Report - www.domain.gr.com/r.php?q=web/df584bf48fa537de1aedba772c2c908f/sites/idiwtes/el/Pages/loading2.php

Report Overview

Submitted URL
www.domain.gr.com/r.php?q=web/df584bf48fa537de1aedba772c2c908f/sites/idiwtes/el/Pages/loading2.php
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-29 10:08:35
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	34.216.49.139
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	2.0 kB	36 kB	142.250.74.163
d3fit27i5nzkqh.cloudfront.net	unknown	2021-01-16T17:16:58Z	2023-03-13T08:33:44Z	1.7 kB	2.0 kB	54.230.111.16
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	368 B	1.9 kB	104.18.21.226
editor.systeme.io	unknown	2020-02-12T11:08:12Z	2023-03-13T08:33:43Z	430 B	11 kB	54.230.111.73
marketing.systeme.io	unknown	2022-12-31T19:03:38Z	2023-02-02T19:32:46Z	458 B	155 kB	54.230.111.73
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.1 kB	4.2 kB	216.58.211.3
d1yei2z3i6k35z.cloudfront.net	unknown	2020-12-04T18:06:05Z	2023-03-13T08:33:44Z	859 B	1.1 MB	54.230.111.92
d2543nuuc0wvdg.cloudfront.net	unknown	2021-07-13T11:59:50Z	2023-03-13T07:50:29Z	402 B	108 kB	54.230.245.82
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	2.7 kB	45 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	441 B	11 kB	142.250.74.74
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
www.domain.gr.com	unknown	2014-11-03T09:40:07Z	2023-02-03T19:13:28Z	793 B	1.3 kB	188.114.96.1
cdn.polyfill.io	2365	2014-10-18T19:04:13Z	2023-03-13T05:11:22Z	412 B	755 B	151.101.193.26
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	887 B	54.230.245.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-29 10:08:31	medium	Client IP	Internal IP	ET INFO Query for Suspicious .gr.com Domain (gr .com in DNS Lookup)
2023-01-29 10:08:31	medium	Client IP	Internal IP	ET INFO Query for Suspicious .gr.com Domain (gr .com in DNS Lookup)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en%2CmatchMedia	222 B	2023-03-07	2024-04-02
Pretty URL cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en%2CmatchMedia IP 151.101.193.26 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:37:41 Last Seen2024-04-02 11:29:21 Times Seen74 Hash b78d24643a2c7754230d68a8f15f090d 58e645c83460b260d7cee45d361ddf1ad212bbeb cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3 Loading...

	marketing.systeme.io/1df5a1ad	91 kB	2023-03-12	2023-03-29
Pretty URL marketing.systeme.io/1df5a1ad IP 54.230.111.73 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:34:02 Last Seen2023-03-29 22:02:21 Times Seen2 Hash a5e170e91c0f6787dd63418808951056 93fbdab9ae3027ecd45c019da80974ed36dd0d1a d31c4bc557a694d4687ecedb68cb2f8001dd9b9d9b5662a3f7021a399988a172 Loading...

	marketing.systeme.io/1df5a1ad	8.1 kB	2023-03-12	2023-10-31
Pretty URL marketing.systeme.io/1df5a1ad IP 54.230.111.73 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:11:01 Last Seen2023-10-31 22:46:09 Times Seen9 Hash b3fbe1045ff6c48dfd193bb72e33423a 8cc5443fa40b41f15a129df7dc563ad0be610559 defaf73b7ab17a3dfcebacd3813ed0ccdbe8c2c6d7e30d1f6c60792378e7a68f Loading...

	marketing.systeme.io/1df5a1ad	27 B	2023-03-07	2024-04-16
Pretty URL marketing.systeme.io/1df5a1ad IP 54.230.111.73 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:00:32 Last Seen2024-04-16 15:13:57 Times Seen53 Hash d497c03eedf1a9fdc5b84868bf8ac4d1 f03d1e651278825c3060157dff9020ceca6e21f9 ca4693f81adf12eb00e25a8a3eac05ae408b372032b4dc3ed1a1e37db7f25127 Loading...

	d3fit27i5nzkqh.cloudfront.net/js/runtimeSimplePage.6525755ed16e40f11e2f.js	1.7 kB	2023-03-07	2023-12-02
Pretty URL d3fit27i5nzkqh.cloudfront.net/js/runtimeSimplePage.6525755ed16e40f11e2f.js IP 54.230.111.16 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:00:32 Last Seen2023-12-02 18:22:11 Times Seen55 Hash 7e48280fb388cda9c9571931b0370d17 8e59d2499c1931afd3c8a2c90354ca69e1bd51e4 e6e6bcec8cf0fab66c48aea5ba1e6cfa240580212d714019a81493caad1c2b99 Loading...

	d3fit27i5nzkqh.cloudfront.net/js/simplePage.a3a6121363adb92c79ff.js	498 kB	2023-03-13	2023-03-13
Pretty URL d3fit27i5nzkqh.cloudfront.net/js/simplePage.a3a6121363adb92c79ff.js IP 54.230.111.16 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:43:33 Last Seen2023-03-13 13:31:35 Times Seen1 Hash 84011515ee8ab6c3786c37b18ca83ebd 3e171cdeebd1767394d3581115abba7432ebf8d6 b02d882dc0f544da64024f470d218128a76829f46b8cade2bd51fe54c755bcdb Loading...

HTTP Transactions (42)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5eb7c9bc996a0ff420e58af45526f053 8c2614832b8efe1c9da0bbd465d6f3f172d95a9e c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3767 Expires: Sun, 29 Jan 2023 11:11:11 GMT Date: Sun, 29 Jan 2023 10:08:24 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3eb88dea4fe00db1182370e72683c3ab ca520abf1e91bfd2aef40c6a1270a911071e8922 d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7" Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2672 Expires: Sun, 29 Jan 2023 10:52:56 GMT Date: Sun, 29 Jan 2023 10:08:24 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash bf0c602d32b3c14606f22a86183b5e3c 6eabd8d83475eba731968abe1a05a8bfd272f160 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 29 Jan 2023 09:43:08 GMT content-type: application/json age: 1516 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 302c7548412192add063ad6c8b99cf3b e5d178931a27db036ce8daae302594d3ff7050b8 fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D" Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3440 Expires: Sun, 29 Jan 2023 11:05:44 GMT Date: Sun, 29 Jan 2023 10:08:24 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: Ky2iX4+9haWlRnug2a9VVibIBuWBUo/ulQFsQ7PU0IedcLvZHWUX6tZzKi/JGozo+yo1LWqolsobMWk/giOI+w== x-amz-request-id: 354457R92EWPWP29 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 29 Jan 2023 09:50:16 GMT age: 1088 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	www.domain.gr.com/r.php?q=web/df584bf48fa537de1aedba772c2c908f/sites/idiwtes/el/Pages/loading2.php	188.114.96.1	302 Found	0 B
URL HTTP/1.1 www.domain.gr.com/r.php?q=web/df584bf48fa537de1aedba772c2c908f/sites/idiwtes/el/Pages/loading2.php IP 188.114.96.1:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /r.php?q=web/df584bf48fa537de1aedba772c2c908f/sites/idiwtes/el/Pages/loading2.php HTTP/1.1 Host: www.domain.gr.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 302 Found Date: Sun, 29 Jan 2023 10:08:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Location: http://www.domain.gr.com/rotator-ext.php Vary: User-Agent CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h51CRASFQjW1FUbUBnX1U%2FipI%2FiqbXYUCiHklkK3iEgch09ihDkfpadzcyBFFx7Ct3TNdx72L23KKs403r3UCQs1nw6KJEU89lBvR0Fvp%2Bz04sUGFMvD8k299FhE4wOYyKaFdA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 79112a989c10b500-OSL alt-svc: h2=":443"; ma=60

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sun, 29 Jan 2023 10:08:24 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	www.domain.gr.com/rotator-ext.php	188.114.96.1	302 Found	0 B
URL HTTP/1.1 www.domain.gr.com/rotator-ext.php IP 188.114.96.1:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /rotator-ext.php HTTP/1.1 Host: www.domain.gr.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 302 Found Date: Sun, 29 Jan 2023 10:08:25 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Location: https://marketing.systeme.io/1df5a1ad Vary: User-Agent CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Q4lO8rnlEk1TNiyGw9g0kXjZGYMwXVxQMu7e2vjIg3Rbuu9ZBDA4csWbQAF4rPrlSRT8muW2%2BQ%2FyZ7DpMCoi02HPtvdruSxHirSmg%2BcAv9aH%2F6qtfOzQp9APhZr43SnRH%2BJPg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 79112a9b1fabb500-OSL alt-svc: h2=":443"; ma=60

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 29 Jan 2023 09:41:41 GMT age: 1604 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 16a7b6a7128312e2f985d30df18c4487 6017bff79ffb525d9c7f9f32b999b74b5dc69602 663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16" Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16465 Expires: Sun, 29 Jan 2023 14:42:50 GMT Date: Sun, 29 Jan 2023 10:08:25 GMT Connection: keep-alive`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8c630e9bbc930d1c367efa81b67be3f7 ec536695531d40a813d99a06271c7c2d698d51d3 39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 10:08:25 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en%2CmatchMedia	151.101.193.26	200 OK	126 B
URL HTTP/2 cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en%2CmatchMedia IP 151.101.193.26:0 ASN #54113 FASTLY File type ASCII text Size 126 B (126 bytes) Hash 73facef13260d15915b31c39a22317b8 2e0d6642d943b6bba33c14ed89db6ca0d98e7844 fe0e7a42051b9bde30f5d3f6679756e2aad5814be1914d6606d961f6e15f07f7 HTTP Headers `GET /v2/polyfill.min.js?features=Intl.~locale.en%2CmatchMedia HTTP/1.1 Host: cdn.polyfill.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://marketing.systeme.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-allow-methods: GET,HEAD,OPTIONS cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 content-type: text/javascript; charset=UTF-8 last-modified: Wed, 25 Jan 2023 17:58:33 GMT content-encoding: br age: 0 accept-ranges: bytes useragent_normaliser: firefox/105.0.0 date: Sun, 29 Jan 2023 10:08:25 GMT vary: User-Agent, Accept-Encoding server-timing: PASS, fastly;desc="Edge time";dur=33 alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length: 126 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8c630e9bbc930d1c367efa81b67be3f7 ec536695531d40a813d99a06271c7c2d698d51d3 39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 10:08:25 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4	104.18.21.226	200 OK	1.5 kB
URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1462 bytes) Hash 85ff6a4c1b752a888ab1ae3688bf1e1a bfefb9e54aa7ae4cc606951caa466a4bc174b0f8 9b938d24de25c6d308ae56ee2032a67449090bdfafe6c6a660847dc85f9f6ffe HTTP Headers `POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sun, 29 Jan 2023 10:08:25 GMT Content-Type: application/ocsp-response Transfer-Encoding: chunked Connection: keep-alive Etag: "D52BFDFF46BE5F518D15DF435F3696141D67D268" Expires: Sun, 29 Jan 2023 21:00:00 GMT Last-Modified: Sun, 29 Jan 2023 09:00:00 UTC Cache-Control: s-maxage=3600, public, no-transform, must-revalidate CF-Cache-Status: HIT Age: 2543 Vary: Accept-Encoding Server: cloudflare CF-RAY: 79112aa02cc9b509-OSL`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 10:08:25 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	push.services.mozilla.com/	34.216.49.139	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 34.216.49.139:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 5DmucaHlUhfTrZx2M6KHKg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: GDxFBQsnxkx9V617jAlrfsmiXt4=`

	fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2	142.250.74.163	200 OK	7.9 kB
URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data Size 7.9 kB (7884 bytes) Hash 9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f HTTP Headers `GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://marketing.systeme.io Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 7884 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 26 Jan 2023 10:05:57 GMT expires: Fri, 26 Jan 2024 10:05:57 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 17:03:52 GMT content-type: font/woff2 age: 259348 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 10:08:25 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2	142.250.74.163	200 OK	8.7 kB
URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 8668, version 1.0\012- data Size 8.7 kB (8668 bytes) Hash a242ba0df3a128a2cab929a8c45d5056 d70e2c70b21cbb66cd883ae56e2dedacefd81c7c 50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972 HTTP Headers `GET /s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://marketing.systeme.io Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 8668 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 28 Jan 2023 10:20:24 GMT expires: Sun, 28 Jan 2024 10:20:24 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 16:07:02 GMT content-type: font/woff2 age: 85681 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2	142.250.74.163	200 OK	8.6 kB
URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 8596, version 1.0\012- data Size 8.6 kB (8596 bytes) Hash 858549c2cb50c37c733cfa191fdb07ea 50900cbabf4ae9e1e174162f091404e343585c65 4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2 HTTP Headers `GET /s/poppins/v20/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://marketing.systeme.io Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 8596 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 27 Jan 2023 09:56:17 GMT expires: Sat, 27 Jan 2024 09:56:17 GMT cache-control: public, max-age=31536000 age: 173528 last-modified: Wed, 27 Apr 2022 16:03:33 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 10:08:25 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 10:08:25 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2	142.250.74.163	200 OK	7.8 kB
URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data Size 7.8 kB (7816 bytes) Hash 25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 HTTP Headers `GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://marketing.systeme.io Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 7816 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 24 Jan 2023 12:46:52 GMT expires: Wed, 24 Jan 2024 12:46:52 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 16:11:40 GMT content-type: font/woff2 age: 422493 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	d1yei2z3i6k35z.cloudfront.net/3043140/63af256e879b7_library-g7cc75390f_1920.jpg	54.230.111.92	200 OK	1.1 MB
URL HTTP/2 d1yei2z3i6k35z.cloudfront.net/3043140/63af256e879b7_library-g7cc75390f_1920.jpg IP 54.230.111.92:0 ASN #16509 AMAZON-02 File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1272, components 3\012- data Size 1.1 MB (1098762 bytes) Hash 6fd20001e7738fe98cad54d07366e2d7 32897abb5f18d718ed308358d72fabc4bfc43a44 1b055962b4659124988089b78b59a68131f7fbc729fde752f3ac0e1b01a22e20 HTTP Headers `GET /3043140/63af256e879b7_library-g7cc75390f_1920.jpg HTTP/1.1 Host: d1yei2z3i6k35z.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://marketing.systeme.io/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: image/jpeg content-length: 1098762 date: Wed, 18 Jan 2023 17:12:07 GMT last-modified: Fri, 30 Dec 2022 17:52:49 GMT etag: "6fd20001e7738fe98cad54d07366e2d7" cache-control: max-age=31536000 accept-ranges: bytes server: AmazonS3 x-robots-tag: noindex x-cache: Hit from cloudfront via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 1h-tDakDCVH6f7DNNl0o_anu0zqrsnHWLtfy7GBXz0S46_0fssPmWg== age: 924978 vary: Origin X-Firefox-Spdy: h2

	d1yei2z3i6k35z.cloudfront.net/161/62f398fdbb17a_Group1.png	54.230.111.92	200 OK	3.2 kB
URL HTTP/2 d1yei2z3i6k35z.cloudfront.net/161/62f398fdbb17a_Group1.png IP 54.230.111.92:0 ASN #16509 AMAZON-02 File type PNG image data, 1160 x 390, 8-bit colormap, non-interlaced\012- data Size 3.2 kB (3213 bytes) Hash d802be4b73c5ff5a3428da663a2d9ccf 59797d6669f6c36e5f395380da4e61eca0d41b95 3697cf977d02e63add168a2ecdef412c175d4dff62d973459c35436cbdece738 HTTP Headers `GET /161/62f398fdbb17a_Group1.png HTTP/1.1 Host: d1yei2z3i6k35z.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://marketing.systeme.io/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: image/png content-length: 3213 date: Thu, 19 Jan 2023 01:47:21 GMT last-modified: Wed, 10 Aug 2022 11:39:43 GMT etag: "d802be4b73c5ff5a3428da663a2d9ccf" cache-control: max-age=31536000 accept-ranges: bytes server: AmazonS3 x-robots-tag: noindex x-cache: Hit from cloudfront via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: T9K_J-5NcEHbHA877soaJ1FpBDX39z-cHvXW8R2FfMH7NRFoL3P01Q== age: 894065 vary: Origin X-Firefox-Spdy: h2

	d2543nuuc0wvdg.cloudfront.net/favicon.ico	54.230.245.82	200 OK	108 kB
URL HTTP/2 d2543nuuc0wvdg.cloudfront.net/favicon.ico IP 54.230.245.82:0 ASN #16509 AMAZON-02 File type MS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data Size 108 kB (107684 bytes) Hash f55949ec10d9a837c0602a861265edff 2bf72350e2641e7cd82ab741b6f4e9dc3ad648cc 9a3f31746c28415015a70910ee9cfbe1c02badc387864d917d12da0027f18c11 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: d2543nuuc0wvdg.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://marketing.systeme.io/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK content-type: image/x-icon content-length: 107684 last-modified: Fri, 21 May 2021 09:07:36 GMT accept-ranges: bytes server: AmazonS3 date: Sun, 29 Jan 2023 07:34:09 GMT etag: "f55949ec10d9a837c0602a861265edff" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: SWNc3ZbWyT3ZUkimoHAXxu03rHM4tqDtL0JXxIwvmCLLltY82zAOug== age: 9306 X-Firefox-Spdy: h2`

	editor.systeme.io/assets/images/affiliate_badge_logo.png	54.230.111.73	200 OK	10 kB
URL HTTP/2 editor.systeme.io/assets/images/affiliate_badge_logo.png IP 54.230.111.73:0 ASN #16509 AMAZON-02 File type PNG image data, 200 x 46, 8-bit/color RGBA, non-interlaced\012- data Size 10 kB (10472 bytes) Hash 8ef4308d7726d4ff8621170e787130ed 5bf7aca16f8d0c20529bd89c5f0cac0903ed3b50 786da302e95e77c4d1d81bd9b5262029cca6156ab196d4315d3918eb9c79d7b6 HTTP Headers `GET /assets/images/affiliate_badge_logo.png HTTP/1.1 Host: editor.systeme.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://marketing.systeme.io/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` `HTTP/2 200 OK content-type: image/png content-length: 10472 date: Mon, 23 Jan 2023 09:14:12 GMT last-modified: Mon, 23 Jan 2023 09:13:38 GMT etag: "8ef4308d7726d4ff8621170e787130ed" cache-control: max-age=31536000,public accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: t9iUaJBWyGeEGK_1A9P6GTNJqsL0RcWknTI4z5xtSlEqumwZGDDeHg== age: 521655 X-Firefox-Spdy: h2`

	ocsp.sca1b.amazontrust.com/	54.230.245.110	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.110:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 7bdce9bb9ed38659a184003c49cf437a bd20b72afadbad4c335d46b8a0999dc85ee075be 0f913312a0dfedf0f63ea57af67a017a82e1ef1386e9be2ea682bd3a79e3cfd7 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Cache-Control: 'max-age=158059' Date: Sun, 29 Jan 2023 10:08:26 GMT Etag: "63d53756-1d7" Server: ECS (dcb/7F3B) X-Cache: Miss from cloudfront Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: xFinlywtmH3W5X8NszOzZ61GTIO811xKlbR381Sm99RPiwtdukMMGg==`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8898 Expires: Sun, 29 Jan 2023 12:36:44 GMT Date: Sun, 29 Jan 2023 10:08:26 GMT Connection: keep-alive`

	marketing.systeme.io/1df5a1ad	54.230.111.73	200 OK	154 kB
URL HTTP/2 marketing.systeme.io/1df5a1ad IP 54.230.111.73:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11286) Size 154 kB (154227 bytes) Hash 80b8f74aab8cdaf396da4e3cd13daafd d889c3e2e41fbf7cc68ea1d1d3863b2da03a7cbc edd2fa2b33e778df80e3edc7c631f8e84ea9e6b175ecfa370e730f609f5b7dfa HTTP Headers `GET /1df5a1ad HTTP/1.1 Host: marketing.systeme.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 200 OK content-type: text/html; charset=UTF-8 date: Sun, 29 Jan 2023 10:08:25 GMT server: nginx/1.14.0 (Ubuntu) expires: Sun, 29 Jan 2023 10:08:25 GMT set-cookie: user=67gcv8jcaj5k4ho3vc9362vlrn; path=/; secure; HttpOnly v=92fbba44591e1c577de1dec0511549edc5c0f2fa114a1a1e02ad0d4d34dbb4bc; expires=Sat, 29-Jan-2033 10:08:25 GMT; Max-Age=315619200; path=/; secure; httponly; samesite=none cache-control: max-age=0, must-revalidate, private, max-age=0, no-store, no-cache, must-revalidate x-cache: Miss from cloudfront via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: wboLf2HuvQtwawD4tm91wc990NqOZ0aYtyHWyDg0q73Mmv-G5cLoag== X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8898 Expires: Sun, 29 Jan 2023 12:36:44 GMT Date: Sun, 29 Jan 2023 10:08:26 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8898 Expires: Sun, 29 Jan 2023 12:36:44 GMT Date: Sun, 29 Jan 2023 10:08:26 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11470 bytes) Hash 10a6491e2c1dfde68c7cd7297e70700f d0f195319825a6d3e5e50ad15b2fcab27cb65896 4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11470 x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fIf6WFgAIAMF6gw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0 x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 23:12:28 GMT age: 39358 etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg	34.120.237.76	200 OK	5.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.6 kB (5594 bytes) Hash 4c77437e3a7361861aed8bfecbfe6bd6 fefd238c13c0fdfb7d964c90fcc8a8cbbf953034 282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5594 x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fLyeEGOloAMFpzA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0 x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: D2ZAelkDgsd0wjoOSoPRwTzhozs84_aIcgwU-QmbDrTnHztVD0VL_A== via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 14:57:16 GMT age: 69070 etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg	34.120.237.76	200 OK	4.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.5 kB (4475 bytes) Hash 4205d8106659e00fff1cbe9262918b8c ab4f6528594a1725934727dc7d834c028a79c609 31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4475 x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa_e6HsaIAMF5Lg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 05:24:09 GMT etag: "ab4f6528594a1725934727dc7d834c028a79c609" content-type: image/jpeg age: 17057 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg	34.120.237.76	200 OK	9.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.2 kB (9167 bytes) Hash 3be81f83687ddb6c93d3ff3c09a9dba2 50a48e737310d3f31840db4301b25927fbcc12c5 e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9167 x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fPF9YEBmIAMF0kQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0 x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 17:35:56 GMT age: 59550 etag: "50a48e737310d3f31840db4301b25927fbcc12c5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg	34.120.237.76	200 OK	8.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.7 kB (8652 bytes) Hash 43c4a8e963936a8064dbd2bd3c67b905 8508727c97127c98b886833af28b3470306216c2 070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8652 x-amzn-requestid: 5a5a883e-d7d4-4fc5-925a-3a95830c504e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fVguyG7BIAMFm8g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d214c4-390b59a32060e41203533c58;Sampled=0 x-amzn-remapped-date: Thu, 26 Jan 2023 05:51:00 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ewSsCY4u9DwRtaj00U9JCim9tYeCgHRuIQFpdHm4ttI6L02-e44iDQ== via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 23:11:24 GMT age: 39422 etag: "8508727c97127c98b886833af28b3470306216c2" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;1,400;1,700&display=swap	142.250.74.74	200 OK	9.9 kB
URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;1,400;1,700&display=swap IP 142.250.74.74:0 ASN #15169 GOOGLE File type data Size 9.9 kB (9936 bytes) Hash 5635053305959ed51c5d10eb0ae1ed03 562c8f6ad2ea2aff6a051cfef40c9d6ebc7d14df 12a06d7ebfbaf107c50a34ab34ef6cbe56924f32a92be45f0f7bec76f75b3d31 HTTP Headers `GET /css2?family=Poppins:ital,wght@0,400;0,700;1,400;1,700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://marketing.systeme.io/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sun, 29 Jan 2023 10:08:25 GMT date: Sun, 29 Jan 2023 10:08:25 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	d3fit27i5nzkqh.cloudfront.net/js/runtimeSimplePage.6525755ed16e40f11e2f.js	54.230.111.16	200 OK	0 B
URL HTTP/2 d3fit27i5nzkqh.cloudfront.net/js/runtimeSimplePage.6525755ed16e40f11e2f.js IP 54.230.111.16:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /js/runtimeSimplePage.6525755ed16e40f11e2f.js HTTP/1.1 Host: d3fit27i5nzkqh.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://marketing.systeme.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-type: application/javascript date: Sun, 15 Jan 2023 01:13:55 GMT last-modified: Thu, 12 Jan 2023 15:48:13 GMT etag: W/"7e48280fb388cda9c9571931b0370d17" cache-control: max-age=31536000,public server: AmazonS3 content-encoding: br vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 6fp85mC7SlxT4WIqViAtbNk1IExnuCweShAj1B0-a4IqJvqwIQuIJA== age: 1241671 X-Firefox-Spdy: h2`

	d3fit27i5nzkqh.cloudfront.net/js/simplePage.a3a6121363adb92c79ff.js	54.230.111.16	200 OK	0 B
URL HTTP/2 d3fit27i5nzkqh.cloudfront.net/js/simplePage.a3a6121363adb92c79ff.js IP 54.230.111.16:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /js/simplePage.a3a6121363adb92c79ff.js HTTP/1.1 Host: d3fit27i5nzkqh.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://marketing.systeme.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-type: application/javascript date: Mon, 23 Jan 2023 08:19:59 GMT last-modified: Mon, 23 Jan 2023 08:19:53 GMT etag: W/"84011515ee8ab6c3786c37b18ca83ebd" cache-control: max-age=31536000,public server: AmazonS3 content-encoding: br vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: dIZDZXCXYhQyvjxVdJ7DPo6Y6YvNYiLZzyarpr2pY4zbtDF9aVaoww== age: 524907 X-Firefox-Spdy: h2`

	d3fit27i5nzkqh.cloudfront.net/js/vendors~simplePage.ee9310ad2d6b7ab45026.js	54.230.111.16	200 OK	0 B
URL HTTP/2 d3fit27i5nzkqh.cloudfront.net/js/vendors~simplePage.ee9310ad2d6b7ab45026.js IP 54.230.111.16:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /js/vendors~simplePage.ee9310ad2d6b7ab45026.js HTTP/1.1 Host: d3fit27i5nzkqh.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://marketing.systeme.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-type: application/javascript date: Wed, 18 Jan 2023 18:32:08 GMT last-modified: Thu, 12 Jan 2023 15:48:13 GMT etag: W/"3205e2b6080f635764b5e003a11e8852" cache-control: max-age=31536000,public server: AmazonS3 content-encoding: br vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 1-K24MNY09iwA2gQSB8UhK3zwJCBMREFw9o0F_3oamIufoBX2xZYJA== age: 920178 X-Firefox-Spdy: h2`

	d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css	54.230.111.16	200 OK	0 B
URL HTTP/2 d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css IP 54.230.111.16:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /assets/css/all.min.css HTTP/1.1 Host: d3fit27i5nzkqh.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://marketing.systeme.io/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK content-type: text/css date: Tue, 24 Jan 2023 01:30:44 GMT last-modified: Wed, 18 May 2022 12:25:57 GMT etag: W/"325672b036bab9b57f6873aed5eccc43" cache-control: max-age=31536000,public server: AmazonS3 content-encoding: gzip vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: A_jctROAb7r-16rNpwzU4ZKSnIkaq-YN_dWgQ-nPbjKMd4h03Wf1dQ== age: 463062 X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (42)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type