doubletrebletrinkets.co.uk/
92.204.218.143200 OK 16 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2501)
Hash 1d0b5de62c6f34e7bba4dfd1dcbc1124
55c52378183b399e4ad0ed9043605250a55b08a8
d5c8f93b45eb83ebf7d691f235cd026678e40685f2d0a440a06dcf82c19cac51
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
Link: <http://doubletrebletrinkets.co.uk/wp-json/>; rel="https://api.w.org/", <http://doubletrebletrinkets.co.uk/wp-json/wp/v2/pages/45>; rel="alternate"; type="application/json", <http://doubletrebletrinkets.co.uk/>; rel=shortlink
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Cache-Control: max-age=172800
Expires: Tue, 13 Sep 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15504
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8130
Expires: Sun, 11 Sep 2022 16:23:36 GMT
Date: Sun, 11 Sep 2022 14:08:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 14:07:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hb1VhWnUO_6BWcumoF73ZBo5Y55E0x92iOXNwY4jFVU4-MYN3JpHMQ==
Age: 28
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aYTJjPO3FAjuf5FHUY8tvUwxpn-7G8oAAPCgV5vTiSD8ghOBZDxS-w==
age: 24654
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 14:08:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
doubletrebletrinkets.co.uk/wp-content/themes/twentyten/style.css?ver=20190507
92.204.218.143200 OK 6.3 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/themes/twentyten/style.css?ver=20190507
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (535)
Hash 15e6d601e1f4144637b2a38935485233
72b2c90bde11659b8de79d55406b4269d49d2676
617ee007afd54dbfa07982e0e835cb57521c9e01b812f0fd5d124f00176f0e35
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/twentyten/style.css?ver=20190507 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:57:17 GMT
ETag: "29a0fc0-6199-5c9f178f67391-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 11 Oct 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6253
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
doubletrebletrinkets.co.uk/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.7
92.204.218.143200 OK 6.7 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.7
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (12198), with CRLF line terminators
Hash 4d31e2a6db5decae3878e5e721cca3d9
93a3504026153c10ebfa0fe5e888b16a37b082cc
5363e9795f8067027d5a2087c0cce9f5b48eb826bed3d18cd4d45d9269c69826
GET /wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.7 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Mon, 20 Jun 2022 16:37:23 GMT
ETag: "24a1103-5b20-5e1e3b7f14a40-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=172800
Expires: Tue, 13 Sep 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6724
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
doubletrebletrinkets.co.uk/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.7
92.204.218.143200 OK 12 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.7
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (65371)
Hash d12aeeb7bb447933596a67caa448af0b
479285d946526cf0d71dc072dd1f7fe2aa6ac137
1f1ad0763720b9917df234222a6c45fe670554960a7b27a0f0d6ad22607a9800
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.7 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 20 Jun 2022 16:37:23 GMT
ETag: "24a1108-130fd-5e1e3b7f14e28-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 11 Oct 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11776
Keep-Alive: timeout=5
Content-Type: text/css
doubletrebletrinkets.co.uk/wp-content/plugins/crafty-social-buttons/css/public.min.css?ver=1.5.3
92.204.218.143200 OK 770 B URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/plugins/crafty-social-buttons/css/public.min.css?ver=1.5.3
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (3926), with no line terminators
Hash 6fdfb83f54e29f8bf1c20e4d69bf8d63
041ccbd8a7c08d553d545a211ebb1ae71ce8c4f0
ee383841d245b8e0d044f41aab880fb881f52bc50badb3dff3e2af6888d5c436
GET /wp-content/plugins/crafty-social-buttons/css/public.min.css?ver=1.5.3 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 19 Aug 2021 22:14:09 GMT
ETag: "26a0989-f56-5c9f0debf48d0-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 11 Oct 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 770
Keep-Alive: timeout=5
Content-Type: text/css
doubletrebletrinkets.co.uk/wp-content/plugins/accesspress-social-counter/css/frontend.css?ver=1.9.2
92.204.218.143200 OK 2.5 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/plugins/accesspress-social-counter/css/frontend.css?ver=1.9.2
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash 681e5d464e39d6614bda9615ee413dd0
0986048b64072ad7a3b22accb49f47777fcd80bb
1b11638edfbab30a4d5a9b5fa048668d26cfe70f0ca903611774ff55945129d3
GET /wp-content/plugins/accesspress-social-counter/css/frontend.css?ver=1.9.2 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 12 Nov 2021 16:36:42 GMT
ETag: "24a1c86-3d13-5d09a10650a5a-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 11 Oct 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2494
Keep-Alive: timeout=5
Content-Type: text/css
doubletrebletrinkets.co.uk/wp-content/plugins/visitors-traffic-real-time-statistics/js/front.js?ver=5.8
92.204.218.143200 OK 414 B URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/plugins/visitors-traffic-real-time-statistics/js/front.js?ver=5.8
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
Hash 819e3ca39547f1c61733f24d79750d38
b581de0fbd70e2fe6fb23f97ff7b208fa7d275f5
eb1d02a86a95c165bf8a2cae5bcde6da6ed19b1cdf5d832c73fd1950931ce40c
GET /wp-content/plugins/visitors-traffic-real-time-statistics/js/front.js?ver=5.8 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Sun, 17 Jul 2022 16:37:10 GMT
ETag: "24a0b27-37a-5e402dce87bfe-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=172800
Expires: Tue, 13 Sep 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 414
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
doubletrebletrinkets.co.uk/wp-content/plugins/email-subscribers/lite/public/css/email-subscribers-public.css?ver=5.4.11
92.204.218.143200 OK 769 B URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/plugins/email-subscribers/lite/public/css/email-subscribers-public.css?ver=5.4.11
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
Hash 2d562f04002ba45d7676264f8a47a9e7
3dd568ef4b039bd30d546c305983021e05acdb1f
e596318605ededbaf90b4a9429b37a14855dda62f87fe8b55881ff64aa890808
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/email-subscribers/lite/public/css/email-subscribers-public.css?ver=5.4.11 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 07 Sep 2022 16:36:40 GMT
