&async=1&fmt=3&is_vtc=1&random=2072006801&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/713545727/?random=1663208497451&cv=9&fst=1663207200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&data=event%3DHomepageView%3Bevent_category%3Dpackages_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fsearch.packageintransit.com%2F%3Fsource%3Dgoogledisplay-googledisplay-v1%26uid%3Dec867440-9c7f-4744-8208-dbb881ecd5c3%26uc%3D20180122%26ap%3Dappfocus1%26i_id%3Dpackages__1.30&tiba=Package%20In%20Transit&async=1&fmt=3&is_vtc=1&random=2072006801&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 02:21:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 20620ba615dba1de34528390492c3f53
2ca43d3a828682e10eb7638972b79b7136395e2b
12cf30cf1de58b4bab8af4a5d159b42909c554ae7b34e6f7361d9a49f1e861b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 20620ba615dba1de34528390492c3f53
2ca43d3a828682e10eb7638972b79b7136395e2b
12cf30cf1de58b4bab8af4a5d159b42909c554ae7b34e6f7361d9a49f1e861b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-178002442-1&cid=1401054223.1663208497&jid=906763125&gjid=742463603&_gid=1727422408.1663208497&_u=YEBAAUAAAAAAAC~&z=942433084
142.251.1.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-178002442-1&cid=1401054223.1663208497&jid=906763125&gjid=742463603&_gid=1727422408.1663208497&_u=YEBAAUAAAAAAAC~&z=942433084
IP 142.251.1.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-178002442-1&cid=1401054223.1663208497&jid=906763125&gjid=742463603&_gid=1727422408.1663208497&_u=YEBAAUAAAAAAAC~&z=942433084 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://search.packageintransit.com
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://search.packageintransit.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 15 Sep 2022 02:21:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2890
Expires: Thu, 15 Sep 2022 03:10:02 GMT
Date: Thu, 15 Sep 2022 02:21:52 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a8b2bb270d78a6dddeb5b7fa01bd896c
eee28c4dd10c090f100c6ed383392b67d9fb9200
5c929c1a5e85ed508916eda62cccedb3ef1a5f407468596fa2726c476e2a9340
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-219278292-1&cid=1401054223.1663208497&jid=2076600265&gjid=578910780&_gid=1727422408.1663208497&_u=YEDAAUABAAAAAC~&z=202303529
142.251.1.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-219278292-1&cid=1401054223.1663208497&jid=2076600265&gjid=578910780&_gid=1727422408.1663208497&_u=YEDAAUABAAAAAC~&z=202303529
IP 142.251.1.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-219278292-1&cid=1401054223.1663208497&jid=2076600265&gjid=578910780&_gid=1727422408.1663208497&_u=YEDAAUABAAAAAC~&z=202303529 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://search.packageintransit.com
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://search.packageintransit.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 15 Sep 2022 02:21:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23be7b6b-8af6-4f83-8a2c-cfb481baaef6.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23be7b6b-8af6-4f83-8a2c-cfb481baaef6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b6dfabfbe5fb24dbe15d225cacc627b
907c4dabb99daa7455e914ec0827a60d3b72e02b
d76ae283244a80a38978097e1cfd0ebddf9d41027580f2ff61c91197ad06169e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23be7b6b-8af6-4f83-8a2c-cfb481baaef6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9453
x-amzn-requestid: dbc6f29e-1773-4105-bcb1-df05955f5328
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeB2MEAyoAMF50A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632249c1-05576c9111ddd85671a7a4fb;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dBrQdNkd8l70PkuHhk5qUIcjwdIraqV85XGWIVZea7C0e-wHGX2FPw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:43:56 GMT
age: 16676
etag: "907c4dabb99daa7455e914ec0827a60d3b72e02b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaa65c72-7c91-4c77-a8d5-ff1616735614.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaa65c72-7c91-4c77-a8d5-ff1616735614.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d3507225fbae159e0d4225dc60769af
2220cf9725452aa89070063038064596b03bb808
b19d7250778b93eed58347332f0fa8c2e4c8ca7a2b30e9d605d39d51e981255e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaa65c72-7c91-4c77-a8d5-ff1616735614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4527
x-amzn-requestid: a3fb26b2-9090-483d-9f41-ca3032b51262
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIQp3G_6oAMF5Jg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631994a5-300b56f13864ff1b16b85eb8;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:07:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: d33zVonEQST3V4997c3mKpqhIVtXgAMVzxbFArOQvC12sCGFrTAl8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:44:04 GMT
age: 16668
etag: "2220cf9725452aa89070063038064596b03bb808"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b68b0a4-3ef2-47f6-b961-eb36f3ed8dc8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b68b0a4-3ef2-47f6-b961-eb36f3ed8dc8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c3e495b1e7dfdfbbe17f2bb41a038e9
765d006daafb904930cf3484390b2876c2c590e8
585756b5f5c9b3244857e18a8f162fa25a710e13eb8266d875dc9f8027a484cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b68b0a4-3ef2-47f6-b961-eb36f3ed8dc8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9989
