Report - nam10.safelinks.protection.outlook.com/?url=http%3A%2F%2Fvk.com%2Faway.php%3Fto%3Dhttp%253A%252F%252F0353.comeholidayinlangebaan.co.za%2Ftmorgan%2Ftmorgan%40eglinfcu.org%2F%252FVerizon%26txid%3DB20200331_988170657%26lid%3D18207%26tid%3D121811%26vno%3D5%26ltid%3D498307&data=05%7C01%7Ctmorgan%40eglinfcu.org%7C3af9bdf646664e0a4d5f08db2ecbdf89%7C88317d8a720345ecae4dc5b4b7998fcb%7C0%7C0%7C638155225385549279%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ZKkBluhjZHB042CGNzQOFkmze7Qv%2BQUvMWhMHAjwRl8%3D&reserved=0

Report Overview

Submitted URL
nam10.safelinks.protection.outlook.com/?url=http%3A%2F%2Fvk.com%2Faway.php%3Fto%3Dhttp%253A%252F%252F0353.comeholidayinlangebaan.co.za%2Ftmorgan%2Ftmorgan%40eglinfcu.org%2F%252FVerizon%26txid%3DB20200331_988170657%26lid%3D18207%26tid%3D121811%26vno%3D5%26ltid%3D498307&data=05%7C01%7Ctmorgan%40eglinfcu.org%7C3af9bdf646664e0a4d5f08db2ecbdf89%7C88317d8a720345ecae4dc5b4b7998fcb%7C0%7C0%7C638155225385549279%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ZKkBluhjZHB042CGNzQOFkmze7Qv%2BQUvMWhMHAjwRl8%3D&reserved=0
IP
104.47.70.28
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2023-03-27 14:46:41
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
5
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-29T05:20:49Z	367 B	1.9 kB	104.18.20.226
away.vk.com	92855	2017-04-11T13:32:47Z	2023-03-29T06:39:09Z	666 B	6.3 kB	87.240.137.164
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-29T07:56:22Z	1.4 kB	52 kB	188.114.98.234
0353.comeholidayinlangebaan.co.za	unknown			875 B	25 kB	196.41.123.211
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	54 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	3.0 kB	8.0 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
nam10.safelinks.protection.outlook.com	14138	2019-08-15T01:50:52Z	2023-03-29T13:31:28Z	1.0 kB	1.0 kB	104.47.70.28
www.google.com	7	2015-05-10T13:11:19Z	2023-03-29T05:55:56Z	389 B	1.1 kB	142.250.74.164
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-29T09:13:03Z	475 B	167 kB	142.250.74.67
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-29T10:13:53Z	407 B	630 B	172.217.21.170
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	54.185.236.64
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-29T10:10:07Z	408 B	32 kB	142.250.74.170
vk.com	2243	2012-05-21T17:01:19Z	2023-03-29T05:11:07Z	1.8 kB	8.9 kB	87.240.129.133
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	2.1 kB	4.2 kB	142.250.74.131
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-29T11:19:48Z	988 B	30 kB	142.250.74.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-27 14:46:48	medium	Client IP	Internal IP	ET INFO URL Shortening Service Domain in DNS Lookup (vk .com)
2023-03-27 14:46:48	medium	Client IP	Internal IP	ET INFO URL Shortening Service Domain in DNS Lookup (vk .com)
2023-03-27 14:46:49	medium	Client IP	Internal IP	ET INFO URL Shortening Service Domain in DNS Lookup (vk .com)
2023-03-27 14:46:49	medium	Client IP	87.240.132.78	ET INFO Observed URL Shortening Service Domain (vk .com in TLS SNI)
2023-03-27 14:46:50	medium	Client IP	Internal IP	ET INFO URL Shortening Service Domain in DNS Lookup (vk .com)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	0353.comeholidayinlangebaan.co.za/tmorgan/tmorgan@eglinfcu.org/Verizon	3.4 kB	2023-03-14	2024-03-25
Pretty URL 0353.comeholidayinlangebaan.co.za/tmorgan/tmorgan@eglinfcu.org/Verizon IP 196.41.123.211 ASN #36874 Cybersmart Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:48:10 Last Seen2024-03-25 23:10:26 Times Seen3352 Hash 93842d8ccecb5cb2413b7cab4d69e594 c82909e23340da88c2b403da94346db7f01a37d8 f89725924204897075defbe3037b53670714efce8a06340876fd65ba8e52b98d Loading...

