Report - c1.applicationgrabb.com/?step_id=1&installer_id=5229987032440592052&publisher_id=2628&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=889256178179851451&external_id=0&session_id=12151574730544550558&hardware_id=5269729652507506279&q=Pok%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%C3%A2%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%C2%A9mon+Platin+Edition&product_name=Your+File&ignore_download&ignore_downloade&ignore

Report Overview

Submitted URL
c1.applicationgrabb.com/?step_id=1&installer_id=5229987032440592052&publisher_id=2628&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=889256178179851451&external_id=0&session_id=12151574730544550558&hardware_id=5269729652507506279&q=Pok%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%C3%A2%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%C2%A9mon+Platin+Edition&product_name=Your+File&ignore_download&ignore_downloade&ignore_downloader=1&filesize
IP
173.239.8.164
ASN
#27257 WEBAIR-INTERNET
Submitted
2023-03-29 18:22:00
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.google.com	7	2015-05-10T13:11:19Z	2023-03-29T23:33:41Z	2.1 kB	113 kB	142.250.74.132
partner.googleadservices.com	798	2012-10-03T03:04:21Z	2023-03-29T18:12:45Z	482 B	794 B	216.58.207.226
afs.googleusercontent.com	12123	2013-05-06T21:11:00Z	2023-03-29T18:29:48Z	442 B	1.1 kB	142.250.74.97
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T18:13:46Z	333 B	391 B	34.117.237.239
applicationgrabb.com	unknown	2014-05-22T13:18:43Z	2023-03-29T14:41:59Z	816 B	645 B	173.239.8.164
ww9.applicationgrabb.com	unknown	2019-01-14T02:24:08Z	2023-03-29T20:21:51Z	2.1 kB	9.0 kB	76.223.26.96
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T18:24:36Z	413 B	5.9 kB	34.160.144.191
c.parkingcrew.net	70582	2017-01-29T20:17:16Z	2023-03-29T12:31:10Z	300 B	1.0 kB	185.53.178.30
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T22:30:19Z	3.2 kB	48 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T18:14:38Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T18:37:20Z	606 B	127 B	52.89.183.99
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-29T18:25:22Z	325 B	827 B	142.250.74.74
d38psrni17bvxu.cloudfront.net	unknown	2022-09-22T18:48:38Z	2023-03-29T14:53:52Z	365 B	12 kB	54.230.245.8
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T18:12:02Z	2.4 kB	4.9 kB	142.250.74.131
c1.applicationgrabb.com	unknown	2014-05-22T13:18:43Z	2023-03-29T05:19:48Z	1.7 kB	740 B	74.206.228.78
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T18:12:03Z	2.4 kB	6.2 kB	23.36.77.32
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-29T23:11:09Z	436 B	12 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-29 18:22:13	medium	Client IP	74.206.228.78	ET ADWARE_PUP W32/InstallRex.Adware Initial CnC Beacon
2023-03-29 18:22:14	medium	Client IP	173.239.8.164	ET ADWARE_PUP Win32/Zonebac Traffic Redirect

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	ww9.applicationgrabb.com/	652 B	2023-03-30	2023-03-30
Pretty URL ww9.applicationgrabb.com/ IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-30 00:01:33 Last Seen2023-03-30 00:01:33 Times Seen1 Hash 56c22e7b189b66b019bb79b7641ff937 51e1e1abc4f80e9a323ae885cd0664e2d2f464e1 f77f2ada916a9a38a141cb4d40bb6914d86760029f679527d761496f85391837 Loading...

	ww9.applicationgrabb.com/	1.1 kB	2023-03-30	2023-03-30
Pretty URL ww9.applicationgrabb.com/ IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-30 00:01:33 Last Seen2023-03-30 00:01:33 Times Seen1 Hash bc2218ea62902efad3ce3d0443ab6517 a632ace429426d6b619dddf97483103ec2182eb6 c45447d75a9e625e2ca69817001ebc51fa0eeadeea33d929973d9d348624e74c Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-03-29	2023-04-03
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:38:16 Last Seen2023-04-03 23:55:33 Times Seen477 Hash d5fa89ee83b7193615caa52f437c0a89 ace7706eb99f0b91c4f95b9eeb20d40d7a97b7f8 b1b6469dc228a271783b9198992c5952d95a944e68661a01e080e309acf310dd Loading...

	ww9.applicationgrabb.com/	40 B	2023-03-08	2023-05-23
Pretty URL ww9.applicationgrabb.com/ IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:24:08 Last Seen2023-05-23 17:14:04 Times Seen4695 Hash bbf1d9896eb3544c767d965a657e142c 5df55c7669b87f414501ffc91de02e4756141a83 f73cb6aef53ef853b780335ddf7d4cb319edcf02c8c050f270639a91226a09bc Loading...

	ww9.applicationgrabb.com/	71 B	2023-03-08	2024-01-04
Pretty URL ww9.applicationgrabb.com/ IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:23:53 Last Seen2024-01-04 08:38:22 Times Seen25410 Hash 1a5a5e1b6a26f57b95e3dd42f60612f4 b62a27e55a59b49084e682bd3c1588f6a40881ab 4066da16910907c7962da8e7011bf0cd62b6f2dcddb1911e3ea2de03ce3e1dc7 Loading...

	ww9.applicationgrabb.com/	472 B	2023-03-13	2024-01-03
Pretty URL ww9.applicationgrabb.com/ IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:13:46 Last Seen2024-01-03 14:22:39 Times Seen25251 Hash d31eefc1e54bdae9204297e4ae5b9cce fc49bf319586a623670a81c01d43bbd93b477fbb 2683a6247a15433dd269eaefbc7131b1326c7bc0146361913ea10ad8fa23bb14 Loading...

	c1.applicationgrabb.com/?step_id=1&installer_id=5229987032440592052&publisher_id=2628&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=889256178179851451&external_id=0&session_id=12151574730544550558&hardware_id=5269729652507506279&q=Pok%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%C3%A2%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%C2%A9mon+Platin+Edition&product_name=Your+File&ignore_download&ignore_downloade&ignore_downloader=1&filesize	38 B	2023-03-07	2023-04-05
Pretty URL c1.applicationgrabb.com/?step_id=1&installer_id=5229987032440592052&publisher_id=2628&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=889256178179851451&external_id=0&session_id=12151574730544550558&hardware_id=5269729652507506279&q=Pok%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%C3%A2%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%C2%A9mon+Platin+Edition&product_name=Your+File&ignore_download&ignore_downloade&ignore_downloader=1&filesize IP 74.206.228.78 ASN #27257 WEBAIR-INTERNET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:27 Last Seen2023-04-05 02:10:28 Times Seen192 Hash adfecb321da32aaab4729acc792049c0 4728210ff23ed5507331d29110d3453d1741fece aa782af17e4ea74b54c0db9754e2d68d2ba7e8cbaafd0ed9481b5878f32f87b3 Loading...

	applicationgrabb.com/	49 B	2023-03-07	2023-04-05
Pretty URL applicationgrabb.com/ IP 173.239.8.164 ASN #27257 WEBAIR-INTERNET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:05 Last Seen2023-04-05 02:10:28 Times Seen48 Hash 0f263e3e4de284e8b1ce7d552ac788cf c4efc1176c856874fec6e16211eb29e96e6e4bfd 05d00aa21575d4df3a7f8722eeda2495b1f74daac19438db7c735625aaf5a1d9 Loading...

	c.parkingcrew.net/scripts/sale_form.js	761 B	2023-03-07	2024-04-24
Pretty URL c.parkingcrew.net/scripts/sale_form.js IP 185.53.178.30 ASN #19905 NEUSTAR-AS6 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:27 Last Seen2024-04-24 17:29:44 Times Seen10851 Hash 64f809e06446647e192fce8d1ec34e09 5b7ced07da42e205067afa88615317a277a4a82c f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3 Loading...

	ww9.applicationgrabb.com/	246 B	2023-03-30	2023-03-30
Pretty URL ww9.applicationgrabb.com/ IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-30 00:01:33 Last Seen2023-03-30 00:01:33 Times Seen1 Hash ee65bc9b0ac3eb4533838f313d682f32 87eae63af8e1c2d8f495fd0ca95317aa292d654f 36617f0da87536388862c6299686134638ec56f6c3271e31736624287ae6834b Loading...

	ww9.applicationgrabb.com/	7.0 kB	2023-03-13	2024-01-03
Pretty URL ww9.applicationgrabb.com/ IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:10:31 Last Seen2024-01-03 14:22:39 Times Seen25920 Hash 04b2b624f94797c26d17a57f399d9356 3143986e839c47a5c1eff03bd9df63ecc54dca9c 233b1cbfb295a0629bcf68a2a4198a62132f02ee1f061ada2ce7143bd5d2dabb Loading...

	ww9.applicationgrabb.com/	20 B	2023-03-12	2024-01-03
Pretty URL ww9.applicationgrabb.com/ IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:00:05 Last Seen2024-01-03 14:22:39 Times Seen13851 Hash bb9472ed191ad69435d630c50e139a17 4efa10c70dbfe37ec4c8bb5a04b907c549de7e3d eec645c8d410f4d6accc5c4c3326bbff80fdd9d105e423ad50c5c87b22845492 Loading...

	ww9.applicationgrabb.com/	65 B	2023-03-12	2024-01-03
Pretty URL ww9.applicationgrabb.com/ IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:04:52 Last Seen2024-01-03 03:26:41 Times Seen772 Hash 5687c58953daa7d86c22721da0ecbf73 9eba532fd3e5e230ca76909cc992d100a6a722e8 a35c912e2c5debd0a5be58aae4cff4fa81f8251ef23e4e79faca8db8084ebe42 Loading...