x-amzn-requestid: cc1e89bd-1c2f-481a-9c1c-1e2b6cf80c06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeCtXH17IAMFcUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63224b22-30b865e433057f777b50ee6c;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 21:44:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 58XTHJUTrSKW6UMag3AbKofbghfWXQuPY37RAovTVjwbz8U14A6jBg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:44:02 GMT
etag: "765d006daafb904930cf3484390b2876c2c590e8"
content-type: image/jpeg
age: 16670
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0aaeda5f-a801-4123-8eb5-ef7c9f767cb0.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0aaeda5f-a801-4123-8eb5-ef7c9f767cb0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4e925baad304b4072102d4932a8ba8f
96b1ca12a174eaacc46ec491321b5afc00811862
5767316b98c7721ae1ea18acb94f0361f3143a8e6180aba337b164c171df581f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0aaeda5f-a801-4123-8eb5-ef7c9f767cb0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8566
x-amzn-requestid: 1e0599ae-bce4-4cc4-9fdb-8a562f5517f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YVORXHwEoAMFvxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ec408-2fc800002be4435f73cc0ad0;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 05:30:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eAq7bP7jQB7UhUxTuzE_sFQaWT41BijzF55AylRUSCAKDDELuL4vEA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:17 GMT
age: 21635
etag: "96b1ca12a174eaacc46ec491321b5afc00811862"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F657cccbe-0328-47ca-9cb6-848236500e87.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F657cccbe-0328-47ca-9cb6-848236500e87.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 892e3a49b60f2ce79b26cb31cc3a2b5b
43b1f37e0a1893cdedec3bcb40ebb92155fa8ec2
bbb6eb180ce75debb068d66e77f97741af530039b2008e726b0daf69d0207fd3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F657cccbe-0328-47ca-9cb6-848236500e87.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4058
x-amzn-requestid: 6fb11d89-afcb-4dd5-8212-7eb9287abff8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeB7aGTgIAMF8Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632249e2-281221601c4edaa4105d5ba1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: psAfwga-3NPvY3OXVMFiHO4gyHzZAaUe-i_f2w-KGkemxnM6LB8fag==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:39:20 GMT
age: 16952
etag: "43b1f37e0a1893cdedec3bcb40ebb92155fa8ec2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5392f754-e2f9-4a41-bd41-e281b109c83d.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5392f754-e2f9-4a41-bd41-e281b109c83d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6fcd0641757ecb9061e0272fc9377b8a
96afd6daa0d13f8a05ceb77880f967d539f37702
8af5e3c3e524a5e3661e50a36403a5cc6c95521e77984ce954ceefd5a542abfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5392f754-e2f9-4a41-bd41-e281b109c83d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5097
x-amzn-requestid: 7d0072f1-0832-4b01-9f5a-081c7d193420
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YaGbEGDiIAMFqGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320b779-2ee57a3e5641f70c00116156;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 17:01:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5TMIu7RzFcpyWKH_HSAd4LDal3PFMAa37n0SVEVDFGyz5RJeqJq5Rw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:43:12 GMT
age: 16720
etag: "96afd6daa0d13f8a05ceb77880f967d539f37702"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 20620ba615dba1de34528390492c3f53
2ca43d3a828682e10eb7638972b79b7136395e2b
12cf30cf1de58b4bab8af4a5d159b42909c554ae7b34e6f7361d9a49f1e861b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 02:21:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=332720671379986&ev=PageView&dl=https%3A%2F%2Fsearch.packageintransit.com%2F%3Fsource%3Dgoogledisplay-googledisplay-v1%26uid%3Dec867440-9c7f-4744-8208-dbb881ecd5c3%26uc%3D20180122%26ap%3Dappfocus1%26i_id%3Dpackages__1.30&rl=&if=false&ts=1663208497872&sw=1280&sh=1024&v=2.9.81&r=stable&ec=0&o=30&fbp=fb.1.1663208497872.1302551327&it=1663208497422&coo=false&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=332720671379986&ev=PageView&dl=https%3A%2F%2Fsearch.packageintransit.com%2F%3Fsource%3Dgoogledisplay-googledisplay-v1%26uid%3Dec867440-9c7f-4744-8208-dbb881ecd5c3%26uc%3D20180122%26ap%3Dappfocus1%26i_id%3Dpackages__1.30&rl=&if=false&ts=1663208497872&sw=1280&sh=1024&v=2.9.81&r=stable&ec=0&o=30&fbp=fb.1.1663208497872.1302551327&it=1663208497422&coo=false&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=332720671379986&ev=PageView&dl=https%3A%2F%2Fsearch.packageintransit.com%2F%3Fsource%3Dgoogledisplay-googledisplay-v1%26uid%3Dec867440-9c7f-4744-8208-dbb881ecd5c3%26uc%3D20180122%26ap%3Dappfocus1%26i_id%3Dpackages__1.30&rl=&if=false&ts=1663208497872&sw=1280&sh=1024&v=2.9.81&r=stable&ec=0&o=30&fbp=fb.1.1663208497872.1302551327&it=1663208497422&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.packageintransit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Thu, 15 Sep 2022 02:21:52 GMT
expires: Thu, 15 Sep 2022 02:21:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2