Report - linkprotect.cudasvc.com/url?a=https://medium.com/m/global-identity-2?redirectUrl=https://rb.gy/suhju?userid=karen.waynescott@slurpmail.net&c=E,1,OI4TedSrthGHxnC0hp6TzCa8JVGOLOBzd5zeLuPbQ1TcZgIGTBT1ckUNpNqojsDfhUMR8KxhfkYzmcSJrVyeMxwE644UgTqxlNgyRmlheA,,&typo=1

Report Overview

Visited public
2023-09-20 16:48:58
Tags
URL
linkprotect.cudasvc.com/url?a=https://medium.com/m/global-identity-2?redirectUrl=https://rb.gy/suhju?userid=karen.waynescott@slurpmail.net&c=E,1,OI4TedSrthGHxnC0hp6TzCa8JVGOLOBzd5zeLuPbQ1TcZgIGTBT1ckUNpNqojsDfhUMR8KxhfkYzmcSJrVyeMxwE644UgTqxlNgyRmlheA,,&typo=1
Finishing URL
pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php
IP / ASN
3.123.49.157
#16509 AMAZON-02
Title
Share Point Online

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-09-19 22:24:04	934 B	62 kB	142.250.74.138
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-09-19 19:23:54	477 B	1.6 kB	142.250.74.106
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2023-09-19 18:13:20	1.1 kB	196 kB	104.18.10.207
ocsp.r2m01.amazontrust.com	unknown	2007-05-11	2022-10-12 22:43:53	2023-09-19 21:49:57	340 B	942 B	108.157.228.227
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-09-19 19:07:29	941 B	55 kB	151.101.194.137
ka-f.fontawesome.com	3598	2012-10-18	2019-12-17 07:36:13	2023-09-19 18:17:53	1.1 kB	73 kB	172.64.131.9
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12 16:01:39	2023-09-19 21:32:47	340 B	941 B	143.204.48.16
linkprotect.cudasvc.com	10064	2010-05-17	2017-02-01 17:12:27	2023-09-20 16:01:34	716 B	1.2 kB	52.28.80.52
medium.com	4770	1998-05-27	2015-08-26 19:05:39	2023-09-20 02:47:20	556 B	1.0 kB	162.159.152.4
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-09-19 18:17:30	527 B	7.2 kB	104.17.25.14
kit.fontawesome.com	1868	2012-10-18	2019-12-16 20:51:31	2023-09-19 18:12:23	497 B	12 kB	104.18.22.52
pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev	unknown	unknown	No data	No data	6.4 kB	908 kB	104.18.2.35
glyph.medium.com	20082	1998-05-27	2017-08-01 15:23:25	2023-09-20 03:05:01	398 B	2.4 kB	162.159.152.4
rb.gy	103780	2019-09-17	2019-10-11 21:55:07	2023-09-19 05:36:08	523 B	388 B	3.209.43.118
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-19 18:12:02	1.3 kB	2.8 kB	142.250.74.131
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-09-03 06:47:12	653 B	1.6 kB	142.250.74.132

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-20 16:48:40	low	3.209.43.118	Client IP	ET INFO Observed URL Shortening Service SSL/TLS Cert (rb.gy)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	From	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.2.1.slim.min.js	ScriptElement	70 kB	2023-03-07	2025-05-11
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:20 Times Seen57184 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	ScriptElement	19 kB	2023-03-07	2025-05-11
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:20 Times Seen72299 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	unknown	ScriptElement	3.6 kB	2024-08-21	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 06:13 Last Seen2024-08-21 06:13 Times Seen1 Hash 0877b5f71558d6e4e157db1204a0e15b c2b8ef9b69bc02d61d6e8865faade7209db4e797 9751d3afeff02a8dbaf9bd98f5e70f95b3d7442f25f78344b0485e303027d5c5 Loading...

	pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php	ScriptElement	37 kB	2024-08-21	2024-08-21
Pretty URL pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php IP 104.18.2.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 06:13 Last Seen2024-08-21 06:13 Times Seen1 Hash 195e31b95dd9c7a2ced6ca2f681a316e 7aadaa4864b80a1d52a61d06bc14c55848ddc8e4 1df1e5e274f03e0b2198a816d7135d44545f8ff5e3d0dc17837a7011a90043e5 Loading...

	code.jquery.com/jquery-3.1.1.min.js	ScriptElement	87 kB	2023-03-07	2025-05-11
Pretty URL code.jquery.com/jquery-3.1.1.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:00 Times Seen112280 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	ScriptElement	49 kB	2023-03-07	2025-05-11
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:20 Times Seen74915 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	ScriptElement	86 kB	2023-03-07	2025-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:24 Times Seen174130 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	kit.fontawesome.com/585b051251.js	ScriptElement	12 kB	2023-05-30	2024-08-21
Pretty URL kit.fontawesome.com/585b051251.js IP 104.18.22.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-30 20:41 Last Seen2024-08-21 09:44 Times Seen2785 Hash 4ec685b1e2c1ca5fd6d56e2f4cb0569d a41e1f45db2fbc59562390ba8567ec3373d69510 cac5a0bd86eba50bf4a83d4dc43fe38b759ed39cc8397fdbbaa7ea68b9c63cfa Loading...

		Size	First Seen	Last Seen
	#1 Write - 3f3d9952a235f5503d1bb545b34e0e37	12 kB	2024-08-21 06:13	2024-08-21 06:13
Pretty Observations First Seen2024-08-21 06:13 Last Seen2024-08-21 06:13 Times Seen1 Hash 3f3d9952a235f5503d1bb545b34e0e37 252c77e153aa5729907137ed60284f8566efc683 6467c844a0ff03769f0e5687f56c074dedd49a6a17a605a628af08c82f73c602 Loading...

HTTP Transactions (35)

	URL	IP	Response	Size
	ocsp.r2m02.amazontrust.com/	143.204.48.16		471 B
URL ocsp.r2m02.amazontrust.com/ IP 143.204.48.16:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash e13e952a009f075268ea00e8d5d19363 958776dd4335a28a9d88081ef01eded338c8e368 951dedce9119d81fca6d96dfc978646e18220e3621ad2140c0c1e7aea80e8188 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=7200 Date: Wed, 20 Sep 2023 16:48:39 GMT Last-Modified: Wed, 20 Sep 2023 16:39:00 GMT Server: ECAcc (amb/6B04) X-Cache: Miss from cloudfront Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: Rj974HyQ4ZIxfxKLyZDpCwloQnDYTT_tRavfHxYXbCqw3IIyzkcuUA== Age: 579`

	linkprotect.cudasvc.com/url?a=https://medium.com/m/global-identity-2?redirectUrl=https://rb.gy/suhju?userid=karen.waynescott@slurpmail.net&c=E,1,OI4TedSrthGHxnC0hp6TzCa8JVGOLOBzd5zeLuPbQ1TcZgIGTBT1ckUNpNqojsDfhUMR8KxhfkYzmcSJrVyeMxwE644UgTqxlNgyRmlheA,,&typo=1	52.28.80.52	302 Moved Temporarily	138 B
URL User Request GET HTTP/1.1 linkprotect.cudasvc.com/url?a=https://medium.com/m/global-identity-2?redirectUrl=https://rb.gy/suhju?userid=karen.waynescott@slurpmail.net&c=E,1,OI4TedSrthGHxnC0hp6TzCa8JVGOLOBzd5zeLuPbQ1TcZgIGTBT1ckUNpNqojsDfhUMR8KxhfkYzmcSJrVyeMxwE644UgTqxlNgyRmlheA,,&typo=1 IP 52.28.80.52:443 ASN #16509 AMAZON-02 Certificate IssuerAmazon Subject.linkprotect.cudasvc.com Fingerprint99:81:DF:77:62:A6:38:24:B7:49:0E:E9:B4:27:1D:E8:3E:C6:AE:65 ValidityWed, 22 Mar 2023 00:00:00 GMT - Fri, 19 Apr 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 138 B (138 bytes) Hash aff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0 HTTP Headers GET /url?a=https://medium.com/m/global-identity-2?redirectUrl=https://rb.gy/suhju?userid=karen.waynescott@slurpmail.net&c=E,1,OI4TedSrthGHxnC0hp6TzCa8JVGOLOBzd5zeLuPbQ1TcZgIGTBT1ckUNpNqojsDfhUMR8KxhfkYzmcSJrVyeMxwE644UgTqxlNgyRmlheA,,&typo=1 HTTP/1.1 Host: linkprotect.cudasvc.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Moved Temporarily Cache-Control: max-age=0, no-cache, no-store, must-revalidate Content-Security-Policy: default-src 'self' 'unsafe-inline' npmcdn.com unpkg.com; script-src 'self' 'unsafe-inline' npmcdn.com cdnjs.cloudflare.com unpkg.com unpkg.com; style-src 'self' 'unsafe-inline' unpkg.com cdnjs.cloudflare.com fonts.googleapis.com; font-src data: 'self' 'unsafe-inline' fonts.gstatic.com; frame-src 'self'; worker-src * data: 'unsafe-eval' 'unsafe-inline' blob:; media-src 'self' d2rmfex73stak2.cloudfront.net; img-src 'self' d2rmfex73stak2.cloudfront.net; frame-ancestors 'none' Content-Type: text/html Date: Wed, 20 Sep 2023 16:48:39 GMT Expires: -1 Location: https://medium.com/m/global-identity-2?redirectUrl=https://rb.gy/suhju?userid=karen.waynescott@slurpmail.net Pragma: no-cache Referrer-Policy: no-referrer Server: nginx Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Content-Length: 138 Connection: keep-alive

	medium.com/m/global-identity-2?redirectUrl=https://rb.gy/suhju?userid=karen.waynescott@slurpmail.net	162.159.152.4	307 Temporary Redirect	0 B
URL User Request GET HTTP/2 medium.com/m/global-identity-2?redirectUrl=https://rb.gy/suhju?userid=karen.waynescott@slurpmail.net IP 162.159.152.4:443 ASN #13335 CLOUDFLARENET Certificate IssuerCloudflare, Inc. Subjectmedium.com FingerprintC1:F5:F2:1F:BB:E1:6E:CF:41:84:19:7C:8D:96:EF:01:6B:9B:CF:DC ValiditySun, 20 Aug 2023 00:00:00 GMT - Sat, 18 Nov 2023 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /m/global-identity-2?redirectUrl=https://rb.gy/suhju?userid=karen.waynescott@slurpmail.net HTTP/1.1 Host: medium.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 307 Temporary Redirect date: Wed, 20 Sep 2023 16:48:40 GMT content-type: text/plain;charset=UTF-8 content-length: 0 location: https://rb.gy/suhju?gi=79d3a58fa78b&userid=karen.waynescott%40slurpmail.net cf-ray: 809b8eaa2b10b527-OSL cf-cache-status: DYNAMIC strict-transport-security: max-age=15552000; includeSubDomains; preload medium-fulfilled-by: edgy/8.3.0, valencia/main-20230919-215816-01fbb546c9 worker-missing-cookies: 1 x-content-type-options: nosniff x-envoy-upstream-service-time: 14 vary: Accept-Encoding set-cookie: uid=lo_af96003e445e; Domain=medium.com; Path=/; Expires=Fri, 20 Sep 2024 16:48:40 GMT; HttpOnly; Secure; SameSite=None sid=1:fqq+GRLs96/xI4Cxj2lpBkZnQC9WBv+UkwumflJ7ZP9YpkFgMrEysk/eQO8s+R7s; Domain=medium.com; Path=/; Expires=Fri, 20 Sep 2024 16:48:40 GMT; HttpOnly; Secure; SameSite=None __cfruid=96d2a8b61ec92c6d303cbffaf443b95c8606dda9-1695228520; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None server: cloudflare alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.r2m01.amazontrust.com/	108.157.228.227		471 B
URL ocsp.r2m01.amazontrust.com/ IP 108.157.228.227:0 ASN #0 File type data Size 471 B (471 bytes) Hash 5c89aa4be6665e592be7758545dc883e 9d49043897a326237a17810753215520eb670aa3 4eacddef4e0e547ecf3d3ecd18e8c9a1b1336c7913ca628c9b3c34cd387a88ee HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m01.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=7200 Date: Wed, 20 Sep 2023 16:48:40 GMT Last-Modified: Wed, 20 Sep 2023 15:40:04 GMT Server: ECAcc (amb/6B66) X-Cache: Miss from cloudfront Via: 1.1 36510edbc7ba8916907c18e15b00f64c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: ARN56-P2 X-Amz-Cf-Id: WDuv_d8A7VNIkX9fDiJyLqvTjJ7AhmO5uSiGDm6RoFwPJ5vMfk_CPw== Age: 4116`

	rb.gy/suhju?gi=79d3a58fa78b&userid=karen.waynescott%40slurpmail.net	3.209.43.118	301 Moved Permanently	0 B
URL User Request GET HTTP/2 rb.gy/suhju?gi=79d3a58fa78b&userid=karen.waynescott%40slurpmail.net IP 3.209.43.118:443 ASN #14618 AMAZON-AES Certificate IssuerAmazon Subjectrb.gy FingerprintDB:A6:0C:96:5D:05:26:D6:95:BF:CD:A8:79:39:3C:DA:CC:7E:93:A5 ValiditySat, 19 Aug 2023 00:00:00 GMT - Mon, 16 Sep 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /suhju?gi=79d3a58fa78b&userid=karen.waynescott%40slurpmail.net HTTP/1.1 Host: rb.gy User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 301 Moved Permanently date: Wed, 20 Sep 2023 16:48:40 GMT content-length: 0 location: https://www.google.com/amp/pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev%2Findex.php?gi=79d3a58fa78b&userid=karen.waynescott@slurpmail.net cache-control: no-cache, no-store expires: -1 engine: Rebrandly.redirect, version 2.1 strict-transport-security: max-age=15552000 X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ae50dd0b146eaba47d6875ee64e98171 12f1c80bcc2972dbb73c578b8169b7441ed10c29 d070845e05c34fa765452de8e6b6cab85a557b35daeabc235fa46adc4f942307 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 20 Sep 2023 16:48:40 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/amp/pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev%2Findex.php?gi=79d3a58fa78b&userid=karen.waynescott@slurpmail.net	142.250.74.132	302 Found	257 B
URL User Request GET HTTP/2 www.google.com/amp/pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev%2Findex.php?gi=79d3a58fa78b&userid=karen.waynescott@slurpmail.net IP 142.250.74.132:443 ASN #15169 GOOGLE Certificate IssuerGoogle Trust Services LLC Subjectwww.google.com Fingerprint46:10:6A:3E:F0:E9:34:E0:79:83:32:6E:2E:D8:2A:57:15:BD:AC:4C ValidityMon, 14 Aug 2023 08:23:03 GMT - Mon, 06 Nov 2023 08:23:02 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators Size 257 B (257 bytes) Hash 47dd39f1dd06ce51e3c6a6ce4607aa3f d5ee21766cf0cf3fca925959d90d8d1ae856cfe0 838b3f156ff370297547440b02bebc8a2ccbf9046dd8aadb1275fd0a5fc987c4 HTTP Headers GET /amp/pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev%2Findex.php?gi=79d3a58fa78b&userid=karen.waynescott@slurpmail.net HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found location: http://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php cache-control: private x-robots-tag: noindex content-type: text/html; charset=UTF-8 strict-transport-security: max-age=31536000 content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-_ElkJFE87mR_FZkhHVj7jg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]} p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." date: Wed, 20 Sep 2023 16:48:40 GMT server: gws content-length: 257 x-xss-protection: 0 x-frame-options: SAMEORIGIN set-cookie: __Secure-ENID=14.SE=MIRSwr7jih4DnqFJdaiTqQRqX5pMCthSJ_cpTznwMXV9-y1CDlb9f9ptj0-2Z67ClD9awrulX04vYLsIyviUNfxox-e0bvkQMjXLr1gCG8npA0cXibvLk0-6tJMtVFrZd7deVfdWxgY2TwUTDmqQ0CGjSFT8W8Ma7SiNuZ5i2S4; expires=Sun, 20-Oct-2024 09:06:58 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax CONSENT=PENDING+024; expires=Fri, 19-Sep-2025 16:48:40 GMT; path=/; domain=.google.com; Secure alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php	104.18.2.35	301 Moved Permanently	0 B
URL User Request GET HTTP/1.1 pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php IP 104.18.2.35:80 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /index.php HTTP/1.1 Host: pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 301 Moved Permanently Date: Wed, 20 Sep 2023 16:48:40 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Wed, 20 Sep 2023 17:48:40 GMT Location: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Vary: Accept-Encoding Server: cloudflare CF-RAY: 809b8eafd8045684-OSL`

	glyph.medium.com/css/unbound.css	162.159.152.4		1.5 kB
URL glyph.medium.com/css/unbound.css IP 162.159.152.4:0 ASN #13335 CLOUDFLARENET File type gzip compressed data, from Unix\012- data Size 1.5 kB (1465 bytes) Hash f43a8c5f09275a76da8dd12092907730 6542783e608a43a001051ac43bb8b8075ad755eb dffff178f77bdefe6b3023a8b73107f95de8796c915fc436be05bdad7244e186 HTTP Headers `GET /css/unbound.css HTTP/1.1 Host: glyph.medium.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Moz: early hint Connection: keep-alive Referer: https://medium.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK date: Wed, 20 Sep 2023 16:48:40 GMT content-type: text/css access-control-allow-credentials: true access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid access-control-allow-methods: GET, POST, PUT, DELETE access-control-allow-origin: * access-control-max-age: 86400 cache-control: public, max-age=7200 expires: Wed, 20 Sep 2023 18:48:40 GMT x-envoy-upstream-service-time: 3 cf-cache-status: HIT age: 3370 vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains; preload x-content-type-options: nosniff set-cookie: __cfruid=96d2a8b61ec92c6d303cbffaf443b95c8606dda9-1695228520; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 809b8eaa9b74b527-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php	104.18.3.35	301 Moved Permanently	38 kB
URL User Request GET HTTP/1.1 pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php IP 104.18.3.35:80 ASN #13335 CLOUDFLARENET File type HTML document text\012- exported SGML document, ASCII text, with very long lines (37438) Size 38 kB (37467 bytes) Hash 190ea987035bb2f059f20612d063054c bd292760ddd39e0edb5311b8e91c45810012e20a 538781e71a521d7465a677454178979362db6830fb6d2ded45a08f2578a253b1 HTTP Headers `GET /index.php HTTP/1.1 Host: pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 20 Sep 2023 16:48:41 GMT Content-Length: 37467 Connection: keep-alive Accept-Ranges: bytes ETag: "190ea987035bb2f059f20612d063054c" Last-Modified: Mon, 18 Sep 2023 17:35:06 GMT Vary: Accept-Encoding Server: cloudflare CF-RAY: 809b8eb00b05b512-OSL`

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash aff723341f53f020db1ba26e898bbd48 23f915039b79b9247907a1395fa32f57cf3c1a41 6e996d55d168ee427fb70dc93c074a42c5f6eebd2756fa1ed79341f73b44c455 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 20 Sep 2023 16:48:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	code.jquery.com/jquery-3.2.1.slim.min.js	151.101.194.137	200 OK	24 kB
URL GET HTTP/2 code.jquery.com/jquery-3.2.1.slim.min.js IP 151.101.194.137:443 ASN #54113 FASTLY Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerSectigo Limited Subject.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT File type ASCII text, with very long lines (32012) Size 24 kB (23856 bytes) Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 HTTP Headers `GET /jquery-3.2.1.slim.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT etag: W/"28feccc0-10fdd" cache-control: public, max-age=31536000, stale-while-revalidate=604800 access-control-allow-origin: * content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Wed, 20 Sep 2023 16:48:41 GMT age: 324722 x-served-by: cache-lga21963-LGA, cache-bma1661-BMA x-cache: HIT, HIT x-cache-hits: 22, 7498 x-timer: S1695228522.712529,VS0,VE0 vary: Accept-Encoding content-length: 23856 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	104.17.25.14	200 OK	6.2 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type ASCII text, with very long lines (19015) Size 6.2 kB (6157 bytes) Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 HTTP Headers GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 20 Sep 2023 16:48:41 GMT content-type: application/javascript; charset=utf-8 content-length: 6157 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "64942d85-180d" last-modified: Thu, 22 Jun 2023 11:16:21 GMT cf-cdnjs-via: cfworker/r2 cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 1741112 expires: Mon, 09 Sep 2024 16:48:41 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkkzDnvRg7gDUD3xLIntWzeQif93TRoFr8tzCi7sqPV0UUxFbvZIA5HYQOoNHOD8vYShfHcT8Y0VI0oTr3P1ukz10udQjhnrDKRBDd3zr5Q6lrPL%2BI6idemtGI8xnHybDqHsMqnv"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 809b8eb4b9fe568d-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash da172efb0fd6da2c4ee844abac50aadc 084492ced57dd89b321f15d24352c905bee1e06a d2e1252e318b7c2f54dd7b9701c1d2ad991f35719d474031202b2ad0b9fe666b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 20 Sep 2023 16:48:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	code.jquery.com/jquery-3.1.1.min.js	151.101.194.137	200 OK	30 kB
URL GET HTTP/2 code.jquery.com/jquery-3.1.1.min.js IP 151.101.194.137:443 ASN #54113 FASTLY Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerSectigo Limited Subject.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT File type ASCII text, with very long lines (32030) Size 30 kB (30070 bytes) Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf HTTP Headers `GET /jquery-3.1.1.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT etag: W/"28feccc0-152b5" cache-control: public, max-age=31536000, stale-while-revalidate=604800 access-control-allow-origin: * content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Wed, 20 Sep 2023 16:48:41 GMT age: 427919 x-served-by: cache-lga21947-LGA, cache-bma1653-BMA x-cache: HIT, HIT x-cache-hits: 119, 26713 x-timer: S1695228522.726453,VS0,VE0 vary: Accept-Encoding content-length: 30070 X-Firefox-Spdy: h2

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	142.250.74.138	200 OK	30 kB
URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.138:443 ASN #15169 GOOGLE Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38 ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT File type ASCII text, with very long lines (32065) Size 30 kB (30028 bytes) Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e HTTP Headers `GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 30028 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 17 Sep 2023 04:04:30 GMT expires: Mon, 16 Sep 2024 04:04:30 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 age: 305051 last-modified: Tue, 03 Mar 2020 19:15:00 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash aff723341f53f020db1ba26e898bbd48 23f915039b79b9247907a1395fa32f57cf3c1a41 6e996d55d168ee427fb70dc93c074a42c5f6eebd2756fa1ed79341f73b44c455 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 20 Sep 2023 16:48:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.googleapis.com/css?family=Archivo+Narrow&display=swap	142.250.74.106	200 OK	937 B
URL GET HTTP/2 fonts.googleapis.com/css?family=Archivo+Narrow&display=swap IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38 ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT File type gzip compressed data, max compression\012- data Size 937 B (937 bytes) Hash 77474e7fb83a3507cda4050f06be81cf ba2f404163d99b8644b7b57f0359a7b1159924bc efc9caeec714ccddb1d777ee4c126fe5500ba5caded9fcfcfaf756b41870f157 HTTP Headers `GET /css?family=Archivo+Narrow&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 20 Sep 2023 16:48:41 GMT date: Wed, 20 Sep 2023 16:48:41 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/css/hover.css	104.18.3.35	200 OK	8.3 kB
URL GET HTTP/1.1 pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/css/hover.css IP 104.18.3.35:443 ASN #13335 CLOUDFLARENET Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerLet's Encrypt Subject.r2.dev FingerprintE8:0C:C2:4D:15:01:60:A8:F1:76:79:D2:4D:CB:27:19:C0:CF:60:B2 ValiditySun, 13 Aug 2023 17:25:54 GMT - Sat, 11 Nov 2023 17:25:53 GMT File type ASCII text Size 8.3 kB (8283 bytes) Hash fac4178c15e5a86139c662dafc809501 ef1481841399156a880ec31b07dda9cfaa1ace39 bb88454962767eb6f2ddb1aabaaf844d8a57de7e8f848d7f6928f81b54998452 HTTP Headers `GET /css/hover.css HTTP/1.1 Host: pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 20 Sep 2023 16:48:42 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive ETag: W/"fac4178c15e5a86139c662dafc809501" Last-Modified: Mon, 18 Sep 2023 17:35:51 GMT Vary: Accept-Encoding Server: cloudflare CF-RAY: 809b8eb3fec7b512-OSL Content-Encoding: gzip`

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	142.250.74.138	200 OK	30 kB
URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.138:443 ASN #15169 GOOGLE Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38 ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT File type ASCII text, with very long lines (32065) Size 30 kB (30028 bytes) Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e HTTP Headers `GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 30028 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 17 Sep 2023 04:04:30 GMT expires: Mon, 16 Sep 2024 04:04:30 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 age: 305052 last-modified: Tue, 03 Mar 2020 19:15:00 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/images/aol1.png	104.18.2.35	200 OK	26 kB
URL GET HTTP/1.1 pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/images/aol1.png IP 104.18.2.35:443 ASN #13335 CLOUDFLARENET Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerLet's Encrypt Subject.r2.dev FingerprintE8:0C:C2:4D:15:01:60:A8:F1:76:79:D2:4D:CB:27:19:C0:CF:60:B2 ValiditySun, 13 Aug 2023 17:25:54 GMT - Sat, 11 Nov 2023 17:25:53 GMT File type PNG image data, 253 x 218, 8-bit/color RGBA, non-interlaced\012- data Size 26 kB (26456 bytes) Hash ec9cbc1048239b3927ad0276fc983019 17c27c038644bdb141381b606c7c94a177c07326 f8a8cf4f1928938c796e2f35f8c21b0d510d4e3f16e016ee83d1f206f8ebde14 HTTP Headers `GET /images/aol1.png HTTP/1.1 Host: pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 20 Sep 2023 16:48:42 GMT Content-Type: image/png Content-Length: 26456 Connection: keep-alive Accept-Ranges: bytes ETag: "ec9cbc1048239b3927ad0276fc983019" Last-Modified: Mon, 18 Sep 2023 17:35:47 GMT Vary: Accept-Encoding Server: cloudflare CF-RAY: 809b8eb76e8056b9-OSL`

	pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/images/gmail1.png	104.18.2.35	200 OK	684 B
URL GET HTTP/1.1 pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/images/gmail1.png IP 104.18.2.35:443 ASN #13335 CLOUDFLARENET Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerLet's Encrypt Subject.r2.dev FingerprintE8:0C:C2:4D:15:01:60:A8:F1:76:79:D2:4D:CB:27:19:C0:CF:60:B2 ValiditySun, 13 Aug 2023 17:25:54 GMT - Sat, 11 Nov 2023 17:25:53 GMT File type PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data Size 684 B (684 bytes) Hash 9cfa8c18fd226f29d38a8272c04c5f23 811e2d3c8806d07f6927a891856c051894c5a339 13414930adeb5db9b7a8e396be2aeadf2be6eb7aa9a768876bae79cbddf01ab5 HTTP Headers `GET /images/gmail1.png HTTP/1.1 Host: pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 20 Sep 2023 16:48:42 GMT Content-Type: image/png Content-Length: 684 Connection: keep-alive Accept-Ranges: bytes ETag: "9cfa8c18fd226f29d38a8272c04c5f23" Last-Modified: Mon, 18 Sep 2023 17:35:49 GMT Vary: Accept-Encoding Server: cloudflare CF-RAY: 809b8eb74a07568f-OSL`

	pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/images/yahoo1.png	104.18.3.35	200 OK	18 kB
URL GET HTTP/1.1 pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/images/yahoo1.png IP 104.18.3.35:443 ASN #13335 CLOUDFLARENET Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerLet's Encrypt Subject.r2.dev FingerprintE8:0C:C2:4D:15:01:60:A8:F1:76:79:D2:4D:CB:27:19:C0:CF:60:B2 ValiditySun, 13 Aug 2023 17:25:54 GMT - Sat, 11 Nov 2023 17:25:53 GMT File type PNG image data, 151 x 151, 8-bit/color RGBA, non-interlaced\012- data Size 18 kB (17931 bytes) Hash 4458cd0a6df7deabdff0b99bd5905ec9 45a8b436d07d7ed7973b87a1c393d6973afe6fb5 aad24ed5f36320964c515b9889cb2943bbf830b40703999ad3976fce8176e554 HTTP Headers `GET /images/yahoo1.png HTTP/1.1 Host: pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 20 Sep 2023 16:48:42 GMT Content-Type: image/png Content-Length: 17931 Connection: keep-alive Accept-Ranges: bytes ETag: "4458cd0a6df7deabdff0b99bd5905ec9" Last-Modified: Mon, 18 Sep 2023 17:35:58 GMT Vary: Accept-Encoding Server: cloudflare CF-RAY: 809b8eb749c6b512-OSL`

	pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/images/gmail.png	104.18.2.35	200 OK	67 kB
URL GET HTTP/1.1 pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/images/gmail.png IP 104.18.2.35:443 ASN #13335 CLOUDFLARENET Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerLet's Encrypt Subject.r2.dev FingerprintE8:0C:C2:4D:15:01:60:A8:F1:76:79:D2:4D:CB:27:19:C0:CF:60:B2 ValiditySun, 13 Aug 2023 17:25:54 GMT - Sat, 11 Nov 2023 17:25:53 GMT File type PNG image data, 1280 x 1280, 8-bit/color RGBA, non-interlaced\012- data Size 67 kB (66743 bytes) Hash dce2f2b0e50cb1dbb0246d152791cb46 d0a69c159304edc08db005163e7a0daf5a1e98a6 acf087c1757f08b0cfd53d59066544d7ef0bfcc50999e77c5813739cd9dc1479 HTTP Headers `GET /images/gmail.png HTTP/1.1 Host: pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 20 Sep 2023 16:48:42 GMT Content-Type: image/png Content-Length: 66743 Connection: keep-alive Accept-Ranges: bytes ETag: "dce2f2b0e50cb1dbb0246d152791cb46" Last-Modified: Mon, 18 Sep 2023 17:35:50 GMT Vary: Accept-Encoding Server: cloudflare CF-RAY: 809b8eb74b680b4d-OSL`

	pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/images/other1.png	104.18.2.35	200 OK	22 kB
URL GET HTTP/1.1 pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/images/other1.png IP 104.18.2.35:443 ASN #13335 CLOUDFLARENET Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerLet's Encrypt Subject.r2.dev FingerprintE8:0C:C2:4D:15:01:60:A8:F1:76:79:D2:4D:CB:27:19:C0:CF:60:B2 ValiditySun, 13 Aug 2023 17:25:54 GMT - Sat, 11 Nov 2023 17:25:53 GMT File type PNG image data, 190 x 187, 8-bit/color RGBA, non-interlaced\012- data Size 22 kB (21882 bytes) Hash 6843a244e12fab158aa189680b5e7049 0e1c691f87cc4fa35c88344974f2829c40176b70 3a9b144d6482b78afc4e0a940a1d3c22240f14fa535b808cf4dab9635339569f HTTP Headers `GET /images/other1.png HTTP/1.1 Host: pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 20 Sep 2023 16:48:42 GMT Content-Type: image/png Content-Length: 21882 Connection: keep-alive Accept-Ranges: bytes ETag: "6843a244e12fab158aa189680b5e7049" Last-Modified: Mon, 18 Sep 2023 17:35:52 GMT Vary: Accept-Encoding Server: cloudflare CF-RAY: 809b8eb7495ab524-OSL`

	pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/images/office3651.png	104.18.2.35	200 OK	18 kB
URL GET HTTP/1.1 pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/images/office3651.png IP 104.18.2.35:443 ASN #13335 CLOUDFLARENET Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerLet's Encrypt Subject.r2.dev FingerprintE8:0C:C2:4D:15:01:60:A8:F1:76:79:D2:4D:CB:27:19:C0:CF:60:B2 ValiditySun, 13 Aug 2023 17:25:54 GMT - Sat, 11 Nov 2023 17:25:53 GMT File type PNG image data, 187 x 188, 8-bit/color RGBA, non-interlaced\012- data Size 18 kB (18147 bytes) Hash a5cdadd60382e9ae6228121542eb1c2a cec15f6470d0237569e931d7d11752b41ac5d8a3 71e729939e175f4ae9d3fcc645d6b7389ec341a47a84950e047197331fdc22f1 HTTP Headers `GET /images/office3651.png HTTP/1.1 Host: pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 20 Sep 2023 16:48:42 GMT Content-Type: image/png Content-Length: 18147 Connection: keep-alive Accept-Ranges: bytes ETag: "a5cdadd60382e9ae6228121542eb1c2a" Last-Modified: Mon, 18 Sep 2023 17:35:52 GMT Vary: Accept-Encoding Server: cloudflare CF-RAY: 809b8eb77b535696-OSL`

	pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/images/outlook1.png	104.18.3.35	200 OK	771 B
URL GET HTTP/1.1 pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/images/outlook1.png IP 104.18.3.35:443 ASN #13335 CLOUDFLARENET Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerLet's Encrypt Subject.r2.dev FingerprintE8:0C:C2:4D:15:01:60:A8:F1:76:79:D2:4D:CB:27:19:C0:CF:60:B2 ValiditySun, 13 Aug 2023 17:25:54 GMT - Sat, 11 Nov 2023 17:25:53 GMT File type PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data Size 771 B (771 bytes) Hash c3fc46c5799c76f9107504028f39190f 519096ad3f03410cf9ce3c9b9fcca6b439d97b23 57898461712a639d119bdf88b7145919dcc8956c7a271d2e4a1084b29eae6785 HTTP Headers `GET /images/outlook1.png HTTP/1.1 Host: pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 20 Sep 2023 16:48:42 GMT Content-Type: image/png Content-Length: 771 Connection: keep-alive Accept-Ranges: bytes ETag: "c3fc46c5799c76f9107504028f39190f" Last-Modified: Mon, 18 Sep 2023 17:35:55 GMT Vary: Accept-Encoding Server: cloudflare CF-RAY: 809b8eb8cb23b512-OSL`

	pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/images/adobe.png	104.18.2.35	200 OK	199 kB
URL GET HTTP/1.1 pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/images/adobe.png IP 104.18.2.35:443 ASN #13335 CLOUDFLARENET Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerLet's Encrypt Subject.r2.dev FingerprintE8:0C:C2:4D:15:01:60:A8:F1:76:79:D2:4D:CB:27:19:C0:CF:60:B2 ValiditySun, 13 Aug 2023 17:25:54 GMT - Sat, 11 Nov 2023 17:25:53 GMT File type PNG image data, 3300 x 4197, 8-bit/color RGBA, non-interlaced\012- data Size 199 kB (198703 bytes) Hash 09ab7af6f2533fc569ff26213c38b3be 8f93e6cb7944d0ce3235f85898d01d3ee4f6901c 208ecb531960b1a3aacda4d67d8c873b2848915a0411ea22aa025a434a2ee883 HTTP Headers `GET /images/adobe.png HTTP/1.1 Host: pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 20 Sep 2023 16:48:42 GMT Content-Type: image/png Content-Length: 198703 Connection: keep-alive Accept-Ranges: bytes ETag: "09ab7af6f2533fc569ff26213c38b3be" Last-Modified: Mon, 18 Sep 2023 17:35:48 GMT Vary: Accept-Encoding Server: cloudflare CF-RAY: 809b8eb8cbad568f-OSL`

	pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/images/0vv.jpg	104.18.2.35	200 OK	479 kB
URL GET HTTP/1.1 pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/images/0vv.jpg IP 104.18.2.35:443 ASN #13335 CLOUDFLARENET Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerLet's Encrypt Subject.r2.dev FingerprintE8:0C:C2:4D:15:01:60:A8:F1:76:79:D2:4D:CB:27:19:C0:CF:60:B2 ValiditySun, 13 Aug 2023 17:25:54 GMT - Sat, 11 Nov 2023 17:25:53 GMT File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1080, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data Size 479 kB (479411 bytes) Hash a5224d572531101786cc31a84e25da22 5e551ae67f451fe15c7e998c0e28648e558c375e 7af5570f28ac2749095f3ab96c9bb35d98775984becbfb7ed693d30fb500f2ff HTTP Headers `GET /images/0vv.jpg HTTP/1.1 Host: pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 20 Sep 2023 16:48:42 GMT Content-Type: image/jpeg Content-Length: 479411 Connection: keep-alive Accept-Ranges: bytes ETag: "a5224d572531101786cc31a84e25da22" Last-Modified: Mon, 18 Sep 2023 17:35:47 GMT Vary: Accept-Encoding Server: cloudflare CF-RAY: 809b8eb86f6c56b9-OSL`

	ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251	172.64.131.9	200 OK	11 kB
URL GET HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251 IP 172.64.131.9:443 ASN #13335 CLOUDFLARENET Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint64:27:AB:CA:DB:24:8C:C9:87:09:13:04:21:49:9C:6A:4E:DD:97:93 ValiditySun, 10 Sep 2023 05:39:32 GMT - Sat, 09 Dec 2023 05:39:31 GMT File type ASCII text, with very long lines (26500) Size 11 kB (10661 bytes) Hash 76f34b71fc9fb641507ff6a822cc07f5 73ed2f8f21cd40fb496e61306acbb5849d4dbff4 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8 HTTP Headers GET /releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251 HTTP/1.1 Host: ka-f.fontawesome.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/ Origin: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 20 Sep 2023 16:48:42 GMT content-type: text/css access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 last-modified: Wed, 04 Aug 2021 18:53:09 GMT etag: W/"76f34b71fc9fb641507ff6a822cc07f5" cache-control: max-age=31556926 access-control-allow-headers: fa-kit-token vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 c554699ee704a19f7545cb8005037198.cloudfront.net (CloudFront) x-amz-cf-pop: CDG52-P2 x-amz-cf-id: b0qa05EgnwXKINIJQ7xWDnCoBcUr1oAYSnqkN30zJKFsCAW724Mm6Q== cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tp6eXkPNJ296Sj3KvDLDEs7%2FXiX%2Fz1iqzLi9uaftvbFFcle3u0A0wAdIc7ehtwhLDBtidI%2BSixXZ6%2FFugX1iQewtDPfGoIenMhzvao5z18%2Fub0b7tXkq01NyAKZmB1Jk3%2F7ZoRvUDw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 809b8eb96da12282-CDG content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	104.18.10.207	200 OK	49 kB
URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207:443 ASN #13335 CLOUDFLARENET Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT File type ASCII text, with very long lines (48664) Size 49 kB (48944 bytes) Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b HTTP Headers GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 20 Sep 2023 16:48:41 GMT content-type: application/javascript; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17" last-modified: Mon, 25 Jan 2021 22:04:04 GMT cdn-cachedat: 11/25/2022 23:23:38 cdn-proxyver: 1.03 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 865 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-requestid: 97e6a624306cf8e9be4fad5cd15201ed cdn-cache: HIT cf-cache-status: MISS strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 809b8eb49ee356a5-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	kit.fontawesome.com/585b051251.js	104.18.22.52	200 OK	12 kB
URL GET HTTP/2 kit.fontawesome.com/585b051251.js IP 104.18.22.52:443 ASN #13335 CLOUDFLARENET Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerDigiCert Inc Subject.fontawesome.com Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT File type ASCII text, with very long lines (11213) Size 12 kB (11645 bytes) Hash 4ec685b1e2c1ca5fd6d56e2f4cb0569d a41e1f45db2fbc59562390ba8567ec3373d69510 cac5a0bd86eba50bf4a83d4dc43fe38b759ed39cc8397fdbbaa7ea68b9c63cfa HTTP Headers `GET /585b051251.js HTTP/1.1 Host: kit.fontawesome.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Wed, 20 Sep 2023 16:48:41 GMT content-type: text/javascript access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token access-control-allow-methods: GET, OPTIONS access-control-allow-origin: * access-control-max-age: 3000 cache-control: max-age=60, public, stale-while-revalidate=30 vary: origin, accept-encoding, access-control-request-headers, access-control-request-method x-request-id: F4apW961pY8GcSAEpVCi cf-cache-status: MISS server: cloudflare cf-ray: 809b8eb4b880b4ff-OSL content-encoding: gzip X-Firefox-Spdy: h2

	ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251	172.64.131.9	200 OK	60 kB
URL GET HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251 IP 172.64.131.9:443 ASN #13335 CLOUDFLARENET Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint64:27:AB:CA:DB:24:8C:C9:87:09:13:04:21:49:9C:6A:4E:DD:97:93 ValiditySun, 10 Sep 2023 05:39:32 GMT - Sat, 09 Dec 2023 05:39:31 GMT File type ASCII text, with very long lines (60130) Size 60 kB (60312 bytes) Hash a12ec7ebe75a4d59a5dd6b79e2ba2e16 28f5dcc595ee6d4163481ef64170180502c8629b fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda HTTP Headers GET /releases/v5.15.4/css/free.min.css?token=585b051251 HTTP/1.1 Host: ka-f.fontawesome.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/ Origin: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 20 Sep 2023 16:48:42 GMT content-type: text/css access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 last-modified: Wed, 04 Aug 2021 18:53:09 GMT etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16" cache-control: max-age=31556926 access-control-allow-headers: fa-kit-token vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 127aaaaca740f298a4c887357ec047b4.cloudfront.net (CloudFront) x-amz-cf-pop: CDG52-P2 x-amz-cf-id: XeXWo8OuCR-mxBs0r0wFnliR-EnfNYXda08-Si9ciwoQ8ijSovD67Q== cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMywZHLb3JTDAGPhI%2FoHxka8UUL4owR57hv%2B5c588SYkVT6XejJl8R9AAJyI%2BgQDRICtmEcM%2FIPWfY4zGDxH%2BfJXb30orCccNJ3s%2F%2FKxILGiI6a1yZP3zpbrDknSPqYBiSJ5eiAJLA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 809b8eb96da32282-CDG content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/favicon.ico	104.18.2.35	404 Not Found	27 kB
URL GET HTTP/1.1 pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/favicon.ico IP 104.18.2.35:443 ASN #13335 CLOUDFLARENET Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerLet's Encrypt Subject.r2.dev FingerprintE8:0C:C2:4D:15:01:60:A8:F1:76:79:D2:4D:CB:27:19:C0:CF:60:B2 ValiditySun, 13 Aug 2023 17:25:54 GMT - Sat, 11 Nov 2023 17:25:53 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (611) Size 27 kB (27242 bytes) Hash df3d48946e8d3f5a83608308edbb4b86 47b9c40c97abf2658df96b1c06109324e15e1a00 570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 404 Not Found Date: Wed, 20 Sep 2023 16:48:42 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Server: cloudflare CF-RAY: 809b8ebb4e53568f-OSL Content-Encoding: gzip`

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css	104.18.10.207	200 OK	145 kB
URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css IP 104.18.10.207:443 ASN #13335 CLOUDFLARENET Requested by https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/index.php Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT File type ASCII text, with very long lines (65325) Size 145 kB (144877 bytes) Hash 450fc463b8b1a349df717056fbb3e078 895125a4522a3b10ee7ada06ee6503587cbf95c5 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d HTTP Headers GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev DNT: 1 Connection: keep-alive Referer: https://pub-edb456e179234c6a9628c0b63a6dafbc.r2.dev/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 20 Sep 2023 16:48:41 GMT content-type: text/css; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: W/"450fc463b8b1a349df717056fbb3e078" last-modified: Mon, 25 Jan 2021 22:04:04 GMT cdn-cachedat: 06/15/2023 15:41:03 cdn-proxyver: 1.03 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 752 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-requestid: 0d6d7da2fec5501e618b774b0d353028 cdn-cache: HIT cf-cache-status: MISS strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 809b8eb4aef456a5-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (35)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate