Report - www.interexchange.org/articles/safety/coronavirus/

Report Overview

Submitted URL
www.interexchange.org/articles/safety/coronavirus/
IP
34.159.132.250
ASN
#396982 GOOGLE-CLOUD-PLATFORM
Submitted
2023-01-04 06:47:03
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.5 kB	142.250.74.67
clients1.google.com	415	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	316 B	142.250.74.110
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	46 kB	142.250.74.110
www.linkedin.com	608	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	639 B	2.6 kB	13.107.42.14
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	58 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	462 B	746 B	142.250.74.74
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.2 kB	13 kB	142.250.74.131
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	84 kB	172.217.21.168
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	646 B	349 B	157.240.200.35
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.4 kB	93.184.220.29
px.ads.linkedin.com	522	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	2.3 kB	13.107.42.14
q.quora.com	3239	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	528 B	419 B	34.238.56.9
cdn.linkedin.oribi.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	920 B	143.204.55.71
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	8.9 kB	23.36.77.32
snap.licdn.com	1044	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	792 B	5.7 kB	23.36.76.210
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379 B	29 kB	31.13.72.12
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	614 B	716 B	64.233.164.157
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
iex-website.s3.amazonaws.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	439 B	6.2 kB	52.217.39.4
cse.google.com	2642	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	4.4 kB	142.250.74.174
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	323 kB	216.58.207.228
region1.analytics.google.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	793 B	568 B	216.239.32.36
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	100.20.30.105
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	767 B	1.9 kB	142.250.74.34
www.interexchange.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.7 kB	292 kB	34.141.72.9
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	78 kB	142.250.74.35
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	143.204.42.156

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-04 06:46:43	medium	Client IP	34.141.72.9	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M2

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	snap.licdn.com/li.lms-analytics/insight.min.js	1.0 kB	2023-03-12	2023-03-12
Pretty URL snap.licdn.com/li.lms-analytics/insight.min.js IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:57:57 Last Seen2023-03-12 14:11:20 Times Seen1 Hash 5bfaeb63a25aca9560aad761d1b31f67 694eef527b13396ef0ea867be5a022a15e4a21ef 03977ba375b0bf22db454b0a7813a24d4a5f7e51cc74bd2b3453a6a2aa3bcb23 Loading...

	www.google-analytics.com/gtm/optimize.js?id=OPT-MT2Q3BC	116 kB	2023-03-12	2023-03-12
Pretty URL www.google-analytics.com/gtm/optimize.js?id=OPT-MT2Q3BC IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:51:09 Last Seen2023-03-12 13:51:09 Times Seen1 Hash d4ff8da70375d6fe879225d8eec15e19 2d6660e771fa8179055df94a0293109061cf1bdd 660a3ae643277a4c9926d0671285e3a2db0deae65a263c41ef7de9c6b7332e43 Loading...

	connect.facebook.net/signals/config/1300996599956641?v=2.9.90&r=stable	300 kB	2023-03-12	2023-03-12
Pretty URL connect.facebook.net/signals/config/1300996599956641?v=2.9.90&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:51:09 Last Seen2023-03-12 13:51:09 Times Seen1 Hash cbb6e799389499ea773be0d032993056 be39972995e4ad82bbc82a32dd211251206719a7 38196d0be84e9be00418737feaf0c1401797ee0b7b7a385318c30fd431fd0194 Loading...

	cse.google.com/adsense/search/async-ads.js	144 kB	2023-03-08	2023-03-12
Pretty URL cse.google.com/adsense/search/async-ads.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:30:34 Last Seen2023-03-12 21:33:58 Times Seen1 Hash 876ab77a19d5d09d5872e8cbbc993edd e03513fc9f0c61b2fcdf21944a5aad736f0ce598 4b2e40762fd45c4022714c1ffa41eb8311a031fde0dba60f274b149ea5971cdf Loading...

	www.interexchange.org/js/global.min.96347b99fa5d2e3c9c9b62989c874e11a370c1d0801306cfb243482ce3512415.js	188 kB	2023-03-12	2023-03-12
Pretty URL www.interexchange.org/js/global.min.96347b99fa5d2e3c9c9b62989c874e11a370c1d0801306cfb243482ce3512415.js IP 18.192.231.252 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:51:09 Last Seen2023-03-12 13:51:09 Times Seen1 Hash 334150bc7d8d953414ecca7fe0c96559 015870e8019be46a8f1c232535cab147fc68d234 96347b99fa5d2e3c9c9b62989c874e11a370c1d0801306cfb243482ce3512415 Loading...

	www.googletagmanager.com/gtag/destination?id=G-2H7QPPMD99&l=dataLayer&cx=c	238 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtag/destination?id=G-2H7QPPMD99&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:51:09 Last Seen2023-03-12 13:51:09 Times Seen1 Hash 16f07d0eed3dd47eb1c859e16172a113 8f3b40660ca02f0691ae801c86886c391a84c430 124a4244d264af4dbb673397a258a0cee1bd977a6bbd5279cbab65c334d58109 Loading...

	www.interexchange.org/articles/safety/latest-news-travel-advice/	3.2 kB	2023-03-12	2023-03-12
Pretty URL www.interexchange.org/articles/safety/latest-news-travel-advice/ IP 18.192.231.252 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:51:09 Last Seen2023-03-12 13:51:09 Times Seen1 Hash a2be4875649e71c705af48ab09f0a694 a1b1a8bc586d0078bd5a7a8815aad9ad11e485e7 801bbe7ca4a57079b69299674f585ec8bca3f7e761c3645657767fe3c9e8c7e0 Loading...

	cse.google.com/cse.js?cx=008249407077710213542:wdw-zxxguiu	10 kB	2023-03-12	2023-03-12
Pretty URL cse.google.com/cse.js?cx=008249407077710213542:wdw-zxxguiu IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:51:09 Last Seen2023-03-12 13:51:09 Times Seen1 Hash 5245b1e135b2a45ed079c78e707e14a9 8728b51e7e958530bc08d5c0227f767f4ad6afc8 c94d7f62bd01f74838f7142709e4941faf91a7c775da1f13dbc986e6fa1c2167 Loading...

	snap.licdn.com/li.lms-analytics/insight.old.min.js	13 kB	2023-03-09	2024-02-19
Pretty URL snap.licdn.com/li.lms-analytics/insight.old.min.js IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:43:47 Last Seen2024-02-19 23:40:48 Times Seen19 Hash 586b199afb02c136e3d1e5b2f1485659 903f39091ccbb0b910b7b76da2283bc8646b9290 3e6ef4f3484f029b4d1a989163d6bb29899184f008431adb932c43ff3543368a Loading...

	www.google.com/cse/static/element/f275a300093f201a/cse_element__en.js?usqp=CAI%3D	309 kB	2023-03-08	2023-03-13
Pretty URL www.google.com/cse/static/element/f275a300093f201a/cse_element__en.js?usqp=CAI%3D IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:46:34 Last Seen2023-03-13 18:07:33 Times Seen1 Hash beb9e0aad33bf83f1b55ea5a17a18b07 afab2ba1c9f3e9e92e1b4278a324f1b41663b1ee ec1555fc2430d7bf9eaccf108a229ebddd5522f8cdce5663ece904ec011da578 Loading...

	www.interexchange.org/articles/safety/latest-news-travel-advice/	423 B	2023-03-12	2023-03-12
Pretty URL www.interexchange.org/articles/safety/latest-news-travel-advice/ IP 18.192.231.252 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:51:09 Last Seen2023-03-12 13:51:09 Times Seen1 Hash 1ae4ff861ec20f738945194dfb89112e 9b02b932b20cd03e88d9eede634ae2795ee82838 701d80b0d457c0142e089b5da4ceceada0a70916f3368cfbb8759f9a4cda6a7a Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NP8VB5	238 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NP8VB5 IP 172.217.21.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:51:09 Last Seen2023-03-12 13:51:09 Times Seen1 Hash 41638acfa46aa1de068ae878fc29b02c 5371fa66ac1b91c03ba8ed6bcd5c65126b25c495 51e866d8742772d1ae83b06f5bf63e9aefa66177923e41b0fba8e3a9f13e82c2 Loading...