	www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js	415 kB	2023-03-29	2023-09-29
Pretty URL www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js IP 142.250.74.67 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:35:31 Last Seen2023-09-29 03:14:46 Times Seen3321 Hash 733e4a30889fa7c9947958423e21e810 16a2cced6035295476141f8ac1cd928114cafebf 7d2c1727a32a92776f9a3078abb845bbeb77e6603c40a318f12ea1e1b5a040d7 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwghwUAAAAAAYrFATHtss0Xe_bC7I6OWE_ayK4&co=aHR0cDovLzAzNTMuY29tZWhvbGlkYXlpbmxhbmdlYmFhbi5jby56YTo4MA..&hl=en&v=vpEprwpCoBMgy-fvZET0Mz6L&size=normal&cb=6ipm2zksyb4k	69 B	2023-03-07	2024-05-10
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwghwUAAAAAAYrFATHtss0Xe_bC7I6OWE_ayK4&co=aHR0cDovLzAzNTMuY29tZWhvbGlkYXlpbmxhbmdlYmFhbi5jby56YTo4MA..&hl=en&v=vpEprwpCoBMgy-fvZET0Mz6L&size=normal&cb=6ipm2zksyb4k IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-05-10 16:54:55 Times Seen101409 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwghwUAAAAAAYrFATHtss0Xe_bC7I6OWE_ayK4&co=aHR0cDovLzAzNTMuY29tZWhvbGlkYXlpbmxhbmdlYmFhbi5jby56YTo4MA..&hl=en&v=vpEprwpCoBMgy-fvZET0Mz6L&size=normal&cb=6ipm2zksyb4k	41 kB	2023-03-29	2023-03-29
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwghwUAAAAAAYrFATHtss0Xe_bC7I6OWE_ayK4&co=aHR0cDovLzAzNTMuY29tZWhvbGlkYXlpbmxhbmdlYmFhbi5jby56YTo4MA..&hl=en&v=vpEprwpCoBMgy-fvZET0Mz6L&size=normal&cb=6ipm2zksyb4k IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:21:42 Last Seen2023-03-29 23:21:42 Times Seen1 Hash 2357b935e68d6d0edc76a1b700516a94 09fd16134d06dc2a061e7f25589b2c8004a05850 abc629218f699019717e5fb9f5019509662de6a9358d248c87eba4b4d2d013e5 Loading...

	away.vk.com/away.php	83 B	2023-03-07	2023-04-05
Pretty URL away.vk.com/away.php IP 87.240.137.164 ASN #47541 VKontakte Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:35 Last Seen2023-04-05 02:09:41 Times Seen259 Hash 9bfeb62d74744ec83551eadacc880036 56e52c7dce481724aba1f825d50d5ab0911e0475 d913cbd6e4a5b35b9c51fcbbbdaa53a161e9873ee538c269a83c4a957481db5f Loading...

	maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js	37 kB	2023-03-07	2024-05-10
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js IP 188.114.98.234 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-05-10 16:47:05 Times Seen55701 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js	90 kB	2023-03-10	2024-05-10
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:24:46 Last Seen2024-05-10 15:52:22 Times Seen17734 Hash cf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575 Loading...

	0353.comeholidayinlangebaan.co.za/tmorgan/tmorgan@eglinfcu.org/Verizon	2.6 kB	2023-03-14	2024-03-25
Pretty URL 0353.comeholidayinlangebaan.co.za/tmorgan/tmorgan@eglinfcu.org/Verizon IP 196.41.123.211 ASN #36874 Cybersmart Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:48:10 Last Seen2024-03-25 23:10:26 Times Seen3362 Hash 877cc499921cdf34e460798b9d2623fa ccce776ffcf8b11627837019e5dc2b5d505f1863 37eb177b9564039f133350cc57f463fcd10440a937fdd6d3bd3fea5e0623a7c1 Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=vpEprwpCoBMgy-fvZET0Mz6L&k=6LfwghwUAAAAAAYrFATHtss0Xe_bC7I6OWE_ayK4	181 B	2023-03-14	2023-03-29
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=vpEprwpCoBMgy-fvZET0Mz6L&k=6LfwghwUAAAAAAYrFATHtss0Xe_bC7I6OWE_ayK4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 00:01:08 Last Seen2023-03-29 23:35:47 Times Seen380 Hash d9a30d376026d876ff53aad25f64824f d030ce6a11511c7bcee7ed0cf1f1c98ed837b81c 6ac8e23e75eb8ded48ed754b5f22da22d540172ffb9baf7cd94ff459fe51e913 Loading...

	www.google.com/recaptcha/api.js?hl=en	850 B	2023-03-29	2023-04-01
Pretty URL www.google.com/recaptcha/api.js?hl=en IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:35:56 Last Seen2023-04-01 11:10:22 Times Seen1487 Hash 65f4b0da387ca3fa48d1efb14c9cd385 8a48751f76ea657b8b1c192f07ec5d9624352673 a22e425317dd9d6bb2bcc724ec7179d54c747165c9143505d7a129ad7a549da7 Loading...

		Size	First Seen	Last Seen
	#1 Eval - be125104d4312167c487794d7cbc43fc	16 kB	2023-03-29	2023-04-03
Pretty Observations First Seen2023-03-29 22:07:07 Last Seen2023-04-03 23:55:03 Times Seen1120 Hash be125104d4312167c487794d7cbc43fc 67c2c378cecd18e4687886b2df2c1a83f1c0e046 c52e8eeb3f4cc2adcf9979cd0eed3a2f5d46d1640c49962a39e655e19dec4faa Loading...

	#2 Eval - 94d163cabb6d26e102610d92ced9f602	22 B	2023-03-29	2023-04-03
Pretty Observations First Seen2023-03-29 22:07:07 Last Seen2023-04-03 23:55:03 Times Seen1120 Hash 94d163cabb6d26e102610d92ced9f602 e3802f9c1976352f92a635945673d74d8b30d71d ed52a3db6a44bfd9b4f9d5b869cec5c3ab259aecb2d7634967d036ef5146654c Loading...

	#3 Eval - 3f4484e0df74c408e90f7edf9b6d40fe	22 kB	2023-03-29	2023-03-29
Pretty Observations First Seen2023-03-29 23:21:42 Last Seen2023-03-29 23:21:42 Times Seen1 Hash 3f4484e0df74c408e90f7edf9b6d40fe a6858416c30dff3ebb9882fc68cd8cb4a93819ff 4735792300b65eef34c5f80c7703c739d1ad8c77f3709f70ba3595260a022fd4 Loading...

	#4 Eval - 52324a770384a51cee01d312a0967836	22 B	2023-03-29	2023-04-03
Pretty Observations First Seen2023-03-29 22:07:07 Last Seen2023-04-03 23:55:03 Times Seen1119 Hash 52324a770384a51cee01d312a0967836 4299c2e1a4eed09a7e1909e3a5963f82c108d852 61030fdcaac6b12bc0dc224160114651add4403b1f8ae11acd5078157e62ca8d Loading...

	#5 Eval - 3e9b406e9bb277e07cf5dd90b6163f50	62 B	2023-03-29	2023-04-03
Pretty Observations First Seen2023-03-29 22:07:07 Last Seen2023-04-03 23:55:03 Times Seen1120 Hash 3e9b406e9bb277e07cf5dd90b6163f50 2e61b5402a759ffbfbe8c159c0ee5ee8d29b0421 a8e5a9e89dd2059b0ae5b141b769125ee2581cb7c3a0aa69b384a96c04b6b5e4 Loading...

HTTP Transactions (44)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c83d39f350161ed2f5d20dcd68e47c92 2695a888e652cb314f8094cc6073c3364336d272 62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC" Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20534 Expires: Mon, 27 Mar 2023 20:28:44 GMT Date: Mon, 27 Mar 2023 14:46:30 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5d9435c884bf4a0777fdf4b57079ae09 7f04b9db47ffeec90ac6397416b7553e5336a550 fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084" Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5950 Expires: Mon, 27 Mar 2023 16:25:40 GMT Date: Mon, 27 Mar 2023 14:46:30 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 4ad6984a756720fbfff47b37a75513a2 355e35258114452af8b9638985ed9d8ef3bf0aca 43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 27 Mar 2023 14:27:57 GMT content-type: application/json age: 1113 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5ad3eec59bebbf969f175627757507c1 b176af3a70db378c9e1f219bab24d9d446070d6f 704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E" Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15126 Expires: Mon, 27 Mar 2023 18:58:36 GMT Date: Mon, 27 Mar 2023 14:46:30 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: Z+1/xvCI794wzGtcRHxxilGh/tc2WNYWXhwN1BtqbbgrvvC1dnP3To57NIqr+uXEeFpwBUHwYTs= x-amz-request-id: JJ87V70TSXVB2QRV x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 27 Mar 2023 13:55:48 GMT age: 3042 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 14:46:30 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 27 Mar 2023 14:14:35 GMT age: 1915 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	nam10.safelinks.protection.outlook.com/?url=http%3A%2F%2Fvk.com%2Faway.php%3Fto%3Dhttp%253A%252F%252F0353.comeholidayinlangebaan.co.za%2Ftmorgan%2Ftmorgan%40eglinfcu.org%2F%252FVerizon%26txid%3DB20200331_988170657%26lid%3D18207%26tid%3D121811%26vno%3D5%26ltid%3D498307&data=05%7C01%7Ctmorgan%40eglinfcu.org%7C3af9bdf646664e0a4d5f08db2ecbdf89%7C88317d8a720345ecae4dc5b4b7998fcb%7C0%7C0%7C638155225385549279%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ZKkBluhjZHB042CGNzQOFkmze7Qv%2BQUvMWhMHAjwRl8%3D&reserved=0	104.47.70.28	302 Found	313 B
URL HTTP/1.1 nam10.safelinks.protection.outlook.com/?url=http%3A%2F%2Fvk.com%2Faway.php%3Fto%3Dhttp%253A%252F%252F0353.comeholidayinlangebaan.co.za%2Ftmorgan%2Ftmorgan%40eglinfcu.org%2F%252FVerizon%26txid%3DB20200331_988170657%26lid%3D18207%26tid%3D121811%26vno%3D5%26ltid%3D498307&data=05%7C01%7Ctmorgan%40eglinfcu.org%7C3af9bdf646664e0a4d5f08db2ecbdf89%7C88317d8a720345ecae4dc5b4b7998fcb%7C0%7C0%7C638155225385549279%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ZKkBluhjZHB042CGNzQOFkmze7Qv%2BQUvMWhMHAjwRl8%3D&reserved=0 IP 104.47.70.28:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 313 B (313 bytes) Hash 85669a57bfc5b3a53c3f60380ef01d5e bc035fcc41810421c90e2c3bfb8c19ce68e60108 b71012a39a32221254e1002296490427250b6c781d44065031bddfc9d4f4a144 HTTP Headers GET /?url=http%3A%2F%2Fvk.com%2Faway.php%3Fto%3Dhttp%253A%252F%252F0353.comeholidayinlangebaan.co.za%2Ftmorgan%2Ftmorgan%40eglinfcu.org%2F%252FVerizon%26txid%3DB20200331_988170657%26lid%3D18207%26tid%3D121811%26vno%3D5%26ltid%3D498307&data=05%7C01%7Ctmorgan%40eglinfcu.org%7C3af9bdf646664e0a4d5f08db2ecbdf89%7C88317d8a720345ecae4dc5b4b7998fcb%7C0%7C0%7C638155225385549279%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ZKkBluhjZHB042CGNzQOFkmze7Qv%2BQUvMWhMHAjwRl8%3D&reserved=0 HTTP/1.1 Host: nam10.safelinks.protection.outlook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/1.1 302 Found Cache-Control: private Content-Type: text/html; charset=utf-8 Location: http://vk.com/away.php?to=http%3A%2F%2F0353.comeholidayinlangebaan.co.za/tmorgan/tmorgan@eglinfcu.org/%2FVerizon&txid=B20200331_988170657&lid=18207&tid=121811&vno=5&ltid=498307 Server: Microsoft-IIS/10.0 X-AspNetMvc-Version: 4.0 X-SL-GetUrlReputation-Verdict: Good X-Robots-Tag: noindex, nofollow X-AspNet-Version: 4.0.30319 X-ServerName: BN7NAM10WS050 X-ServerVersion: 15.20.6222.021 X-ServerLat: 296 X-SafeLinks-Tracking-Id: d6760026-1b99-4928-c139-08db2ed20d39 X-Powered-By: ASP.NET X-Content-Type-Options: nosniff X-UA-Compatible: IE=Edge Date: Mon, 27 Mar 2023 14:46:29 GMT Connection: close Content-Length: 313

	vk.com/away.php?to=http%3A%2F%2F0353.comeholidayinlangebaan.co.za/tmorgan/tmorgan@eglinfcu.org/%2FVerizon&txid=B20200331_988170657&lid=18207&tid=121811&vno=5&ltid=498307	87.240.129.133	301 Moved Permanently	164 B
URL HTTP/1.1 vk.com/away.php?to=http%3A%2F%2F0353.comeholidayinlangebaan.co.za/tmorgan/tmorgan@eglinfcu.org/%2FVerizon&txid=B20200331_988170657&lid=18207&tid=121811&vno=5&ltid=498307 IP 87.240.129.133:0 ASN #47541 VKontakte Ltd File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 164 B (164 bytes) Hash 6d359f551ba4cb27d59e94a6cddaec09 d230318bd921ad8167c2eb9dfdc7b1d7d2c7373f 9ecd8531025e89f5e1ca23d81203a9feddbd5b4b75ca79c9868cb53762293bc8 HTTP Headers `GET /away.php?to=http%3A%2F%2F0353.comeholidayinlangebaan.co.za/tmorgan/tmorgan@eglinfcu.org/%2FVerizon&txid=B20200331_988170657&lid=18207&tid=121811&vno=5&ltid=498307 HTTP/1.1 Host: vk.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Server: kittenx Date: Mon, 27 Mar 2023 14:46:30 GMT Content-Type: text/html Content-Length: 164 Connection: keep-alive Location: https://vk.com/away.php?to=http%3A%2F%2F0353.comeholidayinlangebaan.co.za/tmorgan/tmorgan@eglinfcu.org/%2FVerizon&txid=B20200331_988170657&lid=18207&tid=121811&vno=5&ltid=498307 X-Frontend: front609304 Access-Control-Expose-Headers: X-Frontend`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash da5340ee69a1000f751686df9e716663 a5da880a61ed119790a7990bbdcc0c97eecf04f2 d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560" Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4525 Expires: Mon, 27 Mar 2023 16:01:55 GMT Date: Mon, 27 Mar 2023 14:46:30 GMT Connection: keep-alive`

	ocsp2.globalsign.com/gsorganizationvalsha2g2	104.18.20.226	200 OK	1.5 kB
URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2 IP 104.18.20.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1459 bytes) Hash b18a63c58b73b73fec2aa84551161220 451b5130eacbd726c4313d487075ea52e695bca0 ee3f1d7bb048f4e96ea0d38f5a9b8b1c1222c49d449896266c5875fcc6bef18f HTTP Headers `POST /gsorganizationvalsha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 14:46:30 GMT Content-Type: application/ocsp-response Content-Length: 1459 Connection: keep-alive Expires: Fri, 31 Mar 2023 13:31:28 GMT ETag: "451b5130eacbd726c4313d487075ea52e695bca0" Last-Modified: Mon, 27 Mar 2023 13:31:29 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 1456 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7ae86c5b0f8f0afa-OSL`

	vk.com/away.php?to=http%3A%2F%2F0353.comeholidayinlangebaan.co.za/tmorgan/tmorgan@eglinfcu.org/%2FVerizon&txid=B20200331_988170657&lid=18207&tid=121811&vno=5&ltid=498307	87.240.132.78	302 Found	20 B
URL HTTP/2 vk.com/away.php?to=http%3A%2F%2F0353.comeholidayinlangebaan.co.za/tmorgan/tmorgan@eglinfcu.org/%2FVerizon&txid=B20200331_988170657&lid=18207&tid=121811&vno=5&ltid=498307 IP 87.240.132.78:0 ASN #47541 VKontakte Ltd File type data Size 20 B (20 bytes) Hash 7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2 HTTP Headers GET /away.php?to=http%3A%2F%2F0353.comeholidayinlangebaan.co.za/tmorgan/tmorgan@eglinfcu.org/%2FVerizon&txid=B20200331_988170657&lid=18207&tid=121811&vno=5&ltid=498307 HTTP/1.1 Host: vk.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: remixlang=3; remixstlid=9094834447948698373_bj1NokZULNkDAnup3gCjGiqDhzuDWjJJL5uZ9IX82Io Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found server: kittenx date: Mon, 27 Mar 2023 14:46:30 GMT content-type: text/html; charset=windows-1251 content-length: 20 location: http://away.vk.com/away.php x-powered-by: KPHP/7.4.113551 set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly remixsec_redir=http%3A%2F%2F0353.comeholidayinlangebaan.co.za%2Ftmorgan%2Ftmorgan%40eglinfcu.org%2FVerizon; path=/; domain=.vk.com remixua=-1%7C-1%7C311%7C2535195511; expires=Sat, 30 Mar 2024 13:57:08 GMT; path=/; domain=.vk.com; secure cache-control: no-store x-frame-options: DENY content-encoding: gzip x-frontend: front225207 strict-transport-security: max-age=15768000 access-control-expose-headers: X-Frontend X-Firefox-Spdy: h2