ETag: "24a0ac6-85d-5e818eae039f3-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 11 Oct 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 769
Keep-Alive: timeout=5
Content-Type: text/css
doubletrebletrinkets.co.uk/wp-content/themes/twentyten/blocks.css?ver=20181218
92.204.218.143200 OK 1.2 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/themes/twentyten/blocks.css?ver=20181218
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
Hash a445b335afd6e22a8d2616633f90c548
91f899f4b95ae7f27029766c5a3b0dbaf1a24b77
d0f088b92c52448d3800c3fb472903144e410abf25f4566ab9b782535eb52984
GET /wp-content/themes/twentyten/blocks.css?ver=20181218 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 19 Aug 2021 22:57:17 GMT
ETag: "29a0fb4-125d-5c9f178f66fa9-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 11 Oct 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1168
Keep-Alive: timeout=5
Content-Type: text/css
doubletrebletrinkets.co.uk/wp-content/plugins/eu-cookie-law/css/style.css?ver=5.8
92.204.218.143200 OK 1.0 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/plugins/eu-cookie-law/css/style.css?ver=5.8
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash b43d38f93c4d242170e3b3189cfa7d46
0ec257b7d1d47e346e45bb3b6da4c1c3258d189e
838f729a2609e75809c7df33f04060b79f3f8ef4774643ed6a91289b4a4213aa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/eu-cookie-law/css/style.css?ver=5.8 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:41:26 GMT
ETag: "2940075-e73-5c9f1404fbf46-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 11 Oct 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1034
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
doubletrebletrinkets.co.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
92.204.218.143200 OK 4.2 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:38:15 GMT
ETag: "26a078e-2bd8-5c9f134e108a1-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=172800
Expires: Tue, 13 Sep 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4169
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
doubletrebletrinkets.co.uk/wp-includes/js/comment-reply.min.js?ver=5.8
92.204.218.143200 OK 1.3 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-includes/js/comment-reply.min.js?ver=5.8
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (2949)
Hash 1cf4c3e8e70de8171ff6d4530d1fec31
e45846b00f185fb3e3d16b61d6073c961c2dcf50
bcb5aef7cf39483421bc74866fb39786953559ff5fa9e9d003743b33702d64b7
GET /wp-includes/js/comment-reply.min.js?ver=5.8 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:38:15 GMT
ETag: "24a1045-ba8-5c9f134edc287-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=172800
Expires: Tue, 13 Sep 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1346
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
doubletrebletrinkets.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
92.204.218.143200 OK 31 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:38:15 GMT
ETag: "26a0aaf-15db1-5c9f134e10c89-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=172800
Expires: Tue, 13 Sep 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30908
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
doubletrebletrinkets.co.uk/wp-includes/css/dist/block-library/style.min.css?ver=5.8
92.204.218.143200 OK 10 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-includes/css/dist/block-library/style.min.css?ver=5.8
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash 2a3cc81919349cb551f504b077791457
1d9393824b33b80513dbb9b2c8db48b6719d5d46
13a8d762ef70a9a18c89c226c4671f986401ccb7dae1c20be18c3db1eabbb62c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:38:17 GMT
ETag: "29a0a7c-13abe-5c9f1350605a1-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 11 Oct 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10523
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
doubletrebletrinkets.co.uk/wp-content/plugins/crafty-social-buttons/js/public.min.js?ver=1.5.3
92.204.218.143200 OK 689 B URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/plugins/crafty-social-buttons/js/public.min.js?ver=1.5.3
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (1047)
Hash 7564ed452f13757d5b81ffe38dccac38
4ec064dde000233a0e2b619d4a235e013c190bc8
c43e1f5dc1bc5d184173da1871c5ed850574cb26cc10580e2e16844e5c6b5ff7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/crafty-social-buttons/js/public.min.js?ver=1.5.3 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:14:12 GMT
ETag: "26a099b-46c-5c9f0dee00fa9-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=172800
Expires: Tue, 13 Sep 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 689
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
doubletrebletrinkets.co.uk/wp-content/plugins/email-subscribers/lite/public/js/email-subscribers-public.js?ver=5.4.11
92.204.218.143200 OK 1.6 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/plugins/email-subscribers/lite/public/js/email-subscribers-public.js?ver=5.4.11
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
Hash 82b2b972a81f9d7cdd89741c78df3b46
1223f8418c2c74106c4d5c596282942a30df73e2
02d832c31eb011c5a047da065dfef21962c427fcff51bf13032e1322834de7db
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/email-subscribers/lite/public/js/email-subscribers-public.js?ver=5.4.11 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Wed, 07 Sep 2022 16:36:40 GMT
ETag: "24a0abd-11c7-5e818eae0360b-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=172800
Expires: Tue, 13 Sep 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1580
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
doubletrebletrinkets.co.uk/wp-content/plugins/accesspress-social-counter/css/fontawesome-all.css?ver=1.9.2
92.204.218.143200 OK 8.5 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/plugins/accesspress-social-counter/css/fontawesome-all.css?ver=1.9.2
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (317)
Hash 822997cf080d45e20a99bc1046e3e0dd
cdbfdddd5bd7acab8c848d13a8a96d5e149c11ef
0cc8db05b210210c3a2b5b4504bbb6ddbe856c08f8ad1a01c91becd4da4ae98d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/accesspress-social-counter/css/fontawesome-all.css?ver=1.9.2 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Fri, 12 Nov 2021 16:36:42 GMT
ETag: "24a1c85-b425-5d09a10650672-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 11 Oct 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8476
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
doubletrebletrinkets.co.uk/wp-includes/js/wp-embed.min.js?ver=5.8
92.204.218.143200 OK 765 B URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-includes/js/wp-embed.min.js?ver=5.8
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (1391)
Hash fe875afb236ee8f0d50040fe58d848d4
e6b1b67093b429c95d5b9db07a7eba39e02cf0e5
328a6a072b91134f2802ae25e070f38ff156ceee2c6ec6a6253ae4b27af73b49
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=5.8 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:38:16 GMT
ETag: "24a1081-592-5c9f134f943eb-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=172800
Expires: Tue, 13 Sep 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 765
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
doubletrebletrinkets.co.uk/wp-content/plugins/eu-cookie-law/js/scripts.js?ver=3.1.6
92.204.218.143200 OK 1.1 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/plugins/eu-cookie-law/js/scripts.js?ver=3.1.6
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash 420395723e567db414631e6bb72969c5
40fe1e0ad4261c8ea251f64a109141006825a8d9
2ae9568e5cfc9ed6a5d9c18d7bfee76fd48a5374db3fe6d6016c85615da00bb8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/eu-cookie-law/js/scripts.js?ver=3.1.6 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:41:26 GMT
ETag: "2940057-b90-5c9f1404fbb5e-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=172800
Expires: Tue, 13 Sep 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1055
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
doubletrebletrinkets.co.uk/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1658853392
92.204.218.143200 OK 2.7 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1658853392
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
Hash a7f9b6bd30d9215918f69779fe3c0ef4
91e793e4814dbc1576a4f8fcf61158da750b98e3
2c4cc3109b525553b36c959e95c21560890bf2428da6ed32fb6687c833a735f2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1658853392 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Tue, 26 Jul 2022 16:36:32 GMT
ETag: "24a0d11-23ce-5e4b7e7322506-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=172800
Expires: Tue, 13 Sep 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2653
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
doubletrebletrinkets.co.uk/wp-includes/js/wp-emoji-release.min.js?ver=5.8
92.204.218.143200 OK 4.9 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-includes/js/wp-emoji-release.min.js?ver=5.8
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (15224)
Hash 3179794486ec4ca8f59329ccd67ae3e1
4b9c6e22ee7966479ef9844259f39f19d584f4a4
6e616b83910943042f683d5d21691f7e15aca8e2d8d154ff8f35bf09c612297a
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8 HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:38:15 GMT
ETag: "24a1084-4705-5c9f134edc287-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=172800
Expires: Tue, 13 Sep 2022 14:08:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4930
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
doubletrebletrinkets.co.uk/wp-content/uploads/2016/05/cropped-logosmaple1.jpg
92.204.218.143200 OK 48 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/uploads/2016/05/cropped-logosmaple1.jpg
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 940x278, components 3\012- data
Hash 968c331a114347ab8a408fa0b01af442
94db8f51ff9108863cc981d0a3ee2b4af70e4388
070471ac44e3ec6ce7c7210bbf6c945262dcac1a5e8eb702a0468f5974b05990
GET /wp-content/uploads/2016/05/cropped-logosmaple1.jpg HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:19:01 GMT
ETag: "2740e26-b9b3-5c9f0f024cd65"
Accept-Ranges: bytes
Content-Length: 47539
Cache-Control: max-age=31536000
Expires: Mon, 11 Sep 2023 14:08:06 GMT
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
doubletrebletrinkets.co.uk/wp-content/themes/twentyten/images/wordpress.png
92.204.218.143200 OK 794 B URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/themes/twentyten/images/wordpress.png
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash f51375d00e7d0a70c801c6256d432d3b
313aff1fffa73433673203db25ff4154d07511e2
61d00189e16b4ae467e9f3283ccf459d666950277c866c82f337534951b50f51
GET /wp-content/themes/twentyten/images/wordpress.png HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/wp-content/themes/twentyten/style.css?ver=20190507
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:57:17 GMT
ETag: "29a0fd3-31a-5c9f178f67779"
Accept-Ranges: bytes
Content-Length: 794
Cache-Control: max-age=31536000
Expires: Mon, 11 Sep 2023 14:08:06 GMT
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
doubletrebletrinkets.co.uk/wp-content/uploads/2017/09/IMG_0562-225x300.jpg
92.204.218.143200 OK 6.0 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/uploads/2017/09/IMG_0562-225x300.jpg
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 225x300, components 3\012- data
Hash 8d136ac6144c4fd8b1ea5878363fb77c
15e3659ce51eabe388816067cda99306feecd952
a7285ea85ba4d64c7617c723e34a4ac26e36483382f3e24a5c29d44c05202b53
GET /wp-content/uploads/2017/09/IMG_0562-225x300.jpg HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:21:12 GMT
ETag: "2741013-176a-5c9f0f7f4003c"
Accept-Ranges: bytes
Content-Length: 5994
Cache-Control: max-age=31536000
Expires: Mon, 11 Sep 2023 14:08:06 GMT
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
doubletrebletrinkets.co.uk/wp-content/uploads/2017/11/IMG_2745-225x300.jpg
92.204.218.143200 OK 10 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/uploads/2017/11/IMG_2745-225x300.jpg
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 225x300, components 3\012- data
Hash 025871be6e1455ca5998013f648b7c59
377eb2f2faba5136564ca47ccd78df8a902a96cb
ca010214677a189072df7c6dd644f2ee488df1f97fc04d7eb58a85bd8f370499
GET /wp-content/uploads/2017/11/IMG_2745-225x300.jpg HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:21:29 GMT
ETag: "2741043-2700-5c9f0f8eb526a"
Accept-Ranges: bytes
Content-Length: 9984
Cache-Control: max-age=31536000
Expires: Mon, 11 Sep 2023 14:08:06 GMT
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
doubletrebletrinkets.co.uk/wp-content/uploads/2017/10/IMG_1588-300x300.jpg
92.204.218.143200 OK 26 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/uploads/2017/10/IMG_1588-300x300.jpg
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 8289c8bbda608f6ffe3ee46da00be76a
ff2c19f6d499e0030c302226dc656a1b89939818
c21239edd18d1d6778856498fa2c9f33a22c3bf2f07caef4c03c1acc2524d7d8
GET /wp-content/uploads/2017/10/IMG_1588-300x300.jpg HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:21:23 GMT