	www.googletagmanager.com/gtag/js?id=G-2H7QPPMD99&l=dataLayer&cx=c	238 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtag/js?id=G-2H7QPPMD99&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:51:09 Last Seen2023-03-12 13:51:09 Times Seen1 Hash 0826f4f32ba1f9d9441a49b49f31d7cf b4cef1ccab41ea8a9f0a03af93773f928f777701 471febde30575e19844745d97d8b5bf44dbf52a08c92d80dd4980ea6d6a5d709 Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-09	2024-02-19
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:12:38 Last Seen2024-02-19 23:40:48 Times Seen21 Hash 8923a23f541784b67eece6aa2fa0a66f f2cad61f4ec65b3792e1295219a36c1f94fce6af 55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/1070903303/?random=1672814804392&cv=11&fst=1672814804392&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=jQECCPWqpgIQh-DS_gM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&tiba=Latest%20News%20and%20Travel%20Advice%20%C2%B7%20InterExchange&auid=489090407.1672814804&rfmt=3&fmt=4	2.1 kB	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/1070903303/?random=1672814804392&cv=11&fst=1672814804392&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=jQECCPWqpgIQh-DS_gM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&tiba=Latest%20News%20and%20Travel%20Advice%20%C2%B7%20InterExchange&auid=489090407.1672814804&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:51:09 Last Seen2023-03-12 13:51:09 Times Seen1 Hash 84377b79b9382b83194ef9a89af3036f b3d8e69c49049964ca352a70391d7cdee77e96f8 f3977945ecc8371883fe1f8cac47041b4d0c4cb84ff49fa9b755ffc6d7618347 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-18
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-18 21:02:43 Times Seen1513 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	www.interexchange.org/articles/safety/latest-news-travel-advice/	176 B	2023-03-12	2023-03-12
Pretty URL www.interexchange.org/articles/safety/latest-news-travel-advice/ IP 18.192.231.252 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:51:09 Last Seen2023-03-12 13:51:09 Times Seen1 Hash c1a19ade2a838c8fab3732fe1cc34765 1a4cf2d3a7125b0746e455b7c51669d4575454b9 c01a08dba0f78eeab58032aab8ef279d441ff98c5e866e0e250ea91ce1fb8c8e Loading...

HTTP Transactions (83)

URL IP Response Size

www.interexchange.org/articles/safety/coronavirus/

34.141.72.9

301 Moved Permanently

73 B

URL HTTP/1.1
www.interexchange.org/articles/safety/coronavirus/
IP
34.141.72.9:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with no line terminators
Size
73 B (73 bytes)
Hash
75dc7b0b6acae20b9c554adcf37a1269
19569caa102c889b0cb2f1c8fd04ed4fa961a4e0
02ab84b5a1c585eba1fac3594fc985a14048de5e54dfd8fa983c1eb63ee79132

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M2

HTTP Headers

GET /articles/safety/coronavirus/ HTTP/1.1
Host: www.interexchange.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://www.interexchange.org/articles/safety/coronavirus/
Server: Netlify
X-Nf-Request-Id: 01GNXRGQGQN4D6SKB2C3B69EM3
Date: Wed, 04 Jan 2023 06:46:52 GMT
Content-Length: 73
Content-Type: text/plain; charset=utf-8

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8afcbdfc50b3ac9488d629a1a4923b81
933fe7b84c2fbd931da70e92c86fa89110e7cfe7
9857b3b813177c23f90a7e53c7ec1f878362b1da27bc19493bebffc358a4b852

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9857B3B813177C23F90A7E53C7EC1F878362B1DA27BC19493BEBFFC358A4B852"
Last-Modified: Sun, 01 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10763
Expires: Wed, 04 Jan 2023 09:46:15 GMT
Date: Wed, 04 Jan 2023 06:46:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16803ffa29e10ee999c43eb4e4acfe92
a5ede865a388fa440f20994b43c417d403e9a493
08de8f6abb622e84d2cb6e88dee8fc7c408147ac43da9c24d4cde510ed36b53a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08DE8F6ABB622E84D2CB6E88DEE8FC7C408147AC43DA9C24D4CDE510ED36B53A"
Last-Modified: Mon, 02 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7972
Expires: Wed, 04 Jan 2023 08:59:44 GMT
Date: Wed, 04 Jan 2023 06:46:52 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 04 Jan 2023 05:47:41 GMT
content-type: application/json
age: 3551
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
225d42543c0190cdb3686bf236533f4f
13a0940800fce078487372b6b3ca614dd1ab6c31
766bbe15eb1642ac39e9b71669fbb44252471c8de5adb555cd1a76db44fbe7bc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "766BBE15EB1642AC39E9B71669FBB44252471C8DE5ADB555CD1A76DB44FBE7BC"
Last-Modified: Mon, 02 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2206
Expires: Wed, 04 Jan 2023 07:23:38 GMT
Date: Wed, 04 Jan 2023 06:46:52 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 5P0Ja+BVKytUPXAGkkpdp4MupQPGIUOxV16nZeGiXTXCaRykzPdCFPxDKeZlz/F5Ue4jaaV62znGMf+Ftgyp7g==
x-amz-request-id: 2EM634GFBGM380CG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 04 Jan 2023 05:59:00 GMT
age: 2872
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e400d1207c61fa58350449e7c1dc3d60
0beab2688e4ad1ef9e6c75703ece8f43d8298c94
aaf32792b581661ff04d4e7bd5fcf2f5cd0653d78e1f5295e9d299921aef483b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAF32792B581661FF04D4E7BD5FCF2F5CD0653D78E1F5295E9D299921AEF483B"
Last-Modified: Sun, 01 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7183
Expires: Wed, 04 Jan 2023 08:46:35 GMT
Date: Wed, 04 Jan 2023 06:46:52 GMT
Connection: keep-alive

www.interexchange.org/articles/safety/coronavirus/

18.192.231.252

301 Moved Permanently

58 B

URL HTTP/2
www.interexchange.org/articles/safety/coronavirus/
IP
18.192.231.252:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
58 B (58 bytes)
Hash
7c61caa9918c4efeb569a559e50f5e9e
db4bf25274f5c115599bbef62673f1477a999c3b
5989ec03ba8578c1cd2166daf13bd874636633774447b47d4a098a059bc9fc5c

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M2

HTTP Headers

GET /articles/safety/coronavirus/ HTTP/1.1
Host: www.interexchange.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
age: 14596
cache-control: public, max-age=0, must-revalidate
content-type: text/plain; charset=utf-8
date: Wed, 04 Jan 2023 02:43:37 GMT
location: /articles/safety/latest-news-travel-advice/
server: Netlify
strict-transport-security: max-age=31536000
x-frame-options: DENY
x-nf-request-id: 01GNXRGQRX15GTQQFTWJMVJVP6
content-length: 58
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 06:46:52 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.interexchange.org/css/base.css

18.192.231.252

200 OK

55 kB

URL HTTP/2
www.interexchange.org/css/base.css
IP
18.192.231.252:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65323)
Size
55 kB (55057 bytes)
Hash
753464932bd33acf896594c9349488fd
c2a64c50a16e97545c8775d60a8bad4a84f0ec5c
1c8fffaff7a0dfcd68ba05535630c68c78fc8ae23676b6da229865822cf37cb3

HTTP Headers

GET /css/base.css HTTP/1.1
Host: www.interexchange.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/articles/safety/latest-news-travel-advice/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 39270
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/css; charset=UTF-8
date: Tue, 03 Jan 2023 19:52:23 GMT
etag: "ab686fc80252b7ca345bf87bfc2b490e-ssl"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: DENY
x-nf-request-id: 01GNXRGR28J8AXQWJATPZC3BS7
content-length: 55057
X-Firefox-Spdy: h2

www.interexchange.org/img/brand.svg

18.192.231.252

200 OK

1.5 kB

URL HTTP/2
www.interexchange.org/img/brand.svg
IP
18.192.231.252:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3972), with no line terminators
Size
1.5 kB (1493 bytes)
Hash
d7bfac9bd5cd91ed2e7c6117efb50515
4649637cb288d99bc5d6c286db0c355c214b0157
d2982e89cc680a2d781453e7141b82430fdba93652adbab0eb391ac1d39f48fa

HTTP Headers

GET /img/brand.svg HTTP/1.1
Host: www.interexchange.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/articles/safety/latest-news-travel-advice/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 39270
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: image/svg+xml
date: Tue, 03 Jan 2023 19:52:23 GMT
etag: "fd2fa3c2b3e7348c262a018f3ccd964b-ssl"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: DENY
x-nf-request-id: 01GNXRGR296MPMW5P5HWY6XRS3
content-length: 1493
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2de4d7e51964d03dfa8f0c6e3979bee2
e513e915c70c92b05bb5d2d3db32cc1542301634
a0f8c063c6d999641753296981e10d9cafb341efe8a8578160a85260fd5fa08e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.interexchange.org/js/global.min.96347b99fa5d2e3c9c9b62989c874e11a370c1d0801306cfb243482ce3512415.js

18.192.231.252

200 OK

58 kB

URL HTTP/2
www.interexchange.org/js/global.min.96347b99fa5d2e3c9c9b62989c874e11a370c1d0801306cfb243482ce3512415.js
IP
18.192.231.252:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (55231), with CR line terminators
Size
58 kB (58365 bytes)
Hash
be08c63ea7bb1fc72ed4c0de7b8eef8c
4d0fd639feadbb1c08809e4a8e688c720a210693
302f7dd840a3385e71075eb4eeb88ab096573641035e7f26ccba5daed44941e1

HTTP Headers

GET /js/global.min.96347b99fa5d2e3c9c9b62989c874e11a370c1d0801306cfb243482ce3512415.js HTTP/1.1
Host: www.interexchange.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/articles/safety/latest-news-travel-advice/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 39270
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Tue, 03 Jan 2023 19:52:23 GMT
etag: "fc24381a3dafcf8798d680e27cb944a3-ssl"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: DENY
x-nf-request-id: 01GNXRGR2BBJFNYNK6M7APBNS8
content-length: 58365
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2de4d7e51964d03dfa8f0c6e3979bee2
e513e915c70c92b05bb5d2d3db32cc1542301634
a0f8c063c6d999641753296981e10d9cafb341efe8a8578160a85260fd5fa08e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.interexchange.org/webfonts/fontawesome/fa-solid-900.woff2

18.192.231.252

200 OK

78 kB

URL HTTP/2
www.interexchange.org/webfonts/fontawesome/fa-solid-900.woff2
IP
18.192.231.252:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 78260, version 331.-31196\012- data
Size
78 kB (78260 bytes)
Hash
750fbaeb93c1a30557f34d1c5ed7e2ea
8a2e9171d6e6293fdfc5b056a65342f221397be0
1d0e6c7f6b40b62c10c929739ed76b0adbd9a08591aa95697b6f802c4dc4824f

HTTP Headers

GET /webfonts/fontawesome/fa-solid-900.woff2 HTTP/1.1
Host: www.interexchange.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.interexchange.org/css/base.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 39270
cache-control: public, max-age=0, must-revalidate
content-type: font/woff2
date: Tue, 03 Jan 2023 19:52:23 GMT
etag: "77615af0b62b0ecd3a05c12f012584bc-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-frame-options: DENY
x-nf-request-id: 01GNXRGR8R3R810FN0R2V6NDYC
content-length: 78260
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 04 Jan 2023 06:08:11 GMT
age: 2322
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cbad870248cb8172be5849309582b77f
3e12044d8bf5e6df81ac6260b186ecce175dba86
dc5b6747fdf685bd97307ee6584a5d8109258199ca81a8ddf2e6f1471b6f0cda

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.interexchange.org/webfonts/fontawesome/fa-brands-400.woff2

18.192.231.252

200 OK

77 kB

URL HTTP/2
www.interexchange.org/webfonts/fontawesome/fa-brands-400.woff2
IP
18.192.231.252:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 76740, version 331.-31196\012- data
Size
77 kB (76740 bytes)
Hash
174b41f65f8234795a2caaa56e1488b4
1f65579325ad6919f6cb29d2ddc71c40aa80e12f
bcc6afbc327c5fdd7e8137f7cfca1144a76a24b83d338cdb782bbf4c1bae8cbb

HTTP Headers

GET /webfonts/fontawesome/fa-brands-400.woff2 HTTP/1.1
Host: www.interexchange.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.interexchange.org/css/base.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 39270
cache-control: public, max-age=0, must-revalidate
content-type: font/woff2
date: Tue, 03 Jan 2023 19:52:23 GMT
etag: "2687619adbc2123ecd66bc5e698b7875-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-frame-options: DENY
x-nf-request-id: 01GNXRGR9JAMTVGFJJC1F38YG5
content-length: 76740
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.interexchange.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 02 Jan 2023 18:52:41 GMT
expires: Tue, 02 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 129252
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cbad870248cb8172be5849309582b77f
3e12044d8bf5e6df81ac6260b186ecce175dba86
dc5b6747fdf685bd97307ee6584a5d8109258199ca81a8ddf2e6f1471b6f0cda

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cbad870248cb8172be5849309582b77f
3e12044d8bf5e6df81ac6260b186ecce175dba86
dc5b6747fdf685bd97307ee6584a5d8109258199ca81a8ddf2e6f1471b6f0cda

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cbad870248cb8172be5849309582b77f
3e12044d8bf5e6df81ac6260b186ecce175dba86
dc5b6747fdf685bd97307ee6584a5d8109258199ca81a8ddf2e6f1471b6f0cda

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f239920b11acb26d109b7a1b8cf58e46
f7bab98d3c21794c3e3d08d88c4331ef48420c13
c580620be129f2651f775f95daaeae659d6e62cdf2b8eb2277e6c794c7e53673

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.interexchange.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Dec 2022 07:08:09 GMT
expires: Sat, 30 Dec 2023 07:08:09 GMT
cache-control: public, max-age=31536000
age: 430724
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cbad870248cb8172be5849309582b77f
3e12044d8bf5e6df81ac6260b186ecce175dba86
dc5b6747fdf685bd97307ee6584a5d8109258199ca81a8ddf2e6f1471b6f0cda

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-NP8VB5

172.217.21.168

200 OK

83 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-NP8VB5
IP
172.217.21.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (7470)
Size
83 kB (83219 bytes)
Hash
8ef8a684f17b5c7d763127fbe9b6bc17
4a31697a7775b13bbcfe9399de126ff60f17389d
9245f3a284b51a24ca454794b67b9ee635de0d43054b67c091f4d1b131e8c3b1

HTTP Headers

GET /gtm.js?id=GTM-NP8VB5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 04 Jan 2023 06:46:53 GMT
expires: Wed, 04 Jan 2023 06:46:53 GMT
cache-control: private, max-age=900
last-modified: Wed, 04 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83219
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
49d6e3cef8f01f0261ff5644001d652b
03eca12234d73b1f3e8489939e4f6551914d29b2
bb680ef4d4989e9e1147da3a7d5ccc518f63108b4ed1f2367a2793db0f740f21

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3178
Cache-Control: max-age=97974
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:53 GMT
Etag: "63b3f029-1d7"
Expires: Thu, 05 Jan 2023 09:59:47 GMT
Last-Modified: Tue, 03 Jan 2023 09:06:49 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f239920b11acb26d109b7a1b8cf58e46
f7bab98d3c21794c3e3d08d88c4331ef48420c13
c580620be129f2651f775f95daaeae659d6e62cdf2b8eb2277e6c794c7e53673

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f9426f40f76ca18f60925ec4d6362c1d
714413943fe97791db61ea0afde1cbfc1ee5e9f8
eb8fd568a94d67f4a11015c582f8b990b691c723f12dc730bffeb84558f419e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114968
Date: Wed, 04 Jan 2023 06:46:53 GMT
Etag: "63b43251-1d7"
Expires: Thu, 05 Jan 2023 14:43:01 GMT
Last-Modified: Tue, 03 Jan 2023 13:49:05 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vl2nsD_Iit_BCJHBgWKfMIQPDJSibL5jnUGiB-iB--WzydtT9PCkpA==
Age: 3236

iex-website.s3.amazonaws.com/images/local-coordinators/interexchange-logo.jpg

52.217.39.4

200 OK

5.9 kB

URL HTTP/1.1
iex-website.s3.amazonaws.com/images/local-coordinators/interexchange-logo.jpg
IP
52.217.39.4:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 250x250, components 3\012- data
Size
5.9 kB (5855 bytes)
Hash
1c46bacc33dff7125608384d2837bae7
e9964d685bf8544e702d4eba0232c7545316e3d9
faf0cb3f90521fd1a8f700b84ba16538e9fcc2f5af0ac55cf3e97b592a2b4290

HTTP Headers

GET /images/local-coordinators/interexchange-logo.jpg HTTP/1.1
Host: iex-website.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: FQzMsUarfgyeoOj7H1sTLuxwdfvwFNHZUgXzdCO8SSNcc9z03uthhqwGkDE6XhwAG2NP5GqrMw4=
x-amz-request-id: WZTXCCTPSMP3F05F
Date: Wed, 04 Jan 2023 06:46:54 GMT
Last-Modified: Tue, 20 Jun 2017 21:16:08 GMT
ETag: "1c46bacc33dff7125608384d2837bae7"
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 5855

push.services.mozilla.com/

100.20.30.105

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
100.20.30.105:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1YjDH31MN0dCw1y0sfvOoA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ckyS8yI0m2xJrt8tuOHlIXay03M=

snap.licdn.com/li.lms-analytics/insight.min.js

23.36.76.210

200 OK

482 B

URL HTTP/2
snap.licdn.com/li.lms-analytics/insight.min.js
IP
23.36.76.210:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (1006)
Size
482 B (482 bytes)
Hash
8cc34082ce37824ea6c3fe2bb2d7d945
f36a4901fe4d92cb666bd6405af366d1761dca07
222af6079bdc82b4b48d80c83339324e7d7b5b2be407b01564d18e9b5b8f4cc4

HTTP Headers

GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Mon, 02 Jan 2023 15:53:24 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=24450
date: Wed, 04 Jan 2023 06:46:53 GMT
content-length: 482
x-cdn: AKAM
X-Firefox-Spdy: h2

www.interexchange.org/favicon-16x16.png

18.192.231.252

200 OK

1.1 kB

URL HTTP/2
www.interexchange.org/favicon-16x16.png
IP
18.192.231.252:0
ASN
#16509 AMAZON-02

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
1.1 kB (1083 bytes)
Hash
b61017d94743d66c04216bd7e0eb8dc0
2b897d6b60181290a67d1046552c480d780b2053
dc93e9f3c2588b7df45ba3914865f4af6d8fd4c5d9efc62d5f3cbe41f66a29f7

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: www.interexchange.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/articles/safety/latest-news-travel-advice/
Cookie: _gcl_au=1.1.489090407.1672814804
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 39270
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Tue, 03 Jan 2023 19:52:24 GMT
etag: "6fea797172bd6334f325e1c7d5215b87-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-frame-options: DENY
x-nf-request-id: 01GNXRGRQ2PD0JRHF338YHEDP9
content-length: 1083
X-Firefox-Spdy: h2

www.interexchange.org/apple-touch-icon.png

18.192.231.252

200 OK

4.7 kB

URL HTTP/2
www.interexchange.org/apple-touch-icon.png
IP
18.192.231.252:0
ASN
#16509 AMAZON-02

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Size
4.7 kB (4747 bytes)
Hash
bf025b446b02ff6826c2e19d04d9fbe4
7605893a3ae91a11302da7be806be7cc1827b13d
33a6004e6fed5ff69d0fb10b2bced737b078a5a78b3e8df7b3bcd981ded670c7

HTTP Headers

GET /apple-touch-icon.png HTTP/1.1
Host: www.interexchange.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/articles/safety/latest-news-travel-advice/
Cookie: _gcl_au=1.1.489090407.1672814804
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 39270
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Tue, 03 Jan 2023 19:52:24 GMT
etag: "7e48eb45567784447851f191cfa7767a-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-frame-options: DENY
x-nf-request-id: 01GNXRGRQ29JS630BBSMY8ETS1
content-length: 4747
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dcdde91cd3d1d8e9768180b14b3a689e
83e7d5f8a7019531f35988d482991877ed6d5b0a
5136f2bc4e2021b5fd5fadc718fabef04f23f5008c15b7ee637a8d3c4b92ce0c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5136F2BC4E2021B5FD5FADC718FABEF04F23F5008C15B7EE637A8D3C4B92CE0C"
Last-Modified: Mon, 02 Jan 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16391
Expires: Wed, 04 Jan 2023 11:20:04 GMT
Date: Wed, 04 Jan 2023 06:46:53 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
57793b7a3f10d414a87f8ba799d318b0
7ff9b591cbaa496acc83302ec4bcc80b1ff469f1
f6bc3efc61d88fc9a03f7a13718b4947e80e1155e9940232539463e58b517184

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5234
Cache-Control: max-age=107208
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:53 GMT
Etag: "63b40c33-1d7"
Expires: Thu, 05 Jan 2023 12:33:41 GMT
Last-Modified: Tue, 03 Jan 2023 11:06:27 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bd5977f4aa55d3b85eb4f69f5d451e18
09718f75359ff17a91d19fc8686de7154d6d7506
07e8ded9ec36b09fa080939323b4b51995abb0525a8103052eda1c1e76459345

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
87e5f0fa537cb74d184be96698614eaa
5c40d955b71e7d8f8c98be07b4de8cb3d9796ba9
dbbcfc24f75dd651ad15efaa06dceff0bf8af21d624d7bf414d2a924def36356

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/gtm/optimize.js?id=OPT-MT2Q3BC

142.250.74.110

200 OK

45 kB

URL HTTP/2
www.google-analytics.com/gtm/optimize.js?id=OPT-MT2Q3BC
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
45 kB (45200 bytes)
Hash
89f571a0e87449a7d1640c708aa55f7f
1d47894eb286fbaf302f4166ed0a88a0d0e736f3
727783db05b48f7103d770b7e9c6c7bd9f32c696ae82ca604103d31143f2da0a

HTTP Headers

GET /gtm/optimize.js?id=OPT-MT2Q3BC HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 04 Jan 2023 06:46:53 GMT
expires: Wed, 04 Jan 2023 06:46:53 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45200
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27298 bytes)
Hash
8b26cd4609e2025e51e90573a0fbd6f7
efc2006ae5297ad5ae5e064188b9fba73f6b868f
e288b6a1e220f5fb781cfbb0b739b36c6acfdceccff8f0278fc151c241b0b50b

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 9SyJKfyLxzTSmHLxH2rRtxKsFHkILr9znfDkkiwD5/aLckcIF0PHmosv2oGXchri7Eth7pGYYpqrj0GzH42Wqw==
priority: u=3,i
content-length: 27298
x-fb-trip-id: 1904183273
date: Wed, 04 Jan 2023 06:46:53 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/1070903303/?random=1672814804392&cv=11&fst=1672814804392&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=jQECCPWqpgIQh-DS_gM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&tiba=Latest%20News%20and%20Travel%20Advice%20%C2%B7%20InterExchange&auid=489090407.1672814804&rfmt=3&fmt=4

142.250.74.34

200 OK

954 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070903303/?random=1672814804392&cv=11&fst=1672814804392&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=jQECCPWqpgIQh-DS_gM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&tiba=Latest%20News%20and%20Travel%20Advice%20%C2%B7%20InterExchange&auid=489090407.1672814804&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2060), with no line terminators
Size
954 B (954 bytes)
Hash
f64a045c5cb2250a63c2b874359954e4
c5fa9f779ae4d400d68d62eceb4bccce83c4d581
155cbeeaea00bedf256f692325333303c9099fbc563f5175985a1a22317308a6

HTTP Headers

GET /pagead/viewthroughconversion/1070903303/?random=1672814804392&cv=11&fst=1672814804392&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=jQECCPWqpgIQh-DS_gM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&tiba=Latest%20News%20and%20Travel%20Advice%20%C2%B7%20InterExchange&auid=489090407.1672814804&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 06:46:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 954
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 04-Jan-2023 07:01:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cse.google.com/cse.js?cx=008249407077710213542:wdw-zxxguiu

142.250.74.174

200 OK

3.5 kB

URL HTTP/2
cse.google.com/cse.js?cx=008249407077710213542:wdw-zxxguiu
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3170)
Size
3.5 kB (3496 bytes)
Hash
0f8ecb1100dfdc8c66e05983f55a8406
e05afebc4d068a3b9b0a93a3fb444a9232631384
01223fada1c53b61156d5499b507873a3b2c18ee50c7f5b40fbaa5030474d140

HTTP Headers

GET /cse.js?cx=008249407077710213542:wdw-zxxguiu HTTP/1.1
Host: cse.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Wed, 04 Jan 2023 06:46:54 GMT
server: gws
content-length: 3496
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+800; expires=Fri, 03-Jan-2025 06:46:53 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 04 Jan 2023 06:46:54 GMT
cache-control: private
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
57793b7a3f10d414a87f8ba799d318b0
7ff9b591cbaa496acc83302ec4bcc80b1ff469f1
f6bc3efc61d88fc9a03f7a13718b4947e80e1155e9940232539463e58b517184

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5235
Cache-Control: max-age=107208
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:54 GMT
Etag: "63b40c33-1d7"
Expires: Thu, 05 Jan 2023 12:33:42 GMT
Last-Modified: Tue, 03 Jan 2023 11:06:27 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
87e5f0fa537cb74d184be96698614eaa
5c40d955b71e7d8f8c98be07b4de8cb3d9796ba9
dbbcfc24f75dd651ad15efaa06dceff0bf8af21d624d7bf414d2a924def36356

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bd5977f4aa55d3b85eb4f69f5d451e18
09718f75359ff17a91d19fc8686de7154d6d7506
07e8ded9ec36b09fa080939323b4b51995abb0525a8103052eda1c1e76459345

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e8b6c328643ac286f1949225731fb845
377ed2f2c0ef3b2266e7fed6df92f2a1bf559eaf
83ea86de3611890895c9d27c2314ebbf498cd95729792f493d6af8e9b7a04633

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e8b6c328643ac286f1949225731fb845
377ed2f2c0ef3b2266e7fed6df92f2a1bf559eaf
83ea86de3611890895c9d27c2314ebbf498cd95729792f493d6af8e9b7a04633

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/cse/static/element/f275a300093f201a/default+en.css

216.58.207.228

200 OK

9.1 kB

URL HTTP/2
www.google.com/cse/static/element/f275a300093f201a/default+en.css
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
9.1 kB (9086 bytes)
Hash
6b3110003f6d375f164a81ce80a9f3b1
ae3c926847423f743a849751c7cf1b0982245ddc
43c7228af0ccf5b3bf3de12a714ce673f61ed8815e1a05d6f889afb0a53e8fb0

HTTP Headers

GET /cse/static/element/f275a300093f201a/default+en.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 9086
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Dec 2022 13:33:14 GMT
expires: Sat, 30 Dec 2023 13:33:14 GMT
cache-control: public, max-age=31536000
age: 407620
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/cse/static/style/look/v4/default.css

216.58.207.228

200 OK

1.3 kB

URL HTTP/2
www.google.com/cse/static/style/look/v4/default.css
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
1.3 kB (1345 bytes)
Hash
b33c65c5c815696bed8292c172185bcc
d2c0eceacad1f57b25621dcdb32659c5dc6b8d9b
f5ab6924cf65ae4dc61dca35d096fa272f8b4937b733b5eb46d36af396884132

HTTP Headers

GET /cse/static/style/look/v4/default.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 1345
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 06:36:22 GMT
expires: Wed, 04 Jan 2023 07:26:22 GMT
cache-control: public, max-age=3000
age: 632
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

q.quora.com/_/ad/2a869408f33c40938d3f7d58c8fef241/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F

34.238.56.9

200 OK

43 B

URL HTTP/1.1
q.quora.com/_/ad/2a869408f33c40938d3f7d58c8fef241/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F
IP
34.238.56.9:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /_/ad/2a869408f33c40938d3f7d58c8fef241/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F HTTP/1.1
Host: q.quora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/gif
Date: Wed, 04 Jan 2023 06:46:54 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,9008d9b60e1747d8db4de79d92f272fb,10.0.0.51,51562,91.90.42.154,,224963995494,1,1672814814.100,0.002,,.,0,0,0.000,0.004,-,0,0,197,241,120,10,26847,,,,,,-,
Content-Length: 43
Connection: keep-alive

snap.licdn.com/li.lms-analytics/insight.old.min.js

23.36.76.210

200 OK

4.7 kB

URL HTTP/2
snap.licdn.com/li.lms-analytics/insight.old.min.js
IP
23.36.76.210:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (13063)
Size
4.7 kB (4654 bytes)
Hash
bf269a225d9de1d11c6e2747d12ffbfb
f3edd2899cced3e0ae6107c6837e954d8b4f1d86
38bcbdd59ce5cac7da632ad8788f5c520aa88d30a53af4cedeb9a989af4d0986

HTTP Headers

GET /li.lms-analytics/insight.old.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 01 Jan 2023 17:37:42 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=9780
date: Wed, 04 Jan 2023 06:46:54 GMT
content-length: 4654
x-cdn: AKAM
X-Firefox-Spdy: h2

www.google.com/cse/static/element/f275a300093f201a/cse_element__en.js?usqp=CAI%3D

216.58.207.228

200 OK

309 kB

URL HTTP/2
www.google.com/cse/static/element/f275a300093f201a/cse_element__en.js?usqp=CAI%3D
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2726)
Size
309 kB (309424 bytes)
Hash
beb9e0aad33bf83f1b55ea5a17a18b07
afab2ba1c9f3e9e92e1b4278a324f1b41663b1ee
ec1555fc2430d7bf9eaccf108a229ebddd5522f8cdce5663ece904ec011da578

HTTP Headers

GET /cse/static/element/f275a300093f201a/cse_element__en.js?usqp=CAI%3D HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 309424
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 31 Dec 2022 05:53:34 GMT
expires: Sun, 31 Dec 2023 05:53:34 GMT
cache-control: public, max-age=31536000
age: 348800
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/1070903303/?random=1672814804392&cv=11&fst=1672812000000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=jQECCPWqpgIQh-DS_gM&frm=0&url=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&tiba=Latest%20News%20and%20Travel%20Advice%20%C2%B7%20InterExchange&fmt=3&is_vtc=1&random=3559130827&rmt_tld=0&ipr=y

216.58.207.228

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/1070903303/?random=1672814804392&cv=11&fst=1672812000000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=jQECCPWqpgIQh-DS_gM&frm=0&url=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&tiba=Latest%20News%20and%20Travel%20Advice%20%C2%B7%20InterExchange&fmt=3&is_vtc=1&random=3559130827&rmt_tld=0&ipr=y
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/1070903303/?random=1672814804392&cv=11&fst=1672812000000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=jQECCPWqpgIQh-DS_gM&frm=0&url=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&tiba=Latest%20News%20and%20Travel%20Advice%20%C2%B7%20InterExchange&fmt=3&is_vtc=1&random=3559130827&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 06:46:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3f3248e02722c73a2f12e8877eb3ba88
821d30e4d8f2838d650c437c99b995d5bade17fd
d6ad005a55f4a252864964e8a01a744f3c3e6f7e92f1208dcf4b9585833a9fd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3f3248e02722c73a2f12e8877eb3ba88
821d30e4d8f2838d650c437c99b995d5bade17fd
d6ad005a55f4a252864964e8a01a744f3c3e6f7e92f1208dcf4b9585833a9fd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.linkedin.oribi.io/partner/1471298/domain/interexchange.org/token

143.204.55.71

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/1471298/domain/interexchange.org/token
IP
143.204.55.71:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /partner/1471298/domain/interexchange.org/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.interexchange.org/
Origin: https://www.interexchange.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 0
date: Tue, 03 Jan 2023 07:31:22 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JBZyx-_SdBzOBpZIy8Z00JzOE_YKhh2VRbu-fkD26qEzJ66Hb5hAuQ==
age: 83732
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/1070903303/?random=1672814804392&cv=11&fst=1672812000000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=jQECCPWqpgIQh-DS_gM&frm=0&url=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&tiba=Latest%20News%20and%20Travel%20Advice%20%C2%B7%20InterExchange&fmt=3&is_vtc=1&random=3559130827&rmt_tld=1&ipr=y

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/1070903303/?random=1672814804392&cv=11&fst=1672812000000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=jQECCPWqpgIQh-DS_gM&frm=0&url=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&tiba=Latest%20News%20and%20Travel%20Advice%20%C2%B7%20InterExchange&fmt=3&is_vtc=1&random=3559130827&rmt_tld=1&ipr=y
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/1070903303/?random=1672814804392&cv=11&fst=1672812000000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&label=jQECCPWqpgIQh-DS_gM&frm=0&url=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&tiba=Latest%20News%20and%20Travel%20Advice%20%C2%B7%20InterExchange&fmt=3&is_vtc=1&random=3559130827&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 06:46:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2H7QPPMD99&cid=220721059.1672814805&gtm=2oebu0&aip=1&z=1417490592

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2H7QPPMD99&cid=220721059.1672814805&gtm=2oebu0&aip=1&z=1417490592
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2H7QPPMD99&cid=220721059.1672814805&gtm=2oebu0&aip=1&z=1417490592 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 06:46:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3f3248e02722c73a2f12e8877eb3ba88
821d30e4d8f2838d650c437c99b995d5bade17fd
d6ad005a55f4a252864964e8a01a744f3c3e6f7e92f1208dcf4b9585833a9fd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 06:46:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

px.ads.linkedin.com/collect?v=2&fmt=js&pid=1471298&time=1672814804818&url=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F

13.107.42.14

302 Found

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1471298&time=1672814804818&url=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=1471298&time=1672814804818&url=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1471298%26time%3D1672814804818%26url%3Dhttps%253A%252F%252Fwww.interexchange.org%252Farticles%252Fsafety%252Flatest-news-travel-advice%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLNMnejTgWI5wAAAYV7iGRbbZ1zNkdn-x0EIRoqkWQizsOgkgezr2j1dj_7bZUQ6jwSpTgVy61kSg; Max-Age=2592000; Expires=Fri, 03 Feb 2023 06:46:54 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQLUp6NweymtHAAAAYV7iGRbLn1qeVxQM4uNeMEDPKOEU6FhOBvMjpsFsrPpF8DZ94EJx8XujFle-FbvwpnoKw; Max-Age=2592000; Expires=Fri, 03 Feb 2023 06:46:54 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&4bf5af25-761b-46ea-8c5a-92b64b0e1367"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 04-Jan-2024 06:46:54 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2462:u=1:x=1:i=1672814814:t=1672901214:v=2:sig=AQEeHc2D52vB2v3NqOytlZP4FlJAZGnK"; Expires=Thu, 05 Jan 2023 06:46:54 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXxaozHwo6w1/Sw3TGQug==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: C22F5B34410541CEBFCE1FC03E6D2B50 Ref B: OSL30EDGE0522 Ref C: 2023-01-04T06:46:54Z
date: Wed, 04 Jan 2023 06:46:54 GMT
content-length: 0
X-Firefox-Spdy: h2

clients1.google.com/generate_204

142.250.74.110

204 No Content

0 B

URL HTTP/2
clients1.google.com/generate_204
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /generate_204 HTTP/1.1
Host: clients1.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 06:46:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-36481626-11&cid=220721059.1672814805&jid=70989896&gjid=183694444&_gid=177930148.1672814805&_u=YCDACEAARAAAACAAI~&z=469600184

64.233.164.157

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-36481626-11&cid=220721059.1672814805&jid=70989896&gjid=183694444&_gid=177930148.1672814805&_u=YCDACEAARAAAACAAI~&z=469600184
IP
64.233.164.157:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-36481626-11&cid=220721059.1672814805&jid=70989896&gjid=183694444&_gid=177930148.1672814805&_u=YCDACEAARAAAACAAI~&z=469600184 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.interexchange.org
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.interexchange.org
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 04 Jan 2023 06:46:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=1300996599956641&ev=PageView&dl=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&rl=&if=false&ts=1672814805049&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672814805049.372903469&it=1672814804720&coo=false&rqm=GET

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=1300996599956641&ev=PageView&dl=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&rl=&if=false&ts=1672814805049&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672814805049.372903469&it=1672814804720&coo=false&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=1300996599956641&ev=PageView&dl=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&rl=&if=false&ts=1672814805049&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672814805049.372903469&it=1672814804720&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 04 Jan 2023 06:46:54 GMT
X-Firefox-Spdy: h2

www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1471298%26time%3D1672814804818%26url%3Dhttps%253A%252F%252Fwww.interexchange.org%252Farticles%252Fsafety%252Flatest-news-travel-advice%252F%26liSync%3Dtrue

13.107.42.14

302 Found

0 B

URL HTTP/2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1471298%26time%3D1672814804818%26url%3Dhttps%253A%252F%252Fwww.interexchange.org%252Farticles%252Fsafety%252Flatest-news-travel-advice%252F%26liSync%3Dtrue
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1471298%26time%3D1672814804818%26url%3Dhttps%253A%252F%252Fwww.interexchange.org%252Farticles%252Fsafety%252Flatest-news-travel-advice%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.interexchange.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1471298&time=1672814804818&url=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&6a5f247c-278d-4dd3-84c9-54c2d845b61d"; Domain=.linkedin.com; Expires=Thu, 04-Jan-2024 06:46:54 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20230104064654e350acb5-9f39-4bf6-8ba4-0a72b226ad6cAQHF_lJkomsJrhoEt-7W-tSU9zYA-Pro"; Domain=.www.linkedin.com; Expires=Thu, 04-Jan-2024 06:46:54 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzI4MTQ4MTQ7MjswMjF1MeFkw33koea0qu73S1ALySiJe9rp8KVW3N53JUFEFA==; Domain=.linkedin.com; Expires=Mon, 03 Jul 2023 06:46:54 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2462:u=1:x=1:i=1672814814:t=1672901214:v=2:sig=AQEeHc2D52vB2v3NqOytlZP4FlJAZGnK"; Expires=Thu, 05 Jan 2023 06:46:54 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXxaozJyNDXnEi8jUvWzw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 0B2D390D14B4471B92CEC5C1A0483A8A Ref B: OSL30EDGE0522 Ref C: 2023-01-04T06:46:54Z
date: Wed, 04 Jan 2023 06:46:54 GMT
content-length: 0
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-2H7QPPMD99&gtm=2oebu0&_p=236799005&_gaz=1&cid=220721059.1672814805&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&sid=1672814804&sct=1&seg=0&dl=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&dt=Latest%20News%20and%20Travel%20Advice%20%C2%B7%20InterExchange&en=gtm.init_consent&_fv=1&_nsi=1&_ss=1&ep.source_medium=

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-2H7QPPMD99&gtm=2oebu0&_p=236799005&_gaz=1&cid=220721059.1672814805&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&sid=1672814804&sct=1&seg=0&dl=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&dt=Latest%20News%20and%20Travel%20Advice%20%C2%B7%20InterExchange&en=gtm.init_consent&_fv=1&_nsi=1&_ss=1&ep.source_medium=
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-2H7QPPMD99&gtm=2oebu0&_p=236799005&_gaz=1&cid=220721059.1672814805&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&sid=1672814804&sct=1&seg=0&dl=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&dt=Latest%20News%20and%20Travel%20Advice%20%C2%B7%20InterExchange&en=gtm.init_consent&_fv=1&_nsi=1&_ss=1&ep.source_medium= HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.interexchange.org
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.interexchange.org
date: Wed, 04 Jan 2023 06:46:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

px.ads.linkedin.com/collect?v=2&fmt=js&pid=1471298&time=1672814804818&url=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&liSync=true

13.107.42.14

200 OK

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1471298&time=1672814804818&url=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&liSync=true
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=1471298&time=1672814804818&url=https%3A%2F%2Fwww.interexchange.org%2Farticles%2Fsafety%2Flatest-news-travel-advice%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.interexchange.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&07efdcee-bdf9-4c2a-89b7-5e2e8c4cba07"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 04-Jan-2024 06:46:54 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2462:u=1:x=1:i=1672814814:t=1672901214:v=2:sig=AQEeHc2D52vB2v3NqOytlZP4FlJAZGnK"; Expires=Thu, 05 Jan 2023 06:46:54 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXxaozL7qpMu2X1Q8YIQQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 205385E4C96E4604BFF5700F69BB6CF6 Ref B: OSL30EDGE0522 Ref C: 2023-01-04T06:46:54Z
date: Wed, 04 Jan 2023 06:46:54 GMT
content-length: 0
X-Firefox-Spdy: h2

www.interexchange.org/service-worker.js

18.192.231.252

200 OK

432 B

URL HTTP/2
www.interexchange.org/service-worker.js
IP
18.192.231.252:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
432 B (432 bytes)
Hash
cc2ea2494681ec46a7d11163be5bdb25
9d3ae73efb8a640bbf3b16d5cd1af45f8946ee4e
ef2f5e32dc9afa2f2a1c7d6b0849f042f1da285cbd431ecda824d96ec07943ae

HTTP Headers

GET /service-worker.js HTTP/1.1
Host: www.interexchange.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: _gcl_au=1.1.489090407.1672814804; _ga_2H7QPPMD99=GS1.1.1672814804.1.1.1672814805.59.0.0; _ga=GA1.2.220721059.1672814805; _gid=GA1.2.177930148.1672814805; _gat_UA-36481626-11=1; ln_or=eyIxNDcxMjk4IjoiZCJ9; _fbp=fb.1.1672814805049.372903469
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 39142
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Tue, 03 Jan 2023 19:54:32 GMT
etag: "028ccfc65b4555ec3e8a6aa1a4cb4648-ssl"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: DENY
x-nf-request-id: 01GNXRGSE3YBFQVNGT21K72Q37
content-length: 432
X-Firefox-Spdy: h2

www.interexchange.org/index.html

18.192.231.252

200 OK

8.6 kB

URL HTTP/2
www.interexchange.org/index.html
IP
18.192.231.252:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- Java source text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15065)
Size
8.6 kB (8555 bytes)
Hash
cfae735d274703d999dd3ea4fe1b7a3e
7dc7d3b3c655f54029a7514ee52ce994973f2d50
f82471e1474da2adba0bf545729c870d821c642e316e76afddf1f8709bbf348d

HTTP Headers

GET /index.html HTTP/1.1
Host: www.interexchange.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.interexchange.org/service-worker.js
Connection: keep-alive
Cookie: _gcl_au=1.1.489090407.1672814804; _ga_2H7QPPMD99=GS1.1.1672814804.1.1.1672814805.59.0.0; _ga=GA1.2.220721059.1672814805; _gid=GA1.2.177930148.1672814805; _gat_UA-36481626-11=1; ln_or=eyIxNDcxMjk4IjoiZCJ9; _fbp=fb.1.1672814805049.372903469
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
age: 38118
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 03 Jan 2023 20:11:36 GMT
etag: "694d6860b36b79d5090b6d7f62df7765-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: DENY
x-nf-request-id: 01GNXRGSHRSB61M5KHAQSSX2YC
content-length: 8555
X-Firefox-Spdy: h2

www.interexchange.org/offline/index.html

18.192.231.252

200 OK

2.3 kB

URL HTTP/2
www.interexchange.org/offline/index.html
IP
18.192.231.252:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- Java source text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5298)
Size
2.3 kB (2266 bytes)
Hash
2ffc4a288d312efc8256950424c44494
32e4938a80523ee62c9c200f4913e7ae52626673
3219631eff6251e0cff22d513fd1375c98c897f5cd236577cc29c722ac8c9b70

HTTP Headers

GET /offline/index.html HTTP/1.1
Host: www.interexchange.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.interexchange.org/service-worker.js
Connection: keep-alive
Cookie: _gcl_au=1.1.489090407.1672814804; _ga_2H7QPPMD99=GS1.1.1672814804.1.1.1672814805.59.0.0; _ga=GA1.2.220721059.1672814805; _gid=GA1.2.177930148.1672814805; _gat_UA-36481626-11=1; ln_or=eyIxNDcxMjk4IjoiZCJ9; _fbp=fb.1.1672814805049.372903469
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
age: 38118
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 03 Jan 2023 20:11:36 GMT
etag: "fc8eb359a28123896fd83bd162019e6a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: DENY
x-nf-request-id: 01GNXRGSHR52EZ06BVY9K7NT0T
content-length: 2266
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c4719f10b16aa492c5dbdb8a1bfc20af
21831c11bfc9679c9f0ebc1f6a39284a5d16be56
c8682ee9e025254ee9cd1d9c663a40707cb170c141a328a7de07ded8de06f787

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8682EE9E025254EE9CD1D9C663A40707CB170C141A328A7DE07DED8DE06F787"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7315
Expires: Wed, 04 Jan 2023 08:48:50 GMT
Date: Wed, 04 Jan 2023 06:46:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c4719f10b16aa492c5dbdb8a1bfc20af
21831c11bfc9679c9f0ebc1f6a39284a5d16be56
c8682ee9e025254ee9cd1d9c663a40707cb170c141a328a7de07ded8de06f787

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8682EE9E025254EE9CD1D9C663A40707CB170C141A328A7DE07DED8DE06F787"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7315
Expires: Wed, 04 Jan 2023 08:48:50 GMT
Date: Wed, 04 Jan 2023 06:46:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c4719f10b16aa492c5dbdb8a1bfc20af
21831c11bfc9679c9f0ebc1f6a39284a5d16be56
c8682ee9e025254ee9cd1d9c663a40707cb170c141a328a7de07ded8de06f787

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8682EE9E025254EE9CD1D9C663A40707CB170C141A328A7DE07DED8DE06F787"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7315
Expires: Wed, 04 Jan 2023 08:48:50 GMT
Date: Wed, 04 Jan 2023 06:46:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c4719f10b16aa492c5dbdb8a1bfc20af
21831c11bfc9679c9f0ebc1f6a39284a5d16be56
c8682ee9e025254ee9cd1d9c663a40707cb170c141a328a7de07ded8de06f787

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8682EE9E025254EE9CD1D9C663A40707CB170C141A328A7DE07DED8DE06F787"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7315
Expires: Wed, 04 Jan 2023 08:48:50 GMT
Date: Wed, 04 Jan 2023 06:46:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c4719f10b16aa492c5dbdb8a1bfc20af
21831c11bfc9679c9f0ebc1f6a39284a5d16be56
c8682ee9e025254ee9cd1d9c663a40707cb170c141a328a7de07ded8de06f787

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8682EE9E025254EE9CD1D9C663A40707CB170C141A328A7DE07DED8DE06F787"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7315
Expires: Wed, 04 Jan 2023 08:48:50 GMT
Date: Wed, 04 Jan 2023 06:46:55 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1e7ae45-d7bc-45ee-b5cf-e5f349c76c4e.jpeg

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1e7ae45-d7bc-45ee-b5cf-e5f349c76c4e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7655 bytes)
Hash
1debd0fa88aad972c29c52a1e9957ccd
23d96a350188af576789a17d4c3d8dd49ae013ff
066e3a682b655aa0a181887d74d51b6a46cb9a77a6ca33c7062cb30d4efef3b8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1e7ae45-d7bc-45ee-b5cf-e5f349c76c4e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7655
x-amzn-requestid: d972df9b-3a43-4352-9a7a-057e6bb7a17b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL3I4H3_oAMFjBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b49f05-464fc6182f45c555787f10e7;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:32:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w3ndESBhvNi6K4nkMCV81tETInDLZbjUUKUus5XH9W0Cwkj_hi4fBA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 21:51:21 GMT
age: 32134
etag: "23d96a350188af576789a17d4c3d8dd49ae013ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5578 bytes)
Hash
e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V8_4JXT2EDqqzVxBjZK7SUVVS9Pez_EbpGP8BCMX0FrS2x2srUr2Ug==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 22:11:09 GMT
age: 30946
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11877 bytes)
Hash
359f30e64bec00d0a01acd69a08b684d
ac965c8642c4d1e47713965060fa2fc8f19088b1
fff1b001462468cc953092a2312650c03f307e95c40e2c6bb7356e2a8b9b0283

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11877
x-amzn-requestid: 884b9243-6a8a-4434-9b2a-e5eff84d4e99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL33bFnDoAMFpoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4a02f-3f7043ae29d21e010ddc1ff9;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:37:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AmpRiMJDlhYtRCxTT0l7VEPHwk7eK_rnGceIYRUobRqi8hIM2LMrCQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 22:00:54 GMT
age: 31561
etag: "ac965c8642c4d1e47713965060fa2fc8f19088b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9ecc719-60f0-4a52-b964-f7ba1917dff9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7165 bytes)
Hash
48315ea620c3dc9697a816f0f9354052
62d5ba126490fb38ed2a8f6ea0fe43b0b4302fc4
6b37b106c6b1cc612a3704a99223bab98123da3031f8967f92a06f243b05da3a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9ecc719-60f0-4a52-b964-f7ba1917dff9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7165
x-amzn-requestid: b1b9736b-f624-44e0-81ae-89b67b1888b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eDR3EFT4IAMFwzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b1302d-0143e93a6ae1b1636a9d0450;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 07:03:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: q1Fen2wQXb-lXjOQMO1NXd4F6g_KUHiL4vGJUxAbO9m-rPlWYyzokg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 08:43:00 GMT
age: 79435
etag: "62d5ba126490fb38ed2a8f6ea0fe43b0b4302fc4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fbc2bda-914f-48de-ba69-0e5ab6ef0311.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7395 bytes)
Hash
d7dc8674d02ff8ad635ad33509ea3d9f
928c4043ae573b01d9faca39f96c49ad7c38da39
14946029a47840da573e272c7b60ec142f89818a3750fe288b6fa34fac501176

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fbc2bda-914f-48de-ba69-0e5ab6ef0311.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7395
x-amzn-requestid: 158d3961-42cf-418c-a66a-62786216b7a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL34wGmHIAMF6xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4a037-22558e746f81da5622b33f33;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:37:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ioR3kfn0ZGDjLa6GfxZNjKAnyQ979xuR3cIQzdeAJzpamSQ8HKCUng==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 21:55:06 GMT
age: 31909
etag: "928c4043ae573b01d9faca39f96c49ad7c38da39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c59aba-5379-4fff-95d5-8540d0c16430.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12457 bytes)
Hash
3c01df2f086c1d09c62a5807068c3cac
1061a5dc02f6d20370df15fdf9149e4eb584c57d
f9aa18ca218f97cd5202c68d9f308774c61342b508dbe330ea13ccae642a47c9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c59aba-5379-4fff-95d5-8540d0c16430.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12457
x-amzn-requestid: a1201e80-94d8-47fa-b658-82b77166189e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL3qEEO3oAMFjDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b49fd9-1467b4de3b1a372910bfacc6;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qBQ1PiLbKBpJv08-bE4Yx-NDiw2Wcmjj34Pv5r-mUnPlTU64qxyOWw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 21:50:46 GMT
age: 32169
etag: "1061a5dc02f6d20370df15fdf9149e4eb584c57d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.interexchange.org/articles/safety/latest-news-travel-advice/

18.192.231.252

200 OK

0 B

URL HTTP/2
www.interexchange.org/articles/safety/latest-news-travel-advice/
IP
18.192.231.252:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /articles/safety/latest-news-travel-advice/ HTTP/1.1
Host: www.interexchange.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 04 Jan 2023 06:46:53 GMT
etag: "b26e9ae1dfd4efa6ac9e7e811a855ce1-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: DENY
x-nf-request-id: 01GNXRGQT3A9CQP94ZCNM50Y79
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@600;700&family=Open+Sans:wght@400;500;600;700&display=swap

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@600;700&family=Open+Sans:wght@400;500;600;700&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Montserrat:wght@600;700&family=Open+Sans:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 04 Jan 2023 06:46:53 GMT
date: Wed, 04 Jan 2023 06:46:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.linkedin.oribi.io/partner/1471298/domain/interexchange.org/token

143.204.55.71

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/1471298/domain/interexchange.org/token
IP
143.204.55.71:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /partner/1471298/domain/interexchange.org/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.interexchange.org
Connection: keep-alive
Referer: https://www.interexchange.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
date: Wed, 04 Jan 2023 06:22:25 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QbSxlyPDGSjfPn4FFpEDm3A5ptbfk7_3m9BBK8_YK3JZcyaEx_580w==
age: 1469
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations