Report - twohills.net/

Report Overview

Submitted URL
twohills.net/
IP
96.126.123.244
ASN
#63949 Linode, LLC
Submitted
2023-04-01 02:46:47
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.godaddy.com	698	2012-05-20T21:28:57Z	2023-03-31T18:12:06Z	340 B	2.3 kB	192.124.249.22
afs.googleusercontent.com	12123	2013-05-06T21:11:00Z	2023-03-31T19:12:06Z	885 B	2.1 kB	142.250.74.97
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191
www6.twohills.net	unknown	2022-07-14T14:39:03Z	2022-07-28T19:50:19Z	1.4 kB	4.9 kB	35.186.238.101
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-31T18:12:03Z	2.4 kB	4.9 kB	142.250.74.3
www.google.com	7	2015-05-10T13:11:19Z	2023-03-31T20:35:26Z	379 B	56 kB	142.250.74.132
api.aws.parking.godaddy.com	36127	2020-03-23T22:33:37Z	2023-04-01T05:12:09Z	2.1 kB	3.6 kB	3.216.228.11
postback.trafficmotor.com	96726	2019-11-09T14:35:40Z	2023-03-31T15:19:30Z	943 B	606 B	45.79.38.145
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	127 B	52.39.16.79
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	3.2 kB	54 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-31T18:12:04Z	3.0 kB	8.0 kB	23.36.77.32
twohills.net	unknown	2015-09-03T07:00:39Z	2023-03-21T17:51:12Z	952 B	23 kB	45.33.30.197
img1.wsimg.com	9893	2012-06-20T16:42:31Z	2023-03-31T21:15:01Z	1.2 kB	61 kB	23.36.79.16
partner.googleadservices.com	798	2012-10-03T03:04:21Z	2023-03-31T18:16:57Z	465 B	787 B	216.58.207.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-04-01	medium	twohills.net/	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	twohills.net/	358 B	2023-04-01	2023-04-01
Pretty URL twohills.net/ IP 45.33.30.197 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:16:06 Last Seen2023-04-01 11:16:06 Times Seen1 Hash 5103c297a2b82c943538e4b4024c6081 f2e98c00482fd2ceb669469485e138311ee2fcdc 0a1c77ae87b2340fb9e7e119b7bfaefffe018e53603e246f21dd2d10e94d9bc0 Loading...

	www.google.com/afs/ads/i/iframe.html	1.3 kB	2023-03-07	2023-04-05
Pretty URL www.google.com/afs/ads/i/iframe.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2023-04-05 02:11:22 Times Seen1911 Hash 53a557946308585635eb80aec5326b9e 544b125203bfbb516566a63c9ef3dc57e9c06df9 eff95f5e15f8aa8c8b8c0f3aaeedba0091c1ec9732d78b6594c9ceb26c8eff28 Loading...

	twohills.net/	295 B	2023-03-12	2023-04-17
Pretty URL twohills.net/ IP 45.33.30.197 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:33:38 Last Seen2023-04-17 10:54:20 Times Seen995 Hash 55d924c46ca242980c8747a74666a082 6b4b5690848f934e34660ae22e61699ca0baf731 cb76393cfbb49fafe6d4bab97eca2cdfc435132b387247d2eb972e8acb5d8803 Loading...

	www6.twohills.net/?template=ARROW_3&tdfs=1&s_token=1680317197.0224750000&uuid=1680317197.0224750000&searchbox=1&showDomain=1	14 B	2023-03-13	2023-10-27
Pretty URL www6.twohills.net/?template=ARROW_3&tdfs=1&s_token=1680317197.0224750000&uuid=1680317197.0224750000&searchbox=1&showDomain=1 IP 35.186.238.101 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 23:06:48 Last Seen2023-10-27 14:34:41 Times Seen5037 Hash 61efebe7a2e2a748a9733d120e9a6e8f db96a95f1a5e8bfd9b8d24b0e48f063162f38602 cc8e37cc21d25c3b205d6218eeb41c3728cbcdb0c430402d66e6114b8645d2aa Loading...

	www6.twohills.net/px.js?ch=1&abp=1	476 B	2023-03-13	2024-04-28
Pretty URL www6.twohills.net/px.js?ch=1&abp=1 IP 35.186.238.101 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:28:57 Last Seen2024-04-28 09:23:39 Times Seen80003 Hash d2183968f9080b37babfeba3ccf10df2 24b9cf589ee6789e567fac3ae5acfc25826d00c6 4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=www6.twohills.net&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie	364 B	2023-04-01	2023-04-01
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=www6.twohills.net&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie IP 216.58.207.226 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:16:06 Last Seen2023-04-01 11:16:06 Times Seen1 Hash 2ca5f35786558f568f077ae961a3d81e 3a09180be3704ca43b200729f3a451e4ece77274 998f4a26535e036069f2219eb709c23aa822ec20f6c8249b12bb574d3d8cc922 Loading...

	www6.twohills.net/?template=ARROW_3&tdfs=1&s_token=1680317197.0224750000&uuid=1680317197.0224750000&searchbox=1&showDomain=1	25 B	2023-03-07	2023-04-05
Pretty URL www6.twohills.net/?template=ARROW_3&tdfs=1&s_token=1680317197.0224750000&uuid=1680317197.0224750000&searchbox=1&showDomain=1 IP 35.186.238.101 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2023-04-05 02:09:32 Times Seen1220 Hash 396983b43a97ac40197e7d22399b707b 9c54ff4c30658fd6a7e94eaaae5072b3ed2ec1dc de4e0ef840a4a74223bb4637d128d0fd8894ac9f95bf604576e8c5280c768442 Loading...

	img1.wsimg.com/parking-lander/static/js/0.40743286.chunk.js	440 kB	2023-03-13	2023-04-26
Pretty URL img1.wsimg.com/parking-lander/static/js/0.40743286.chunk.js IP 23.36.79.16 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 23:06:48 Last Seen2023-04-26 22:15:13 Times Seen5867 Hash b068012e619429e22f89192c5175a1e0 30f87ec446f7292f1d5545373cf93024002ab3dd 5e9faaf9a9d6d24d10168aac1bc1870cad25945ee8285e90b2dc5726377e371c Loading...

	img1.wsimg.com/parking-lander/static/js/main.727544c3.chunk.js	5.0 kB	2023-03-13	2023-04-26
Pretty URL img1.wsimg.com/parking-lander/static/js/main.727544c3.chunk.js IP 23.36.79.16 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 23:06:48 Last Seen2023-04-26 22:15:13 Times Seen6624 Hash 5fdf5d5d4c43969c55a42e692b95b2c9 519f1b7eaf76225c158147a13c06f16415d6e58e a71d4333476d9de0eb823e8f8a8c89d9a57f149661a8723b539e010b84d08708 Loading...

	www.google.com/afs/ads?adsafe=low&adtest=off&psid=9841729664&pcsa=false&channel=08251&domain_name=twohills.net&client=dp-namemedia08_3ph&r=m&rpbu=http%3A%2F%2Fwww6.twohills.net%2F%3Ftemplate%3DARROW_3%26tdfs%3D1%26s_token%3D1680317197.0224750000%26uuid%3D1680317197.0224750000%26searchbox%3D1%26showDomain%3D1&type=3&uiopt=true&swp=as-drid-2449403652295187&oe=UTF-8&ie=UTF-8&fexp=21404&format=r3%7Cs&nocache=3181680317198019&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1680317198024&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=939&frm=0&cl=518347065&uio=--&cont=relatedLinks&jsid=caf&jsv=518347065&rurl=http%3A%2F%2Fwww6.twohills.net%2F%3Ftemplate%3DARROW_3%26tdfs%3D1%26s_token%3D1680317197.0224750000%26uuid%3D1680317197.0224750000%26searchbox%3D1%26showDomain%3D1&adbw=slave-1-1%3A250%2Cmaster-1%3A500	1.9 kB	2023-04-01	2023-04-01
Pretty URL www.google.com/afs/ads?adsafe=low&adtest=off&psid=9841729664&pcsa=false&channel=08251&domain_name=twohills.net&client=dp-namemedia08_3ph&r=m&rpbu=http%3A%2F%2Fwww6.twohills.net%2F%3Ftemplate%3DARROW_3%26tdfs%3D1%26s_token%3D1680317197.0224750000%26uuid%3D1680317197.0224750000%26searchbox%3D1%26showDomain%3D1&type=3&uiopt=true&swp=as-drid-2449403652295187&oe=UTF-8&ie=UTF-8&fexp=21404&format=r3%7Cs&nocache=3181680317198019&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1680317198024&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=939&frm=0&cl=518347065&uio=--&cont=relatedLinks&jsid=caf&jsv=518347065&rurl=http%3A%2F%2Fwww6.twohills.net%2F%3Ftemplate%3DARROW_3%26tdfs%3D1%26s_token%3D1680317197.0224750000%26uuid%3D1680317197.0224750000%26searchbox%3D1%26showDomain%3D1&adbw=slave-1-1%3A250%2Cmaster-1%3A500 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:16:06 Last Seen2023-04-01 11:16:06 Times Seen1 Hash 3fbc9481e0bc233c28fbb54affd565e1 fda59dbb2e89bbb2c5b93d5870046469b8676adc f094da76930eb9bc468c30899bb5ad3d0a963cdccf9d0fc7aa0df6303e62261c Loading...

	twohills.net/	57 kB	2023-03-26	2023-04-05
Pretty URL twohills.net/ IP 45.33.30.197 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:26:09 Last Seen2023-04-05 02:09:32 Times Seen564 Hash 36fb3545b5f0190993fa3889f1f5fc1a 32e227691d1859dcba3ae6715eb4387fc122e388 a563f8d3c9a4c33ae6e6e6e69872f9c2143c9280ff4c6de2f8ce8bf50aa20f20 Loading...

	www.google.com/adsense/domains/caf.js?abp=1	148 kB	2023-03-29	2023-04-03
Pretty URL www.google.com/adsense/domains/caf.js?abp=1 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:36:43 Last Seen2023-04-03 23:55:31 Times Seen1240 Hash 0c5b4721e6541e3bc709392e548a5de6 65c656511fa7f56bd0637d222ae061a27f06bc0c df656d0490300ae7f9ed9c6a7f4664d7d202f0e048108a9e93445363de65f6b2 Loading...

	www6.twohills.net/?template=ARROW_3&tdfs=1&s_token=1680317197.0224750000&uuid=1680317197.0224750000&searchbox=1&showDomain=1	1.6 kB	2023-03-13	2023-07-20
Pretty URL www6.twohills.net/?template=ARROW_3&tdfs=1&s_token=1680317197.0224750000&uuid=1680317197.0224750000&searchbox=1&showDomain=1 IP 35.186.238.101 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:28:57 Last Seen2023-07-20 02:49:41 Times Seen4390 Hash c8041b2772880cdeb213f9ea29a01b7e f7e83ea582cc2ab250a4a0379475a95578db4896 c187e78df010dddf9087e827839f182af174eece8c4bf7ad7ab8359c3b0d1e16 Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-03-29	2023-04-03
Pretty URL www.google.com/adsense/domains/caf.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:38:16 Last Seen2023-04-03 23:55:33 Times Seen477 Hash d5fa89ee83b7193615caa52f437c0a89 ace7706eb99f0b91c4f95b9eeb20d40d7a97b7f8 b1b6469dc228a271783b9198992c5952d95a944e68661a01e080e309acf310dd Loading...

	unknown	0 B	2023-03-07	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-10 18:42:11 Times Seen37516269 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (46)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6179
Expires: Sat, 01 Apr 2023 04:29:36 GMT
Date: Sat, 01 Apr 2023 02:46:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
034b06325b334948200ef1d79d4ddeb7
b9a3c93cff37cbaaf20cca79b965b1a21c525ce8
417ce2093027b05cc34199c75e6b29f155c4dd3150651b6b3dbe8564098c4143

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "417CE2093027B05CC34199C75E6B29F155C4DD3150651B6B3DBE8564098C4143"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8129
Expires: Sat, 01 Apr 2023 05:02:06 GMT
Date: Sat, 01 Apr 2023 02:46:37 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
29fdbcd53b5646cfcdd46510063734c4
85e3ceda5ef130219f4fe8a31e52e2690c8f7d8e
24c27586332c016685e6231fec5836e921048d8aaefbcd4cd6f88969f9d91e18

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 01 Apr 2023 02:28:26 GMT
content-type: application/json
age: 1091
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a57eb49c1ac36edd2db6573eb357bd87
592724177530a39ce4af02874beb776b91fefbbe
0dd258adc062ad2b6f5ce8fec0457e55e594c942817f37509ca2d1f2e8152edf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0DD258ADC062AD2B6F5CE8FEC0457E55E594C942817F37509CA2D1F2E8152EDF"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15198
Expires: Sat, 01 Apr 2023 06:59:55 GMT
Date: Sat, 01 Apr 2023 02:46:37 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: mLBeBnhXYQNQ8OGLAtJkVYJ2QID1ze2HXyJKG7CuA0TneNwsohqYnimEF9Fxb6Yr2DPxpw+RGP0=
x-amz-request-id: 7SDBA0HXYDX10D5M
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 01 Apr 2023 02:03:34 GMT
age: 2583
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 01 Apr 2023 02:46:37 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Backoff, Last-Modified, Alert, Content-Length, Pragma, Cache-Control, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 01 Apr 2023 02:14:40 GMT
age: 1917
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

twohills.net/

45.33.30.197

200 OK

22 kB

URL HTTP/1.1
twohills.net/
IP
45.33.30.197:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (57175)
Size
22 kB (22110 bytes)
Hash
e94c4ebff13abe77cbfa1a87d59f7101
6123a5a96f89b03b447d77a5f39cd89980cf2086
724b615ddbae053dcf7839118f185cddc4ddf20679baf30a30261c094bab793c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: twohills.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sat, 01 Apr 2023 02:46:37 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
782ca4845ea5e0ec981e33231b1e61cb
032116b75e124c57877524e9e4f523b6d7c65820
94d007862fc7a4cd67f582ff22f2339619177435559c1dd5075a08c7240f3520

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94D007862FC7A4CD67F582FF22F2339619177435559C1DD5075A08C7240F3520"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14661
Expires: Sat, 01 Apr 2023 06:50:58 GMT
Date: Sat, 01 Apr 2023 02:46:37 GMT
Connection: keep-alive

push.services.mozilla.com/

52.39.16.79

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.16.79:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JJ8G0ovFOEV5TOtfZmTdHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sUZyiujlSWPNkjR/Dpligh9EfsU=

twohills.net/?gp=1&js=1&uuid=1680317197.0038671033&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9

45.33.30.197

302 Found

0 B

URL HTTP/1.1
twohills.net/?gp=1&js=1&uuid=1680317197.0038671033&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9
IP
45.33.30.197:0
ASN
#63949 Linode, LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?gp=1&js=1&uuid=1680317197.0038671033&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9 HTTP/1.1
Host: twohills.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://twohills.net/
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Sat, 01 Apr 2023 02:46:37 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://www6.twohills.net/?template=ARROW_3&tdfs=1&s_token=1680317197.0224750000&uuid=1680317197.0224750000&searchbox=1&showDomain=1
referrer-policy: no-referrer
x-mtm-path: 0
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJ0d29oaWxscy5uZXQiLCJodHRwOi8vd3d3Ni50d29oaWxscy5uZXQvP3RlbXBsYXRlPUFSUk9XXzMmdGRmcz0xJnNfdG9rZW49MTY4MDMxNzE5Ny4wMjI0NzUwMDAwJnV1aWQ9MTY4MDMxNzE5Ny4wMjI0NzUwMDAwJnNlYXJjaGJveD0xJnNob3dEb21haW49MSIsMSwiMjAyMy0wNC0wMSAwMjo0NjozNyIsMSwiMTY4MDMxNzE5Ny4wMjI0NzUwMDAwIiwxMTAsbnVsbCxudWxsXQ:1piRGH:nH2Yv29KmNqUBI5vzasv97msQms; expires=Sat, 01-Apr-2023 03:46:37 GMT; Max-Age=3600; Path=/
connection: close

www6.twohills.net/?template=ARROW_3&tdfs=1&s_token=1680317197.0224750000&uuid=1680317197.0224750000&searchbox=1&showDomain=1

35.186.238.101

200 OK

2.8 kB

URL HTTP/1.1
www6.twohills.net/?template=ARROW_3&tdfs=1&s_token=1680317197.0224750000&uuid=1680317197.0224750000&searchbox=1&showDomain=1
IP
35.186.238.101:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2830), with no line terminators
Size
2.8 kB (2830 bytes)
Hash
6cfbffcfabf6c7813aadd15f3870ead4
55afaa49568d6f3278a388d96b8672ccbcb1ae70
1b1252c0c6fe647290b76cb491806bc26f1083f7e3ae8962fc7cf1886b71d313

HTTP Headers

GET /?template=ARROW_3&tdfs=1&s_token=1680317197.0224750000&uuid=1680317197.0224750000&searchbox=1&showDomain=1 HTTP/1.1
Host: www6.twohills.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: openresty
Date: Sat, 01 Apr 2023 02:46:38 GMT
Content-Type: text/html
Content-Length: 2830
Last-Modified: Tue, 14 Feb 2023 15:45:21 GMT
ETag: "63ebac91-b0e"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_b9zRRTrJoUPu/peWU5Gv6kRIpTc0GwW++tpqC/wsqF3O+gzOufHINVthE+W3ciEhRV5bgsLrr4Zh0L3DdWedLQ
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
741a2f47aab81a2c7ed0fadaa1fa74e3
be34e0df4a5f272589a017ce77ece974d890f27c
4ea1737c8246072ea1072314ae684c1f7e518a81a5200c46374e47378bfb6b63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 02:46:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img1.wsimg.com/parking-lander/static/js/main.727544c3.chunk.js

23.36.79.16

200 OK

1.8 kB

URL HTTP/2
img1.wsimg.com/parking-lander/static/js/main.727544c3.chunk.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (4918)
Size
1.8 kB (1827 bytes)
Hash
4765833f8aa1de1e75804851ab0449f3
b56fc269f045d73338c8dd55f638aa633de28e7d
c42908523310021f78e7a1c65746224723cda12e89730b0efeb24430b84dac1c

HTTP Headers

GET /parking-lander/static/js/main.727544c3.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.twohills.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: G+KwmdDoK2pI6c9DvjEwx8Yd4NOzuYF7PYbj0A+2bVdqnBv06gVVmOL1QEU8ZWzx1R0e+H5Ch2w=
x-amz-request-id: 2FAP39Z2BBAD4Z6V
last-modified: Tue, 14 Feb 2023 15:44:39 GMT
etag: "5fdf5d5d4c43969c55a42e692b95b2c9"
x-amz-server-side-encryption: AES256
x-amz-version-id: K0T3Ca3fAhPnHOiGo0Ai9_inM.KjDWrk
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 1827
cache-control: max-age=31536000
expires: Sun, 31 Mar 2024 02:46:38 GMT
date: Sat, 01 Apr 2023 02:46:38 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

img1.wsimg.com/parking-lander/static/js/1.3fa140ef.chunk.js

23.36.79.16

200 OK

57 kB

URL HTTP/2
img1.wsimg.com/parking-lander/static/js/1.3fa140ef.chunk.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
57 kB (57353 bytes)
Hash
b1a9331d6c0e8a1b66863c6ca8477641
90dfe8b3d4571613ed3e04e53d2503d58684dc03
d21e9a17b3f1a8d15dff4aee534040b740009c16ef74c4185eb151ca52ba1c66

HTTP Headers

GET /parking-lander/static/js/1.3fa140ef.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.twohills.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: OCcGn1JfNBQv6+PedMR9b3qPljuI4WoxpivU6zSOnj5T4ghXWTvCbv6/qtM8SSXELvZkrY2NYI0=
x-amz-request-id: 2FAPK430WR30W4W0
last-modified: Tue, 14 Feb 2023 15:44:40 GMT
etag: "06166eb9b942e7c63d8ee1eba5b3de68"
x-amz-server-side-encryption: AES256
x-amz-version-id: Qm3JNw36qGFoIyTVwvXuxJRglKzwn3oO
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 57353
cache-control: max-age=31536000
expires: Sun, 31 Mar 2024 02:46:38 GMT
date: Sat, 01 Apr 2023 02:46:38 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

www6.twohills.net/px.js?ch=1&abp=1

35.186.238.101

200 OK

476 B

URL HTTP/1.1
www6.twohills.net/px.js?ch=1&abp=1
IP
35.186.238.101:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
476 B (476 bytes)
Hash
d2183968f9080b37babfeba3ccf10df2
24b9cf589ee6789e567fac3ae5acfc25826d00c6
4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc

HTTP Headers

GET /px.js?ch=1&abp=1 HTTP/1.1
Host: www6.twohills.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www6.twohills.net/?template=ARROW_3&tdfs=1&s_token=1680317197.0224750000&uuid=1680317197.0224750000&searchbox=1&showDomain=1
Cookie: caf_ipaddr=91.90.42.154; country=NO; city=""; expiry_partner=

HTTP/1.1 200 OK
Server: openresty
Date: Sat, 01 Apr 2023 02:46:38 GMT
Content-Type: application/javascript
Content-Length: 476
Last-Modified: Tue, 14 Feb 2023 15:45:32 GMT
ETag: "63ebac9c-1dc"
Accept-Ranges: bytes
Via: 1.1 google

www6.twohills.net/px.js?ch=2&abp=1

35.186.238.101

200 OK

476 B

URL HTTP/1.1
www6.twohills.net/px.js?ch=2&abp=1
IP
35.186.238.101:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
476 B (476 bytes)
Hash
d2183968f9080b37babfeba3ccf10df2
24b9cf589ee6789e567fac3ae5acfc25826d00c6
4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc

HTTP Headers

GET /px.js?ch=2&abp=1 HTTP/1.1
Host: www6.twohills.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www6.twohills.net/?template=ARROW_3&tdfs=1&s_token=1680317197.0224750000&uuid=1680317197.0224750000&searchbox=1&showDomain=1
Cookie: caf_ipaddr=91.90.42.154; country=NO; city=""; expiry_partner=

HTTP/1.1 200 OK
Server: openresty
Date: Sat, 01 Apr 2023 02:46:38 GMT
Content-Type: application/javascript
Content-Length: 476
Last-Modified: Tue, 14 Feb 2023 15:45:53 GMT
ETag: "63ebacb1-1dc"
Accept-Ranges: bytes
Via: 1.1 google

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
02ddc021542aadb090aa31099f7b9267
cb2091bff4ad6c225faa4c0c02182217bcdc502c
dcca0f6c051c27f611b9e51981fb34bd0c82a317c2e3ae3412ec6de80c596d24

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 02:46:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.godaddy.com/

192.124.249.22

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.22:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
65c8bc3d0f81eef897718f0828aad88b
6d2803f781c0c8897b8fe1a651ad78ec54e0d67d
10fd3c2dbe3b115b3816fdae23eaf3a0f29357c3a9cfdeb9180810884a754b63

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 01 Apr 2023 02:46:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 31 Mar 2023 20:58:42 GMT
Expires: Sat, 01 Apr 2023 20:58:42 GMT
ETag: "6d2803f781c0c8897b8fe1a651ad78ec54e0d67d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

www.google.com/adsense/domains/caf.js?abp=1

142.250.74.132

200 OK

56 kB

URL HTTP/2
www.google.com/adsense/domains/caf.js?abp=1
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
data
Size
56 kB (55706 bytes)
Hash
27f697c6675ac44b4de13b18924d6b8f
2961a2e17fb46a181bf3ea244242d655bc48ecb0
cc5a8b3d7a6a66aea43934862885b734fdf6c34daa8ccd201bc0c05f4e29d1c1

HTTP Headers

GET /adsense/domains/caf.js?abp=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.twohills.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 01 Apr 2023 02:46:38 GMT
expires: Sat, 01 Apr 2023 02:46:38 GMT
cache-control: private, max-age=3600
etag: "15648507436981654811"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.aws.parking.godaddy.com/v1/domains/domain?domain=www6.twohills.net&portfolioId=&abp=1

3.216.228.11

200 OK

0 B

URL HTTP/2
api.aws.parking.godaddy.com/v1/domains/domain?domain=www6.twohills.net&portfolioId=&abp=1
IP
3.216.228.11:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v1/domains/domain?domain=www6.twohills.net&portfolioId=&abp=1 HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-request-id
Referer: http://www6.twohills.net/
Origin: http://www6.twohills.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 01 Apr 2023 02:46:39 GMT
content-length: 0
set-cookie: AWSALB=wy2WRG2YI49fugPvi0yS+Aelk1fJRDwgFV28DQpgjrrEf58XYLVpSU48VZRQbxGekCaqfhs2bLSYlKZ5LnfXlz3LTc7c/YM6Uzm9pPKWBVwnK58LCkN+eRLSXfAr; Expires=Sat, 08 Apr 2023 02:46:39 GMT; Path=/
AWSALBCORS=wy2WRG2YI49fugPvi0yS+Aelk1fJRDwgFV28DQpgjrrEf58XYLVpSU48VZRQbxGekCaqfhs2bLSYlKZ5LnfXlz3LTc7c/YM6Uzm9pPKWBVwnK58LCkN+eRLSXfAr; Expires=Sat, 08 Apr 2023 02:46:39 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: X-Request-Id
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: http://www6.twohills.net
access-control-max-age: 600
x-request-id: -j6P3Yef
X-Firefox-Spdy: h2

api.aws.parking.godaddy.com/v1/domains/domain?domain=www6.twohills.net&portfolioId=&abp=1

3.216.228.11

200 OK

1.0 kB

URL HTTP/2
api.aws.parking.godaddy.com/v1/domains/domain?domain=www6.twohills.net&portfolioId=&abp=1
IP
3.216.228.11:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with very long lines (999)
Size
1.0 kB (1000 bytes)
Hash
72c157c1e3cf38795adb0955f3571841
d0812212bb688d2953195d882a93c705f1d7f6f1
c18f4528a40633f6a2751851984aec1a67b779b4661a7402138fb96f3c410d29

HTTP Headers

GET /v1/domains/domain?domain=www6.twohills.net&portfolioId=&abp=1 HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.twohills.net/
X-Request-Id: 577ff15a-f032-4614-8681-ac3778d39e5f
Origin: http://www6.twohills.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Apr 2023 02:46:39 GMT
content-type: application/json
content-length: 1000
set-cookie: AWSALB=J/YQyZq909D4SGL7GyzNcCk3fCWxih0kw12rUN53l0P6dygwPCBcOTDR/aoWj3qV1sPOuXkHqOIsfewDWqOylVIQ7ZzwIxmq/9bKnermnMx5b+b4i1ZyjCWAqg5b; Expires=Sat, 08 Apr 2023 02:46:39 GMT; Path=/
AWSALBCORS=J/YQyZq909D4SGL7GyzNcCk3fCWxih0kw12rUN53l0P6dygwPCBcOTDR/aoWj3qV1sPOuXkHqOIsfewDWqOylVIQ7ZzwIxmq/9bKnermnMx5b+b4i1ZyjCWAqg5b; Expires=Sat, 08 Apr 2023 02:46:39 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin: http://www6.twohills.net
access-control-max-age: 600
x-request-id: 577ff15a-f032-4614-8681-ac3778d39e5f
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
13aea90b56c70f627cf1b6cf76bc9317
3a4a5bf198962f4898565cb59d36c840dbfb455f
e687f0b713563125f2e84ac8ed135c56fd2ed704de83a2597695979df25f8864

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 02:46:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7748
Expires: Sat, 01 Apr 2023 04:55:47 GMT
Date: Sat, 01 Apr 2023 02:46:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7748
Expires: Sat, 01 Apr 2023 04:55:47 GMT
Date: Sat, 01 Apr 2023 02:46:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7748
Expires: Sat, 01 Apr 2023 04:55:47 GMT
Date: Sat, 01 Apr 2023 02:46:39 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24171d10-56ac-40e7-9d10-77b9e948da6e.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24171d10-56ac-40e7-9d10-77b9e948da6e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10128 bytes)
Hash
c193cd4520e8ee5d17cd1f3faadc1c73
b46effcb93e0ad066474ec1f67bcd54020615caf
bc824341b884278e7e69ae3bb87484ad914e5909544959ebc8f8661a545cb929

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24171d10-56ac-40e7-9d10-77b9e948da6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10128
x-amzn-requestid: bdd46a1d-4b43-4450-be32-3e3947d2fcd7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm9VELdIAMFmmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751ee-346e92d143f6fcf46db741c8;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: TzZpij5xeF-mrrMvpNNPJQA62GcNd0qPNAh_7IAme7SI3WwmZ4itcg==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:47:54 GMT
etag: "b46effcb93e0ad066474ec1f67bcd54020615caf"
content-type: image/jpeg
age: 17925
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ff5ce6b-6aa5-4dee-8d16-aa3f8b265b59.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6416 bytes)
Hash
95b4bec205ae2333b5364e6c6bcc0bbf
931e351c6f6938fae4988f25297f010acd48a6ae
dc0a45c6e520ced7b4f0d936c58289be840d22ed09db6f4814456cdf1448e934

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ff5ce6b-6aa5-4dee-8d16-aa3f8b265b59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6416
x-amzn-requestid: 67096d91-717f-4063-8eb0-27861e962b2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CiCLOFgZoAMF3xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6423e3e1-47604c2a497b529e72d91a85;Sampled=0
x-amzn-remapped-date: Wed, 29 Mar 2023 07:08:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: LEsZTvaedZGhAea0MVs1L1MOrwxuJ6k0adgL_2UHKOyEwxrUaJznSg==
via: 1.1 0a166b53605851fe961f5a2952e5a748.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 10:42:58 GMT
age: 57821
etag: "931e351c6f6938fae4988f25297f010acd48a6ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

partner.googleadservices.com/gampad/cookie.js?domain=www6.twohills.net&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie

216.58.207.226

200 OK

240 B

URL HTTP/2
partner.googleadservices.com/gampad/cookie.js?domain=www6.twohills.net&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie
IP
216.58.207.226:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (364), with no line terminators
Size
240 B (240 bytes)
Hash
c5323a5f501dc2edced4dd694d9f1747
cb4e9619e753f2f5e543b9df74e3483088715542
3df4f54ca5f1792ba6b838d739a0a9f86d7f46853770173a08567dbaa4b588bc

HTTP Headers

GET /gampad/cookie.js?domain=www6.twohills.net&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.twohills.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 01 Apr 2023 02:46:39 GMT
server: cafe
cache-control: private
content-length: 240
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F808d12ec-c97a-4c49-976e-6025ea897112.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5950 bytes)
Hash
800c2662fd6ab8829a02b7d63084c38d
0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239
76545e9f75dc558fdb7b54550934c7775318fb4150a9309f60e65d982d2e576e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F808d12ec-c97a-4c49-976e-6025ea897112.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5950
x-amzn-requestid: 5d5a94f5-db2f-4c4c-9c9f-08c14b0ccd80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm7NG2NIAMF-sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751e1-57c957f442c42fe148e66831;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:25 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: k7ZzBBGmbX5OCG_u8RwOqyLQBvohNe643wpsd3Srg2hoxh55aqSV6A==
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:38:48 GMT
etag: "0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239"
content-type: image/jpeg
age: 18471
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9859 bytes)
Hash
da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 526d70f5-3eab-410e-97d4-e489e152bd43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cl6tIFhxoAMFa-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64257186-14e697b924e79d1e5bc6d040;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 11:24:54 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: qKEs-bdLIfTk7TjXU0kLNzqEBDhhUXkX_osB-9p5LdfJfUbo8LwyuQ==
via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Apr 2023 01:27:32 GMT
age: 4747
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b04f715-df83-425c-b3e1-5703d926f759.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5257 bytes)
Hash
a88f6c7b5bce83cc00e9e8271cf56702
21835a62ac378c55a61a762636b811a837749648
40b4e80bf0a5ac477804025c56beb2263d77a9f84933eabf6d464589e6f1d573

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b04f715-df83-425c-b3e1-5703d926f759.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5257
x-amzn-requestid: 694e361b-d59f-4a35-b547-de5a42689670
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ClU6mHJuIAMF5Iw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64253510-4f0d883b2f15ceee32b013da;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 07:06:56 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: -nOAcLEHo6i5uOJHpDTP9r7bI0F9okpHJ77bPkOEvUpPKmRWebrwZw==
via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 07:30:05 GMT
age: 69394
etag: "21835a62ac378c55a61a762636b811a837749648"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb10f21ee-de68-4185-8874-9d35c509a4c5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10268 bytes)
Hash
87a835db131d4290e217756a50efd68d
5e939a14153904d3689c0ff5a63937dd51995f96
645a510200b974481c1c509e1af2e28aac569be0a313bdcd87d516e2c2c7c4a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb10f21ee-de68-4185-8874-9d35c509a4c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10268
x-amzn-requestid: fc04a027-6d97-4cee-a8f9-99c81a481d61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CiBnMEWooAMFvJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6423e2fa-199cff0f3050c49c54e338ef;Sampled=0
x-amzn-remapped-date: Wed, 29 Mar 2023 07:04:26 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: uON2Dk4-KZXFjTvMOod7AuQuG2QruD3gR6p-hcT-YXeJJurEBuEi6Q==
via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 08:22:56 GMT
age: 66223
etag: "5e939a14153904d3689c0ff5a63937dd51995f96"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
13aea90b56c70f627cf1b6cf76bc9317
3a4a5bf198962f4898565cb59d36c840dbfb455f
e687f0b713563125f2e84ac8ed135c56fd2ed704de83a2597695979df25f8864

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 02:46:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0a48144d6cda73ca7d9de96dd6a73409
d6892e6fb892edaab9a53eb240de03553efa3cb1
0da835f0eafe277c7480efdfd80f52d73aeab2894db42827c120423bb7a187be

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 02:46:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2

142.250.74.97

200 OK

272 B

URL HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Size
272 B (272 bytes)
Hash
bbbac37f0b6e29a6099e4aa7cb19d6ca
0acafe95e2141f0af6109203efeb2d98e6b926c6
a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 31 Mar 2023 18:05:24 GMT
expires: Sat, 01 Apr 2023 17:05:24 GMT
cache-control: public, max-age=82800
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 31275
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0a48144d6cda73ca7d9de96dd6a73409
d6892e6fb892edaab9a53eb240de03553efa3cb1
0da835f0eafe277c7480efdfd80f52d73aeab2894db42827c120423bb7a187be

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 02:46:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

142.250.74.97

200 OK

174 B

URL HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
174 B (174 bytes)
Hash
4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 31 Mar 2023 13:27:19 GMT
expires: Sat, 01 Apr 2023 12:27:19 GMT
cache-control: public, max-age=82800
age: 47960
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0a48144d6cda73ca7d9de96dd6a73409
d6892e6fb892edaab9a53eb240de03553efa3cb1
0da835f0eafe277c7480efdfd80f52d73aeab2894db42827c120423bb7a187be

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 02:46:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.aws.parking.godaddy.com/v1/parkingEvents?abp=1

3.216.228.11

200 OK

0 B

URL HTTP/2
api.aws.parking.godaddy.com/v1/parkingEvents?abp=1
IP
3.216.228.11:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v1/parkingEvents?abp=1 HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www6.twohills.net/
Origin: http://www6.twohills.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Apr 2023 02:46:39 GMT
content-type: text/plain
content-length: 0
set-cookie: AWSALB=lPQVM0kRhA264o7tLVPlZ7vpzV2nxv30YmnJG1iX+0cqHxmV/Mfb8uf8O7LYpihlpX55pSYUTyuYwezLNRxEOp5Lq6B/FUAT5rU2G8c6gM+/VwOrUVWOetq66dEL; Expires=Sat, 08 Apr 2023 02:46:39 GMT; Path=/
AWSALBCORS=lPQVM0kRhA264o7tLVPlZ7vpzV2nxv30YmnJG1iX+0cqHxmV/Mfb8uf8O7LYpihlpX55pSYUTyuYwezLNRxEOp5Lq6B/FUAT5rU2G8c6gM+/VwOrUVWOetq66dEL; Expires=Sat, 08 Apr 2023 02:46:39 GMT; Path=/; SameSite=None; Secure
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-origin: *
X-Firefox-Spdy: h2

api.aws.parking.godaddy.com/v1/parkingEvents?abp=1

3.216.228.11

200 OK

0 B

URL HTTP/2
api.aws.parking.godaddy.com/v1/parkingEvents?abp=1
IP
3.216.228.11:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v1/parkingEvents?abp=1 HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.twohills.net/
Content-Type: application/json
Origin: http://www6.twohills.net
Content-Length: 761
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Apr 2023 02:46:39 GMT
content-type: text/plain
content-length: 0
set-cookie: AWSALB=rPgHFQ8hRNtux6kM287JSmKkPkLdXva1a+JTorfS85gTYOWAXM1NVt8IR9Q4jA40Kgoxbh0cnwGTuoSinrwLVUxXAUbH/HPsW3reDDgVlxx1JC6vXGA+BDlXdKwl; Expires=Sat, 08 Apr 2023 02:46:39 GMT; Path=/
AWSALBCORS=rPgHFQ8hRNtux6kM287JSmKkPkLdXva1a+JTorfS85gTYOWAXM1NVt8IR9Q4jA40Kgoxbh0cnwGTuoSinrwLVUxXAUbH/HPsW3reDDgVlxx1JC6vXGA+BDlXdKwl; Expires=Sat, 08 Apr 2023 02:46:39 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1c49b500bb192c05ce510d027f6a9608
619fd9959fe052154147eeb8d0ee2b2060cada5f
fd9f907f146307c82ab00cef8eae523ba93b388f5156c66e675b8744a841dc12

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD9F907F146307C82AB00CEF8EAE523BA93B388F5156C66E675B8744A841DC12"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11275
Expires: Sat, 01 Apr 2023 05:54:34 GMT
Date: Sat, 01 Apr 2023 02:46:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1c49b500bb192c05ce510d027f6a9608
619fd9959fe052154147eeb8d0ee2b2060cada5f
fd9f907f146307c82ab00cef8eae523ba93b388f5156c66e675b8744a841dc12

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD9F907F146307C82AB00CEF8EAE523BA93B388F5156C66E675B8744A841DC12"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11275
Expires: Sat, 01 Apr 2023 05:54:34 GMT
Date: Sat, 01 Apr 2023 02:46:39 GMT
Connection: keep-alive

postback.trafficmotor.com/sn/?abp=1

45.79.38.145

200 OK

0 B

URL HTTP/1.1
postback.trafficmotor.com/sn/?abp=1
IP
45.79.38.145:0
ASN
#63949 Linode, LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /sn/?abp=1 HTTP/1.1
Host: postback.trafficmotor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www6.twohills.net/
Origin: http://www6.twohills.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty/1.13.6.1
Date: Sat, 01 Apr 2023 02:46:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: close
Allow: HEAD, GET, POST, OPTIONS
Access-Control-Allow-Origin: http://www6.twohills.net
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Vary: Origin
Access-Control-Allow-Headers: content-type

postback.trafficmotor.com/sn/?abp=1

45.79.38.145

200 OK

3 B

URL HTTP/1.1
postback.trafficmotor.com/sn/?abp=1
IP
45.79.38.145:0
ASN
#63949 Linode, LLC

File type
JSON data\012- , ASCII text
Size
3 B (3 bytes)
Hash
8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

HTTP Headers

POST /sn/?abp=1 HTTP/1.1
Host: postback.trafficmotor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.twohills.net/
Content-Type: application/json
Origin: http://www6.twohills.net
Content-Length: 139
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty/1.13.6.1
Date: Sat, 01 Apr 2023 02:46:40 GMT
Content-Type: application/json
Content-Length: 3
Connection: close
Access-Control-Allow-Origin: http://www6.twohills.net
Vary: Origin

img1.wsimg.com/parking-lander/static/js/0.40743286.chunk.js

23.36.79.16

200 OK

0 B

URL HTTP/2
img1.wsimg.com/parking-lander/static/js/0.40743286.chunk.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /parking-lander/static/js/0.40743286.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.twohills.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: f0SGcvFmDtEX/kqsGotSp6Buh7LQtFnodVFgNR7DozUuYF4unhJHIR5WZD92RZWybaw0iBhKDII=
x-amz-request-id: 2FAJDMPCN6W0P945
last-modified: Tue, 14 Feb 2023 15:44:39 GMT
etag: "b068012e619429e22f89192c5175a1e0"
x-amz-server-side-encryption: AES256
x-amz-version-id: gYg2nrvw6dt8CWezF3ZJ_Af3PN3NBmJj
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 139862
cache-control: max-age=31536000
expires: Sun, 31 Mar 2024 02:46:38 GMT
date: Sat, 01 Apr 2023 02:46:38 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML