urlquery - report: apubyxipudyv.cf/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
apubyxipudyv.cf (1)	0	No data	No data	195.20.50.185	Unknown ranking
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-09-24 15:49:37 UTC	13.224.132.23
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-09-24 04:26:56 UTC	13.224.132.7
domain.dot.tk (1)	166571	2012-05-22 17:00:16 UTC	2022-09-24 04:27:09 UTC	88.198.252.121
freenom.link (4)	110921	2016-10-26 19:27:38 UTC	2022-09-24 04:27:10 UTC	199.59.243.222
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-09-24 04:22:29 UTC	34.120.237.76
www.google.com (1)	7	2016-08-04 12:36:31 UTC	2022-09-24 13:42:18 UTC	142.250.74.164
r3.o.lencr.org (5)	344	2020-12-02 08:52:13 UTC	2022-09-24 04:21:50 UTC	23.36.77.32
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-09-24 04:22:23 UTC	34.117.237.239
ocsp.digicert.com (1)	86	2012-05-21 07:02:23 UTC	2022-09-24 12:29:46 UTC	93.184.220.29
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-09-24 05:36:42 UTC	44.237.239.70
ocsp.pki.goog (2)	175	2017-06-14 07:23:31 UTC	2022-09-24 04:23:20 UTC	142.250.74.3

Scan Date	Severity	Indicator	Comment
2022-09-24	2	apubyxipudyv.cf/	Phishing

Date	UQ / IDS / BL	URL	IP
2023-03-09 18:14:22 +0000	0 - 4 - 1	online-pdf-doc-guilfordcountync.cf/adobe/emai (...)	195.20.50.185
2023-03-09 16:53:54 +0000	0 - 6 - 1	bankofamerica.com.checking-accountdetails.sen (...)	195.20.50.185
2023-03-09 10:23:09 +0000	0 - 5 - 0	kyxapycu.gq/obsessive-essay-disorder-conclusi (...)	195.20.50.185
2023-03-09 01:03:35 +0000	0 - 3 - 0	online.bankofamerica.com.checking-accountdeta (...)	195.20.50.185
2023-03-08 10:38:41 +0000	0 - 5 - 1	chat-whatsapeb.ga/	195.20.50.185

Date	UQ / IDS / BL	URL	IP
2023-03-31 13:29:31 +0000	0 - 3 - 2	paypal-myaccount.tk/	195.20.45.202
2023-03-30 01:52:30 +0000	0 - 2 - 1	woonnet-account.ga/index.php/false/false/py1n (...)	195.20.55.248
2023-03-29 19:52:05 +0000	0 - 2 - 2	google.onedriver-srv.ml	195.20.55.179
2023-03-28 10:30:09 +0000	0 - 5 - 0	maglesscrisal.ga/	195.20.54.124
2023-03-28 08:53:14 +0000	0 - 1 - 0	aggressivepvp.cf/retard.sh	195.20.50.37

Date	UQ / IDS / BL	URL	IP
2022-09-24 20:25:27 +0000	0 - 0 - 1	apubyxipudyv.cf/	195.20.50.185

Date	UQ / IDS / BL	URL	IP
2023-03-31 19:22:08 +0000	0 - 0 - 4	103.241.72.22/	103.241.72.22
2023-03-31 19:21:12 +0000	0 - 0 - 4	103.241.72.22/	103.241.72.22
2023-03-31 19:01:13 +0000	0 - 1 - 1	shalomimoveissg.com.br/nasty/pasta/Tensentric (...)	64.31.47.126
2023-03-31 18:47:16 +0000	0 - 0 - 1	trulabdc.com/public/sa/isijxjktiwh8l/allison. (...)	137.59.110.65
2023-03-31 18:41:14 +0000	0 - 1 - 3	declotmart.cf/a1b2c3/99c85ae68bfce2174235701e (...)	162.240.234.31