	ww9.applicationgrabb.com/	669 B	2023-03-30	2023-03-30
Pretty URL ww9.applicationgrabb.com/ IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-30 00:01:33 Last Seen2023-03-30 00:01:33 Times Seen1 Hash ed14c63db35f04e7a509c87beff65a67 3f2a2fb46ad2ef9defd0cc69b4b18aef2c718dbd b15f0d47b05f84fefb0ee93eb2595c58bf5f125781faba205ff9e4eff33f23ee Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=ww9.applicationgrabb.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie	380 B	2023-03-30	2023-03-30
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=ww9.applicationgrabb.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie IP 216.58.207.226 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-30 00:01:33 Last Seen2023-03-30 00:01:33 Times Seen1 Hash dca28ca56f24c28831317383e511eb11 a4b8d71a18181ff88dca9613ccbba350fc8c60e2 cc3dbeb66ae74ba97c33eeb6035f425cab8221fdb93da67bdab52ce33930a204 Loading...

	www.google.com/adsense/domains/caf.js?abp=1	148 kB	2023-03-29	2023-04-03
Pretty URL www.google.com/adsense/domains/caf.js?abp=1 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:36:46 Last Seen2023-04-03 23:55:19 Times Seen616 Hash 953bc7a5e2880e0b10df854518cf3fec 4509703e0d2c42dafcd9b8c4350ff7438ba68261 2f695f1cc7e2100a45e584c3197f6cca40e02e7451108bb46965cc5a88db71d4 Loading...

	ww9.applicationgrabb.com/	968 B	2023-03-08	2024-04-24
Pretty URL ww9.applicationgrabb.com/ IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:24:08 Last Seen2024-04-24 19:23:31 Times Seen27705 Hash c77554570ae0fa8e4fb31747dc213058 e989fbde07e6a68975c7a31e1d4df76afd90b96f c3f831fe1717c6d76a8950ac5e7dc88ceee7440d079b11584be5c6c5b3269e77 Loading...

	www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww9.applicationgrabb.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDI0ODFiZjhlZjMzfHx8MTY4MDExNDExMS41OTExfDMyOTA1ZmViNzZlZGRhN2M2NWRmYWVkMzBhNmZhNDlhNWJkZWEyNzl8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxjZTBiYWUzNTdiNWUyYzRlNDE3ODc3MWM0MmExYzQ5ZTBkNTQyZTM5fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2541811284092968&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3%7Cs&nocache=7231680114135495&num=0&output=afd_ads&domain_name=ww9.applicationgrabb.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1680114135496&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=518347065&uio=--&cont=tc&jsid=caf&jsv=518347065&rurl=http%3A%2F%2Fww9.applicationgrabb.com%2F&referer=http%3A%2F%2Fapplicationgrabb.com%2F&adbw=master-1%3A530	6.3 kB	2023-03-30	2023-03-30
Pretty URL www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww9.applicationgrabb.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDI0ODFiZjhlZjMzfHx8MTY4MDExNDExMS41OTExfDMyOTA1ZmViNzZlZGRhN2M2NWRmYWVkMzBhNmZhNDlhNWJkZWEyNzl8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxjZTBiYWUzNTdiNWUyYzRlNDE3ODc3MWM0MmExYzQ5ZTBkNTQyZTM5fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2541811284092968&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3%7Cs&nocache=7231680114135495&num=0&output=afd_ads&domain_name=ww9.applicationgrabb.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1680114135496&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=518347065&uio=--&cont=tc&jsid=caf&jsv=518347065&rurl=http%3A%2F%2Fww9.applicationgrabb.com%2F&referer=http%3A%2F%2Fapplicationgrabb.com%2F&adbw=master-1%3A530 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-30 00:01:33 Last Seen2023-03-30 00:01:33 Times Seen1 Hash 70bf12605ca6ecb3375540e8a5f26a09 a3df3e29eccaf7f5866bb2a120022c25b5524c86 dc036cf0e43ae201ed172a5478ad308e84bec252747bd4c2956f120239e207d8 Loading...

HTTP Transactions (43)

URL IP Response Size

c1.applicationgrabb.com/?step_id=1&installer_id=5229987032440592052&publisher_id=2628&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=889256178179851451&external_id=0&session_id=12151574730544550558&hardware_id=5269729652507506279&q=Pok%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%C3%A2%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%C2%A9mon+Platin+Edition&product_name=Your+File&ignore_download&ignore_downloade&ignore_downloader=1&filesize

74.206.228.78

200 OK

251 B

URL HTTP/1.1
c1.applicationgrabb.com/?step_id=1&installer_id=5229987032440592052&publisher_id=2628&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=889256178179851451&external_id=0&session_id=12151574730544550558&hardware_id=5269729652507506279&q=Pok%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%C3%A2%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%C2%A9mon+Platin+Edition&product_name=Your+File&ignore_download&ignore_downloade&ignore_downloader=1&filesize
IP
74.206.228.78:0
ASN
#27257 WEBAIR-INTERNET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
251 B (251 bytes)
Hash
8af508c68367fa252150433d59391636
ef0db24a657b533ba77ab3f5cf112663b9ce4599
b7537f7e96b8d2fbb56a69c57570f5b02e42aeb15e4a77987be33377076d5651

Detections

NIDS	Severity	Alert
suricata	medium	ET ADWARE_PUP W32/InstallRex.Adware Initial CnC Beacon

HTTP Headers

GET /?step_id=1&installer_id=5229987032440592052&publisher_id=2628&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=889256178179851451&external_id=0&session_id=12151574730544550558&hardware_id=5269729652507506279&q=Pok%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%C3%A2%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%C2%A9mon+Platin+Edition&product_name=Your+File&ignore_download&ignore_downloade&ignore_downloader=1&filesize HTTP/1.1
Host: c1.applicationgrabb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Wed, 29 Mar 2023 18:21:50 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8149
Expires: Wed, 29 Mar 2023 20:37:39 GMT
Date: Wed, 29 Mar 2023 18:21:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9815
Expires: Wed, 29 Mar 2023 21:05:25 GMT
Date: Wed, 29 Mar 2023 18:21:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4229
Expires: Wed, 29 Mar 2023 19:32:19 GMT
Date: Wed, 29 Mar 2023 18:21:50 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 17:28:10 GMT
content-type: application/json
age: 3220
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Ej3QFebCM3clnwhLz7SOOQKpN/36qhBnoHQams8CMcSGgWYQjGZ/JQqSYt4y97SKwGSGRWBhn+o=
x-amz-request-id: 50ZESARJMCMQ0TK1
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 18:02:36 GMT
age: 1154
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 18:21:50 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

c1.applicationgrabb.com/favicon.ico

74.206.228.78

404 Not Found

114 B

URL HTTP/1.1
c1.applicationgrabb.com/favicon.ico
IP
74.206.228.78:0
ASN
#27257 WEBAIR-INTERNET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
114 B (114 bytes)
Hash
021ffd3b4e081732edb9f2fa096e8ef2
4b0c71d74bf395719f8f91e4903609e37b513046
71dc6b3c545761e64c88967c0f8005939255df258bf60e122b238095d0c9659c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: c1.applicationgrabb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1.applicationgrabb.com/?step_id=1&installer_id=5229987032440592052&publisher_id=2628&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=889256178179851451&external_id=0&session_id=12151574730544550558&hardware_id=5269729652507506279&q=Pok%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%C3%A2%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BD%C2%A9mon+Platin+Edition&product_name=Your+File&ignore_download&ignore_downloade&ignore_downloader=1&filesize

HTTP/1.1 404 Not Found
Server: nginx/1.18.0
Date: Wed, 29 Mar 2023 18:21:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, ETag, Expires, Alert, Pragma, Content-Type, Retry-After, Last-Modified, Content-Length, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 29 Mar 2023 18:14:36 GMT
age: 434
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da5340ee69a1000f751686df9e716663
a5da880a61ed119790a7990bbdcc0c97eecf04f2
d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10505
Expires: Wed, 29 Mar 2023 21:16:56 GMT
Date: Wed, 29 Mar 2023 18:21:51 GMT
Connection: keep-alive

applicationgrabb.com/

173.239.8.164

200 OK

156 B

URL HTTP/1.1
applicationgrabb.com/
IP
173.239.8.164:0
ASN
#27257 WEBAIR-INTERNET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
156 B (156 bytes)
Hash
b5f947e465b8227523f2c5182d69bc3d
81ef4205ca01f5c515ee8bfad7375ffa498f4022
064a9f51a6d0b9144fae002af06e893a95b709aff47f66511b211414b33e6c02

Detections

NIDS	Severity	Alert
suricata	medium	ET ADWARE_PUP Win32/Zonebac Traffic Redirect

HTTP Headers

POST / HTTP/1.1
Host: applicationgrabb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 12
Origin: http://c1.applicationgrabb.com
Connection: keep-alive
Referer: http://c1.applicationgrabb.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 29 Mar 2023 18:21:51 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

push.services.mozilla.com/

52.89.183.99

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.183.99:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: G79FCTlnwIQsnxylDBuBjA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: O0JE3d4081NsIDkihG25MT0Pl1g=

applicationgrabb.com/favicon.ico

173.239.8.164

404 Not Found

114 B

URL HTTP/1.1
applicationgrabb.com/favicon.ico
IP
173.239.8.164:0
ASN
#27257 WEBAIR-INTERNET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
114 B (114 bytes)
Hash
4dda89292ffda632595d8e4040ef07c8
55c26cf87340555b3c09ba932bbabfc066a8d0ea
2615795f2aaccceaee3a5a92bcb488c122aed8a152f042633e41657fff9f7278

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: applicationgrabb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://applicationgrabb.com/
Connection: keep-alive

HTTP/1.1 404 Not Found
Server: nginx/1.20.1
Date: Wed, 29 Mar 2023 18:21:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

ww9.applicationgrabb.com/

76.223.26.96

200 OK

6.3 kB

URL HTTP/1.1
ww9.applicationgrabb.com/
IP
76.223.26.96:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1169)
Size
6.3 kB (6315 bytes)
Hash
cf1d07e17cfe1135579c604e1479297b
bcea037dad5dae4413cb4dec56567c967e0eec83
4d60efb340a5415f0527e341b3c9fbd53b55b97bb50241ac7080cbf5885521ca

HTTP Headers

GET / HTTP/1.1
Host: ww9.applicationgrabb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://applicationgrabb.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 18:21:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket102
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_lk/IBfYf4HmDJ1TGJJvxWUdXNeqrFGYin7Ge7pA+Ea1CFJAv8OgdkJXCHgo20v65Zv4VqwWcTqP6UwcT/RNb+g==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Domain: applicationgrabb.com
X-Subdomain: ww9
Content-Encoding: gzip

fonts.googleapis.com/css?family=Port+Lligat+Slab

142.250.74.74

200 OK

290 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Port+Lligat+Slab
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
290 B (290 bytes)
Hash
088d95793a3b22f58d6ba11131755acc
d44c366b0fd57969cc93744fa301136b76ed046c
e89359910fb17222949b8ae4cd40c20b26cfc3878221d580cb2e415d1a460116

HTTP Headers

GET /css?family=Port+Lligat+Slab HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww9.applicationgrabb.com/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 29 Mar 2023 18:21:51 GMT
Date: Wed, 29 Mar 2023 18:21:51 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

www.google.com/adsense/domains/caf.js?abp=1

142.250.74.132

200 OK

54 kB

URL HTTP/1.1
www.google.com/adsense/domains/caf.js?abp=1
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2193)
Size
54 kB (53935 bytes)
Hash
f450096a29d79ac6c5cab6ee7cd48a03
21aee55321473f1bc93c9b12cfd683aae2837b72
1a2036b2d05269fb09597a46c680631852f72e4772beb6e7b616157cde469090

HTTP Headers

GET /adsense/domains/caf.js?abp=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww9.applicationgrabb.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Wed, 29 Mar 2023 18:21:51 GMT
Expires: Wed, 29 Mar 2023 18:21:51 GMT
Cache-Control: private, max-age=3600
ETag: "7373613198510658470"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0

c.parkingcrew.net/scripts/sale_form.js

185.53.178.30

200 OK

761 B

URL HTTP/1.1
c.parkingcrew.net/scripts/sale_form.js
IP
185.53.178.30:0
ASN
#19905 NEUSTAR-AS6

File type
ASCII text
Size
761 B (761 bytes)
Hash
64f809e06446647e192fce8d1ec34e09
5b7ced07da42e205067afa88615317a277a4a82c
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3

HTTP Headers

GET /scripts/sale_form.js HTTP/1.1
Host: c.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww9.applicationgrabb.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 18:21:51 GMT
Content-Type: application/javascript
Content-Length: 761
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-2f9"
Accept-Ranges: bytes

fonts.gstatic.com/s/portlligatslab/v21/LDIpaoiQNgArA8kR7ulhZ8P_NYOsg70R9g.woff2

216.58.207.227

200 OK

12 kB

URL HTTP/1.1
fonts.gstatic.com/s/portlligatslab/v21/LDIpaoiQNgArA8kR7ulhZ8P_NYOsg70R9g.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11476, version 1.0\012- data
Size
12 kB (11476 bytes)
Hash
99f10b7c2173e99a630fa2248997106d
2ccc42406a7cefef4fd03a03b5949598d7c6efca
0399db86a4efaac36817553cb0ec6272041be953f4f9548f977e3a099643b47e

HTTP Headers

GET /s/portlligatslab/v21/LDIpaoiQNgArA8kR7ulhZ8P_NYOsg70R9g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ww9.applicationgrabb.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 11476
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 24 Mar 2023 10:49:59 GMT
Expires: Sat, 23 Mar 2024 10:49:59 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 15:40:38 GMT
Content-Type: font/woff2
Age: 459112

ww9.applicationgrabb.com/track.php?domain=applicationgrabb.com&toggle=browserjs&uid=MTY4MDExNDExMS41ODU1Ojk0MzA4YzcyNGUwMTIwNmUzMTA0ZWUxNDlmZDBmNzY5ZjEzMTkzNGRlYTc2MDczODk1YzRiYjQ0MWFhNDdiYzY6NjQyNDgxYmY4ZWY0Yw%3D%3D

76.223.26.96

200 OK

20 B

URL HTTP/1.1
ww9.applicationgrabb.com/track.php?domain=applicationgrabb.com&toggle=browserjs&uid=MTY4MDExNDExMS41ODU1Ojk0MzA4YzcyNGUwMTIwNmUzMTA0ZWUxNDlmZDBmNzY5ZjEzMTkzNGRlYTc2MDczODk1YzRiYjQ0MWFhNDdiYzY6NjQyNDgxYmY4ZWY0Yw%3D%3D
IP
76.223.26.96:0
ASN
#16509 AMAZON-02

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /track.php?domain=applicationgrabb.com&toggle=browserjs&uid=MTY4MDExNDExMS41ODU1Ojk0MzA4YzcyNGUwMTIwNmUzMTA0ZWUxNDlmZDBmNzY5ZjEzMTkzNGRlYTc2MDczODk1YzRiYjQ0MWFhNDdiYzY6NjQyNDgxYmY4ZWY0Yw%3D%3D HTTP/1.1
Host: ww9.applicationgrabb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww9.applicationgrabb.com/

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 18:21:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

ww9.applicationgrabb.com/ls.php?t=642481bf&token=ce0bae357b5e2c4e4178771c42a1c49e0d542e39

76.223.26.96

201 Created

16 B

URL HTTP/1.1
ww9.applicationgrabb.com/ls.php?t=642481bf&token=ce0bae357b5e2c4e4178771c42a1c49e0d542e39
IP
76.223.26.96:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

HTTP Headers

GET /ls.php?t=642481bf&token=ce0bae357b5e2c4e4178771c42a1c49e0d542e39 HTTP/1.1
Host: ww9.applicationgrabb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww9.applicationgrabb.com/

HTTP/1.1 201 Created
Date: Wed, 29 Mar 2023 18:21:51 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 642481bff71cff7e7d731003
Charset: utf-8
Access-Control-Allow-Origin: 
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_m0jNQxHw8MirIbjHy445s45qcSUKtOptS8F1s2TMRKa+n/hXumxMo7+TtTTMWK7HlW0NIAheBwHDf0J7j79Yyw==

d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png

54.230.245.8

200 OK

11 kB

URL HTTP/1.1
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
IP
54.230.245.8:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11375 bytes)
Hash
0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865

HTTP Headers

GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww9.applicationgrabb.com/

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11375
Connection: keep-alive
Server: nginx
Date: Wed, 29 Mar 2023 01:22:09 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Accept-Ranges: bytes
ETag: "62b4441b-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lMxW9nyQaHRx1WEQprm25rpXjDLCWM5ebFjc1qQvjtbKwv-jzLFs5g==
Age: 61182

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9f52e1a56e3580c1bf81562a9df645f8
7c0b65f04f7c1ce3cc65f0ab3207d8d18ba5350b
28f16d1df407bb8bf6b28d978c94a40ea1f151dbc9e4e73493c999d881c3dc25

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 18:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ww9.applicationgrabb.com/favicon.ico

76.223.26.96

200 OK

0 B

URL HTTP/1.1
ww9.applicationgrabb.com/favicon.ico
IP
76.223.26.96:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ww9.applicationgrabb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww9.applicationgrabb.com/

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 18:21:51 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980037790ada70c8073ba9a8d5cc825e
6346559da4cce00710525b8c51e5e22d0dde4693
d399e83b9fb36a722e729da0685e3bdbd744ad826f05fe8a1d62e546fc67d42f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 18:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

partner.googleadservices.com/gampad/cookie.js?domain=ww9.applicationgrabb.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie

216.58.207.226

200 OK

247 B

URL HTTP/2
partner.googleadservices.com/gampad/cookie.js?domain=ww9.applicationgrabb.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
IP
216.58.207.226:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (380), with no line terminators
Size
247 B (247 bytes)
Hash
138a19da9b32c6d3919ef436c333523b
8491fe906381ec7b60dbca7068353b3cad7131f2
f6a9081e856cc8434d0b205477511f1b458ec8c45d98c9b3105ede6f57aab6bc

HTTP Headers

GET /gampad/cookie.js?domain=ww9.applicationgrabb.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww9.applicationgrabb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 29 Mar 2023 18:21:51 GMT
server: cafe
cache-control: private
content-length: 247
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww9.applicationgrabb.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDI0ODFiZjhlZjMzfHx8MTY4MDExNDExMS41OTExfDMyOTA1ZmViNzZlZGRhN2M2NWRmYWVkMzBhNmZhNDlhNWJkZWEyNzl8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxjZTBiYWUzNTdiNWUyYzRlNDE3ODc3MWM0MmExYzQ5ZTBkNTQyZTM5fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2541811284092968&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3%7Cs&nocache=7231680114135495&num=0&output=afd_ads&domain_name=ww9.applicationgrabb.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1680114135496&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=518347065&uio=--&cont=tc&jsid=caf&jsv=518347065&rurl=http%3A%2F%2Fww9.applicationgrabb.com%2F&referer=http%3A%2F%2Fapplicationgrabb.com%2F&adbw=master-1%3A530

142.250.74.132

200 OK

2.5 kB

URL HTTP/2
www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww9.applicationgrabb.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDI0ODFiZjhlZjMzfHx8MTY4MDExNDExMS41OTExfDMyOTA1ZmViNzZlZGRhN2M2NWRmYWVkMzBhNmZhNDlhNWJkZWEyNzl8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxjZTBiYWUzNTdiNWUyYzRlNDE3ODc3MWM0MmExYzQ5ZTBkNTQyZTM5fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2541811284092968&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3%7Cs&nocache=7231680114135495&num=0&output=afd_ads&domain_name=ww9.applicationgrabb.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1680114135496&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=518347065&uio=--&cont=tc&jsid=caf&jsv=518347065&rurl=http%3A%2F%2Fww9.applicationgrabb.com%2F&referer=http%3A%2F%2Fapplicationgrabb.com%2F&adbw=master-1%3A530
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6170)
Size
2.5 kB (2462 bytes)
Hash
e00c6cf1ae7cebf56e968315cd5c503d
e2065c5689951fed56f3402064a388b53d24839e
3762b65cbce667a3fcdbddfdbe0f2e503a6434b92597b652fe7cb68eb816afd8

HTTP Headers

GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww9.applicationgrabb.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDI0ODFiZjhlZjMzfHx8MTY4MDExNDExMS41OTExfDMyOTA1ZmViNzZlZGRhN2M2NWRmYWVkMzBhNmZhNDlhNWJkZWEyNzl8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxjZTBiYWUzNTdiNWUyYzRlNDE3ODc3MWM0MmExYzQ5ZTBkNTQyZTM5fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2541811284092968&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3%7Cs&nocache=7231680114135495&num=0&output=afd_ads&domain_name=ww9.applicationgrabb.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1680114135496&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=518347065&uio=--&cont=tc&jsid=caf&jsv=518347065&rurl=http%3A%2F%2Fww9.applicationgrabb.com%2F&referer=http%3A%2F%2Fapplicationgrabb.com%2F&adbw=master-1%3A530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww9.applicationgrabb.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Wed, 29 Mar 2023 18:21:51 GMT
expires: Wed, 29 Mar 2023 18:21:51 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-wfQAGgWhvKOe36RBtPzSfA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 2462
x-xss-protection: 0
set-cookie: NID=511=Z0obi_W0Itgw169AE3E7HnxVr011PCpVX7gDmuExCNl0TjweyPCKo8LT-rHHjp0eq_xuYxDsMoYNhYiCeaCWftqdtXtnJ8SMjoSdKLkICWNvCDGGiCr1Mw4gPCyG1Q-rEPCu4tJPZ9g8UvyB-LX6uLrdqhyoCwiy2rpy32YMovI; expires=Thu, 28-Sep-2023 18:21:51 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+390; expires=Fri, 28-Mar-2025 18:21:51 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980037790ada70c8073ba9a8d5cc825e
6346559da4cce00710525b8c51e5e22d0dde4693
d399e83b9fb36a722e729da0685e3bdbd744ad826f05fe8a1d62e546fc67d42f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 18:21:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
dc0cf0275c44e5495e8f323c00b9d588
f7f19e521a439f85915f7582797a060629b879c6
abc856a823e0d89a87f6a4d3b2a48f5dcb99cdd94ce5d3b8cb8d51e665a74c4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 18:21:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
443af0b9411c9518ba61aca878cb6a56
e9c0bb70f0acf1208bef95c661cd0aac2d51e105
7cf2cfd8c4244cebb536055a42972473359b8eedc41629b4cda38b822c79eda6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 18:21:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
443af0b9411c9518ba61aca878cb6a56
e9c0bb70f0acf1208bef95c661cd0aac2d51e105
7cf2cfd8c4244cebb536055a42972473359b8eedc41629b4cda38b822c79eda6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 18:21:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff

142.250.74.97

200 OK

270 B

URL HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Size
270 B (270 bytes)
Hash
5100391430a00e10ce60aa159f525b5c
231a4492d73b225f441b1e9028dc33c89862e498
52b1432a6e3002e41ed1d8f4c84b258fdc4c6dac863e3c0e5c06360c81be6067

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 29 Mar 2023 06:20:16 GMT
expires: Thu, 30 Mar 2023 05:20:16 GMT
cache-control: public, max-age=82800
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 43296
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/adsense/domains/caf.js

142.250.74.132

200 OK

54 kB

URL HTTP/2
www.google.com/adsense/domains/caf.js
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2193)
Size
54 kB (54096 bytes)
Hash
8e06bff436e959ea1f83137dce512d3f
f188004ac1ca5ac8698dfcd2ea467359a6466076
1c6ba8b2ec1ef9a3cfd7b249257e70dbf0ac54ced46965c03c295b4a9694c6f1

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Wed, 29 Mar 2023 18:21:52 GMT
expires: Wed, 29 Mar 2023 18:21:52 GMT
cache-control: private, max-age=3600
etag: "10136708997424004625"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ww9.applicationgrabb.com/track.php?domain=applicationgrabb.com&caf=1&toggle=answercheck&answer=yes&uid=MTY4MDExNDExMS41ODU1Ojk0MzA4YzcyNGUwMTIwNmUzMTA0ZWUxNDlmZDBmNzY5ZjEzMTkzNGRlYTc2MDczODk1YzRiYjQ0MWFhNDdiYzY6NjQyNDgxYmY4ZWY0Yw%3D%3D

76.223.26.96

200 OK

20 B

URL HTTP/1.1
ww9.applicationgrabb.com/track.php?domain=applicationgrabb.com&caf=1&toggle=answercheck&answer=yes&uid=MTY4MDExNDExMS41ODU1Ojk0MzA4YzcyNGUwMTIwNmUzMTA0ZWUxNDlmZDBmNzY5ZjEzMTkzNGRlYTc2MDczODk1YzRiYjQ0MWFhNDdiYzY6NjQyNDgxYmY4ZWY0Yw%3D%3D
IP
76.223.26.96:0
ASN
#16509 AMAZON-02

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /track.php?domain=applicationgrabb.com&caf=1&toggle=answercheck&answer=yes&uid=MTY4MDExNDExMS41ODU1Ojk0MzA4YzcyNGUwMTIwNmUzMTA0ZWUxNDlmZDBmNzY5ZjEzMTkzNGRlYTc2MDczODk1YzRiYjQ0MWFhNDdiYzY6NjQyNDgxYmY4ZWY0Yw%3D%3D HTTP/1.1
Host: ww9.applicationgrabb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww9.applicationgrabb.com/
Cookie: __gsas=ID=fe3510edb782fb1e:T=1680114111:S=ALNI_MYU_-M1mBR8BPA7_-omFkzWGi9lFA

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 18:21:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
443af0b9411c9518ba61aca878cb6a56
e9c0bb70f0acf1208bef95c661cd0aac2d51e105
7cf2cfd8c4244cebb536055a42972473359b8eedc41629b4cda38b822c79eda6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 18:21:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16106
Expires: Wed, 29 Mar 2023 22:50:18 GMT
Date: Wed, 29 Mar 2023 18:21:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16106
Expires: Wed, 29 Mar 2023 22:50:18 GMT
Date: Wed, 29 Mar 2023 18:21:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16106
Expires: Wed, 29 Mar 2023 22:50:18 GMT
Date: Wed, 29 Mar 2023 18:21:52 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6049 bytes)
Hash
253f48aa7cbf667d52cb37fda10cdb1f
e29478b866f90402b48d2b516d01d60a863c9cf9
b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CgvBFFMGIAMFhCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: -XwoHom5AT8j5yHNvfnYQ-9xIqVpsyDffwFM0d_ESJicJvL8pTcABg==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:50:28 GMT
age: 73884
etag: "e29478b866f90402b48d2b516d01d60a863c9cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6722 bytes)
Hash
d0a85ec27ed4f7910e26b4ff023ab1fb
f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0
fc31409ba6db565d4861a35ee6f74b7436eea5e5169bc1283f63cf6dfdb03764

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6722
x-amzn-requestid: a6de82bd-5b03-4ffd-90dd-9bd03331d123
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GG2IAMFuzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-7cb1c8187fe3d2b0283fb3a0;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: y5vKgCZTlgD6ji-loyjRA9cPpJWpdR7yDH60LL0bRa1b8DtG4WsX9g==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:51:37 GMT
age: 73815
etag: "f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7605 bytes)
Hash
fd1bc71c7e9eed7c086d752ea8b4b992
02a74cf88501d65b3dfcceb5adc79fd93ce785ed
a9a423d347533322d4d3ba90ee5fca5ca32f8d540f744ea2621deeda46df89f3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7605
x-amzn-requestid: b7628073-4eb3-4ef6-b7d0-0224e0a75601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GFPoAMFebQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-445041c74356c54053f772a1;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 2LLHDcPZsSP1XPxH7agC7FhVwQQXfrWq3CEOSz0mBTjGykXxNQIq9Q==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:56:00 GMT
age: 73552
etag: "02a74cf88501d65b3dfcceb5adc79fd93ce785ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fede24709-db3b-4687-8715-b976f42d5650.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7630 bytes)
Hash
096bf7a8a2bfe48c19e6bf6887145e64
6193039864cae4ab0163f3a7d45613fb86e6be14
51625131b04aa5294e90062807ca728b7a41db79ea069cd238711f8ead5ecd8a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fede24709-db3b-4687-8715-b976f42d5650.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7630
x-amzn-requestid: 5f162d03-0d82-4cd6-8812-4dac159bc2b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY9HwhIAMFeOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-670279397929c69c0ee58b35;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: LBOtzCZ-Ef7MsXDj9uh8QSi4jdLTSR3lEtZqRrU6ldmCZVqvpoAQmw==
via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:43:57 GMT
age: 74275
etag: "6193039864cae4ab0163f3a7d45613fb86e6be14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5414 bytes)
Hash
8afbc872d18847aaed67054dbfc2d31b
6eb894c4aa4fa53d9a3d4b948b5e65b7e9a76d5b
65c2b5fe2a3df654cfed7e7721b2d8f08665a72bb358b4d6e30e7cba853336e3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5414
x-amzn-requestid: b6795b2f-1460-4516-bac0-9148e9868fa1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguaYF5jIAMFmiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ddb-42762e4f0aa5e6050f82d138;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:27 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: m58cZVJmakcZ1uuctpXkKhsB7_LGUZrxkCV5G8B17CYVYOl5QpjR1w==
via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:51:37 GMT
age: 73815
etag: "6eb894c4aa4fa53d9a3d4b948b5e65b7e9a76d5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8745 bytes)
Hash
ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: FHONNj6M7I5oVTKAKYspq0ZAJMYohURXs5ufSL-r--zCSdjuSvrpSA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:51:37 GMT
age: 73815
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML