Report - members.blacked.com/oidc/login?uri=/videos/best-friends-share-two-bbcs?nats=NDkzLjM0LjguMjMuMjg2LjAuMC4wLjA&xsite=blacked

Report Overview

Submitted URL
members.blacked.com/oidc/login?uri=/videos/best-friends-share-two-bbcs?nats=NDkzLjM0LjguMjMuMjg2LjAuMC4wLjA&xsite=blacked
IP
104.22.24.116
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-29 15:54:13
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
7
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	4.1 kB	10 kB	142.250.74.131
ocsp.r2m01.amazontrust.com	unknown	2022-10-12T22:43:53Z	2023-03-13T08:10:39Z	350 B	944 B	54.230.80.227
use1.fptls.com	unknown	2022-08-30T21:50:48Z	2023-03-13T08:36:11Z	379 B	490 B	99.83.173.21
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	603 B	594 B	173.194.73.155
static.cloudflareinsights.com	1294	2019-09-24T16:34:56Z	2023-03-13T05:15:33Z	455 B	393 B	104.16.57.101
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	44.227.59.33
login.vixen.com	unknown	2019-06-29T17:02:05Z	2023-01-29T09:54:48Z	1.4 kB	38 kB	172.67.37.126
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.5 kB	78 kB	216.58.207.227
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	372 B	21 kB	142.250.74.110
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-13T06:26:15Z	480 B	578 B	142.250.74.67
www.blacked.com	662312	2015-02-24T00:03:09Z	2023-02-07T19:51:00Z	780 B	1.1 kB	104.22.25.116
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	410 B	630 B	142.250.74.106
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.0 kB	1.7 kB	93.184.220.29
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	381 B	72 kB	142.250.74.168
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	56 kB	34.120.237.76
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	441 B	165 kB	142.250.74.99
members.blacked.com	unknown	2015-03-05T05:27:19Z	2023-01-29T09:54:49Z	1.0 kB	1.3 kB	172.67.10.98
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	414 B	17 kB	142.250.74.164
region1.analytics.google.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:11:52Z	725 B	446 B	216.239.34.36
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.4 kB	8.9 kB	23.33.119.27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-29 15:54:12	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-01-29 15:54:13	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-01-29 15:54:13	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-01-29 15:54:13	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-01-29 15:54:14	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-01-29 15:54:16	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-01-29 15:54:19	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (44)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 19:44:48 Times Seen37024196 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	login.vixen.com/static/scripts/polyfills.js?1	437 B	2023-03-13	2023-03-13
Pretty URL login.vixen.com/static/scripts/polyfills.js?1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:07:07 Last Seen2023-03-13 11:40:25 Times Seen1 Hash e72a1a10590dbd7b6f64d4cd42dde464 13059e83adc6b92954fd338d1d7b720ee95b5253 990289b03e172d8e5ddd8558121c72560e4d53ef0e6f5d7e6d37746ee1a8df8f Loading...

	login.vixen.com/i/blacked/login?	205 B	2023-03-13	2023-03-13
Pretty URL login.vixen.com/i/blacked/login? IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:07:07 Last Seen2023-03-13 11:40:25 Times Seen1 Hash 167f10db2df12b127eb873b53f229fc8 c865773561ee4aa703f51e47f63aa2c9d266cabf b94013628efd53c87d980914267b98ec24851b9688cba871183177211b7048c1 Loading...

	login.vixen.com/i/blacked/wait-redirect	126 B	2023-03-13	2023-03-13
Pretty URL login.vixen.com/i/blacked/wait-redirect IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:07:07 Last Seen2023-03-13 11:40:25 Times Seen1 Hash 5ed847b641600a9df78aa8750e538909 9a2309d4a5d420a124a47e1190158f08098d0fbb 08cacd0c54f8fff6c4f09d54cb9cd77b955b0893654dcaff9647da8c5d75f401 Loading...

	www.blacked.com/__itsnotdown/zone/3607.js?encode=base64	315 kB	2023-03-13	2023-03-13
Pretty URL www.blacked.com/__itsnotdown/zone/3607.js?encode=base64 IP 104.22.25.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:22:30 Last Seen2023-03-13 11:22:30 Times Seen1 Hash b76a997314d7ee349ada2a123bb8c11a c922e4d786a35a865446fe529712e20f4bf71622 c90e7ec6d693ce620f962a64a672b1666c911d3ad8c032f9921696aff65eb5c4 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Leq6dYZAAAAAClZgxZK3I-ohcP4Rnnziz6HEmau&co=aHR0cHM6Ly9sb2dpbi52aXhlbi5jb206NDQz&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=8s2izo1mqgf1	69 B	2023-03-07	2024-04-23
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Leq6dYZAAAAAClZgxZK3I-ohcP4Rnnziz6HEmau&co=aHR0cHM6Ly9sb2dpbi52aXhlbi5jb206NDQz&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=8s2izo1mqgf1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-23 19:43:50 Times Seen99265 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Leq6dYZAAAAAClZgxZK3I-ohcP4Rnnziz6HEmau&co=aHR0cHM6Ly9sb2dpbi52aXhlbi5jb206NDQz&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=8s2izo1mqgf1	35 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Leq6dYZAAAAAClZgxZK3I-ohcP4Rnnziz6HEmau&co=aHR0cHM6Ly9sb2dpbi52aXhlbi5jb206NDQz&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=8s2izo1mqgf1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:22:30 Last Seen2023-03-13 11:22:30 Times Seen1 Hash 52592261c9a973730f8afe192bd569e6 17b5bd9c7c5b947b427f5e4b10f14c58b3a684eb b98b023a2abc7e461731a7010c3ccd49de7c53acafc56bd4b63d9957cffddce1 Loading...

	login.vixen.com/i/blacked/login?	341 B	2023-03-13	2023-03-13
Pretty URL login.vixen.com/i/blacked/login? IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:07:07 Last Seen2023-03-13 11:40:25 Times Seen1 Hash dc9cd494f6252c2bb6b55d3422687ca8 7c8cb4191765671c09b8aa567fe110348343f9ae 72060b19cfce47e7d61205e4a9743de6ed7faaf55c30b9b808dbe1a79d2b2d0e Loading...

	login.vixen.com/i/blacked/login?	1.5 kB	2023-03-13	2023-03-13
Pretty URL login.vixen.com/i/blacked/login? IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:07:07 Last Seen2023-03-13 11:40:25 Times Seen1 Hash 4cc25963870fb128b1f2c8050485bafa 11ae75796f016f63702b877755a67b2b08e5d5f8 c956a23fb69a859df24b9f8099f147f7ef0544b489cbcfeea30e7792bb23aa56 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-W4LGF52	217 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-W4LGF52 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:22:30 Last Seen2023-03-13 11:22:30 Times Seen1 Hash a1435c7c84eaa9612d160fad20672502 6f09b1d0a4f5d13b1e4673879e51437a296dd2c9 1afbdda791da872314747ac576cbee08fa0b48b7a9525bbd803322d8b9e36d9a Loading...

	static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993	17 kB	2023-03-08	2024-02-28
Pretty URL static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 IP 104.16.57.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:00 Last Seen2024-02-28 12:44:37 Times Seen1362 Hash 33100f2355611b2375f05486299abf05 0b2d1b75f6695e67b884bee2eb72165d6e881a26 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3 Loading...

	login.vixen.com/static/scripts/password-toggle.js	1.0 kB	2023-03-13	2023-03-13
Pretty URL login.vixen.com/static/scripts/password-toggle.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:07:07 Last Seen2023-03-13 11:40:25 Times Seen1 Hash b19ba80bd71e49ef005eb02f1e06f4cc eed4cc580046409f6780ecf439ec3a31ff523c23 66b26d383196b6a7692fde12c987829daa4ebe908875fd51d0ca0818dcfc1580 Loading...

	login.vixen.com/static/scripts/blackbox.js?1	6.9 kB	2023-03-13	2023-03-13
Pretty URL login.vixen.com/static/scripts/blackbox.js?1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:07:07 Last Seen2023-03-13 11:40:25 Times Seen1 Hash 62790e1129b5ff6b0e12ee716b5dd938 07e177d14789b9a4ad59c4b2c5c96097497a6f8b 700f88aac98b4c64e145b61d5ae2cb0f15a189ec0c3771bd487ab8515790fb32 Loading...

	www.google.com/recaptcha/api.js?render=6Leq6dYZAAAAAClZgxZK3I-ohcP4Rnnziz6HEmau	884 B	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api.js?render=6Leq6dYZAAAAAClZgxZK3I-ohcP4Rnnziz6HEmau IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:22:30 Last Seen2023-03-13 11:40:25 Times Seen1 Hash 7e5573380673fbb3a348c86fe26a98ee d1535255846c1afcf500defb10251952e801c79a 9788314cd2cfbbd68da1e64078bde6d9fa513de7d318a9704cdd5599573ae76e Loading...

	login.vixen.com/static/scripts/base.js?3	890 B	2023-03-13	2023-03-13
Pretty URL login.vixen.com/static/scripts/base.js?3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:07:07 Last Seen2023-03-13 11:40:25 Times Seen1 Hash 312c42064deff05070ed0c332fc3ac4d 0a4bd637edae6a4733407b011987c3ee3dbe11f4 dd2be3e9a6b3bada2ad1916d14ed54c270ce3f6c822082121c3ee872282ad3f4 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js	412 kB	2023-03-13	2023-03-13
Pretty URL www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:01:06 Last Seen2023-03-13 15:37:41 Times Seen1 Hash 10fa8a547b2ef125150037f815579540 32d80f0b24826584a73c4113d51300b7666282cb a0a04c24a9bdaac0e8aa2d22df95a7ae8c0d744a31b732da3d6e4bb279c79e40 Loading...

	login.vixen.com/i/blacked/login?	27 kB	2023-03-13	2023-03-13
Pretty URL login.vixen.com/i/blacked/login? IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:07:07 Last Seen2023-03-13 11:40:25 Times Seen1 Hash 82d7f58b26f96e52e43d1ab246a38ded 3f063d1db9984d4b1e272df47c275d8030d3b592 a6c31c44ec53532d96fef7d8ab2f488e87bec51640d24c7f757802e7478c6227 Loading...

	login.vixen.com/i/blacked/login?	5.4 kB	2023-03-13	2023-03-13
Pretty URL login.vixen.com/i/blacked/login? IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:22:30 Last Seen2023-03-13 11:22:30 Times Seen1 Hash ee9262332ba3d4777bdb7c77923487d8 41a0bd1aa17f3996b26c68cefe0850aa994ccc29 41dbb16acc3f96df9aa912c6b4b1074a30a1248368eff85bd1cdf64bcb8080a0 Loading...

	www.googletagmanager.com/gtag/js?id=G-D864TSCMVV&l=dataLayer&cx=c	195 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-D864TSCMVV&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:22:30 Last Seen2023-03-13 11:22:30 Times Seen1 Hash aade68d83079c2a332bb81a5bae98923 edb8a664b9ebbccb70bd899f3a73b2ac13dc386d b84c9a34a9878311510901fe7bd53784e4ca9b588fa6fb717c4027c47edcaa85 Loading...

	www.blacked.com/__itsnotdown/zone/3612.js?encode=base64	292 kB	2023-03-13	2023-03-13
Pretty URL www.blacked.com/__itsnotdown/zone/3612.js?encode=base64 IP 104.22.25.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:22:30 Last Seen2023-03-13 11:22:30 Times Seen1 Hash 5bdbcab491d3ccd63d0d85ed73d96666 deaa228fb28e3fdd8283b5f79f5f322dd970b409 1c0c86673d4d7a4ba1c7a0c7b488a6deae8884055bb121f23aaa0f63092dc90f Loading...

		Size	First Seen	Last Seen
	#1 Eval - 413b7dc1caac04ab95e8a1b230b9b3ad	25 B	2023-03-07	2024-04-23
Pretty Observations First Seen2023-03-07 01:20:41 Last Seen2024-04-23 16:24:57 Times Seen5492 Hash 413b7dc1caac04ab95e8a1b230b9b3ad 2657fe2eb543ebc0b54eaa7d3aba3a75fb638630 b62262aeb7ee1694f40152af828f0d72a6ac6572f9db8ffa1ab16784c7532878 Loading...

	#2 Eval - 6a3c1e3a120be4e035e322c68dd503f9	22 B	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 19:03:02 Last Seen2023-03-18 07:43:22 Times Seen1 Hash 6a3c1e3a120be4e035e322c68dd503f9 a5e4b5e2582288db30e3e8a309e79dd3bc30df9b f00c4fa0123db2791dc34da467be1797fe727652a37bcd967753739158deed2d Loading...

	#3 Eval - 53d29a8adeb533d8129411070972f92a	71 B	2023-03-07	2024-04-23
Pretty Observations First Seen2023-03-07 12:10:59 Last Seen2024-04-23 18:35:32 Times Seen831 Hash 53d29a8adeb533d8129411070972f92a 609ba197687fa0a991c64912f3d5fd2eff32c80e f1769f36655620b170aabe85f13dafc53e068eb06bf3bdd2e961e0ca3f950983 Loading...

	#4 Eval - db98cf8549cbc092b7cf44b1899f423d	155 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 02:07:07 Last Seen2023-03-13 11:40:25 Times Seen1 Hash db98cf8549cbc092b7cf44b1899f423d 83586ea44f08021e841776844e4648b9de1604bf 99e3f76161817001188ed6a6a5608b5f62279aeb7803942f601043dac5cabc52 Loading...

	#5 Eval - bcb9082bfb5e38a5283f54f5d69ee9a0	221 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 11:22:30 Last Seen2023-03-13 11:40:25 Times Seen1 Hash bcb9082bfb5e38a5283f54f5d69ee9a0 7eb59e826b85d3500b414432963289300da97647 43077bd0d45031d5bedaa2b93777f719827c4a1954069a594efe15b841ad4420 Loading...

	#6 Eval - 334c8fd82c275f48e413495e9ee161d1	255 B	2023-03-13	2023-06-01
Pretty Observations First Seen2023-03-13 02:07:07 Last Seen2023-06-01 19:45:19 Times Seen2 Hash 334c8fd82c275f48e413495e9ee161d1 43ed135c5b665b9e875878810d18cba473409009 0d2d31577f5a58df5dbff5d734319ad9be3c1987e32fd1aa42f386536b4d99be Loading...

	#7 Eval - b6195c8bcbabaff80d4f72a2a0b7d959	255 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 11:22:30 Last Seen2023-03-13 11:40:25 Times Seen1 Hash b6195c8bcbabaff80d4f72a2a0b7d959 2321a805633a4cc99e32181de7487ae72049c87a 99a58fdbaa77ec3a152c890249032dd9312aa5f7e4ea05359cd1cb04909f46a5 Loading...

	#8 Eval - 4f59d3e4e42d9e686ee69286054638f0	16 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 11:22:30 Last Seen2023-03-13 11:22:30 Times Seen1 Hash 4f59d3e4e42d9e686ee69286054638f0 a61fc4abac615302ff49f185ae6d58bee34721a2 34c5f97ba2cdd288c66d9f68b0bee403b7d0e668c17c7d45bb9a7254a5f02087 Loading...

	#9 Eval - a682b0439655b9734997986647ced1f1	37 B	2023-03-11	2024-02-27
Pretty Observations First Seen2023-03-11 10:40:08 Last Seen2024-02-27 04:09:49 Times Seen18 Hash a682b0439655b9734997986647ced1f1 7bbb0895cdb10d4e4da2fbd17d51d63c8cd7edb9 7d10321d84d2731fe8b2277620558da83bd9b62d30ddb2981142fb31bbc4bd22 Loading...

	#10 Eval - da40d2c46311c5f226e076e336ad9702	250 B	2023-03-13	2023-06-01
Pretty Observations First Seen2023-03-13 02:07:07 Last Seen2023-06-01 19:45:19 Times Seen2 Hash da40d2c46311c5f226e076e336ad9702 9f4573d2dcff0cbcccffb95c7ea1b10ca1716308 061a06f04bb12c78e1b4a4c361866a5e834ebe3e05a6ebdd1eecdb74dd95d58e Loading...

	#11 Eval - 941ef63ccc423bfd17e1359f3eca9eb8	155 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 02:07:07 Last Seen2023-03-13 11:40:25 Times Seen1 Hash 941ef63ccc423bfd17e1359f3eca9eb8 ff6738ac294dcc7931954d44c2f3d296ff676bfb c005078d4d943c718f88b29ecdab3381658d18845c092b790b604289dc6a19ed Loading...

	#12 Eval - f36e4d0961d40ef71e8bd20ba0f929fe	16 kB	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 19:03:02 Last Seen2023-03-18 07:43:22 Times Seen1 Hash f36e4d0961d40ef71e8bd20ba0f929fe cae72965339f0db453f17b1831fad21b4cb08360 e1a4bc1babc09967a368fe423660be9c79500204b341c68b432adb9ee56baa3b Loading...

	#13 Eval - bb54294f3ce04a4a342e23ed34a9afb8	155 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 11:22:30 Last Seen2023-03-13 11:40:25 Times Seen1 Hash bb54294f3ce04a4a342e23ed34a9afb8 f7fbc97e690a599de65e6e17252e90ff5a841aca 96f7024dd89cc7f8405f8b30efca12e1699060c23887d9f2e915bb20e4f5f050 Loading...

	#14 Eval - 94f89544287dd1c79a0d0dbe46fabd30	255 B	2023-03-13	2023-06-01
Pretty Observations First Seen2023-03-13 02:07:07 Last Seen2023-06-01 19:45:19 Times Seen2 Hash 94f89544287dd1c79a0d0dbe46fabd30 5578341db00e217dbe4f3eb3a3bf41bfc7c20ec5 2175ef929d57b0d610eb865d065aaca5a2aaef5573d358f4df3687d6ddd56414 Loading...

	#15 Eval - fa960ee401974574d5044a9776a41f29	155 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 11:22:30 Last Seen2023-03-13 11:40:25 Times Seen1 Hash fa960ee401974574d5044a9776a41f29 d267e4f32cd2a3a7161ef438500d45da1f8cb7a7 34d9cd5f58b3e781a051a7d3cf9eef683fd2723dd623d17d012123f2f68a2f50 Loading...

	#16 Eval - 875f3ecd9cbb46f3f1424354c55865cd	255 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 11:22:30 Last Seen2023-03-13 11:40:25 Times Seen1 Hash 875f3ecd9cbb46f3f1424354c55865cd e759f028c78b25e6c0b51342f88448d2b21bb400 3cd790fb3702958049e4f91211c622fbdfb833e5f99f252a842d11b8332eb5c4 Loading...

	#17 Eval - f1fe451c5d07cc97d0e361b06910be03	176 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 11:22:30 Last Seen2023-03-13 11:40:25 Times Seen1 Hash f1fe451c5d07cc97d0e361b06910be03 2a7d639d283d299cbbe9d4bdfb04a0bd1dd0ed96 353773f84ed9f3cfd448cbf951fe2f9c1d145a9f3e50870703bab585caf0ffd4 Loading...

	#18 Eval - 6ca71fcd0fd9ebbfc62df19316ec3206	155 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 11:22:30 Last Seen2023-03-13 11:40:25 Times Seen1 Hash 6ca71fcd0fd9ebbfc62df19316ec3206 8bec9706a827d0937f75add0b8fc55452ab35519 840822f2cfc61c1c9e9b83cbb6e5bb86083a0166a1638f1f2c194731b205515a Loading...

	#19 Eval - 703b9b4ee324ed5bea800395d6e7b778	64 B	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 19:03:02 Last Seen2023-03-18 07:43:22 Times Seen1 Hash 703b9b4ee324ed5bea800395d6e7b778 d9dbc963793c903a99ad1184d4a8c8b76f00a92b ac3659fff3d443c469cac8e740b2ebacc39f1260da426918c1fedd90dea242fd Loading...

	#20 Eval - e8961527ee3fe5343e2557b2d07fa466	25 B	2023-03-07	2024-04-21
Pretty Observations First Seen2023-03-07 01:27:45 Last Seen2024-04-21 22:18:50 Times Seen1336 Hash e8961527ee3fe5343e2557b2d07fa466 77949bb9e9f198b29a96a7443536a04cabe969cd 78c8bdc18839c26595506bc6df8831aa6cfc44eff13f25786502329ad5088af3 Loading...

	#21 Eval - 9b8771c991dfc84746d5030622097f0f	152 B	2023-03-13	2023-06-01
Pretty Observations First Seen2023-03-13 02:07:07 Last Seen2023-06-01 19:45:19 Times Seen2 Hash 9b8771c991dfc84746d5030622097f0f 9e8ffe2ecf1e87e076aaebb63d17870145ce7290 45e175ca56c73e21746bcbe881f0c15ddde6a30a4ce69df94628f349c641e3e1 Loading...

	#22 Eval - 91ec3c1004169bc4aeba4c5b284d70c5	155 B	2023-03-13	2023-06-01
Pretty Observations First Seen2023-03-13 02:07:07 Last Seen2023-06-01 19:45:19 Times Seen2 Hash 91ec3c1004169bc4aeba4c5b284d70c5 dc347353514020ee30fcec9dbaaba9f0b685c9cc 2b3b10b66415edd3847906de43fa5ed5dce022b45cc3a7bf87a569e366f55f8e Loading...

	#23 Eval - 459ec9cfee68d036557a8679627d303d	22 B	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 19:03:02 Last Seen2023-03-18 07:43:22 Times Seen1 Hash 459ec9cfee68d036557a8679627d303d 25b45ef0c0ea6e24c150ab10bec3eac40902795a b004954a8ae3697a3df5d38a4d92354a8918e637c53204ae3cf8f6ade91de69f Loading...

HTTP Transactions (56)

	URL	IP	Response	Size
	members.blacked.com/oidc/login?uri=/videos/best-friends-share-two-bbcs?nats=NDkzLjM0LjguMjMuMjg2LjAuMC4wLjA&xsite=blacked	172.67.10.98	301 Moved Permanently	0 B
URL HTTP/1.1 members.blacked.com/oidc/login?uri=/videos/best-friends-share-two-bbcs?nats=NDkzLjM0LjguMjMuMjg2LjAuMC4wLjA&xsite=blacked IP 172.67.10.98:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /oidc/login?uri=/videos/best-friends-share-two-bbcs?nats=NDkzLjM0LjguMjMuMjg2LjAuMC4wLjA&xsite=blacked HTTP/1.1 Host: members.blacked.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Date: Sun, 29 Jan 2023 15:54:02 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Sun, 29 Jan 2023 16:54:02 GMT Location: https://members.blacked.com/oidc/login?uri=/videos/best-friends-share-two-bbcs?nats=NDkzLjM0LjguMjMuMjg2LjAuMC4wLjA&xsite=blacked Server-Timing: cf-q-config;dur=5.9999983932357e-06 Vary: Accept-Encoding Server: cloudflare CF-RAY: 791324e77ede1c12-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 81dd5c5cc5b3278876cb44dcb520a60f c0511a59e9eccdcdda98717b87c89c5d59974808 41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2281 Expires: Sun, 29 Jan 2023 16:32:04 GMT Date: Sun, 29 Jan 2023 15:54:03 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a2104f935c638b4767ca5ae0d738ef23 85c6af15af749be0ceeae6de17c36925b750f166 5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2572 Expires: Sun, 29 Jan 2023 16:36:55 GMT Date: Sun, 29 Jan 2023 15:54:03 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash dcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 29 Jan 2023 15:43:08 GMT content-type: application/json age: 655 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 302c7548412192add063ad6c8b99cf3b e5d178931a27db036ce8daae302594d3ff7050b8 fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D" Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9405 Expires: Sun, 29 Jan 2023 18:30:48 GMT Date: Sun, 29 Jan 2023 15:54:03 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: KKRRWp9Sg90VwWPappzCePU3tC1SPxCeEH2Nk6JCUfgrOBgTCaofso/o0xCB95Coy+/vK7USRow= x-amz-request-id: GH1B9V5AZJCSXPQH content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 29 Jan 2023 15:50:22 GMT age: 221 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sun, 29 Jan 2023 15:54:03 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 29 Jan 2023 15:49:04 GMT age: 299 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	members.blacked.com/oidc/login?uri=/videos/best-friends-share-two-bbcs?nats=NDkzLjM0LjguMjMuMjg2LjAuMC4wLjA&xsite=blacked	172.67.10.98	302 Found	0 B
URL HTTP/2 members.blacked.com/oidc/login?uri=/videos/best-friends-share-two-bbcs?nats=NDkzLjM0LjguMjMuMjg2LjAuMC4wLjA&xsite=blacked IP 172.67.10.98:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /oidc/login?uri=/videos/best-friends-share-two-bbcs?nats=NDkzLjM0LjguMjMuMjg2LjAuMC4wLjA&xsite=blacked HTTP/1.1 Host: members.blacked.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found date: Sun, 29 Jan 2023 15:54:03 GMT content-length: 0 location: https://login.vixen.com/auth?client_id=blacked&scope=openid%20system%20display%20basic&response_type=code&uri=%2Fvideos%2Fbest-friends-share-two-bbcs%3Fnats%3DNDkzLjM0LjguMjMuMjg2LjAuMC4wLjA&xsite=blacked&redirect_uri=https%3A%2F%2Fmembers.blacked.com%2Foidc%2Flogin-callback&state=j1gJC3hYp9pdcyUwOI_imQKR1yFOaLdsO6BDAQRWNPE cf-ray: 791324e93c7c1bfa-OSL set-cookie: fesid=s%3A36apSF0v3FVYMc7kkoHGt8KktMIuR5IK.K7xMFQWBqR8xvDfITNXX9ucHuUrAib3vFR4RG2kewkI; Domain=.blacked.com; Path=/; Expires=Sun, 12 Feb 2023 15:54:03 GMT; HttpOnly vary: Accept-Encoding cf-cache-status: DYNAMIC server: cloudflare alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	278 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 278 B (278 bytes) Hash ca2fc518ba52fe486ade93410f7f0761 400f1fe559fc5de35961f4c7493fd6ddb00453fa aed07e4e4fbc8c0bf8c93f8cf6bf59e04cc31f435563f7cb6c306c709f13363e HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 3553 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 15:54:03 GMT Etag: "63d577e5-116" Last-Modified: Sun, 29 Jan 2023 14:54:50 GMT Server: ECS (amb/6B8C) X-Cache: HIT Content-Length: 278`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 16a7b6a7128312e2f985d30df18c4487 6017bff79ffb525d9c7f9f32b999b74b5dc69602 663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16" Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15250 Expires: Sun, 29 Jan 2023 20:08:13 GMT Date: Sun, 29 Jan 2023 15:54:03 GMT Connection: keep-alive`

	ocsp.digicert.com/	93.184.220.29	200 OK	278 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 278 B (278 bytes) Hash ca2fc518ba52fe486ade93410f7f0761 400f1fe559fc5de35961f4c7493fd6ddb00453fa aed07e4e4fbc8c0bf8c93f8cf6bf59e04cc31f435563f7cb6c306c709f13363e HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 3553 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 15:54:03 GMT Last-Modified: Sun, 29 Jan 2023 14:54:50 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 278`

	push.services.mozilla.com/	44.227.59.33	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 44.227.59.33:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: Wsyc9xoQ2N/GLaFr218BMA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: /JbKK6zdK6i35p+tCIfCJQE6HoE=`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	941 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 941 B (941 bytes) Hash b175d71ffbdd6eab5bf3f0c2807c5ab3 47e59c5a2299bf4375054e186a799114837918fe a3d0483872532142ac224686a6311c2a195af060eeea059a8cb45d2cbffa714f HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 15:54:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash b67335a8e235eacf68e4b7f98cc5dc40 887a9b34cf2ba9371bbe8c93e362c174668cf812 1ad2f6328af6d819acd85f4e4646afcafd945e17e555d5eeb54244db83cd48fa HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 15:54:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.digicert.com/	93.184.220.29	200 OK	280 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 280 B (280 bytes) Hash dafbce9cddefb80f89431fae84911f5d a96636b8fb6878ebe8365d02a0f1678228094371 e69f032d1b3eefff93077f5948673d83b806d67a2827490e43d2f764eaf493fa HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 4651 Cache-Control: max-age=144366 Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 15:54:04 GMT Etag: "63d6155f-118" Expires: Tue, 31 Jan 2023 08:00:10 GMT Last-Modified: Sun, 29 Jan 2023 06:42:39 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 280`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	1.6 kB
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 1.6 kB (1572 bytes) Hash e3246fa9e5b6485154df4e444b331143 09fb6d0293f53f229dd7f7c424ff6d1e5ca36a4a ffbb0d798da32adc9552730298de2392305096db055d2b30aac49c7bf15837be HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 15:54:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/recaptcha/api.js?render=6Leq6dYZAAAAAClZgxZK3I-ohcP4Rnnziz6HEmau	142.250.74.164	200 OK	17 kB
URL HTTP/2 www.google.com/recaptcha/api.js?render=6Leq6dYZAAAAAClZgxZK3I-ohcP4Rnnziz6HEmau IP 142.250.74.164:0 ASN #15169 GOOGLE File type data Size 17 kB (16738 bytes) Hash 390dd1b0f16614261d5e09e663a468ab 2e028858243ba98bcd3a3b597c3c27c010bec72c 9ae979733999585468abbd1282b21b6d5f6a9b6cf9071806dca4d8ddd596a9e6 HTTP Headers `GET /recaptcha/api.js?render=6Leq6dYZAAAAAClZgxZK3I-ohcP4Rnnziz6HEmau HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://login.vixen.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK expires: Sun, 29 Jan 2023 15:54:04 GMT date: Sun, 29 Jan 2023 15:54:04 GMT cache-control: private, max-age=300 content-type: text/javascript; charset=UTF-8 cross-origin-resource-policy: cross-origin content-encoding: gzip x-content-type-options: nosniff x-frame-options: SAMEORIGIN content-security-policy: frame-ancestors 'self' x-xss-protection: 1; mode=block content-length: 586 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	www.googletagmanager.com/gtm.js?id=GTM-W4LGF52	142.250.74.168	200 OK	72 kB
URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W4LGF52 IP 142.250.74.168:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (19838) Size 72 kB (71829 bytes) Hash f4ea75c381ffead72307375a86856b16 97de0ed14943133aa34de37526b7830f08b56580 5a424b5b46f8905ce06050fb22482284dcb3de323e135fb6926ab7f27ce319bc HTTP Headers `GET /gtm.js?id=GTM-W4LGF52 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://login.vixen.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 29 Jan 2023 15:54:04 GMT expires: Sun, 29 Jan 2023 15:54:04 GMT cache-control: private, max-age=900 last-modified: Sun, 29 Jan 2023 15:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 71829 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 75bf326700e29b1b06e57fb96ee2b064 4f979f28905b65637a058cd44be6c25bb51a42e4 385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 15:54:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash bab8a4c1e6bb2e6c9cc00222eef1235d 1a5dd108e9f9aaf33bc048b0097a9f510d295cad fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 15:54:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ef589be52a3e55b643978f17949a73da 74545de6f144282252ff92c751f97cc835c80341 7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 15:54:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	login.vixen.com/auth?client_id=blacked&scope=openid%20system%20display%20basic&response_type=code&uri=%2Fvideos%2Fbest-friends-share-two-bbcs%3Fnats%3DNDkzLjM0LjguMjMuMjg2LjAuMC4wLjA&xsite=blacked&redirect_uri=https%3A%2F%2Fmembers.blacked.com%2Foidc%2Flogin-callback&state=j1gJC3hYp9pdcyUwOI_imQKR1yFOaLdsO6BDAQRWNPE	172.67.37.126	302 Found	37 kB
URL HTTP/2 login.vixen.com/auth?client_id=blacked&scope=openid%20system%20display%20basic&response_type=code&uri=%2Fvideos%2Fbest-friends-share-two-bbcs%3Fnats%3DNDkzLjM0LjguMjMuMjg2LjAuMC4wLjA&xsite=blacked&redirect_uri=https%3A%2F%2Fmembers.blacked.com%2Foidc%2Flogin-callback&state=j1gJC3hYp9pdcyUwOI_imQKR1yFOaLdsO6BDAQRWNPE IP 172.67.37.126:0 ASN #13335 CLOUDFLARENET File type data Size 37 kB (36776 bytes) Hash 0063b7a91ad3eddeeb6bdf3d929174f9 026fdbd25bfa696a517645b9cf0280ced887c471 f94f397c92ccffcaa3002d4b5854ad626cee490741bb5f5d29db416ee44478d5 HTTP Headers GET /auth?client_id=blacked&scope=openid%20system%20display%20basic&response_type=code&uri=%2Fvideos%2Fbest-friends-share-two-bbcs%3Fnats%3DNDkzLjM0LjguMjMuMjg2LjAuMC4wLjA&xsite=blacked&redirect_uri=https%3A%2F%2Fmembers.blacked.com%2Foidc%2Flogin-callback&state=j1gJC3hYp9pdcyUwOI_imQKR1yFOaLdsO6BDAQRWNPE HTTP/1.1 Host: login.vixen.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found date: Sun, 29 Jan 2023 15:54:03 GMT content-type: text/html; charset=utf-8 cache-control: no-cache, no-store content-security-policy: frame-ancestors https://.tushy.com https://.blacked.com https://.blackedraw.com https://.tushyraw.com https://.deeper.com https://.slayed.com https://.vixen.com https://.madcheddar.com:* location: /i/blacked? pragma: no-cache set-cookie: _grant=98e33467-80d0-4e7c-880b-5b4a7a0db4cd; path=/i/blacked; expires=Sun, 29 Jan 2023 16:04:03 GMT; secure; httponly _grant.sig=hiUCVeAtB2cUHOPsZHyL25Sooz8; path=/i/blacked; expires=Sun, 29 Jan 2023 16:04:03 GMT; secure; httponly _grant=98e33467-80d0-4e7c-880b-5b4a7a0db4cd; path=/auth/98e33467-80d0-4e7c-880b-5b4a7a0db4cd; expires=Sun, 29 Jan 2023 16:04:03 GMT; secure; httponly _grant.sig=hiUCVeAtB2cUHOPsZHyL25Sooz8; path=/auth/98e33467-80d0-4e7c-880b-5b4a7a0db4cd; expires=Sun, 29 Jan 2023 16:04:03 GMT; secure; httponly connect.sid=s%3A0DAMVSpFKlUWLSVr1k_4uYmFL_3GGO33.rPShsiVxnH8lu4QO9k8JWDjLqsMUoUmzH8zBco7lMSQ; Path=/; HttpOnly vary: Accept-Encoding cf-cache-status: DYNAMIC server: cloudflare cf-ray: 791324ec4de40b3d-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 15:54:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.r2m01.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m01.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 052fb2093d2772aaa0d32f184a44b597 4593028200eedd707c8c28ab1cd6a63708399ae3 2349994dbeb94d2bfc7d3e36d44ab13ed168df7d913fc1f3e6365cb4d28d05b6 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m01.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Sun, 29 Jan 2023 15:54:04 GMT Last-Modified: Sun, 29 Jan 2023 15:18:20 GMT Server: ECS (nyb/1D1B) X-Cache: Miss from cloudfront Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: HvNah5kcxz8oDfiTjQ0zzHXfDvnchdEfU48Os05tbMsuY0T_W-wLXA== Age: 2144`

	fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2	216.58.207.227	200 OK	45 kB
URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data Size 45 kB (44856 bytes) Hash 565ce506190ad3af920b40baf1794cec ad3cba5d06100e09449a864d3b5e58403b478b3d 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db HTTP Headers `GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://login.vixen.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 44856 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 23 Jan 2023 18:52:41 GMT expires: Tue, 23 Jan 2024 18:52:41 GMT cache-control: public, max-age=31536000 age: 507683 last-modified: Mon, 15 Aug 2022 18:20:18 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 15:54:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5209 Expires: Sun, 29 Jan 2023 17:20:54 GMT Date: Sun, 29 Jan 2023 15:54:05 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5209 Expires: Sun, 29 Jan 2023 17:20:54 GMT Date: Sun, 29 Jan 2023 15:54:05 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5209 Expires: Sun, 29 Jan 2023 17:20:54 GMT Date: Sun, 29 Jan 2023 15:54:05 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5209 Expires: Sun, 29 Jan 2023 17:20:54 GMT Date: Sun, 29 Jan 2023 15:54:05 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5209 Expires: Sun, 29 Jan 2023 17:20:54 GMT Date: Sun, 29 Jan 2023 15:54:05 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg	34.120.237.76	200 OK	9.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.2 kB (9167 bytes) Hash 3be81f83687ddb6c93d3ff3c09a9dba2 50a48e737310d3f31840db4301b25927fbcc12c5 e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9167 x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fPF9YEBmIAMF0kQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0 x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 17:35:56 GMT age: 80289 etag: "50a48e737310d3f31840db4301b25927fbcc12c5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg	34.120.237.76	200 OK	4.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.5 kB (4475 bytes) Hash 4205d8106659e00fff1cbe9262918b8c ab4f6528594a1725934727dc7d834c028a79c609 31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4475 x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa_e6HsaIAMF5Lg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 05:24:09 GMT etag: "ab4f6528594a1725934727dc7d834c028a79c609" content-type: image/jpeg age: 37796 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg	34.120.237.76	200 OK	5.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.6 kB (5594 bytes) Hash 4c77437e3a7361861aed8bfecbfe6bd6 fefd238c13c0fdfb7d964c90fcc8a8cbbf953034 282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5594 x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fLyeEGOloAMFpzA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0 x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: D2ZAelkDgsd0wjoOSoPRwTzhozs84_aIcgwU-QmbDrTnHztVD0VL_A== via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 05:26:16 GMT age: 37669 etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg	34.120.237.76	200 OK	8.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.7 kB (8652 bytes) Hash 43c4a8e963936a8064dbd2bd3c67b905 8508727c97127c98b886833af28b3470306216c2 070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8652 x-amzn-requestid: 5a5a883e-d7d4-4fc5-925a-3a95830c504e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fVguyG7BIAMFm8g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d214c4-390b59a32060e41203533c58;Sampled=0 x-amzn-remapped-date: Thu, 26 Jan 2023 05:51:00 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ewSsCY4u9DwRtaj00U9JCim9tYeCgHRuIQFpdHm4ttI6L02-e44iDQ== via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 23:11:24 GMT age: 60161 etag: "8508727c97127c98b886833af28b3470306216c2" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11470 bytes) Hash 10a6491e2c1dfde68c7cd7297e70700f d0f195319825a6d3e5e50ad15b2fcab27cb65896 4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11470 x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fIf6WFgAIAMF6gw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0 x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 23:12:28 GMT age: 60097 etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10168 bytes) Hash d5ed99a9aed6f367efc5c9498ce87ff1 3123eb6f550c51fe17fc62eff943b3739e239a9b 536f45bf2eb41f7056df8b34964538005d6a0a4c6157def3fbdd9487f8c79027 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10168 x-amzn-requestid: fe58fe3c-dd23-4614-b5a2-e91ef68c2ab7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fFOD7H-NIAMFcxw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cb907f-687fc51741d7ff97182d1955;Sampled=0 x-amzn-remapped-date: Sat, 21 Jan 2023 07:13:03 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: GEghrk0LlbdfqVAHey-W84Zk9XHT2PD268Vfxf85HEvil0Ra27YgPA== via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 03:43:37 GMT age: 43828 etag: "3123eb6f550c51fe17fc62eff943b3739e239a9b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3aaaefec44047781220417a7feabad3c 7941d1d9636caf5cfcd4802996a26320e0a07593 a4dc8db1046e9cade8d697a09b442b965022e145a014e8a5727c24b8371e73aa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A4DC8DB1046E9CADE8D697A09B442B965022E145A014E8A5727C24B8371E73AA" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12239 Expires: Sun, 29 Jan 2023 19:18:04 GMT Date: Sun, 29 Jan 2023 15:54:05 GMT Connection: keep-alive`

	use1.fptls.com/	99.83.173.21	200 OK	208 B
URL HTTP/2 use1.fptls.com/ IP 99.83.173.21:0 ASN #16509 AMAZON-02 File type ASCII text, with no line terminators Size 208 B (208 bytes) Hash 893edf5122ad76be266279b1df52888b c5d588183691fabaed6ace99a92cd5c59f759812 f853f9b7cdca098f556a450a5e06eec50d2aab1ad639f823310c82e83befd63c HTTP Headers `GET / HTTP/1.1 Host: use1.fptls.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://login.vixen.com Connection: keep-alive Referer: https://login.vixen.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * cache-control: max-age=2592000, immutable, private strict-transport-security: max-age=63072000; includeSubDomains content-type: text/plain; charset=utf-8 content-length: 208 date: Sun, 29 Jan 2023 15:54:05 GMT X-Firefox-Spdy: h2`

	www.google-analytics.com/analytics.js	142.250.74.110	200 OK	20 kB
URL HTTP/2 www.google-analytics.com/analytics.js IP 142.250.74.110:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1490) Size 20 kB (20085 bytes) Hash ca7fbbfd120e3e329633044190bbf134 d17f81e03dd827554ddd207ea081fb46b3415445 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db HTTP Headers `GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://login.vixen.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20085 date: Sun, 29 Jan 2023 15:46:59 GMT expires: Sun, 29 Jan 2023 17:46:59 GMT cache-control: public, max-age=7200 last-modified: Tue, 10 Jan 2023 21:29:14 GMT content-type: text/javascript age: 426 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash b7da7d1d3e5880d5d4e313ac7fcf2a83 60a1e887ccb7c7cdae0035c65ef7df9908547fef af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 15:54:05 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js	142.250.74.99	200 OK	164 kB
URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js IP 142.250.74.99:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (771) Size 164 kB (163774 bytes) Hash 57c909ab73fc27ec24f737bbf1cb1de8 89b2c02e9e7a9a764518fca545d3eec2044fd6d9 7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b HTTP Headers `GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://login.vixen.com Connection: keep-alive Referer: https://login.vixen.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 163774 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 29 Jan 2023 10:44:42 GMT expires: Mon, 29 Jan 2024 10:44:42 GMT cache-control: public, max-age=31536000 last-modified: Mon, 23 Jan 2023 01:02:00 GMT content-type: text/javascript age: 18563 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D864TSCMVV&cid=328051297.1675007653&gtm=2oe1p0&aip=1&z=539312008	142.250.74.67	200 OK	42 B
URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D864TSCMVV&cid=328051297.1675007653&gtm=2oe1p0&aip=1&z=539312008 IP 142.250.74.67:0 ASN #15169 GOOGLE File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers `GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D864TSCMVV&cid=328051297.1675007653&gtm=2oe1p0&aip=1&z=539312008 HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://login.vixen.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Sun, 29 Jan 2023 15:54:05 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-type: image/gif x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash b7da7d1d3e5880d5d4e313ac7fcf2a83 60a1e887ccb7c7cdae0035c65ef7df9908547fef af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 15:54:05 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ed8a8c45dceab588456b222e04775919 0242859712655caa3c3e9b936878c7c7874b7b5a 669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 15:54:05 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-49895114-5&cid=328051297.1675007653&jid=771287124&gjid=1018359606&_gid=58426952.1675007653&_u=YCDACAAABAAAACAAI~&z=1686939682	173.194.73.155	200 OK	4 B
URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-49895114-5&cid=328051297.1675007653&jid=771287124&gjid=1018359606&_gid=58426952.1675007653&_u=YCDACAAABAAAACAAI~&z=1686939682 IP 173.194.73.155:0 ASN #15169 GOOGLE File type ASCII text, with no line terminators Size 4 B (4 bytes) Hash 48c0473b7821185d937e685216e2168b 3743e47f8a429a5e87b86cb582d78940733d9d2e 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a HTTP Headers POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-49895114-5&cid=328051297.1675007653&jid=771287124&gjid=1018359606&_gid=58426952.1675007653&_u=YCDACAAABAAAACAAI~&z=1686939682 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://login.vixen.com Connection: keep-alive Referer: https://login.vixen.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK access-control-allow-origin: https://login.vixen.com strict-transport-security: max-age=10886400; includeSubDomains; preload date: Sun, 29 Jan 2023 15:54:05 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 4 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash e9eba61fbe87bc53d60d0fdd1ba6adb4 8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07 9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 15:54:05 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2	216.58.207.227	200 OK	15 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Size 15 kB (15344 bytes) Hash 5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc HTTP Headers `GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.google.com Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15344 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 26 Jan 2023 21:48:03 GMT expires: Fri, 26 Jan 2024 21:48:03 GMT cache-control: public, max-age=31536000 age: 237962 last-modified: Mon, 16 Oct 2017 17:32:55 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2	216.58.207.227	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type data Size 16 kB (15592 bytes) Hash 1176ee9142e0ab8fa4e0341da6fe8747 70ac59b484c53f2f4c939955541a319ed8965e0a afc9c13d364af14f05fc0cec262f980f4d4bfe968f615a4708567f19d2277306 HTTP Headers `GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.google.com Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15552 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 26 Jan 2023 16:40:43 GMT expires: Fri, 26 Jan 2024 16:40:43 GMT cache-control: public, max-age=31536000 age: 256402 last-modified: Mon, 16 Oct 2017 17:33:02 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	region1.analytics.google.com/g/collect?v=2&tid=G-D864TSCMVV&gtm=2oe1p0&_p=1667185764&_gaz=1&cid=328051297.1675007653&ul=en-us&sr=1280x1024&ir=1&uaW=1&_eu=EA&_s=1&uid=&sid=1675007653&sct=1&seg=0&dl=https%3A%2F%2Flogin.vixen.com%2Fi%2Fblacked%2Flogin&dt=Members%20Area&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_area_grouping=MA%20Login%20Form	216.239.34.36	204 No Content	0 B
URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-D864TSCMVV&gtm=2oe1p0&_p=1667185764&_gaz=1&cid=328051297.1675007653&ul=en-us&sr=1280x1024&ir=1&uaW=1&_eu=EA&_s=1&uid=&sid=1675007653&sct=1&seg=0&dl=https%3A%2F%2Flogin.vixen.com%2Fi%2Fblacked%2Flogin&dt=Members%20Area&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_area_grouping=MA%20Login%20Form IP 216.239.34.36:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /g/collect?v=2&tid=G-D864TSCMVV&gtm=2oe1p0&_p=1667185764&_gaz=1&cid=328051297.1675007653&ul=en-us&sr=1280x1024&ir=1&uaW=1&_eu=EA&_s=1&uid=&sid=1675007653&sct=1&seg=0&dl=https%3A%2F%2Flogin.vixen.com%2Fi%2Fblacked%2Flogin&dt=Members%20Area&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_area_grouping=MA%20Login%20Form HTTP/1.1 Host: region1.analytics.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://login.vixen.com Connection: keep-alive Referer: https://login.vixen.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 204 No Content access-control-allow-origin: https://login.vixen.com date: Sun, 29 Jan 2023 15:54:05 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	www.blacked.com/__itsnotdown/zone/3612.js?encode=base64	104.22.25.116	200 OK	0 B
URL HTTP/2 www.blacked.com/__itsnotdown/zone/3612.js?encode=base64 IP 104.22.25.116:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /__itsnotdown/zone/3612.js?encode=base64 HTTP/1.1 Host: www.blacked.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://login.vixen.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sun, 29 Jan 2023 15:54:05 GMT content-type: text/javascript; charset=UTF-8 cf-ray: 791324f35aeb1c12-OSL access-control-allow-origin: * cache-control: no-cache, private vary: Origin, Accept-Encoding cf-cache-status: BYPASS access-control-allow-credentials: true access-control-allow-headers: * access-control-expose-headers: Cache-Control,Content-Language,Content-Type,Expires,Last-Modified,Pragma x-frame-options: SAMEORIGIN server: cloudflare content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	login.vixen.com/i/blacked?	172.67.37.126	302 Found	0 B
URL HTTP/2 login.vixen.com/i/blacked? IP 172.67.37.126:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /i/blacked? HTTP/1.1 Host: login.vixen.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: _grant=98e33467-80d0-4e7c-880b-5b4a7a0db4cd; _grant.sig=hiUCVeAtB2cUHOPsZHyL25Sooz8; connect.sid=s%3A0DAMVSpFKlUWLSVr1k_4uYmFL_3GGO33.rPShsiVxnH8lu4QO9k8JWDjLqsMUoUmzH8zBco7lMSQ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers HTTP/2 302 Found date: Sun, 29 Jan 2023 15:54:04 GMT content-type: text/html; charset=utf-8 location: /i/blacked/login? cf-ray: 791324ee98d40b3d-OSL vary: Accept-Encoding, Accept cf-cache-status: DYNAMIC content-security-policy: frame-ancestors https://.tushy.com https://.blacked.com https://.blackedraw.com https://.tushyraw.com https://.deeper.com https://.slayed.com https://.vixen.com https://.madcheddar.com:* server: cloudflare alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Open+Sans:100,200,300,400,500	142.250.74.106	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:100,200,300,400,500 IP 142.250.74.106:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Open+Sans:100,200,300,400,500 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://login.vixen.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sun, 29 Jan 2023 15:54:04 GMT date: Sun, 29 Jan 2023 15:54:04 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993	104.16.57.101	200 OK	0 B
URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 IP 104.16.57.101:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1 Host: static.cloudflareinsights.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://login.vixen.com Connection: keep-alive Referer: https://login.vixen.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Sun, 29 Jan 2023 15:54:04 GMT content-type: text/javascript;charset=UTF-8 access-control-allow-origin: * cache-control: public, max-age=86400 etag: W/2022.10.1 last-modified: Fri, 21 Oct 2022 01:56:09 GMT cross-origin-resource-policy: cross-origin vary: Accept-Encoding server: cloudflare cf-ray: 791324f3ab0fb503-OSL content-encoding: gzip X-Firefox-Spdy: h2`

	www.blacked.com/__itsnotdown/zone/3607.js?encode=base64	104.22.25.116	200 OK	0 B
URL HTTP/2 www.blacked.com/__itsnotdown/zone/3607.js?encode=base64 IP 104.22.25.116:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /__itsnotdown/zone/3607.js?encode=base64 HTTP/1.1 Host: www.blacked.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://login.vixen.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sun, 29 Jan 2023 15:54:05 GMT content-type: text/javascript; charset=UTF-8 cf-ray: 791324f35af91c12-OSL access-control-allow-origin: * cache-control: no-cache, private vary: Origin, Accept-Encoding cf-cache-status: BYPASS access-control-allow-credentials: true access-control-allow-headers: * access-control-expose-headers: Cache-Control,Content-Language,Content-Type,Expires,Last-Modified,Pragma x-frame-options: SAMEORIGIN server: cloudflare content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (44)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL