Overview

URL safe-guard.site/eg/bx/nl/?key=eyJ0aW1lc3RhbXAiOiIxNjY0NDQyNTkyIiwiaGFzaCI6ImQ5ZTIxMjVhNzBmYTRmODAyN2MwZTc0MDgxOTAxMmNiYjhjMDI2NTAifQ==&ccc=US&ppp=PropellerAds&tdom=www.mediacdnc.com&bemobdata=c=97c1892d-3441-4ca7-b771-3428c036e583..l=ffa9eaa9-50aa-4c58-b988-e2d302240323..a=0..b=0..r=www.mediacdnc.com
IP212.237.233.86
ASNUAB Interneto vizija
Location Lithuania
Report completed2022-09-29 09:10:13 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-29 2 safe-guard.site/eg/bx/nl/files/jquery.js Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (12)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-29 05:06:32 UTC 35.83.91.138
mnemonic passive DNS safe-guard.site (6) 0 2022-04-26 13:58:50 UTC 2022-09-29 04:29:47 UTC 212.237.233.86 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-29 04:57:37 UTC 23.36.77.32
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-29 04:56:09 UTC 34.117.237.239
mnemonic passive DNS ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-09-29 04:56:10 UTC 142.250.74.3
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-09-29 04:57:11 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS lemouwee.com (1) 176393 2021-03-12 13:42:34 UTC 2022-09-29 00:50:23 UTC 139.45.197.251
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-29 05:05:36 UTC 143.204.55.36
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-29 05:03:41 UTC 34.160.144.191
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-29 07:39:56 UTC 216.58.211.10
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-29 04:12:37 UTC 93.184.220.29
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-29 04:10:37 UTC 34.120.237.76


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 212.237.233.86

Date UQ / IDS / BL URL IP
2022-12-08 05:05:12 +0000
0 - 0 - 2 telenet.website/m/co/pl1/ 212.237.233.86
2022-12-06 06:30:31 +0000
0 - 0 - 2 telenet.website/m/br/13/ 212.237.233.86
2022-12-05 14:03:22 +0000
0 - 0 - 2 telenet.website/m/br/s4/ 212.237.233.86
2022-12-05 06:18:43 +0000
0 - 0 - 2 telenet.website/m/ec/ppt1/ 212.237.233.86
2022-12-05 05:32:41 +0000
0 - 0 - 2 telenet.website/m/br/13/ 212.237.233.86

Last 5 reports on ASN: UAB Interneto vizija

Date UQ / IDS / BL URL IP
2022-12-09 00:07:05 +0000
0 - 0 - 1 televivo.online/hu/env/tmobile/ 194.135.87.58
2022-12-08 23:59:10 +0000
0 - 0 - 1 televivo.online/kz/bx/nl/?key=eyJ0aW1lc3RhbXA (...) 194.135.87.58
2022-12-08 23:12:24 +0000
0 - 0 - 1 media2.site/dz/bx/nl?key=eyJ0aW1lc3RhbXAiOiIx (...) 194.135.87.146
2022-12-08 22:42:25 +0000
0 - 0 - 3 televivo.online/my/env/maxis/ 194.135.87.58
2022-12-08 20:21:14 +0000
0 - 0 - 1 televida.site/m/th/s4/ 79.98.29.8

Last 5 reports on domain: safe-guard.site

Date UQ / IDS / BL URL IP
2022-11-09 06:50:14 +0000
0 - 0 - 4 safe-guard.site/mz/env/movitel/ 212.237.233.86
2022-11-09 03:05:32 +0000
0 - 0 - 4 safe-guard.site/cl/500/env/wom 212.237.233.86
2022-11-09 02:59:17 +0000
0 - 0 - 1 safe-guard.site/mx/bx/nl?key=eyJ0aW1lc3RhbXAi (...) 212.237.233.86
2022-11-08 07:14:08 +0000
0 - 0 - 4 safe-guard.site/iq/env/asiacell 212.237.233.86
2022-11-08 06:59:11 +0000
0 - 0 - 4 safe-guard.site/my/fortune/maxis/ 212.237.233.86

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-08 23:12:24 +0000
0 - 0 - 1 media2.site/dz/bx/nl?key=eyJ0aW1lc3RhbXAiOiIx (...) 194.135.87.146
2022-12-05 14:58:13 +0000
0 - 0 - 1 www.mediacdnc.com/go/c255df52-c7a7-41e8-8981- (...) 3.70.16.242
2022-12-04 11:59:34 +0000
0 - 0 - 2 telefonica.site/dz/bx/nl/?key=eyJ0aW1lc3RhbXA (...) 79.98.24.35
2022-12-04 11:59:33 +0000
0 - 0 - 2 telefonica.site/dz/bx/nl?key=eyJ0aW1lc3RhbXAi (...) 79.98.24.35
2022-12-04 01:00:09 +0000
0 - 0 - 1 telefonica.site/dz/bx/nl?key=eyJ0aW1lc3RhbXAi (...) 79.98.24.35


JavaScript

Executed Scripts (10)


Executed Evals (1)

#1 JavaScript::Eval (size: 80, repeated: 1) - SHA256: b53f025511e6f4f0fc0c17ca00f3af6d04d7649eae25d1c0a7b3191c304d5885

                                        (() => {
    const a = async
    function name() {};
    window['fw0o491hqls'] = true;
})()
                                    

Executed Writes (0)



HTTP Transactions (32)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 08:15:52 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lHIm5k0BH6LptabkjzKuk1oqOYD2YuAROmYflrIR7ZKSYpXUXIu61Q==
Age: 3250


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /eg/bx/nl/?key=eyJ0aW1lc3RhbXAiOiIxNjY0NDQyNTkyIiwiaGFzaCI6ImQ5ZTIxMjVhNzBmYTRmODAyN2MwZTc0MDgxOTAxMmNiYjhjMDI2NTAifQ==&ccc=US&ppp=PropellerAds&tdom=www.mediacdnc.com&bemobdata=c=97c1892d-3441-4ca7-b771-3428c036e583..l=ffa9eaa9-50aa-4c58-b988-e2d302240323..a=0..b=0..r=www.mediacdnc.com HTTP/1.1 
Host: safe-guard.site
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         212.237.233.86
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Thu, 29 Sep 2022 09:10:02 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1493)
Size:   4102
Md5:    825eb45bd03b36658d5f87cde1ea4eb2
Sha1:   d0c8cbd6f462c9265d098184ceeaa482acceb37c
Sha256: 851f7c7f874eb28e91edbf5dfc24ce35d592d339304cb59a412cfdc0fd5d2d64
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12163
Expires: Thu, 29 Sep 2022 12:32:45 GMT
Date: Thu, 29 Sep 2022 09:10:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DFF04734315B51FC11069E2D21B5BE37B03D28AD01986E1AE2C96AFC6BA31859"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7506
Expires: Thu, 29 Sep 2022 11:15:08 GMT
Date: Thu, 29 Sep 2022 09:10:02 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: UtSdsbzTj6bUUbfw7X3THXsVuD2oLfUflQo0tSYUue/pTR/xDRqo/Rm5W64J+lO/EQhKdqv6tXs=
x-amz-request-id: 0CTRYJFTE7AZD4PQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 29 Sep 2022 08:47:52 GMT
age: 1330
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 09:10:02 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /eg/bx/nl/files/style.css HTTP/1.1 
Host: safe-guard.site
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safe-guard.site/eg/bx/nl/?key=eyJ0aW1lc3RhbXAiOiIxNjY0NDQyNTkyIiwiaGFzaCI6ImQ5ZTIxMjVhNzBmYTRmODAyN2MwZTc0MDgxOTAxMmNiYjhjMDI2NTAifQ==&ccc=US&ppp=PropellerAds&tdom=www.mediacdnc.com&bemobdata=c=97c1892d-3441-4ca7-b771-3428c036e583..l=ffa9eaa9-50aa-4c58-b988-e2d302240323..a=0..b=0..r=www.mediacdnc.com

                                         
                                         212.237.233.86
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 29 Sep 2022 09:10:02 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 07:16:29 GMT
ETag: "f99a-5e75c0ae2d334-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Thu, 06 Oct 2022 09:10:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6307
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (63898), with no line terminators
Size:   6307
Md5:    c94fe6d19e2e2a18430a9407df85374e
Sha1:   8819344d36d0a99e84e2bbc48cac019972ea6d7b
Sha256: f804b3e512305c65e217b0c8940aa7f91194a1136e2d33961fa5ed245c35d52d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:10:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /eg/bx/nl/files/jquery.js HTTP/1.1 
Host: safe-guard.site
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safe-guard.site/eg/bx/nl/?key=eyJ0aW1lc3RhbXAiOiIxNjY0NDQyNTkyIiwiaGFzaCI6ImQ5ZTIxMjVhNzBmYTRmODAyN2MwZTc0MDgxOTAxMmNiYjhjMDI2NTAifQ==&ccc=US&ppp=PropellerAds&tdom=www.mediacdnc.com&bemobdata=c=97c1892d-3441-4ca7-b771-3428c036e583..l=ffa9eaa9-50aa-4c58-b988-e2d302240323..a=0..b=0..r=www.mediacdnc.com

                                         
                                         212.237.233.86
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 29 Sep 2022 09:10:02 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 29 Aug 2022 07:16:29 GMT
ETag: "15283-5e75c0ae23adc-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30138
Keep-Alive: timeout=2, max=100


--- Additional Info ---
Magic:  ASCII text, with very long lines (32058)
Size:   30138
Md5:    3430607b4301113ad9394c9260eef3f0
Sha1:   8c4db68b161b17e31be300e968a30ab0116b3193
Sha256: 31e4d11375322cd6f94dba7338570426f2412d6c5fa670427966d45c3648098c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /eg/bx/nl/files/box_c.png HTTP/1.1 
Host: safe-guard.site
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safe-guard.site/eg/bx/nl/?key=eyJ0aW1lc3RhbXAiOiIxNjY0NDQyNTkyIiwiaGFzaCI6ImQ5ZTIxMjVhNzBmYTRmODAyN2MwZTc0MDgxOTAxMmNiYjhjMDI2NTAifQ==&ccc=US&ppp=PropellerAds&tdom=www.mediacdnc.com&bemobdata=c=97c1892d-3441-4ca7-b771-3428c036e583..l=ffa9eaa9-50aa-4c58-b988-e2d302240323..a=0..b=0..r=www.mediacdnc.com

                                         
                                         212.237.233.86
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 29 Sep 2022 09:10:02 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 07:16:29 GMT
ETag: "407f-5e75c0ae1025b"
Accept-Ranges: bytes
Content-Length: 16511
Cache-Control: max-age=604800
Expires: Thu, 06 Oct 2022 09:10:02 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 257 x 184, 8-bit/color RGBA, non-interlaced\012- data
Size:   16511
Md5:    cfeb6623e5249131d5319b768bb211db
Sha1:   e58e95cf3c24840bf7f9760ef88d1f67f6be6e24
Sha256: f3d07d99eba35e27b81a425a18c70e78b246228d723b08e59fb627ee4542df74
                                        
                                            GET /css2?family=Tajawal&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://safe-guard.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.211.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Sep 2022 09:10:02 GMT
date: Thu, 29 Sep 2022 09:10:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /eg/bx/nl/files/gift.gif HTTP/1.1 
Host: safe-guard.site
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safe-guard.site/eg/bx/nl/?key=eyJ0aW1lc3RhbXAiOiIxNjY0NDQyNTkyIiwiaGFzaCI6ImQ5ZTIxMjVhNzBmYTRmODAyN2MwZTc0MDgxOTAxMmNiYjhjMDI2NTAifQ==&ccc=US&ppp=PropellerAds&tdom=www.mediacdnc.com&bemobdata=c=97c1892d-3441-4ca7-b771-3428c036e583..l=ffa9eaa9-50aa-4c58-b988-e2d302240323..a=0..b=0..r=www.mediacdnc.com

                                         
                                         212.237.233.86
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 29 Sep 2022 09:10:02 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 29 Aug 2022 07:16:29 GMT
ETag: "3cf6-5e75c0ae20bfc"
Accept-Ranges: bytes
Content-Length: 15606
Cache-Control: max-age=604800
Expires: Thu, 06 Oct 2022 09:10:02 GMT
Keep-Alive: timeout=2, max=100


--- Additional Info ---
Magic:  GIF image data, version 89a, 100 x 100\012- data
Size:   15606
Md5:    573c467d7a0b1c4c009ba98927dfa335
Sha1:   78d9c7efaeed568b74f1e4d1b4eb67e51dbbb9f1
Sha256: c4f1d8867d03d437694f1cac0c9df3a7f5006fb8df474023bfa1d78f88843ce8
                                        
                                            GET /eg/bx/nl/files/prize.jpg HTTP/1.1 
Host: safe-guard.site
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safe-guard.site/eg/bx/nl/?key=eyJ0aW1lc3RhbXAiOiIxNjY0NDQyNTkyIiwiaGFzaCI6ImQ5ZTIxMjVhNzBmYTRmODAyN2MwZTc0MDgxOTAxMmNiYjhjMDI2NTAifQ==&ccc=US&ppp=PropellerAds&tdom=www.mediacdnc.com&bemobdata=c=97c1892d-3441-4ca7-b771-3428c036e583..l=ffa9eaa9-50aa-4c58-b988-e2d302240323..a=0..b=0..r=www.mediacdnc.com

                                         
                                         212.237.233.86
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 09:10:02 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 29 Aug 2022 07:16:29 GMT
ETag: "57e2-5e75c0ae26da4"
Accept-Ranges: bytes
Content-Length: 22498
Cache-Control: max-age=604800
Expires: Thu, 06 Oct 2022 09:10:02 GMT
Keep-Alive: timeout=2, max=100


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Size:   22498
Md5:    2fe7268450b8dbdc94f715703528c0e6
Sha1:   6a7673302207522f64f3976cc866301f80a3dd99
Sha256: fa9a57d297b8357707e9ccca52cf8729ccef3922a885eceb97c7d6718656ea06
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:10:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:10:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/tajawal/v9/Iura6YBj_oCad4k1nzGBCw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://safe-guard.site
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10256
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:55:05 GMT
expires: Thu, 28 Sep 2023 19:55:05 GMT
cache-control: public, max-age=31536000
age: 47698
last-modified: Wed, 27 Apr 2022 16:06:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 10256, version 1.0\012- data
Size:   10256
Md5:    f18eb7346bae415c6367ed0907125227
Sha1:   a9e8e937c5afc2f9feb46bfcb8fa854728a494a8
Sha256: b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b
                                        
                                            GET /s/tajawal/v9/Iura6YBj_oCad4k1nzSBC45I.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://safe-guard.site
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 20:09:06 GMT
expires: Tue, 26 Sep 2023 20:09:06 GMT
cache-control: public, max-age=31536000
age: 219657
last-modified: Wed, 27 Apr 2022 16:06:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 8724, version 1.0\012- data
Size:   8724
Md5:    20217aa9d3eaac472e24b02bcdcd6c9b
Sha1:   ee278f79d297f09fd3bf15fe453332649b1aa69e
Sha256: 1f56c2984babee36c5008ae3290384e27a63931814265ffe8ddda6a2fc38b41e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 09:10:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 08:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 29 Sep 2022 08:40:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -6r-dtb3C_M9QrwSQo8ukCFj-cV3ly6GA9Fr48RRr_o-QaUBjphTqQ==
Age: 2430


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4953
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 09:10:03 GMT
Last-Modified: Thu, 29 Sep 2022 07:47:30 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jBlisLfU+R/6SHkVmjht0g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.83.91.138
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xYx2qOWl/tFn/IsLappc6NbqZgc=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10315
Expires: Thu, 29 Sep 2022 12:02:00 GMT
Date: Thu, 29 Sep 2022 09:10:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10315
Expires: Thu, 29 Sep 2022 12:02:00 GMT
Date: Thu, 29 Sep 2022 09:10:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10315
Expires: Thu, 29 Sep 2022 12:02:00 GMT
Date: Thu, 29 Sep 2022 09:10:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10315
Expires: Thu, 29 Sep 2022 12:02:00 GMT
Date: Thu, 29 Sep 2022 09:10:05 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6362b4f1-5935-43c9-9147-6d019a1ea6cd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4235
x-amzn-requestid: 60825c64-7743-4b16-b80d-d1195ccb0f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK2nFsDoAMFRwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be90-1898e5d9111db7c843c1ebb4;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C-XC9qsktkENdI6lWZp5RQjeEvrrFMUfBq1mA5dxEjRq5tkfL5Jsxw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:55 GMT
age: 39910
etag: "2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4235
Md5:    30471179bd7cdeecea2fa4ea98701aef
Sha1:   2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb
Sha256: 967e070aec3942c64cc6c4cfdc13d430825c9e5c26dbec5bb3d66237d5978dfc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8508
x-amzn-requestid: 5568f81c-2f99-44bf-9bd8-f015c604c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMJlzFywoAMFamw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bc8b-1d335c5c536e895a19b5965f;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:28:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2RLqacSoBXtv1i-6fRV9nejJ5tulXVJ-VsKVDvsMqAgPqXKWe_2cJw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:42:49 GMT
etag: "a98da6b6ce993bd8f3b58ba42915cd9c4b45946c"
age: 37636
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8508
Md5:    515e23ff5ef0fc336ac5ec7fd31dfacd
Sha1:   a98da6b6ce993bd8f3b58ba42915cd9c4b45946c
Sha256: 77c186eb00def4a978d1bfd9eac755f70bf465f622991aaf6681227aec3e118a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3332
x-amzn-requestid: fb6cb616-5b4d-4aaf-a891-50b4de8b6f95
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJ_6AGNYIAMFSHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333e03f-377fe02d1cc7ad2b3a15ca1a;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 05:48:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nJJZxZlapt4k5988yU-V94pBBH2SmfSZ0Zb_oJXA07mppg0lF04wLg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 17:18:10 GMT
age: 57115
etag: "4fc0699c763f67a2602b4b3f46b8b4013d2049c6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3332
Md5:    6ac86079d2901fb11bfaff81d91bb2d2
Sha1:   4fc0699c763f67a2602b4b3f46b8b4013d2049c6
Sha256: 8c25b9129fc01f6ffad911994e91436ab0026ed0b54568757a20ab7f92584467
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14073
x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnpEsJoAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dyDhatfeYzzSQpRY7JpOIu3VhjlI8IOWcKCLCBWYaxJ1CYgCxqdQjA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:49:42 GMT
age: 40823
etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14073
Md5:    11594ce7500d8776bfd5162b17f87d72
Sha1:   72603efba82d649ce5a7a0ca45dc830c0d9ef012
Sha256: 511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9654
x-amzn-requestid: 7961f184-9476-43de-bf35-8ccb50ee1760
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYsHA6oAMFvRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-05f567f7606462ac44f89987;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XaB4TwXv4xy0Sy3dncNYZWEPEnHY5BkEHR7fZDK59APYkzH9DPdT7A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:20:40 GMT
age: 17365
etag: "44cc19b21912d07f82a88af5b2fa6d3e370459bf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9654
Md5:    36ae9444071dd70dcf86802c370ffda9
Sha1:   44cc19b21912d07f82a88af5b2fa6d3e370459bf
Sha256: 99984d108bf31d733414f7f1352e17225ac21ac2dbfb4b1e7fa7ae80e5b6b822
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10023
x-amzn-requestid: 0cb6b9a1-0707-4094-b197-5a0add2df717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4dHJLIAMFWmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9c-2d8bbb17157900f126c5bb3c;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wZ2hBqHAdwimAVV3p-CJFrb9zQ-CTN5ar9CB-cu0mZoENYUFTKKPWQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:58 GMT
age: 39907
etag: "e1067a2dfbc22e7eb196046d57bd1e17604dba75"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10023
Md5:    f4505f57697072468da82e0b536d0d5b
Sha1:   e1067a2dfbc22e7eb196046d57bd1e17604dba75
Sha256: b5e79054f165f38b99f93a8128284f82076523988aeb102b85dd8ff1a2870d00
                                        
                                            GET /pfe/current/micro.tag.min.js?z=5225831&sw=/sw-check-permissions-b6b64.js HTTP/1.1 
Host: lemouwee.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://safe-guard.site/

                                         
                                         139.45.197.251
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 29 Sep 2022 09:10:07 GMT
Last-Modified: Tue, 27 Sep 2022 13:19:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6332f869-1a5ed"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   40057
Md5:    f180b770897d6441bb79cb05ef5655b6
Sha1:   0a1ecab3bd50af2c0930f1ebadeb5ae449b52489
Sha256: 35ca5d4fa63b7895631bbe796dc91e83e0a76ba1a6d6b04c4c2962b7c1fb5a4e