Request	Response
GET / HTTP/1.1 Host: apubyxipudyv.cf User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: apubyxipudyv.cf/ FQDN: apubyxipudyv.cf IP: 195.20.50.185 HASH: 881f5b73da755369596ada4fb4596f687451a70096d491f60ad2c4ba393b40f9 195.20.50.185 HTTP/1.1 203 Content-Type: text/html;charset=UTF-8 Server: nginx Date: Sat, 24 Sep 2022 20:25:19 GMT Content-Length: 651 Connection: keep-alive Cache-Control: no-cache Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT X-Server: ip-172-31-1-132 Set-Cookie: JSESSIONID=14B427D61CF62D93C3103BBE7152FF82; Path=/; HttpOnly --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 651 Md5: c5de3fa8f912794798b6d9c2411cb131 Sha1: 15b08b1aaf87470bcf9bd8440bfa24882354d204 Sha256: 881f5b73da755369596ada4fb4596f687451a70096d491f60ad2c4ba393b40f9 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80" Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5981 Expires: Sat, 24 Sep 2022 22:04:58 GMT Date: Sat, 24 Sep 2022 20:25:17 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 09a973de929ab7452edc342c780d3668 Sha1: 3f14f6e0a36f76863c0aea6fb561c266404a7ea3 Sha256: e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 13.224.132.23 HASH: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45 13.224.132.23 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After Cache-Control: max-age=3600 Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Sat, 24 Sep 2022 20:05:45 GMT X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 1d01c9eafefacaa6322fccd6199f781c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: LHR3-C2 X-Amz-Cf-Id: v_Ylm_q91Nq4R_863ap_2cA-KwGTGZUbw8_5hREelLoyNd7hG5t3ZA== Age: 1172 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 1b3053fa528e28810f8a2cc9284cc921 Sha1: cca9eb471d941881a6b9a1793aecb6c281908f6a Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 13.224.132.7 HASH: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770 13.224.132.7 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Sat, 10 Sep 2022 18:47:45 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Sat, 24 Sep 2022 04:13:03 GMT etag: "6113f8408c59aebe188d6af273b90743" x-cache: Hit from cloudfront via: 1.1 13381fd50efa5561b2ef8fff32bb471a.cloudfront.net (CloudFront) x-amz-cf-pop: LHR3-C2 x-amz-cf-id: 0pK8oE2d7cM9JPnI0KDj9BPtmlpfPFL3Djrpc4p5R3mRrckK-u8Eaw== age: 58334 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 6113f8408c59aebe188d6af273b90743 Sha1: 7398873bf00f99944eaa77ad3ebc0d43c23dba6b Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 24 Sep 2022 20:25:17 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /p/?d=APUBYXIPUDYV.CF&i=91.90.42.154&c=47&ro=0&ref=unknown&_=1664051116933 HTTP/1.1 Host: domain.dot.tk User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://apubyxipudyv.cf/ Upgrade-Insecure-Requests: 1	URL: domain.dot.tk/p/?d=APUBYXIPUDYV.CF&i=91.90.42.154&c=47& (...) FQDN: domain.dot.tk IP: 88.198.252.121 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 88.198.252.121 HTTP/1.0 301 Moved Permanently Content-Type: text/html; charset=ISO-8859-1 Date: Sat, 24 Sep 2022 20:27:56 GMT Server: nginx/1.18.0 Content-Length: 0 Location: http://freenom.link/?k=80808080&_=1664050890 Connection: close --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?k=80808080&_=1664050890 HTTP/1.1 Host: freenom.link User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://apubyxipudyv.cf/ Connection: keep-alive Cookie: __gsas=ID=b8c620e3f8c68bad:T=1652904609:S=ALNI_MYpQkCaQQi3ZFKp8riGhVYS_gOYgw Upgrade-Insecure-Requests: 1	URL: freenom.link/?k=80808080&_=1664050890 FQDN: freenom.link IP: 199.59.243.222 HASH: 45dc7eba9aa4436449475ef5b6ddd6427abcb4f6c520c7c87d06ae649c5cf1cf 199.59.243.222 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: openresty Date: Sat, 24 Sep 2022 20:25:17 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: parking_session=c6e1b1d2-e369-0cbd-b6b6-ae97b875f1ef; expires=Sat, 24-Sep-2022 20:40:17 GMT; Max-Age=900; path=/; HttpOnly X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_jSGGGrQxvOr75MRPq8LTT6L9xqqyJiypT9tzEZ6bTh1LpOjVP6ZSupNsqWmaQZySfbwPagZxIBqXV3XS/PBG6g== Accept-CH: sec-ch-prefers-color-scheme Critical-CH: sec-ch-prefers-color-scheme Vary: sec-ch-prefers-color-scheme Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1631), with no line terminators Size: 1153 Md5: 66592889bfea67262682644179c6d617 Sha1: 6bf8b809f1f8f8a362bd73f89dc26921735496b5 Sha256: 45dc7eba9aa4436449475ef5b6ddd6427abcb4f6c520c7c87d06ae649c5cf1cf
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 13.224.132.23 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 13.224.132.23 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Cache-Control: max-age=3600, max-age=3600 Date: Sat, 24 Sep 2022 20:20:46 GMT Expires: Sat, 24 Sep 2022 21:02:43 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 78c7e5b1be457bfecc477642c3ddd802.cloudfront.net (CloudFront) X-Amz-Cf-Pop: LHR3-C2 X-Amz-Cf-Id: GC-PUhMlibBs3Wr_YVyWTTStwjGFaY9lKdv9UNHxwXXqX8c6Ng4Pzw== Age: 271 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /js/parking.2.97.1.js HTTP/1.1 Host: freenom.link User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://freenom.link/?k=80808080&_=1664050890 Cookie: __gsas=ID=b8c620e3f8c68bad:T=1652904609:S=ALNI_MYpQkCaQQi3ZFKp8riGhVYS_gOYgw; parking_session=c6e1b1d2-e369-0cbd-b6b6-ae97b875f1ef	URL: freenom.link/js/parking.2.97.1.js FQDN: freenom.link IP: 199.59.243.222 HASH: 41b949c280207dceace555073cb0acb81019b5ef54fd48a467e3bbf5d5884c65 199.59.243.222 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Server: openresty Date: Sat, 24 Sep 2022 20:25:17 GMT Last-Modified: Fri, 23 Sep 2022 14:52:38 GMT Transfer-Encoding: chunked Connection: keep-alive Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Encoding: gzip --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (65536), with no line terminators Size: 22240 Md5: 3141e5dc07a2d61a8c9ddd58f9d53dfd Sha1: 8544a047fb697b912cd47caa61b50501e13f9969 Sha256: 41b949c280207dceace555073cb0acb81019b5ef54fd48a467e3bbf5d5884c65
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5341 Cache-Control: 'max-age=158059' Date: Sat, 24 Sep 2022 20:25:17 GMT Last-Modified: Sat, 24 Sep 2022 18:56:16 GMT Server: ECS (ska/F70A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: a7809de115ea73f8b61f3d20a9978493 Sha1: 01fc65a2b694d7aadd5204d21801e87b2b55b73e Sha256: 72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST /_fd?k=80808080&_=1664050890 HTTP/1.1 Host: freenom.link User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://freenom.link/?k=80808080&_=1664050890 Content-Type: application/json Origin: http://freenom.link Connection: keep-alive Cookie: __gsas=ID=b8c620e3f8c68bad:T=1652904609:S=ALNI_MYpQkCaQQi3ZFKp8riGhVYS_gOYgw; parking_session=c6e1b1d2-e369-0cbd-b6b6-ae97b875f1ef Content-Length: 0	URL: freenom.link/_fd?k=80808080&_=1664050890 FQDN: freenom.link IP: 199.59.243.222 HASH: ea8d74c6ed0593754180aa62ed0713c5ed6aab826206d38604c985ed1fc63798 199.59.243.222 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: openresty Transfer-Encoding: chunked Connection: keep-alive Date: Sat, 24 Sep 2022 20:25:17 GMT X-Version: 2.97.1 Set-Cookie: parking_session=c6e1b1d2-e369-0cbd-b6b6-ae97b875f1ef; expires=Sat, 24-Sep-2022 20:40:17 GMT; Max-Age=900; path=/; httponly Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (5129), with no line terminators Size: 2566 Md5: a4769d5dbaf60e5d09c90cdf55fa0efb Sha1: aef62e24ff7e63ed1ca6be77e63d2a41087cc87a Sha256: ea8d74c6ed0593754180aa62ed0713c5ed6aab826206d38604c985ed1fc63798
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: y1E41HQ1ENhrWfoeYlpvuQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 44.237.239.70 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 44.237.239.70 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: h89gngDxVKkUIZkhUkMi5SDBqPI= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: cb117ac56fe205bfca3b512ed3d8ddb46a7115446d099739cc4d111c853696ae 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 24 Sep 2022 20:25:18 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 23ba09c14e337ac70d877d2ed33dc795 Sha1: 175d5155889b45711d0a9050116591ad25e74891 Sha256: cb117ac56fe205bfca3b512ed3d8ddb46a7115446d099739cc4d111c853696ae
GET /favicon.ico HTTP/1.1 Host: freenom.link User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://freenom.link/?k=80808080&_=1664050890 Cookie: __gsas=ID=b8c620e3f8c68bad:T=1652904609:S=ALNI_MYpQkCaQQi3ZFKp8riGhVYS_gOYgw; parking_session=c6e1b1d2-e369-0cbd-b6b6-ae97b875f1ef	URL: freenom.link/favicon.ico FQDN: freenom.link IP: 199.59.243.222 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 199.59.243.222 HTTP/1.1 200 OK Content-Type: image/x-icon Server: openresty Date: Sat, 24 Sep 2022 20:25:18 GMT Content-Length: 0 Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT Connection: keep-alive ETag: "61424bb6-0" x-backend-server: ip-10-201-16-241.ec2.internal Accept-Ranges: bytes --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 24 Sep 2022 20:25:18 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 423331d8bae78ba045bea86f1e4c6e7f Sha1: 8ed72a508ba25a95e6899569180a02728d5edb5c Sha256: fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5491 Expires: Sat, 24 Sep 2022 21:56:50 GMT Date: Sat, 24 Sep 2022 20:25:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7038cca95198779d8bb479045eb56652 Sha1: e9dcf9451e849f4d55b0909b33a51bd0b1a35296 Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5491 Expires: Sat, 24 Sep 2022 21:56:50 GMT Date: Sat, 24 Sep 2022 20:25:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7038cca95198779d8bb479045eb56652 Sha1: e9dcf9451e849f4d55b0909b33a51bd0b1a35296 Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5491 Expires: Sat, 24 Sep 2022 21:56:50 GMT Date: Sat, 24 Sep 2022 20:25:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7038cca95198779d8bb479045eb56652 Sha1: e9dcf9451e849f4d55b0909b33a51bd0b1a35296 Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5491 Expires: Sat, 24 Sep 2022 21:56:50 GMT Date: Sat, 24 Sep 2022 20:25:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7038cca95198779d8bb479045eb56652 Sha1: e9dcf9451e849f4d55b0909b33a51bd0b1a35296 Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10032 x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y7sPBHGYoAMFh-Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0 x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google date: Fri, 23 Sep 2022 21:56:56 GMT age: 80903 etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10032 Md5: aa150280eb113504d61a25935c0f0127 Sha1: ed04f74fbb4c77b21e2babc51a82857f5e23d169 Sha256: 07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: aab96d28ea8e21e6d37449eba400cac45acced1825ebdb27853d17ae4f993b00 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7963 x-amzn-requestid: cadfa4ff-473d-4927-bdf6-3aad64cddf18 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y7sQbHTCIAMFfZg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632e2735-41d711e5210099aa6273dd86;Sampled=0 x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:57 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: g0NS7XamCzSMKmm1-mLnWLwUuBoJczvwSmTb0c_7klsY78wbrg4bRw== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google date: Fri, 23 Sep 2022 21:57:02 GMT age: 80897 etag: "d2180d40ceb16924a87a41aad90dedb0bb912085" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7963 Md5: 5a4b36e1bf29c9c82f069cdd3c50874c Sha1: d2180d40ceb16924a87a41aad90dedb0bb912085 Sha256: aab96d28ea8e21e6d37449eba400cac45acced1825ebdb27853d17ae4f993b00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8029 x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y4Y0tHjGoAMFcFw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0 x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google date: Fri, 23 Sep 2022 21:59:08 GMT age: 80771 etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8029 Md5: 02a682b4703bb9d6381c762726c05531 Sha1: 1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54 Sha256: fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6386 x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y7shGHryIAMF6zg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0 x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google date: Fri, 23 Sep 2022 21:52:36 GMT age: 81163 etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6386 Md5: d8d9af95acfc8b9b431eb1e020157f6d Sha1: f6f926be6e265a597aaede424f05fcd7c76fcc20 Sha256: 0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9935 x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y7sQ5FARoAMFXQQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0 x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google date: Fri, 23 Sep 2022 21:53:50 GMT age: 81089 etag: "a30f9044330824e70dde0dcc785890d981e6fdf5" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9935 Md5: 55d224ac83a417772c98bc5080fb6689 Sha1: a30f9044330824e70dde0dcc785890d981e6fdf5 Sha256: b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10279 x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Y4V65GTXIAMF9-Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0 x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: NcnEyVD-vG10pOpPCBMjKGqVw-rstkPIt-oqkIc5urAGE934fxL0VQ== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google date: Sat, 24 Sep 2022 04:12:38 GMT age: 58361 etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10279 Md5: 8ea5f06ad31f0cedd2cb5c6df82f35f4 Sha1: 60a83a1618ffae06e49ca3002bac1db9980dcfe8 Sha256: 5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /adsense/domains/caf.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://freenom.link/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google.com/adsense/domains/caf.js FQDN: www.google.com IP: 142.250.74.164 142.250.74.164 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Sat, 24 Sep 2022 20:25:18 GMT expires: Sat, 24 Sep 2022 20:25:18 GMT cache-control: private, max-age=3600 etag: "14650250804420140278" x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80" 

                                        
                                            
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=5981 

                                        
                                            
Expires: Sat, 24 Sep 2022 22:04:58 GMT 

                                        
                                            
Date: Sat, 24 Sep 2022 20:25:17 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    09a973de929ab7452edc342c780d3668

                                                Sha1:   3f14f6e0a36f76863c0aea6fb561c266404a7ea3

                                                Sha256: e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         13.224.132.7

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
content-length: 5348 

                                        
                                            
last-modified: Sat, 10 Sep 2022 18:47:45 GMT 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
date: Sat, 24 Sep 2022 04:13:03 GMT 

                                        
                                            
etag: "6113f8408c59aebe188d6af273b90743" 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 13381fd50efa5561b2ef8fff32bb471a.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: LHR3-C2 

                                        
                                            
x-amz-cf-id: 0pK8oE2d7cM9JPnI0KDj9BPtmlpfPFL3Djrpc4p5R3mRrckK-u8Eaw== 

                                        
                                            
age: 58334 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    6113f8408c59aebe188d6af273b90743

                                                Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b

                                                Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

                                        
                                            GET /p/?d=APUBYXIPUDYV.CF&i=91.90.42.154&c=47&ro=0&ref=unknown&_=1664051116933 HTTP/1.1 

                                        
                                            
Host: domain.dot.tk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://apubyxipudyv.cf/ 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         88.198.252.121

                                        
                                            HTTP/1.0 301 Moved Permanently 

                                        
                                            
Content-Type: text/html; charset=ISO-8859-1

                                        

                                        
                                            
Date: Sat, 24 Sep 2022 20:27:56 GMT 

                                        
                                            
Server: nginx/1.18.0 

                                        
                                            
Content-Length: 0 

                                        
                                            
Location: http://freenom.link/?k=80808080&_=1664050890 

                                        
                                            
Connection: close 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         13.224.132.23

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 329 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Cache-Control: max-age=3600, max-age=3600 

                                        
                                            
Date: Sat, 24 Sep 2022 20:20:46 GMT 

                                        
                                            
Expires: Sat, 24 Sep 2022 21:02:43 GMT 

                                        
                                            
ETag: "1648230346554" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 78c7e5b1be457bfecc477642c3ddd802.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: LHR3-C2 

                                        
                                            
X-Amz-Cf-Id: GC-PUhMlibBs3Wr_YVyWTTStwjGFaY9lKdv9UNHxwXXqX8c6Ng4Pzw== 

                                        
                                            
Age: 271 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 5341 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Sat, 24 Sep 2022 20:25:17 GMT 

                                        
                                            
Last-Modified: Sat, 24 Sep 2022 18:56:16 GMT 

                                        
                                            
Server: ECS (ska/F70A) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    a7809de115ea73f8b61f3d20a9978493

                                                Sha1:   01fc65a2b694d7aadd5204d21801e87b2b55b73e

                                                Sha256: 72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: y1E41HQ1ENhrWfoeYlpvuQ== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         44.237.239.70

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: h89gngDxVKkUIZkhUkMi5SDBqPI= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: freenom.link

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://freenom.link/?k=80808080&_=1664050890 

                                        
                                            
Cookie: __gsas=ID=b8c620e3f8c68bad:T=1652904609:S=ALNI_MYpQkCaQQi3ZFKp8riGhVYS_gOYgw; parking_session=c6e1b1d2-e369-0cbd-b6b6-ae97b875f1ef

                                         199.59.243.222

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/x-icon

                                        

                                        
                                            
Server: openresty 

                                        
                                            
Date: Sat, 24 Sep 2022 20:25:18 GMT 

                                        
                                            
Content-Length: 0 

                                        
                                            
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
ETag: "61424bb6-0" 

                                        
                                            
x-backend-server: ip-10-201-16-241.ec2.internal 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" 

                                        
                                            
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=5491 

                                        
                                            
Expires: Sat, 24 Sep 2022 21:56:50 GMT 

                                        
                                            
Date: Sat, 24 Sep 2022 20:25:19 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    7038cca95198779d8bb479045eb56652

                                                Sha1:   e9dcf9451e849f4d55b0909b33a51bd0b1a35296

                                                Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3" 

                                        
                                            
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=5491 

                                        
                                            
Expires: Sat, 24 Sep 2022 21:56:50 GMT 

                                        
                                            
Date: Sat, 24 Sep 2022 20:25:19 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    7038cca95198779d8bb479045eb56652

                                                Sha1:   e9dcf9451e849f4d55b0909b33a51bd0b1a35296

                                                Sha256: 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 10032 

                                        
                                            
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: Y7sPBHGYoAMFh-Q= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw== 

                                        
                                            
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 23 Sep 2022 21:56:56 GMT 

                                        
                                            
age: 80903 

                                        
                                            
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10032

                                                Md5:    aa150280eb113504d61a25935c0f0127

                                                Sha1:   ed04f74fbb4c77b21e2babc51a82857f5e23d169

                                                Sha256: 07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8029 

                                        
                                            
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: Y4Y0tHjGoAMFcFw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA== 

                                        
                                            
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 23 Sep 2022 21:59:08 GMT 

                                        
                                            
age: 80771 

                                        
                                            
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8029

                                                Md5:    02a682b4703bb9d6381c762726c05531

                                                Sha1:   1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54

                                                Sha256: fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 9935 

                                        
                                            
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: Y7sQ5FARoAMFXQQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg== 

                                        
                                            
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 23 Sep 2022 21:53:50 GMT 

                                        
                                            
age: 81089 

                                        
                                            
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9935

                                                Md5:    55d224ac83a417772c98bc5080fb6689

                                                Sha1:   a30f9044330824e70dde0dcc785890d981e6fdf5

                                                Sha256: b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a

                                        
                                            GET /adsense/domains/caf.js HTTP/1.1 

                                        
                                            
Host: www.google.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://freenom.link/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.164

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=UTF-8

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" 

                                        
                                            
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} 

                                        
                                            
date: Sat, 24 Sep 2022 20:25:18 GMT 

                                        
                                            
expires: Sat, 24 Sep 2022 20:25:18 GMT 

                                        
                                            
cache-control: private, max-age=3600 

                                        
                                            
etag: "14650250804420140278" 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	apubyxipudyv.cf/
IP	195.20.50.185 (Netherlands)
ASN	#31624 Verotel International B.V.
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-09-24 20:25:27 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (12)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 195.20.50.185

Last 5 reports on ASN: Verotel International B.V.

Last 1 reports on domain: apubyxipudyv.cf

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (4)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (26)

Overview

Domain Summary (12)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 195.20.50.185

Last 5 reports on ASN: Verotel International B.V.

Last 1 reports on domain: apubyxipudyv.cf

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (4)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (26)

Network Intrusion Detection Systems