ETag: "2741031-676f-5c9f0f89390f9"
Accept-Ranges: bytes
Content-Length: 26479
Cache-Control: max-age=31536000
Expires: Mon, 11 Sep 2023 14:08:06 GMT
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
doubletrebletrinkets.co.uk/wp-content/uploads/2017/07/image3-225x300.jpg
92.204.218.143200 OK 8.8 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/uploads/2017/07/image3-225x300.jpg
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 225x300, components 3\012- data
Hash 4ee609483f24b8bd906a0a75487a8051
65bd63ff9a4377329a80f9a1d789f511263119bf
e7519a1f1e085ec24a34a2ae8f686d01f652191d4e4799acbc3e9a629d3dc451
GET /wp-content/uploads/2017/07/image3-225x300.jpg HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:21:06 GMT
ETag: "2740ffb-224f-5c9f0f796e792"
Accept-Ranges: bytes
Content-Length: 8783
Cache-Control: max-age=31536000
Expires: Mon, 11 Sep 2023 14:08:06 GMT
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
doubletrebletrinkets.co.uk/wp-content/uploads/2017/09/IMG_0523-300x300.jpg
92.204.218.143200 OK 23 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/uploads/2017/09/IMG_0523-300x300.jpg
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 2188622881f825aabfb7f1f37b5b914c
3676807ab93b20688ca9a58fd05fc4029287800a
f14484fff603bcca895c3c8b4609c036897decbead6ddffe107f5854c23b3ca6
GET /wp-content/uploads/2017/09/IMG_0523-300x300.jpg HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:21:11 GMT
ETag: "274100e-5a44-5c9f0f7e536fa"
Accept-Ranges: bytes
Content-Length: 23108
Cache-Control: max-age=31536000
Expires: Mon, 11 Sep 2023 14:08:06 GMT
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
doubletrebletrinkets.co.uk/wp-content/uploads/2017/06/IMG_7293-275x300.jpg
92.204.218.143200 OK 16 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/uploads/2017/06/IMG_7293-275x300.jpg
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 275x300, components 3\012- data
Hash 20df6c1cc71697ae8ad366bf703ca8a5
382f142e34f02611b8960ffd08c2faa8687184be
58d2f69c9e01bd818a7bb5fa092dd2b3e3b92f4f7e019495c490469c012b76b2
GET /wp-content/uploads/2017/06/IMG_7293-275x300.jpg HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:07 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:21:02 GMT
ETag: "2740fea-3dcf-5c9f0f753fa4d"
Accept-Ranges: bytes
Content-Length: 15823
Cache-Control: max-age=31536000
Expires: Mon, 11 Sep 2023 14:08:07 GMT
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
doubletrebletrinkets.co.uk/wp-content/uploads/2017/05/IMG_6394-300x300.jpg
92.204.218.143200 OK 19 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/uploads/2017/05/IMG_6394-300x300.jpg
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash ddaf0546468aaf5f9762b345ef95b6dc
48f36dc96ba111995b0d6c7f02f7dc5859992068
eeb13f9f2258e62dad9c53975096313e808140c22c077a3a5d9fe9e4301b9720
GET /wp-content/uploads/2017/05/IMG_6394-300x300.jpg HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:07 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:21:00 GMT
ETag: "2740fe4-4bb2-5c9f0f7345486"
Accept-Ranges: bytes
Content-Length: 19378
Cache-Control: max-age=31536000
Expires: Mon, 11 Sep 2023 14:08:07 GMT
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
doubletrebletrinkets.co.uk/wp-admin/admin-ajax.php
92.204.218.143200 OK 0 B URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-admin/admin-ajax.php
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 259
Origin: http://doubletrebletrinkets.co.uk
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
Access-Control-Allow-Origin: http://doubletrebletrinkets.co.uk
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 11 Sep 2022 13:56:07 GMT
Cache-Control: max-age=3600
Expires: Sun, 11 Sep 2022 14:22:01 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NnV912Fqp9haDl4DcquM1GjUo8ZhQH1fhD-pJvJNss-fYq7jT0ylZQ==
Age: 720
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20006
Date: Sun, 11 Sep 2022 12:20:38 GMT
Expires: Sun, 11 Sep 2022 14:20:38 GMT
Cache-Control: public, max-age=7200
Age: 6449
Last-Modified: Wed, 13 Apr 2022 21:02:38 GMT
Content-Type: text/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 26e829ba5f754918e20cbd316dc4348e
ba198501da0812dd11ca3b38a51325b5de6cfa60
4352c25d4af7637a8435b0df6d042fc606d37a348e966b99fecce8a853b8ebc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3679
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:07 GMT
Last-Modified: Sun, 11 Sep 2022 13:06:48 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
doubletrebletrinkets.co.uk/wp-content/uploads/2018/06/355EC581-1452-44B7-BF77-45BC99A611EF-225x300.jpeg
92.204.218.143404 Not Found 73 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/uploads/2018/06/355EC581-1452-44B7-BF77-45BC99A611EF-225x300.jpeg
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
Hash d291451dff398aa1c002b5502f66acfc
0c551f154e3c46506dbcce4d9c3def174c147c55
40af2dac77d9f0a52aa33e5fcf34bf2f54c0df8295c92ff302f36e643cd19ee2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2018/06/355EC581-1452-44B7-BF77-45BC99A611EF-225x300.jpeg HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 404 Not Found
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://doubletrebletrinkets.co.uk/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
doubletrebletrinkets.co.uk/favicon.ico
92.204.218.143302 Found 0 B URL HTTP/1.1 doubletrebletrinkets.co.uk/favicon.ico
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 302 Found
Date: Sun, 11 Sep 2022 14:08:07 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
Link: <http://doubletrebletrinkets.co.uk/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: http://doubletrebletrinkets.co.uk/wp-includes/images/w-logo-blue-white-bg.png
Cache-Control: max-age=172800
Expires: Tue, 13 Sep 2022 14:08:07 GMT
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 57b75ea93de540716c45f1397781431a
431cc2c684385c4e46facd7210b5ac49b9dd09cc
4581d7dd422dc110fa7cfe667297cdb75d92a02ce7226db6db89448befa5b780
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1418158318&t=pageview&_s=1&dl=http%3A%2F%2Fdoubletrebletrinkets.co.uk%2F&ul=en-us&de=UTF-8&dt=DoubleTrebleTrinkets%20%7C%20-stitching%20surprises-&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAAC~&jid=1611412661&gjid=329044973&cid=1377869600.1662905276&tid=UA-78128465-1&_gid=534635300.1662905276&_r=1&_slc=1&z=2133271414
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1418158318&t=pageview&_s=1&dl=http%3A%2F%2Fdoubletrebletrinkets.co.uk%2F&ul=en-us&de=UTF-8&dt=DoubleTrebleTrinkets%20%7C%20-stitching%20surprises-&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAAC~&jid=1611412661&gjid=329044973&cid=1377869600.1662905276&tid=UA-78128465-1&_gid=534635300.1662905276&_r=1&_slc=1&z=2133271414
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j96&aip=1&a=1418158318&t=pageview&_s=1&dl=http%3A%2F%2Fdoubletrebletrinkets.co.uk%2F&ul=en-us&de=UTF-8&dt=DoubleTrebleTrinkets%20%7C%20-stitching%20surprises-&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAAC~&jid=1611412661&gjid=329044973&cid=1377869600.1662905276&tid=UA-78128465-1&_gid=534635300.1662905276&_r=1&_slc=1&z=2133271414 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://doubletrebletrinkets.co.uk
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://doubletrebletrinkets.co.uk
date: Sun, 11 Sep 2022 14:08:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doubletrebletrinkets.co.uk/wp-includes/images/w-logo-blue-white-bg.png
92.204.218.143200 OK 4.1 kB URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-includes/images/w-logo-blue-white-bg.png
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://doubletrebletrinkets.co.uk/
Connection: keep-alive
Cookie: _ga=GA1.3.1377869600.1662905276; _gid=GA1.3.534635300.1662905276; _gat=1
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:08:07 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2021 22:38:18 GMT
ETag: "24a10f1-1017-5c9f135134458"
Accept-Ranges: bytes
Content-Length: 4119
Cache-Control: max-age=31536000
Expires: Mon, 11 Sep 2023 14:08:07 GMT
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 55d14c90ec16748861894ce8f82eafcd
f3ebe8972971c1201c1ec7c533f019f79c36cde5
fa0dc0f0a76f3407dad8dae59a4817ef6b1371fcaa930448373d64720a036698
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 57b75ea93de540716c45f1397781431a
431cc2c684385c4e46facd7210b5ac49b9dd09cc
4581d7dd422dc110fa7cfe667297cdb75d92a02ce7226db6db89448befa5b780
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 55d14c90ec16748861894ce8f82eafcd
f3ebe8972971c1201c1ec7c533f019f79c36cde5
fa0dc0f0a76f3407dad8dae59a4817ef6b1371fcaa930448373d64720a036698
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
142.250.74.98200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 09a8bd805dba1307ae0bd76a0c9ca73d
bdc16e7610abae944da47ff3a0e5fea818241fb0
e3978f36e9c5f0b909ed64015db629e2c64b46e75d165c6d1d146fcb792cdbde
GET /pagead/html/r20220907/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4412
x-xss-protection: 0
date: Sat, 10 Sep 2022 20:32:48 GMT
expires: Sat, 24 Sep 2022 20:32:48 GMT
cache-control: public, max-age=1209600
age: 63319
etag: 8616628553774171045
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9635901971591439&plah=doubletrebletrinkets.co.uk&bust=31069437
216.58.207.226200 OK 124 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9635901971591439&plah=doubletrebletrinkets.co.uk&bust=31069437
IP 216.58.207.226:0
File type ASCII text, with very long lines (4492)
Size 124 kB (124239 bytes)
Hash dcf015ecc6584c81309a97d0149a92da
5ecbeb1cd6979cefb2665d338fcca955d552458b
9004e14e522de2586322d81ebabbc93f7571c8d847280013f4781682e5e5d2c2
GET /pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9635901971591439&plah=doubletrebletrinkets.co.uk&bust=31069437 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 11 Sep 2022 14:08:07 GMT
expires: Sun, 11 Sep 2022 14:08:07 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 5827527036260371241
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 124239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 55d14c90ec16748861894ce8f82eafcd
f3ebe8972971c1201c1ec7c533f019f79c36cde5
fa0dc0f0a76f3407dad8dae59a4817ef6b1371fcaa930448373d64720a036698
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 55d14c90ec16748861894ce8f82eafcd
f3ebe8972971c1201c1ec7c533f019f79c36cde5
fa0dc0f0a76f3407dad8dae59a4817ef6b1371fcaa930448373d64720a036698
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.216.192.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.192.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q6COSFZr8EnDxZJJXGXW7A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3d/IbBHCfe4EgUoOrGJLUMKjvOU=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 25e12d7b35a1a6efb4bc97945209072e
72b67424bbd3042de531de92a57bfd97036e9526
3836fa49727f6b0cff300e4aaa480a76848ceda64f98d1a6e4e4986284fcd1ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d278a4d2d9653a14270b74094bcab8cf
ba4b9fc06cae469867bd831d8017b147a1f53d30
a482809494678e6648a72cefe816c4eb0822d010b5453c3e5084eb529c4d886d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=doubletrebletrinkets.co.uk
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=doubletrebletrinkets.co.uk
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=doubletrebletrinkets.co.uk HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 11 Sep 2022 14:08:07 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d278a4d2d9653a14270b74094bcab8cf
ba4b9fc06cae469867bd831d8017b147a1f53d30
a482809494678e6648a72cefe816c4eb0822d010b5453c3e5084eb529c4d886d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=doubletrebletrinkets.co.uk
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=doubletrebletrinkets.co.uk
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=doubletrebletrinkets.co.uk HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 11 Sep 2022 14:08:07 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 25e12d7b35a1a6efb4bc97945209072e
72b67424bbd3042de531de92a57bfd97036e9526
3836fa49727f6b0cff300e4aaa480a76848ceda64f98d1a6e4e4986284fcd1ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9453c8a7d5ed756714b1216e4e2d9993
a957832f103b2daf61597f508f5c1d4035f71d37
11b2b84b427b9b4edb9f12d6fb2b48c5d8e3d904652e9eb01bf12b074ac4c452
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9453c8a7d5ed756714b1216e4e2d9993
a957832f103b2daf61597f508f5c1d4035f71d37
11b2b84b427b9b4edb9f12d6fb2b48c5d8e3d904652e9eb01bf12b074ac4c452
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (2184)
Hash 8fc1754beb27cdbcdf59d08c7fd0da07
485b36af1848b751ad094159766683b1f2cca286
b5d49fee775dbfd484dd3932044616a903a115033a0e5401c75da40775dd3789
GET /pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 7592
x-xss-protection: 0
date: Sun, 11 Sep 2022 13:41:54 GMT
expires: Sun, 25 Sep 2022 13:41:54 GMT
cache-control: public, max-age=1209600
etag: 7248493764890666469
content-type: text/javascript; charset=UTF-8
age: 1574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
142.250.74.33200 OK 9.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1621)
Hash 3c5efa479f799e66f1aec6babceef38f
156215ad7299ac993c75f6f096ee0a871a2791c4
edd903d099e731de60a28ebf0e311da7b02ee4d4435d2a905a2e5e2d336296dc
GET /pagead/js/r20220907/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 9632
x-xss-protection: 0
date: Sun, 11 Sep 2022 13:16:09 GMT
expires: Sun, 25 Sep 2022 13:16:09 GMT
cache-control: public, max-age=1209600
etag: 15013890920676311251
content-type: text/javascript; charset=UTF-8
age: 3119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.66200 OK 45 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.66:0
File type ASCII text, with very long lines (3498)
Hash 60c04c5917deba3fc2fb2039e25ab536
7c2ec9926e7bd594d40dde19e1422eade4737a7f
4860de2971d6a44b1788448ecba341ae352fb7a9f9f9964fb5c49424e6251729
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 44740
date: Sun, 11 Sep 2022 14:08:08 GMT
expires: Sun, 11 Sep 2022 14:08:08 GMT
cache-control: private, max-age=3000
etag: "1662550240112033"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da7b1c24eee0db0c23872933557b7521
b8bc1215b4073784c048587e51a40152bd88c8ed
6ba38b5c68971135ed3f1fbe7afa658ce883240142a4244ce7d84fa251a64c3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/drt/ui
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/pagead/drt/ui
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/drt/ui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 11 Sep 2022 14:08:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/measurement/l?ebcid=ALh7CaQf6xVRdAUMKbJkmLny1BP3DNelmGB_R4KdUcC_kc9DQ5PDLmx3BRGXeexpKmaev0CTYedBhScghNqkKzHV59IuBCHoJw
142.250.74.164204 No Content 0 B URL HTTP/2 www.google.com/ads/measurement/l?ebcid=ALh7CaQf6xVRdAUMKbJkmLny1BP3DNelmGB_R4KdUcC_kc9DQ5PDLmx3BRGXeexpKmaev0CTYedBhScghNqkKzHV59IuBCHoJw
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaQf6xVRdAUMKbJkmLny1BP3DNelmGB_R4KdUcC_kc9DQ5PDLmx3BRGXeexpKmaev0CTYedBhScghNqkKzHV59IuBCHoJw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 11 Sep 2022 14:08:08 GMT
server: jumble_frontend_server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mysidia/8e474446b56ed6ef0feeec2d987f1a60.js?tag=mysidia_one_click_handler_one_afma_2019
142.250.74.163200 OK 14 kB URL HTTP/2 www.gstatic.com/mysidia/8e474446b56ed6ef0feeec2d987f1a60.js?tag=mysidia_one_click_handler_one_afma_2019
IP 142.250.74.163:0
File type C++ source, ASCII text, with very long lines (2915)
Hash 65081d26ce5619c42f6377390fc30a6e
89aef02330fec069247a1d0ed7e7a4eacf3035bf
f52acdb084f4f9d563ae9b0ddaf72b484dfcb868eb980d81a6010d719bc40a67
GET /mysidia/8e474446b56ed6ef0feeec2d987f1a60.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 13628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 02:23:26 GMT
expires: Wed, 07 Dec 2022 02:23:26 GMT
cache-control: public, max-age=7776000
age: 301482
last-modified: Thu, 01 Sep 2022 00:50:12 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
142.250.74.163200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 20:35:24 GMT
expires: Thu, 07 Sep 2023 20:35:24 GMT
cache-control: public, max-age=31536000
age: 322364
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dbe3a0cdacad2b3866fd4934190bd431
969e13ad553587f1577d23125c6119e773a16c59
91dd0e187bc2576c0830567d1ceeadd3a106afe08622ccd6498fe0bdd32f4d4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstRVsSBpf743FaUJqubmpP9Z8b6UsBCsCjMSWLKhP-SGIaOamT4BJX5THSEzPZgh1spyOiOXEaSCLbjqoTd0lyIovou6a_ohbcSwrEOEWH1FrDNUQTT1Pzzis1Quthc5Z0tpzAT_2FIqaWTmW3cRhO_qKf32HzBnbatNzUiYmuYz8vuL9tfVjGHIzhgFI8_NDchjhfYJJIRxfhdxV1M7oOaFndQPZbRtxTFPktj3fXRFq1ZUnRUq3rmKv7BusZcjAB_swVwGbhV3L338DjTGjM7gT3ro3kOFi87AjxggwvzGhkc0oa_coh4xhLmi81RnM1tRlaFQ9GciyHMDGSrWqD-qL7EQN0o4XbjvqTNB0HIjKvgBQsGC9aZbrtUnB4P46SjwBIlMXKDZeIfDHXl9uQJ-3v3TDODmpXWOZXUWyut2rqqdEXVxhRCMy10wVdlrxVdAnnhmhFNIMtwK4N7TNmHNSs6s3OJrWJgZ1y1DVeAO7ap7El6NMt9lMrkpnaymXZ1Zpf3C7HaGGV4M83fY1DAN59QAQ6N99GlbsH_CYokjsy6lUHrL5N-kFBLFK23itpL5pz7_wX4NbqQVblouTolPUoQsd0rIuICchHxXNIAH81ApRH6Nrs7FJpGbWyqRGLeiFcqhtyEPUGMhC-XVC2cwEBzmECVYnYfrVpxG2v7iT6q_5RWyDof27g3A6KfwkxROZDuDcQCUgabSVVR4bvnLzXVvCerJPElMoLMQQLY5nZRl-XeFBVuWfGgTHDVTz0f_NN-HcrKaE9Zr2UE3EjRy5ySNpd_EjEnynA6M_NrWDpeaxsDSddYafWHVEZo2OG9T2CsxzjqySTR-i0MOsOpNsCumVoIjvJVzh3iSjByZIIc0yscn8B2hcI2mmKiw8rVQ7lWB6iQ6csGB0pyEY0Rhtmg599hbMGYJCq52dLdgpptwfo8zrNnoHc29M6rqFl1RBlsSR6o4oYtD1-aBBO7oeVLJeDHSbWPNnb9BSPQbSSkOKejeu3cU9uSIt8Jvcxxm24hoAy1hHAiY4cshnbKavGc0GsTQ3RTo3MRvx4CsTV5Di0u3InmQKdw7JMz26SFOX4deSP4NuYP1BVTpMzuY2_Gljep9tb-ZBK5uEG67FfUWeFufxMllmrU9bCYVrB3YdDqCfvSy3tawImT9wGnUsUPY9p3qOG2pkrLIUBu8gwM9yWIxF1CPs-pVLCiitague53ktIt-7odJtiyYgo9PNkgI5hyXIFaAN96s8zE8Q&sai=AMfl-YSejOfWF6EMxkhkj6cje5D-6ibi3UEbl2ylJxxv0TycLQDzri0XLI5FiFF7hNaptQy0mHEmnfok2UZJsnNSb82mRJ64aHcxw4ioDez4sKOaH2HDfx_gkPwIzC_oeP9YrEcwlAF7gQYtQdNGTJ3YhhHfGU61LLRnIFzMBZYndB2SKz1rB3ngmJuAeFnj7Bw5tPCq7pPpX0zDlHzsjfcB4nlLte8cMYuCPA&sig=Cg0ArKJSzDh4s7EQk8OsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220907.79053&adurl=
142.250.74.34200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstRVsSBpf743FaUJqubmpP9Z8b6UsBCsCjMSWLKhP-SGIaOamT4BJX5THSEzPZgh1spyOiOXEaSCLbjqoTd0lyIovou6a_ohbcSwrEOEWH1FrDNUQTT1Pzzis1Quthc5Z0tpzAT_2FIqaWTmW3cRhO_qKf32HzBnbatNzUiYmuYz8vuL9tfVjGHIzhgFI8_NDchjhfYJJIRxfhdxV1M7oOaFndQPZbRtxTFPktj3fXRFq1ZUnRUq3rmKv7BusZcjAB_swVwGbhV3L338DjTGjM7gT3ro3kOFi87AjxggwvzGhkc0oa_coh4xhLmi81RnM1tRlaFQ9GciyHMDGSrWqD-qL7EQN0o4XbjvqTNB0HIjKvgBQsGC9aZbrtUnB4P46SjwBIlMXKDZeIfDHXl9uQJ-3v3TDODmpXWOZXUWyut2rqqdEXVxhRCMy10wVdlrxVdAnnhmhFNIMtwK4N7TNmHNSs6s3OJrWJgZ1y1DVeAO7ap7El6NMt9lMrkpnaymXZ1Zpf3C7HaGGV4M83fY1DAN59QAQ6N99GlbsH_CYokjsy6lUHrL5N-kFBLFK23itpL5pz7_wX4NbqQVblouTolPUoQsd0rIuICchHxXNIAH81ApRH6Nrs7FJpGbWyqRGLeiFcqhtyEPUGMhC-XVC2cwEBzmECVYnYfrVpxG2v7iT6q_5RWyDof27g3A6KfwkxROZDuDcQCUgabSVVR4bvnLzXVvCerJPElMoLMQQLY5nZRl-XeFBVuWfGgTHDVTz0f_NN-HcrKaE9Zr2UE3EjRy5ySNpd_EjEnynA6M_NrWDpeaxsDSddYafWHVEZo2OG9T2CsxzjqySTR-i0MOsOpNsCumVoIjvJVzh3iSjByZIIc0yscn8B2hcI2mmKiw8rVQ7lWB6iQ6csGB0pyEY0Rhtmg599hbMGYJCq52dLdgpptwfo8zrNnoHc29M6rqFl1RBlsSR6o4oYtD1-aBBO7oeVLJeDHSbWPNnb9BSPQbSSkOKejeu3cU9uSIt8Jvcxxm24hoAy1hHAiY4cshnbKavGc0GsTQ3RTo3MRvx4CsTV5Di0u3InmQKdw7JMz26SFOX4deSP4NuYP1BVTpMzuY2_Gljep9tb-ZBK5uEG67FfUWeFufxMllmrU9bCYVrB3YdDqCfvSy3tawImT9wGnUsUPY9p3qOG2pkrLIUBu8gwM9yWIxF1CPs-pVLCiitague53ktIt-7odJtiyYgo9PNkgI5hyXIFaAN96s8zE8Q&sai=AMfl-YSejOfWF6EMxkhkj6cje5D-6ibi3UEbl2ylJxxv0TycLQDzri0XLI5FiFF7hNaptQy0mHEmnfok2UZJsnNSb82mRJ64aHcxw4ioDez4sKOaH2HDfx_gkPwIzC_oeP9YrEcwlAF7gQYtQdNGTJ3YhhHfGU61LLRnIFzMBZYndB2SKz1rB3ngmJuAeFnj7Bw5tPCq7pPpX0zDlHzsjfcB4nlLte8cMYuCPA&sig=Cg0ArKJSzDh4s7EQk8OsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220907.79053&adurl=
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjstRVsSBpf743FaUJqubmpP9Z8b6UsBCsCjMSWLKhP-SGIaOamT4BJX5THSEzPZgh1spyOiOXEaSCLbjqoTd0lyIovou6a_ohbcSwrEOEWH1FrDNUQTT1Pzzis1Quthc5Z0tpzAT_2FIqaWTmW3cRhO_qKf32HzBnbatNzUiYmuYz8vuL9tfVjGHIzhgFI8_NDchjhfYJJIRxfhdxV1M7oOaFndQPZbRtxTFPktj3fXRFq1ZUnRUq3rmKv7BusZcjAB_swVwGbhV3L338DjTGjM7gT3ro3kOFi87AjxggwvzGhkc0oa_coh4xhLmi81RnM1tRlaFQ9GciyHMDGSrWqD-qL7EQN0o4XbjvqTNB0HIjKvgBQsGC9aZbrtUnB4P46SjwBIlMXKDZeIfDHXl9uQJ-3v3TDODmpXWOZXUWyut2rqqdEXVxhRCMy10wVdlrxVdAnnhmhFNIMtwK4N7TNmHNSs6s3OJrWJgZ1y1DVeAO7ap7El6NMt9lMrkpnaymXZ1Zpf3C7HaGGV4M83fY1DAN59QAQ6N99GlbsH_CYokjsy6lUHrL5N-kFBLFK23itpL5pz7_wX4NbqQVblouTolPUoQsd0rIuICchHxXNIAH81ApRH6Nrs7FJpGbWyqRGLeiFcqhtyEPUGMhC-XVC2cwEBzmECVYnYfrVpxG2v7iT6q_5RWyDof27g3A6KfwkxROZDuDcQCUgabSVVR4bvnLzXVvCerJPElMoLMQQLY5nZRl-XeFBVuWfGgTHDVTz0f_NN-HcrKaE9Zr2UE3EjRy5ySNpd_EjEnynA6M_NrWDpeaxsDSddYafWHVEZo2OG9T2CsxzjqySTR-i0MOsOpNsCumVoIjvJVzh3iSjByZIIc0yscn8B2hcI2mmKiw8rVQ7lWB6iQ6csGB0pyEY0Rhtmg599hbMGYJCq52dLdgpptwfo8zrNnoHc29M6rqFl1RBlsSR6o4oYtD1-aBBO7oeVLJeDHSbWPNnb9BSPQbSSkOKejeu3cU9uSIt8Jvcxxm24hoAy1hHAiY4cshnbKavGc0GsTQ3RTo3MRvx4CsTV5Di0u3InmQKdw7JMz26SFOX4deSP4NuYP1BVTpMzuY2_Gljep9tb-ZBK5uEG67FfUWeFufxMllmrU9bCYVrB3YdDqCfvSy3tawImT9wGnUsUPY9p3qOG2pkrLIUBu8gwM9yWIxF1CPs-pVLCiitague53ktIt-7odJtiyYgo9PNkgI5hyXIFaAN96s8zE8Q&sai=AMfl-YSejOfWF6EMxkhkj6cje5D-6ibi3UEbl2ylJxxv0TycLQDzri0XLI5FiFF7hNaptQy0mHEmnfok2UZJsnNSb82mRJ64aHcxw4ioDez4sKOaH2HDfx_gkPwIzC_oeP9YrEcwlAF7gQYtQdNGTJ3YhhHfGU61LLRnIFzMBZYndB2SKz1rB3ngmJuAeFnj7Bw5tPCq7pPpX0zDlHzsjfcB4nlLte8cMYuCPA&sig=Cg0ArKJSzDh4s7EQk8OsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220907.79053&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Sun, 11 Sep 2022 14:08:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 11-Sep-2022 14:23:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 11 Sep 2022 14:08:08 GMT
X-Firefox-Spdy: h2
s0.2mdn.net/simgad/9828062891003159680
216.58.211.6200 OK 22 kB URL HTTP/2 s0.2mdn.net/simgad/9828062891003159680
IP 216.58.211.6:0
File type PNG image data, 160 x 600, 8-bit/color RGBA, non-interlaced\012- data
Hash 1793c9ce885f6fec70fc1ea5bad9a586
2e0655429212041602754108b1db2d463dcbd828
50b53a5cfec98fb53d13e4a1d4e530cdf463ae491d1de939b42cd830415e1e83
GET /simgad/9828062891003159680 HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 22351
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 10:46:45 GMT
expires: Wed, 06 Sep 2023 10:46:45 GMT
cache-control: public, max-age=31536000
age: 444083
last-modified: Sun, 21 Aug 2022 09:37:05 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstRVsSBpf743FaUJqubmpP9Z8b6UsBCsCjMSWLKhP-SGIaOamT4BJX5THSEzPZgh1spyOiOXEaSCLbjqoTd0lyIovou6a_ohbcSwrEOEWH1FrDNUQTT1Pzzis1Quthc5Z0tpzAT_2FIqaWTmW3cRhO_qKf32HzBnbatNzUiYmuYz8vuL9tfVjGHIzhgFI8_NDchjhfYJJIRxfhdxV1M7oOaFndQPZbRtxTFPktj3fXRFq1ZUnRUq3rmKv7BusZcjAB_swVwGbhV3L338DjTGjM7gT3ro3kOFi87AjxggwvzGhkc0oa_coh4xhLmi81RnM1tRlaFQ9GciyHMDGSrWqD-qL7EQN0o4XbjvqTNB0HIjKvgBQsGC9aZbrtUnB4P46SjwBIlMXKDZeIfDHXl9uQJ-3v3TDODmpXWOZXUWyut2rqqdEXVxhRCMy10wVdlrxVdAnnhmhFNIMtwK4N7TNmHNSs6s3OJrWJgZ1y1DVeAO7ap7El6NMt9lMrkpnaymXZ1Zpf3C7HaGGV4M83fY1DAN59QAQ6N99GlbsH_CYokjsy6lUHrL5N-kFBLFK23itpL5pz7_wX4NbqQVblouTolPUoQsd0rIuICchHxXNIAH81ApRH6Nrs7FJpGbWyqRGLeiFcqhtyEPUGMhC-XVC2cwEBzmECVYnYfrVpxG2v7iT6q_5RWyDof27g3A6KfwkxROZDuDcQCUgabSVVR4bvnLzXVvCerJPElMoLMQQLY5nZRl-XeFBVuWfGgTHDVTz0f_NN-HcrKaE9Zr2UE3EjRy5ySNpd_EjEnynA6M_NrWDpeaxsDSddYafWHVEZo2OG9T2CsxzjqySTR-i0MOsOpNsCumVoIjvJVzh3iSjByZIIc0yscn8B2hcI2mmKiw8rVQ7lWB6iQ6csGB0pyEY0Rhtmg599hbMGYJCq52dLdgpptwfo8zrNnoHc29M6rqFl1RBlsSR6o4oYtD1-aBBO7oeVLJeDHSbWPNnb9BSPQbSSkOKejeu3cU9uSIt8Jvcxxm24hoAy1hHAiY4cshnbKavGc0GsTQ3RTo3MRvx4CsTV5Di0u3InmQKdw7JMz26SFOX4deSP4NuYP1BVTpMzuY2_Gljep9tb-ZBK5uEG67FfUWeFufxMllmrU9bCYVrB3YdDqCfvSy3tawImT9wGnUsUPY9p3qOG2pkrLIUBu8gwM9yWIxF1CPs-pVLCiitague53ktIt-7odJtiyYgo9PNkgI5hyXIFaAN96s8zE8Q&sai=AMfl-YSejOfWF6EMxkhkj6cje5D-6ibi3UEbl2ylJxxv0TycLQDzri0XLI5FiFF7hNaptQy0mHEmnfok2UZJsnNSb82mRJ64aHcxw4ioDez4sKOaH2HDfx_gkPwIzC_oeP9YrEcwlAF7gQYtQdNGTJ3YhhHfGU61LLRnIFzMBZYndB2SKz1rB3ngmJuAeFnj7Bw5tPCq7pPpX0zDlHzsjfcB4nlLte8cMYuCPA&sig=Cg0ArKJSzDh4s7EQk8OsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=173&vt=11&dtpt=172&dett=2&cstd=0&cisv=r20220907.79053&adurl=
142.250.74.34200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstRVsSBpf743FaUJqubmpP9Z8b6UsBCsCjMSWLKhP-SGIaOamT4BJX5THSEzPZgh1spyOiOXEaSCLbjqoTd0lyIovou6a_ohbcSwrEOEWH1FrDNUQTT1Pzzis1Quthc5Z0tpzAT_2FIqaWTmW3cRhO_qKf32HzBnbatNzUiYmuYz8vuL9tfVjGHIzhgFI8_NDchjhfYJJIRxfhdxV1M7oOaFndQPZbRtxTFPktj3fXRFq1ZUnRUq3rmKv7BusZcjAB_swVwGbhV3L338DjTGjM7gT3ro3kOFi87AjxggwvzGhkc0oa_coh4xhLmi81RnM1tRlaFQ9GciyHMDGSrWqD-qL7EQN0o4XbjvqTNB0HIjKvgBQsGC9aZbrtUnB4P46SjwBIlMXKDZeIfDHXl9uQJ-3v3TDODmpXWOZXUWyut2rqqdEXVxhRCMy10wVdlrxVdAnnhmhFNIMtwK4N7TNmHNSs6s3OJrWJgZ1y1DVeAO7ap7El6NMt9lMrkpnaymXZ1Zpf3C7HaGGV4M83fY1DAN59QAQ6N99GlbsH_CYokjsy6lUHrL5N-kFBLFK23itpL5pz7_wX4NbqQVblouTolPUoQsd0rIuICchHxXNIAH81ApRH6Nrs7FJpGbWyqRGLeiFcqhtyEPUGMhC-XVC2cwEBzmECVYnYfrVpxG2v7iT6q_5RWyDof27g3A6KfwkxROZDuDcQCUgabSVVR4bvnLzXVvCerJPElMoLMQQLY5nZRl-XeFBVuWfGgTHDVTz0f_NN-HcrKaE9Zr2UE3EjRy5ySNpd_EjEnynA6M_NrWDpeaxsDSddYafWHVEZo2OG9T2CsxzjqySTR-i0MOsOpNsCumVoIjvJVzh3iSjByZIIc0yscn8B2hcI2mmKiw8rVQ7lWB6iQ6csGB0pyEY0Rhtmg599hbMGYJCq52dLdgpptwfo8zrNnoHc29M6rqFl1RBlsSR6o4oYtD1-aBBO7oeVLJeDHSbWPNnb9BSPQbSSkOKejeu3cU9uSIt8Jvcxxm24hoAy1hHAiY4cshnbKavGc0GsTQ3RTo3MRvx4CsTV5Di0u3InmQKdw7JMz26SFOX4deSP4NuYP1BVTpMzuY2_Gljep9tb-ZBK5uEG67FfUWeFufxMllmrU9bCYVrB3YdDqCfvSy3tawImT9wGnUsUPY9p3qOG2pkrLIUBu8gwM9yWIxF1CPs-pVLCiitague53ktIt-7odJtiyYgo9PNkgI5hyXIFaAN96s8zE8Q&sai=AMfl-YSejOfWF6EMxkhkj6cje5D-6ibi3UEbl2ylJxxv0TycLQDzri0XLI5FiFF7hNaptQy0mHEmnfok2UZJsnNSb82mRJ64aHcxw4ioDez4sKOaH2HDfx_gkPwIzC_oeP9YrEcwlAF7gQYtQdNGTJ3YhhHfGU61LLRnIFzMBZYndB2SKz1rB3ngmJuAeFnj7Bw5tPCq7pPpX0zDlHzsjfcB4nlLte8cMYuCPA&sig=Cg0ArKJSzDh4s7EQk8OsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=173&vt=11&dtpt=172&dett=2&cstd=0&cisv=r20220907.79053&adurl=
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjstRVsSBpf743FaUJqubmpP9Z8b6UsBCsCjMSWLKhP-SGIaOamT4BJX5THSEzPZgh1spyOiOXEaSCLbjqoTd0lyIovou6a_ohbcSwrEOEWH1FrDNUQTT1Pzzis1Quthc5Z0tpzAT_2FIqaWTmW3cRhO_qKf32HzBnbatNzUiYmuYz8vuL9tfVjGHIzhgFI8_NDchjhfYJJIRxfhdxV1M7oOaFndQPZbRtxTFPktj3fXRFq1ZUnRUq3rmKv7BusZcjAB_swVwGbhV3L338DjTGjM7gT3ro3kOFi87AjxggwvzGhkc0oa_coh4xhLmi81RnM1tRlaFQ9GciyHMDGSrWqD-qL7EQN0o4XbjvqTNB0HIjKvgBQsGC9aZbrtUnB4P46SjwBIlMXKDZeIfDHXl9uQJ-3v3TDODmpXWOZXUWyut2rqqdEXVxhRCMy10wVdlrxVdAnnhmhFNIMtwK4N7TNmHNSs6s3OJrWJgZ1y1DVeAO7ap7El6NMt9lMrkpnaymXZ1Zpf3C7HaGGV4M83fY1DAN59QAQ6N99GlbsH_CYokjsy6lUHrL5N-kFBLFK23itpL5pz7_wX4NbqQVblouTolPUoQsd0rIuICchHxXNIAH81ApRH6Nrs7FJpGbWyqRGLeiFcqhtyEPUGMhC-XVC2cwEBzmECVYnYfrVpxG2v7iT6q_5RWyDof27g3A6KfwkxROZDuDcQCUgabSVVR4bvnLzXVvCerJPElMoLMQQLY5nZRl-XeFBVuWfGgTHDVTz0f_NN-HcrKaE9Zr2UE3EjRy5ySNpd_EjEnynA6M_NrWDpeaxsDSddYafWHVEZo2OG9T2CsxzjqySTR-i0MOsOpNsCumVoIjvJVzh3iSjByZIIc0yscn8B2hcI2mmKiw8rVQ7lWB6iQ6csGB0pyEY0Rhtmg599hbMGYJCq52dLdgpptwfo8zrNnoHc29M6rqFl1RBlsSR6o4oYtD1-aBBO7oeVLJeDHSbWPNnb9BSPQbSSkOKejeu3cU9uSIt8Jvcxxm24hoAy1hHAiY4cshnbKavGc0GsTQ3RTo3MRvx4CsTV5Di0u3InmQKdw7JMz26SFOX4deSP4NuYP1BVTpMzuY2_Gljep9tb-ZBK5uEG67FfUWeFufxMllmrU9bCYVrB3YdDqCfvSy3tawImT9wGnUsUPY9p3qOG2pkrLIUBu8gwM9yWIxF1CPs-pVLCiitague53ktIt-7odJtiyYgo9PNkgI5hyXIFaAN96s8zE8Q&sai=AMfl-YSejOfWF6EMxkhkj6cje5D-6ibi3UEbl2ylJxxv0TycLQDzri0XLI5FiFF7hNaptQy0mHEmnfok2UZJsnNSb82mRJ64aHcxw4ioDez4sKOaH2HDfx_gkPwIzC_oeP9YrEcwlAF7gQYtQdNGTJ3YhhHfGU61LLRnIFzMBZYndB2SKz1rB3ngmJuAeFnj7Bw5tPCq7pPpX0zDlHzsjfcB4nlLte8cMYuCPA&sig=Cg0ArKJSzDh4s7EQk8OsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=173&vt=11&dtpt=172&dett=2&cstd=0&cisv=r20220907.79053&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Sun, 11 Sep 2022 14:08:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 11-Sep-2022 14:23:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 11 Sep 2022 14:08:08 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dbe3a0cdacad2b3866fd4934190bd431
969e13ad553587f1577d23125c6119e773a16c59
91dd0e187bc2576c0830567d1ceeadd3a106afe08622ccd6498fe0bdd32f4d4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14347
Expires: Sun, 11 Sep 2022 18:07:15 GMT
Date: Sun, 11 Sep 2022 14:08:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14347
Expires: Sun, 11 Sep 2022 18:07:15 GMT
Date: Sun, 11 Sep 2022 14:08:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14347
Expires: Sun, 11 Sep 2022 18:07:15 GMT
Date: Sun, 11 Sep 2022 14:08:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14347
Expires: Sun, 11 Sep 2022 18:07:15 GMT
Date: Sun, 11 Sep 2022 14:08:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14347
Expires: Sun, 11 Sep 2022 18:07:15 GMT
Date: Sun, 11 Sep 2022 14:08:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c65d6ae04a64d9d01439fb4fca3f017
5ce0bc5b075b97639453d67d4f3cea61289b7698
eb48687a5974542d11882f854a86ff083528957b0fbc61c797167d8f04e0ffa9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16983
x-amzn-requestid: ed588125-de1d-47ae-a5d5-81ab8c2a8105
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRTpmH69oAMFYAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d330a-46ea16040beedf3903d87ec3;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 00:59:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: iBwfZ5Vm2pbcO9zLGNtT2c0n6oZ9u-JjgIvbG47d4s6049ehYmXZ4w==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 04:26:46 GMT
age: 34882
etag: "5ce0bc5b075b97639453d67d4f3cea61289b7698"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eee5b4d617dab6f10d7053f5c4f4e98e
6c728c56797ba921e8001919df4d36e56dd37e54
76a53e2c81ec8da2bc469760b2c57098d587c6a36fa70e5b7c743a224a47d362
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8171
x-amzn-requestid: 39c8c044-5287-47bb-8731-5706c27a73e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0feFFtkIAMF9NA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311ac59-246e1b7e019965f74db95df0;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:10:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FVraudPaXgrkcCLGkaxntfC3h4XtbSfnRgzyp72Wgwb-WgWkDwjYPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 08:44:26 GMT
age: 19422
etag: "6c728c56797ba921e8001919df4d36e56dd37e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe41cdec0-ceff-4e9c-88a7-3a5565f1a459.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe41cdec0-ceff-4e9c-88a7-3a5565f1a459.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12666d69f9af3ceb23fdfc2100bd3226
c4d17e3ea44ef6dee9819c1586424e5f056f149c
054236a4d1f88a486f48b8f3a8ac01d21ec2179d5b1f3fc9791d0982d07a88a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe41cdec0-ceff-4e9c-88a7-3a5565f1a459.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5752
x-amzn-requestid: 622ffff0-1bd5-4eb4-a9ff-eb54c5ae44a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBrqiFiToAMF0tA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f310-49efdcc572b4fad3543f857d;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VKsU4S6tKOso216JLUWn7b1bKDyfruIVukt98JooNCjwaXDT9bkPYQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 19:50:13 GMT
age: 65875
etag: "c4d17e3ea44ef6dee9819c1586424e5f056f149c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:57:28 GMT
age: 58240
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c35b7f5f8e1b0b24570a41b7d18533a
c5b82c9d77851820b8d206573d5c03cd36d27a20
bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6109
x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2AhHZgIAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rnkjEbkwVPPR1stEuMkkuFcQ4WZMDjsuYKA46ZcxejvotwfCG6huhQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:43:03 GMT
age: 59105
etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57d797a1c3f6589746a1135bdb19f54f
7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97
ff8855ca951f53ed5f3886cc81a7f28384d41288edeca4fdc621250e4d01c6fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6889
x-amzn-requestid: c82ac543-90cd-4aeb-a65b-7e1bbbacc407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2UEE-3IAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d0419-427a29067c9c92ec0db6567f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BPWrjstB3xKeYzHK9eQoJL8ORgRFsqjmNxu0j10epBANBtZCRU-m2g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:43:06 GMT
age: 59102
etag: "7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
doubletrebletrinkets.co.uk/wp-content/uploads/2018/06/D172324B-7759-425F-BF47-71BA1611A8CB-275x300.jpeg
92.204.218.143404 Not Found 0 B URL HTTP/1.1 doubletrebletrinkets.co.uk/wp-content/uploads/2018/06/D172324B-7759-425F-BF47-71BA1611A8CB-275x300.jpeg
IP 92.204.218.143:0
ASN #21499 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2018/06/D172324B-7759-425F-BF47-71BA1611A8CB-275x300.jpeg HTTP/1.1
Host: doubletrebletrinkets.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://doubletrebletrinkets.co.uk/
HTTP/1.1 404 Not Found
Date: Sun, 11 Sep 2022 14:08:06 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://doubletrebletrinkets.co.uk/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
IP 142.250.74.10:0
GET /css?family=Google%20Sans%3A400%2C700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 14:08:08 GMT
date: Sun, 11 Sep 2022 14:08:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2