	away.vk.com/away.php	87.240.137.164	200 OK	303 B
URL HTTP/1.1 away.vk.com/away.php IP 87.240.137.164:0 ASN #47541 VKontakte Ltd File type HTML document, ASCII text, with very long lines (578), with no line terminators Size 303 B (303 bytes) Hash 2515778c99b90fed8f8bb4ffb00d82e7 2a931ab26f2abbf906b83f04bfd618a636a54f4c 888e795f68fc09bb7c5b54e5c0943f41161b70b62f8afddcd87ef38d9a6a3c93 HTTP Headers `GET /away.php HTTP/1.1 Host: away.vk.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 200 OK Server: kittenx Date: Mon, 27 Mar 2023 14:46:31 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 303 Connection: keep-alive X-Powered-By: KPHP/7.4.113551 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly remixlang=3; expires=Mon, 01 Apr 2024 15:23:48 GMT; path=/; domain=.vk.com remixstlid=9082308813224446304_WTxeJ0Coqmpi7fKZMafiqPcKmO1AcmYl9MSt6tqMvZz; expires=Tue, 26 Mar 2024 14:46:31 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Frame-Options: DENY Content-Encoding: gzip X-Frontend: front512004 Access-Control-Expose-Headers: X-Frontend

	push.services.mozilla.com/	54.185.236.64	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.185.236.64:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: vjMK6BbVrhg3/r+xNHvLJg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: yXAkFGvPsStYfmrUV8ytKCqbknU=`

	away.vk.com/favicon.ico	87.240.137.164	200 OK	4.9 kB
URL HTTP/1.1 away.vk.com/favicon.ico IP 87.240.137.164:0 ASN #47541 VKontakte Ltd File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data Size 4.9 kB (4944 bytes) Hash d41fa4f682279a0c77159080255b3b9e 7cdf65f129f33ddf76146c9fc0bb30bb80d25065 25dfe61842345c39cb13beeee5b921cfe1c16b5f774067416728f8046c56f925 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: away.vk.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://away.vk.com/ Connection: keep-alive Cookie: remixlang=3` `HTTP/1.1 200 OK Server: kittenx Date: Mon, 27 Mar 2023 14:46:31 GMT Content-Type: image/x-icon Content-Length: 4944 Last-Modified: Tue, 05 Apr 2022 13:13:01 GMT Connection: keep-alive ETag: "624c405d-1350" Expires: Mon, 03 Apr 2023 14:46:31 GMT Cache-Control: max-age=604800 X-Frontend: front512004 Access-Control-Expose-Headers: X-Frontend Accept-Ranges: bytes`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 338c42e4ccd475333da107485955b1cf 89223f304f86cb8c292a3acb7c640b5002b39690 333964f3284089e231f7cade16ba160392dd24eab8516c55588be6f513c7306d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 14:46:31 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	vk.com/dist/sw/sw.js	87.240.132.78	200 OK	7.2 kB
URL HTTP/2 vk.com/dist/sw/sw.js IP 87.240.132.78:0 ASN #47541 VKontakte Ltd File type Unicode text, UTF-8 (with BOM) text, with very long lines (22410), with no line terminators Size 7.2 kB (7224 bytes) Hash 8745e873e68903c06a7c3ce81ee5a96b 25fddafe2d0c2bdb29bfa63c29a05308b74c7495 bfa94ad6cb46f310b012e351304eedd94f42e3ef8ea25435a2dbdaa439d94cf3 HTTP Headers GET /dist/sw/sw.js HTTP/1.1 Host: vk.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Cookie: remixlang=3; remixstlid=9094834447948698373_bj1NokZULNkDAnup3gCjGiqDhzuDWjJJL5uZ9IX82Io; remixsec_redir=http%3A%2F%2F0353.comeholidayinlangebaan.co.za%2Ftmorgan%2Ftmorgan%40eglinfcu.org%2FVerizon; remixua=-1%7C-1%7C311%7C2535195511 Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: kittenx date: Mon, 27 Mar 2023 14:46:31 GMT content-type: application/x-javascript content-length: 7224 last-modified: Tue, 07 Mar 2023 08:26:01 GMT etag: "6406f519-1c38" content-encoding: br expires: Mon, 27 Mar 2023 14:46:30 GMT cache-control: no-cache service-worker-allowed: / X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ba50d379b2776214995c207b42c083a4 0f1b48c6d01ace326c49acf5bcac222f772e9f6a 6692886530b311f94ac3855df31c774feed6d5135dad4ac24921b6030fcbb8d4 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 14:46:31 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js	188.114.98.234	200 OK	11 kB
URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js IP 188.114.98.234:0 ASN #0 File type ASCII text, with very long lines (32033) Size 11 kB (10726 bytes) Hash ec559bcb36b0b9f1f8765119987995ec 73334d342e948485b5658df9e9b0ee2c084b206f 26bc08aae6deb74e02b154be7651f28752c8037592a680b283e38c537911bba7 HTTP Headers `GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://0353.comeholidayinlangebaan.co.za/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 27 Mar 2023 14:46:31 GMT content-type: application/javascript; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 last-modified: Mon, 25 Jan 2021 22:04:00 GMT cdn-cachedat: 12/13/2021 20:18:53 cdn-edgestorageid: 755 cdn-requestpullcode: 200 cdn-requestpullsuccess: True timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-proxyver: 1.02 cdn-requestid: 48135f30fbfcba704628453df5764d8f cdn-cache: HIT cf-cache-status: HIT age: 25377876 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 7ae86c60cd8f0b51-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	www.google.com/recaptcha/api.js?hl=en	142.250.74.164	200 OK	556 B
URL HTTP/2 www.google.com/recaptcha/api.js?hl=en IP 142.250.74.164:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (850), with no line terminators Size 556 B (556 bytes) Hash 96cdecb9778a09f65c6d23dff412fb67 c0364916c9d6a7eef2d01e5c9378e7d8acdb1faa 1a5b861d652f80c7ab9e4abb56eab3de9ccb5a019c2111888594aee405f1e45c HTTP Headers `GET /recaptcha/api.js?hl=en HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://0353.comeholidayinlangebaan.co.za/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK expires: Mon, 27 Mar 2023 14:46:31 GMT date: Mon, 27 Mar 2023 14:46:31 GMT cache-control: private, max-age=300 content-type: text/javascript; charset=UTF-8 cross-origin-resource-policy: cross-origin content-encoding: gzip x-content-type-options: nosniff x-frame-options: SAMEORIGIN content-security-policy: frame-ancestors 'self' x-xss-protection: 1; mode=block content-length: 556 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js	142.250.74.170	200 OK	31 kB
URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js IP 142.250.74.170:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (65447) Size 31 kB (31191 bytes) Hash 78bbd06ec7700aa993534241f71f8a84 84612409e963e5a98fd69d27ba53c24ddb4719c6 dfb26b6c54e0fb53df2ee2f0e907dd9a738862c7a0a8785da457172fbe9e94ae HTTP Headers `GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://0353.comeholidayinlangebaan.co.za/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 31191 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 08:59:31 GMT expires: Sat, 23 Mar 2024 08:59:31 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 last-modified: Wed, 11 Jan 2023 19:15:00 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding age: 280020 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 338c42e4ccd475333da107485955b1cf 89223f304f86cb8c292a3acb7c640b5002b39690 333964f3284089e231f7cade16ba160392dd24eab8516c55588be6f513c7306d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 14:46:31 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	0353.comeholidayinlangebaan.co.za/tmorgan/tmorgan@eglinfcu.org/Verizon	196.41.123.211	200 OK	20 kB
URL HTTP/1.1 0353.comeholidayinlangebaan.co.za/tmorgan/tmorgan@eglinfcu.org/Verizon IP 196.41.123.211:0 ASN #36874 Cybersmart File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (453) Size 20 kB (20452 bytes) Hash 14ef1e35418dee400f96d89f867714d6 874ff7e36b4387bf76da5d35c37a701655d8f5cc 7b01a3633d1ca7c4a314fde04adb1d83eed8503bab888feb141445ac75aa8d49 HTTP Headers `GET /tmorgan/tmorgan@eglinfcu.org/Verizon HTTP/1.1 Host: 0353.comeholidayinlangebaan.co.za User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://away.vk.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 14:46:31 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Set-Cookie: cl-bypass-cache=yes; Expires=Mon, 27-Mar-23 15:46:31 GMT; Domain=0353.comeholidayinlangebaan.co.za; Path=/; HttpOnly; SameSite=Lax Server: imunify360-webshield/1.18 Last-Modified: Monday, 27-Mar-2023 14:46:31 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Expires: Thu, 01 Jan 1970 00:00:01 GMT

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash aee967595d5b11fc508d102c6c93dd93 1b51ae5b5f9a4b7e3c51bb4307c9eacd4ea2a85e 3cbc3af47f5b1e142bb6cb5fed8154476b773f1b9a95623b5bb5ba94957ff309 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 14:46:31 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css	188.114.98.234	200 OK	21 kB
URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css IP 188.114.98.234:0 ASN #0 File type ASCII text, with very long lines (65371) Size 21 kB (20781 bytes) Hash b1dc53840033a64c5e4e3f82e4f53933 e9a6fc5e345c7c552d7769c6f769e509ffd16ce3 7b5f7d7b47fe47f2dac11c4f6997f6dddb286f7dc784fefbcd10439b9b2b31b5 HTTP Headers `GET /bootstrap/3.3.6/css/bootstrap.min.css HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://0353.comeholidayinlangebaan.co.za Connection: keep-alive Referer: http://0353.comeholidayinlangebaan.co.za/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 27 Mar 2023 14:46:31 GMT content-type: text/css; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: W/"2f624089c65f12185e79925bc5a7fc42" last-modified: Mon, 25 Jan 2021 22:03:59 GMT cdn-cachedat: 11/18/2022 06:18:39 cdn-proxyver: 1.03 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 755 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-requestid: 15ed60df06d91c489c48d1e7b01cc309 cdn-cache: HIT cf-cache-status: MISS strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 7ae86c60cd37b503-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 9f118fb224d6a3feb68bb7296958d8fe 7ccaa3d7e3b47dec93f7ddb398615bd71227b26e 2f70628100003ab47f5fb5622f8951ec8f4bad4b88cc3c083983a5c31356b429 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 14:46:31 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2	142.250.74.35	200 OK	13 kB
URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 IP 142.250.74.35:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 12860, version 1.0\012- data Size 13 kB (12860 bytes) Hash ab21c24efd75543e16e34807ebc6cdec eb2562f9729079333fbcbbe94868695669dd3301 88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265 HTTP Headers `GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://0353.comeholidayinlangebaan.co.za Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 12860 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 10:26:51 GMT expires: Sat, 23 Mar 2024 10:26:51 GMT cache-control: public, max-age=31536000 last-modified: Mon, 09 May 2022 18:27:55 GMT content-type: font/woff2 age: 274781 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	maxcdn.bootstrapcdn.com/bootstrap/3.3.6/fonts/glyphicons-halflings-regular.woff2	188.114.98.234	200 OK	18 kB
URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.6/fonts/glyphicons-halflings-regular.woff2 IP 188.114.98.234:0 ASN #0 File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data Size 18 kB (18028 bytes) Hash 448c34a56d699c29117adc64c43affeb ca35b697d99cae4d1b60f2d60fcd37771987eb07 fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c HTTP Headers GET /bootstrap/3.3.6/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://0353.comeholidayinlangebaan.co.za Connection: keep-alive Referer: https://maxcdn.bootstrapcdn.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK date: Mon, 27 Mar 2023 14:46:32 GMT content-type: font/woff2 content-length: 18028 cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: "448c34a56d699c29117adc64c43affeb" last-modified: Mon, 25 Jan 2021 22:03:59 GMT cdn-cachedat: 11/12/2022 05:25:13 cdn-proxyver: 1.03 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 1049 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-requestid: bd89b50cbc3a2e8711f3d9ae15607239 cdn-cache: HIT cf-cache-status: MISS accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 7ae86c61bf21b503-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 9f118fb224d6a3feb68bb7296958d8fe 7ccaa3d7e3b47dec93f7ddb398615bd71227b26e 2f70628100003ab47f5fb5622f8951ec8f4bad4b88cc3c083983a5c31356b429 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 14:46:32 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	0353.comeholidayinlangebaan.co.za/a9bc224bd710f56d27affffddc764239b58c3faa0/shield.png	196.41.123.211	200 OK	4.0 kB
URL HTTP/1.1 0353.comeholidayinlangebaan.co.za/a9bc224bd710f56d27affffddc764239b58c3faa0/shield.png IP 196.41.123.211:0 ASN #36874 Cybersmart File type PNG image data, 77 x 102, 8-bit/color RGBA, non-interlaced\012- data Size 4.0 kB (4027 bytes) Hash d0f069cdf1f4dbe8f4d18b59e7233518 8ac8e4e57ac34c847f9d39d7310b8d118ca4eb78 b880a7adab36893e23b41ddcccb9958f418cae31f296a4520a41faa89810f54d HTTP Headers `GET /a9bc224bd710f56d27affffddc764239b58c3faa0/shield.png HTTP/1.1 Host: 0353.comeholidayinlangebaan.co.za User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://0353.comeholidayinlangebaan.co.za/tmorgan/tmorgan@eglinfcu.org/Verizon Cookie: cl-bypass-cache=yes` `HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 14:46:32 GMT Content-Type: image/png Content-Length: 4027 Last-Modified: Mon, 20 Mar 2023 00:51:29 GMT Connection: close ETag: "6417ae11-fbb" Server: imunify360-webshield/1.18 Accept-Ranges: bytes`

	www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js	142.250.74.67	200 OK	166 kB
URL HTTP/2 www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js IP 142.250.74.67:0 ASN #15169 GOOGLE File type HTML document, ASCII text, with very long lines (597) Size 166 kB (166058 bytes) Hash 4043af37a3392a9db521ff9ab62d9608 83828688e7a2259ed2f77345851a16122383b422 ee076822f35390ee382cda71759a2eec8f4db2bc18e4e3acd586173c29dab321 HTTP Headers `GET /recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://0353.comeholidayinlangebaan.co.za Connection: keep-alive Referer: http://0353.comeholidayinlangebaan.co.za/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 166058 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 27 Mar 2023 11:09:56 GMT expires: Tue, 26 Mar 2024 11:09:56 GMT cache-control: public, max-age=31536000 last-modified: Mon, 20 Mar 2023 04:02:00 GMT content-type: text/javascript vary: Accept-Encoding age: 12996 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7317 Expires: Mon, 27 Mar 2023 16:48:29 GMT Date: Mon, 27 Mar 2023 14:46:32 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7317 Expires: Mon, 27 Mar 2023 16:48:29 GMT Date: Mon, 27 Mar 2023 14:46:32 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7317 Expires: Mon, 27 Mar 2023 16:48:29 GMT Date: Mon, 27 Mar 2023 14:46:32 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7317 Expires: Mon, 27 Mar 2023 16:48:29 GMT Date: Mon, 27 Mar 2023 14:46:32 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7317 Expires: Mon, 27 Mar 2023 16:48:29 GMT Date: Mon, 27 Mar 2023 14:46:32 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (12017 bytes) Hash e999a9d79efe60a30b2942c5f2940294 c3891c43b16521f66eb3a52d83694de2ddd39871 290ed1232883a4ec63ef42c30f40b819983c5544e35261d2d1e0d1e55d0c8b07 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 12017 x-amzn-requestid: 4f61a0c7-4b18-4289-b47c-eeeff93d873f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Ca6yQGNtoAMFsxw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64210b41-350e4e2425d9606e478872b5;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 03:19:29 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: TCzHm5qTtnAUDSmayc-LLFmDfV7o6PaaYYfVtN_w7cC3o66HCa3DEg== via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 03:34:08 GMT age: 40344 etag: "c3891c43b16521f66eb3a52d83694de2ddd39871" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg	34.120.237.76	200 OK	3.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.6 kB (3589 bytes) Hash 1ec08d4bd079a92161fc80f41281b5a9 bf61369962342cce85de8f48942b4b150fd2721e 8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3589 x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CW1uyE2joAMF50g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0 x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT x-amz-cf-pop: SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: pjRA439kqSg5daR_Zuvsf2l45R4oqv3AMWNiMCGQ_C5o2KA8kEd3TQ== via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Mar 2023 21:53:16 GMT age: 60796 etag: "bf61369962342cce85de8f48942b4b150fd2721e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg	34.120.237.76	200 OK	4.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.8 kB (4775 bytes) Hash 8cc79a830964d923d24a45f5ccc9939b 557cc4827414912c41319ad961c14cce71ed4a18 b3b1c73b34057cb6e41920f3d55213ad8c193076525767c051960ec26d17ca3c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4775 x-amzn-requestid: 28d0e56d-ed03-4686-bd49-34f193f1c65a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CK96KF9coAMFvMA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641aa9da-122cd32a6f23e8442a52464c;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 07:10:18 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: F03oSAwgUrcVqWUUt9uaapaCtWSDLrmDlz142D4DtYYctMpy5nA3qA== via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Mar 2023 16:38:20 GMT age: 79692 etag: "557cc4827414912c41319ad961c14cce71ed4a18" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10591 bytes) Hash 668a8a17a1bb77ea7db7fa23c9df9690 242108539ff8694a3c557d07b2b000e764a77f24 100952573dc9eeba889a77f4d148b646accb99f277035f0607b1c6918f93a358 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10591 x-amzn-requestid: a55b3a74-b9f1-424b-8d53-3f49db443698 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CaIOwFW-oAMFgUA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6420ba5e-6c3e550d1a899e80394262e6;Sampled=0 x-amzn-remapped-date: Sun, 26 Mar 2023 21:34:22 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: SwHfiMdDkV5eSPbXEVlcIs_k1icXGn7aaScjTgDLyG0Uo_o-K0jIqg== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Mar 2023 21:57:30 GMT age: 60542 etag: "242108539ff8694a3c557d07b2b000e764a77f24" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10405 bytes) Hash 22905e8a7c8b1741dd51842c114a6517 c5900fe2396e0ca371c4847af4e96149850c3577 1525f9f39c09370fcb1f58f079f2d741a4c6d13fba26e6dd5b79466153d7685e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10405 x-amzn-requestid: 0b8dad7a-2ec1-4eed-9a2c-06079ed46662 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CRi69E9xoAMFiJg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641d4b79-2f606ac041c5db24583c8d51;Sampled=0 x-amzn-remapped-date: Fri, 24 Mar 2023 07:04:25 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: qbbEi0tXZLKo6qjrbJMtTHdhWziYrLrgzY1hzt_LrQJoeDDBbJnZBA== via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 07:49:08 GMT age: 25044 etag: "c5900fe2396e0ca371c4847af4e96149850c3577" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd81c2ee0-b0d8-4d53-8a73-a453a7669c92.jpeg	34.120.237.76	200 OK	6.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd81c2ee0-b0d8-4d53-8a73-a453a7669c92.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.6 kB (6623 bytes) Hash 9e5dfaeb44e65f30874efae17a8fd652 52c517a45e53a4ca5b5783d0364ac0e2606d6970 3752bdf3d574299ccb17ac42d20f940dd1daf48d127889a1d82a55bec82a0436 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd81c2ee0-b0d8-4d53-8a73-a453a7669c92.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6623 x-amzn-requestid: 5b246408-bf9c-488d-aee6-7d387115863e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: COQn4EHJoAMFl3Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641bfafe-686e97b34f7c33862db51515;Sampled=0 x-amzn-remapped-date: Thu, 23 Mar 2023 07:08:47 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: Dc5ZpKbzuxe6YqNOtsNpeKShE02r5kg-YX_3gPgeEIgRADZRBL6b4w== via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Mar 2023 16:38:20 GMT age: 79692 etag: "52c517a45e53a4ca5b5783d0364ac0e2606d6970" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2	142.250.74.35	200 OK	15 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 142.250.74.35:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Size 15 kB (15344 bytes) Hash 5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc HTTP Headers `GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.google.com Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15344 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 10:26:44 GMT expires: Sat, 23 Mar 2024 10:26:44 GMT cache-control: public, max-age=31536000 last-modified: Mon, 16 Oct 2017 17:32:55 GMT content-type: font/woff2 age: 274788 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Noto+Sans	172.217.21.170	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Noto+Sans IP 172.217.21.170:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Noto+Sans HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://0353.comeholidayinlangebaan.co.za/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Mon, 27 Mar 2023 14:46:31 GMT date: Mon, 27 Mar 2023 14:46:31 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML