urlquery - report: doitmediajo.com/ddd/DHL/becu.org_update/becu.org/login.php?IwQwyOIEgT7cDGRP1i9OIyP5K4Vh05QXSej2ksLVE3ZVhxuz7kkWuJCtmyNSABKIpHZpR7uPH48LDO5BbnJjEXHGOj0gnhSyLr2EmnmIP2hoieuiM17yrjvUhNWcb6rEJ2rJnpPj3pAph4NiW1Gy9zNBNRF250DH9bWb4DIgkfP7jOt45a8I0JuPDkvtNRTjBhmxXH9j

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
afs.googleusercontent.com (2)	12123	2013-05-07 00:37:08 UTC	2022-09-17 05:34:25 UTC	142.250.74.1
ocsp.digicert.com (1)	86	2012-05-21 07:02:23 UTC	2022-09-17 08:47:22 UTC	93.184.220.29
d1lxhc4jvstzrp.cloudfront.net (4)	0	2021-11-30 10:27:04 UTC	2022-09-17 14:21:39 UTC	143.204.42.17	Unknown ranking
ocsp.pki.goog (7)	175	2017-06-14 07:23:31 UTC	2022-09-17 04:50:28 UTC	142.250.74.3
partner.googleadservices.com (1)	798	2012-10-03 01:04:21 UTC	2022-09-17 06:20:48 UTC	172.217.21.162
www.google.com (3)	7	2016-08-04 12:36:31 UTC	2022-09-17 04:50:22 UTC	142.250.74.164
r3.o.lencr.org (4)	344	2020-12-02 08:52:13 UTC	2022-09-17 04:50:33 UTC	23.36.77.32
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-09-17 04:54:02 UTC	34.117.237.239
doitmediajo.com (1)	0	2019-05-03 03:34:33 UTC	2022-09-17 04:00:43 UTC	146.148.34.125	Unknown ranking
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-09-17 04:50:44 UTC	34.120.237.76
firefox.settings.services.mozilla.com (2)	867	2020-05-27 20:08:30 UTC	2022-09-17 12:08:38 UTC	143.204.55.35
ww11.doitmediajo.com (5)	0	2022-09-17 04:00:32 UTC	2022-09-17 04:00:32 UTC	75.2.122.238	Unknown ranking
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-09-17 06:12:04 UTC	143.204.55.49
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-09-17 05:57:39 UTC	44.240.140.78

Scan Date	Severity	Indicator	Comment
2022-09-17	2	doitmediajo.com/ddd/DHL/becu.org_update/becu.org/login.php?IwQwyOIEgT7cDGRP (...)	Phishing

Date	UQ / IDS / BL	URL	IP
2023-03-18 18:25:11 +0000	0 - 0 - 2	particlecommit.site/Painting-Contractor-Invoi (...)	146.148.34.125
2023-03-18 18:25:00 +0000	0 - 0 - 2	particlecommit.site/Painting-Contractor-Invoi (...)	146.148.34.125
2023-03-18 11:38:36 +0000	0 - 0 - 2	sakuya-guitar.com/wp/wp-admin/md/0ea1a06f900a (...)	146.148.34.125
2023-03-18 10:57:49 +0000	0 - 0 - 2	sakuya-guitar.com/wp/wp-admin/md/e9cc6d3087d9 (...)	146.148.34.125
2023-03-18 10:57:47 +0000	0 - 0 - 2	sakuya-guitar.com/wp/wp-admin/md/8db6e3c5fd9d (...)	146.148.34.125

Date	UQ / IDS / BL	URL	IP
2023-03-23 23:42:14 +0000	0 - 21 - 0	r.seguridadamerica.com/mk/cl/f/wgBSS2XKMtsVYo (...)	1.179.112.195
2023-03-23 22:44:45 +0000	0 - 2 - 0	nbcnews.to/40pm3CI	67.199.248.12
2023-03-23 22:26:02 +0000	19 - 0 - 0	auth7-bof2a.info/login/login.php?online_id=06 (...)	35.233.153.31
2023-03-23 21:22:00 +0000	0 - 0 - 1	35.236.111.234/redir.php	35.236.111.234
2023-03-23 20:35:12 +0000	0 - 0 - 2	eki-nat.asicsgelkayano24.com/	35.221.118.52

Date	UQ / IDS / BL	URL	IP
2022-09-17 15:11:09 +0000	0 - 0 - 1	doitmediajo.com/ddd/DHL/becu.org_update/becu. (...)	146.148.34.125
2022-09-17 04:00:40 +0000	0 - 0 - 1	doitmediajo.com/ddd/DHL/becu.org_update/becu. (...)	146.148.34.125

Date	UQ / IDS / BL	URL	IP
2023-02-06 00:55:41 +0000	0 - 1 - 2	masterhr.it/	15.197.130.221
2023-01-12 14:32:37 +0000	0 - 0 - 3	qetyhyg.com/login.php	64.225.91.73
2023-01-11 04:56:22 +0000	0 - 0 - 2	www.5gphoneswebapps.com/	185.53.179.94
2023-01-08 10:56:47 +0000	0 - 0 - 2	mehodisthealth.org/	99.83.248.67
2022-12-27 04:04:27 +0000	0 - 0 - 2	smartphones-40692.com/	185.53.177.31

Request	Response
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Sat, 17 Sep 2022 14:11:25 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: RJEA5ZXf7wggtQUFcBACO8-8FCB8P55LRDwCDOPT64PfUGFHGp7w4g== Age: 3573 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 99b7d23c1748d0526782b9ff9ea45f09 Sha1: eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 17cbb43fd6662576ba3fe8e06cf44247c903c1313cc419053599c41e286a2442 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "17CBB43FD6662576BA3FE8E06CF44247C903C1313CC419053599C41E286A2442" Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17839 Expires: Sat, 17 Sep 2022 20:08:18 GMT Date: Sat, 17 Sep 2022 15:10:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: b0d651d83075c7a68e3c6a9204226150 Sha1: 294785e3f3a67cdd5f1a530b83a2cbd2c2cc0665 Sha256: 17cbb43fd6662576ba3fe8e06cf44247c903c1313cc419053599c41e286a2442
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.49 HASH: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345 143.204.55.49 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Sat, 20 Aug 2022 23:18:05 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Sat, 17 Sep 2022 04:35:16 GMT etag: "742edb4038f38bc533514982f3d2e861" x-cache: Hit from cloudfront via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: UldH4p0IOFOmcQ8QEAeLTQoycY_ovtBTFq22cEvC_ftE_GGUsSfsIg== age: 42017 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 742edb4038f38bc533514982f3d2e861 Sha1: cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 17 Sep 2022 15:10:59 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Sat, 17 Sep 2022 15:03:22 GMT Cache-Control: max-age=3600 Expires: Sat, 17 Sep 2022 15:17:46 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: z37nVaLyGLFhjIvRxt9KQq_LMPkZoG5a1vyBEVVa86V-fqKyieOfow== Age: 457 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 54987a5417af4a99d78532e502cf4685dd3372c1e9f717a8907f3d2b7c8926eb 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4428 Cache-Control: 'max-age=158059' Date: Sat, 17 Sep 2022 15:10:59 GMT Last-Modified: Sat, 17 Sep 2022 13:57:11 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 9bf3402af9fef57aa11ffe2943728de4 Sha1: a3a443aab8226d212be9698623717dd06e46c720 Sha256: 54987a5417af4a99d78532e502cf4685dd3372c1e9f717a8907f3d2b7c8926eb
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: fUx0GmMBfqPrQ4Ux4vPbNg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 44.240.140.78 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 44.240.140.78 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 7Bf47jQfPWu9oUy2tgva2T1U8ho= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddd/DHL/becu.org_update/becu.org/login.php?IwQwyOIEgT7cDGRP1i9OIyP5K4Vh05QXSej2ksLVE3ZVhxuz7kkWuJCtmyNSABKIpHZpR7uPH48LDO5BbnJjEXHGOj0gnhSyLr2EmnmIP2hoieuiM17yrjvUhNWcb6rEJ2rJnpPj3pAph4NiW1Gy9zNBNRF250DH9bWb4DIgkfP7jOt45a8I0JuPDkvtNRTjBhmxXH9j HTTP/1.1 Host: doitmediajo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: doitmediajo.com/ddd/DHL/becu.org_update/becu.org/login. (...) FQDN: doitmediajo.com IP: 146.148.34.125 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 146.148.34.125 HTTP/1.1 302 Found Content-Type: text/html Date: Sat, 17 Sep 2022 15:10:59 GMT Server: Apache Location: http://ww11.doitmediajo.com/ Content-Length: 0 Connection: close --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02" Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9972 Expires: Sat, 17 Sep 2022 17:57:13 GMT Date: Sat, 17 Sep 2022 15:11:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4abe181b1d086cd7e122d7de32f63fb6 Sha1: e3482d4df0d59c247109ff7fb97f20ec6f142c4d Sha256: 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02" Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9972 Expires: Sat, 17 Sep 2022 17:57:13 GMT Date: Sat, 17 Sep 2022 15:11:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4abe181b1d086cd7e122d7de32f63fb6 Sha1: e3482d4df0d59c247109ff7fb97f20ec6f142c4d Sha256: 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02" Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9972 Expires: Sat, 17 Sep 2022 17:57:13 GMT Date: Sat, 17 Sep 2022 15:11:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4abe181b1d086cd7e122d7de32f63fb6 Sha1: e3482d4df0d59c247109ff7fb97f20ec6f142c4d Sha256: 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F269c619b-7793-4ef9-ae9d-9464582f4b56.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 3b8ea2490bd6d777ec64358a84a07bdb1ccd4a6dfa30969feed45cfa7725745f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12221 x-amzn-requestid: ede87d50-8626-40bf-bb1a-d3f95e252f87 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YknUrGuqIAMF7tA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6324ec1d-2952b2ba7271a5b516295a55;Sampled=0 x-amzn-remapped-date: Fri, 16 Sep 2022 21:35:25 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: YYSEIw0DmOePLbviwIigaNWxlKzqTFrurV_maW5JaW7Ahij-HtioaA== via: 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google date: Fri, 16 Sep 2022 21:54:30 GMT age: 62191 etag: "5740a5507f21449319597ef49dbb456cbf7372b5" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12221 Md5: 1f1583c126dab43886a89cda3f82d760 Sha1: 5740a5507f21449319597ef49dbb456cbf7372b5 Sha256: 3b8ea2490bd6d777ec64358a84a07bdb1ccd4a6dfa30969feed45cfa7725745f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf888ee-3a5f-426b-9b83-8ea161780db3.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 277a74204dc8bec8a227ca43cdb840b5dda71f74e8aec56606e862e70a5ba19c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5234 x-amzn-requestid: 55e23e9a-f85c-42f2-87b6-aff3646bf1fc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Yknn_EFzoAMF2Ag= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6324ec99-62f023426230c7b46116d4b7;Sampled=0 x-amzn-remapped-date: Fri, 16 Sep 2022 21:37:29 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: fb2wN0gTI9OKgDghf1u4DKwrADkYcS5_7LIxaLxmbo0OciwezGh_LA== via: 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google date: Fri, 16 Sep 2022 21:41:22 GMT etag: "428fe80d3f35758433a6b2cf25e6bcb5f63a6a63" age: 62979 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5234 Md5: 9c807387d303abb2bca1ef14b14c9e26 Sha1: 428fe80d3f35758433a6b2cf25e6bcb5f63a6a63 Sha256: 277a74204dc8bec8a227ca43cdb840b5dda71f74e8aec56606e862e70a5ba19c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b772c6-a258-481b-9f13-545de0b247e7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e624e35cc734b8cacc2a8eaa80c81175a879c1195d7a4c65cdcd769836b96a1b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9280 x-amzn-requestid: acc18b78-3596-4d7d-9124-8bdb422171f5 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YU5qsHsVoAMFm0Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-631ea311-460db789669ecf5f1ad4d3c4;Sampled=0 x-amzn-remapped-date: Mon, 12 Sep 2022 03:10:09 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 3FqpHvXOa57CepJAzZ7IMViWsC5WSwTEjIqDCC58cFFewd6-xr4moA== via: 1.1 bb568be725e8f0bfefe1fb7412e5804a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google date: Fri, 16 Sep 2022 23:32:58 GMT age: 56283 etag: "5dc0ef56244f8a5ddbb7823e25c61312860b2d0f" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9280 Md5: 571f174a66e87ea77b36542c6c7a29a4 Sha1: 5dc0ef56244f8a5ddbb7823e25c61312860b2d0f Sha256: e624e35cc734b8cacc2a8eaa80c81175a879c1195d7a4c65cdcd769836b96a1b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: d5787a6a12d275555c627e3245b37d4e751148345a09d5671b343cfebe7173b4 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8500 x-amzn-requestid: e1ca6cef-c033-4887-80cf-2014ab8e620c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Ykn5cEnLIAMFrzA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6324ed09-3afc16cf66fef0e62dd6f3cc;Sampled=0 x-amzn-remapped-date: Fri, 16 Sep 2022 21:39:21 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: BaRpWB_XOMxTJPufnSjd4KSfecRwLe9U5W7uEoXy7pgAa4KSC0n7eg== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google date: Fri, 16 Sep 2022 22:03:28 GMT age: 61653 etag: "28ac45ef155c66dd79a306f14d3b38f597b6a32e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8500 Md5: d46a910081eb782408f1a2fa3c6aabba Sha1: 28ac45ef155c66dd79a306f14d3b38f597b6a32e Sha256: d5787a6a12d275555c627e3245b37d4e751148345a09d5671b343cfebe7173b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7788 x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YIP2-HFHoAMFssA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0 x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 65YRttsQYzjUMMZXrtAFPdgTPNQuRGnLFliXrcoc24iQgrdBCHolNQ== via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google date: Fri, 16 Sep 2022 22:31:11 GMT age: 59990 etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7788 Md5: 7a22ab7dcdf50f4a297b8e117d336eae Sha1: e139a0974317212f094fdbe59e26ca5cf6b9e56d Sha256: 9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6109 x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YQ2AhHZgIAMFlSg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0 x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: CIWYkrbRUTWVmy3JC5GbpBN1i30fwtYqGDyoA9ehbPANY7gw7al9ow== via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google date: Sat, 17 Sep 2022 00:42:42 GMT age: 52099 etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6109 Md5: 8c35b7f5f8e1b0b24570a41b7d18533a Sha1: c5b82c9d77851820b8d206573d5c03cd36d27a20 Sha256: bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7
GET / HTTP/1.1 Host: ww11.doitmediajo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: ww11.doitmediajo.com/ FQDN: ww11.doitmediajo.com IP: 75.2.122.238 HASH: 7fb46ce934517705a9faeecac312de58e154346c90d44e50be3c3841734116a7 75.2.122.238 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Sat, 17 Sep 2022 15:11:01 GMT Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Buckets: bucket103 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_IRz4N/eQy2z1w0YELG1HgGRnylrPddUZ7GgNBsct8/Q/pwjx2Ne5Zy93DR5MvSIbbvGttmqKk0Xvxk7LmGW3hA== X-Template: tpl_CleanPeppermintBlack_twoclick X-Language: norwegian Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2484) Size: 4455 Md5: e376238ae380dac20d7632fa807dea9a Sha1: 26304d30527ce121552b3eaf5b1b4aa007d18d17 Sha256: 7fb46ce934517705a9faeecac312de58e154346c90d44e50be3c3841734116a7
GET /themes/assets/style.css HTTP/1.1 Host: d1lxhc4jvstzrp.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww11.doitmediajo.com/	URL: d1lxhc4jvstzrp.cloudfront.net/themes/assets/style.css FQDN: d1lxhc4jvstzrp.cloudfront.net IP: 143.204.42.17 HASH: a535d2296792cb37a2bbad1d9d0546e3383a8a5bfac0d9edda15795c226bddf7 143.204.42.17 HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Sat, 17 Sep 2022 01:32:23 GMT Last-Modified: Tue, 12 May 2020 14:25:52 GMT Content-Encoding: gzip ETag: W/"5ebab1f0-33d" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: fLJ6CA1HmqGv1G1JOWy8ZvxzEX-e-mF41GdqnkX1eRjH2mrnSRHHMQ== Age: 49117 --- Additional Info --- Magic: ASCII text Size: 343 Md5: 03a4a8c322fc0c99b0ee7cbbcc9eabcd Sha1: 6fc193276de2a3458cd853c474cb9269b900e00d Sha256: a535d2296792cb37a2bbad1d9d0546e3383a8a5bfac0d9edda15795c226bddf7
GET /scripts/js3caf.js HTTP/1.1 Host: d1lxhc4jvstzrp.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww11.doitmediajo.com/	URL: d1lxhc4jvstzrp.cloudfront.net/scripts/js3caf.js FQDN: d1lxhc4jvstzrp.cloudfront.net IP: 143.204.42.17 HASH: ba5b7354353b0eec1637564dae072fee662a5b9862f6bf7ed5e60a5a76f2ef44 143.204.42.17 HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 7000 Connection: keep-alive Server: nginx Date: Sat, 17 Sep 2022 06:26:33 GMT Last-Modified: Thu, 14 Jan 2021 10:54:01 GMT Accept-Ranges: bytes ETag: "600022c9-1b58" X-Cache: Hit from cloudfront Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: lzBv1reANEyiqstu5oByatvRs-y8c10BWV_YglLd6lP7bsz2FvglpQ== Age: 31468 --- Additional Info --- Magic: ASCII text, with very long lines (316) Size: 7000 Md5: cce7f943ec8e7b4ba13be4aba6b463d9 Sha1: 220f3e8ca723daa91fd040cf518991a65f2bf110 Sha256: ba5b7354353b0eec1637564dae072fee662a5b9862f6bf7ed5e60a5a76f2ef44
GET /themes/cleanPeppermintBlack_657d9013/style.css HTTP/1.1 Host: d1lxhc4jvstzrp.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww11.doitmediajo.com/	URL: d1lxhc4jvstzrp.cloudfront.net/themes/cleanPeppermintBla (...) FQDN: d1lxhc4jvstzrp.cloudfront.net IP: 143.204.42.17 HASH: 35cc39ab61d8326d0b0105a4420b11f4106685a0d67d609454ef4ef252c48b7b 143.204.42.17 HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Sat, 17 Sep 2022 08:06:00 GMT Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT Content-Encoding: gzip ETag: W/"62b4441b-555" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: lDFVxIS_t4AoEVz0e60Sa0JAUs2-xtGeHAMR3hR4D-Eb88Or-ICTBw== Age: 25501 --- Additional Info --- Magic: ASCII text Size: 580 Md5: b9f539b0058b3916aad60a6b50a6b662 Sha1: 1a28bfde5267b2ac4c6de028c3d01ff4d84dbf29 Sha256: 35cc39ab61d8326d0b0105a4420b11f4106685a0d67d609454ef4ef252c48b7b
GET /adsense/domains/caf.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww11.doitmediajo.com/	URL: www.google.com/adsense/domains/caf.js FQDN: www.google.com IP: 142.250.74.164 HASH: 7293dbae25ee606d2e1e155ebfe47617f93cc884078a9d28e7400178fe9e43c4 142.250.74.164 HTTP/1.1 200 OK Content-Type: text/javascript; charset=UTF-8 Accept-Ranges: bytes Vary: Accept-Encoding Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui" Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} Date: Sat, 17 Sep 2022 15:11:01 GMT Expires: Sat, 17 Sep 2022 15:11:01 GMT Cache-Control: private, max-age=3600 ETag: "8024902603420130516" X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Server: sffe X-XSS-Protection: 0 --- Additional Info --- Magic: ASCII text, with very long lines (1885) Size: 53434 Md5: 15de9d8dbc498dde07cb96ff354db368 Sha1: c763f9a6cfa42d49183ed4dbf613ddfdff0192a8 Sha256: 7293dbae25ee606d2e1e155ebfe47617f93cc884078a9d28e7400178fe9e43c4
GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1 Host: d1lxhc4jvstzrp.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://d1lxhc4jvstzrp.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css	URL: d1lxhc4jvstzrp.cloudfront.net/themes/cleanPeppermintBla (...) FQDN: d1lxhc4jvstzrp.cloudfront.net IP: 143.204.42.17 HASH: 67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865 143.204.42.17 HTTP/1.1 200 OK Content-Type: image/png Content-Length: 11375 Connection: keep-alive Server: nginx Date: Sat, 17 Sep 2022 02:16:56 GMT Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT Accept-Ranges: bytes ETag: "62b4441b-2c6f" X-Cache: Hit from cloudfront Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: KCnH_ST4RieNwdZyBI_Z19SPNvpsivJkQ8SRk-FX9cw1eOaCl72x7A== Age: 46446 --- Additional Info --- Magic: PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data Size: 11375 Md5: 0cb2e5165dc9324eb462199f04e1ffa9 Sha1: 9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8 Sha256: 67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
GET /favicon.ico HTTP/1.1 Host: ww11.doitmediajo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww11.doitmediajo.com/	URL: ww11.doitmediajo.com/favicon.ico FQDN: ww11.doitmediajo.com IP: 75.2.122.238 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 75.2.122.238 HTTP/1.1 200 OK Content-Type: image/x-icon Date: Sat, 17 Sep 2022 15:11:02 GMT Content-Length: 0 Connection: keep-alive Server: nginx Last-Modified: Tue, 12 May 2020 14:25:52 GMT ETag: "5ebab1f0-0" Accept-Ranges: bytes --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track.php?domain=doitmediajo.com&toggle=browserjs&uid=MTY2MzQyNzQ2MS4xOTc4OjNjZDYwNWVkYmVhNzU0NzQ2ZTJkZmQ4NzViYWE3ZGJkMTg1MzFjOWJmNjlkYzNmMjI1MTdkNDk3N2M4MmIwNjM6NjMyNWUzODUzMDRkMg%3D%3D HTTP/1.1 Host: ww11.doitmediajo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww11.doitmediajo.com/	URL: ww11.doitmediajo.com/track.php?domain=doitmediajo.com&t (...) FQDN: ww11.doitmediajo.com IP: 75.2.122.238 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 75.2.122.238 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Sat, 17 Sep 2022 15:11:02 GMT Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Custom-Track: browserjs Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 1d330af2b423e351355f710f14cb771fa9918e8b6638c5076aba7bcda6c30936 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 17 Sep 2022 15:11:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: b4a24f9aebdfdb06d10cd53e92a70bb8 Sha1: c4532479dbd9636d8f5206faa085c520651eb5f2 Sha256: 1d330af2b423e351355f710f14cb771fa9918e8b6638c5076aba7bcda6c30936
POST /ls.php HTTP/1.1 Host: ww11.doitmediajo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Content-Length: 2230 Origin: http://ww11.doitmediajo.com Connection: keep-alive Referer: http://ww11.doitmediajo.com/ Cookie: GoogleAdServingTest=Good	URL: ww11.doitmediajo.com/ls.php FQDN: ww11.doitmediajo.com IP: 75.2.122.238 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 75.2.122.238 HTTP/1.1 201 Created Content-Type: text/javascript;charset=UTF-8 Date: Sat, 17 Sep 2022 15:11:02 GMT Transfer-Encoding: chunked Connection: keep-alive Server: nginx Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 X-Log-Success: 6325e386c4821b40a21d42c8 Charset: utf-8 Access-Control-Allow-Origin: http://ww11.doitmediajo.com Access-Control-Allow-Methods: POST, OPTIONS Access-Control-Max-Age: 86400 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_YRlPIJCkdmVgDU2ucaoJV+h6Z3eNu616hKlTxPT8ewM4L3fWPG2tsHj54u6QnFCd5MzSOrR1pH8ck5l5aPTJzw== --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: d4bb7bf940c050a5e344de93eb9de150d5cdd12f352233953d048f9d4f53e961 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 17 Sep 2022 15:11:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 1a48bfc0777c56c0dc72cdb3c2ab287e Sha1: 3c8024c9fbf3aac667bf4de6e0a131eba449b494 Sha256: d4bb7bf940c050a5e344de93eb9de150d5cdd12f352233953d048f9d4f53e961
GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket103&client=dp-teaminternet09_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2160757494758488&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956%2C17301094%2C17301097&format=r3%7Cs&nocache=3811663427444877&num=0&output=afd_ads&domain_name=ww11.doitmediajo.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1663427444878&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&uio=--&cont=tc&jsid=caf&jsv=473734947&rurl=http%3A%2F%2Fww11.doitmediajo.com%2F&adbw=master-1%3A530 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://ww11.doitmediajo.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa= (...) FQDN: www.google.com IP: 142.250.74.164 HASH: aa81bf5d58e5bacdb39e0beb279deddc5b9d2c23d1d4fe1a3b096b4d735f092a 142.250.74.164 HTTP/2 200 OK content-type: text/html; charset=UTF-8 content-disposition: inline date: Sat, 17 Sep 2022 15:11:02 GMT expires: Sat, 17 Sep 2022 15:11:02 GMT cache-control: private, max-age=3600 p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." content-encoding: br server: gws content-length: 1926 x-xss-protection: 0 set-cookie: NID=511=hkM5uTjOHDtSsV8E0jwusIKoJettFbdJbyRLyWBYn21jjF18u3_SHMUiy8Yusy61fniZ_D19sX-bs2jcDy1jjO614Cb05odvTxbR3hflVlTDy8DRl7nvTRC4mZ9R8TZmd9OvkzKeyYGUmUvGDX3y4_pp2rcg692T8yw1YL3_0Kk; expires=Sun, 19-Mar-2023 15:11:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=PENDING+423; expires=Mon, 16-Sep-2024 15:11:02 GMT; path=/; domain=.google.com; Secure alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5087) Size: 1926 Md5: a98dbf428dddc45e9579d19f13116c35 Sha1: 93e62d227d5b73d9b525e74c84357fd2513b7017 Sha256: aa81bf5d58e5bacdb39e0beb279deddc5b9d2c23d1d4fe1a3b096b4d735f092a
GET /gampad/cookie.js?domain=ww11.doitmediajo.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie HTTP/1.1 Host: partner.googleadservices.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://ww11.doitmediajo.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: partner.googleadservices.com/gampad/cookie.js?domain=ww (...) FQDN: partner.googleadservices.com IP: 172.217.21.162 HASH: 1f057731540cb53ab89a215c107d5df461c455845286ece1eef126899d6c71e4 172.217.21.162 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: gzip date: Sat, 17 Sep 2022 15:11:02 GMT server: cafe cache-control: private content-length: 180 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 180 Md5: 14cfd351e5a0db942a46e5093daaa788 Sha1: 6307324287c2df24bf021b4b51719afec02ae61d Sha256: 1f057731540cb53ab89a215c107d5df461c455845286ece1eef126899d6c71e4
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 15d7d8acbcd94d9ca8579cc31a9ec621e76408663bc4b047e5e127acb14334a6 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 17 Sep 2022 15:11:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 9730b7d7d5f0481f65712991a899f4b8 Sha1: facb4df5e4a4ac98b9bdd126c7dbb531cf0fe1e7 Sha256: 15d7d8acbcd94d9ca8579cc31a9ec621e76408663bc4b047e5e127acb14334a6
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: d4bb7bf940c050a5e344de93eb9de150d5cdd12f352233953d048f9d4f53e961 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 17 Sep 2022 15:11:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 1a48bfc0777c56c0dc72cdb3c2ab287e Sha1: 3c8024c9fbf3aac667bf4de6e0a131eba449b494 Sha256: d4bb7bf940c050a5e344de93eb9de150d5cdd12f352233953d048f9d4f53e961
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: d7a41bc16c6193d184e995f54247002cfe75a74ff174810f18a4dc5384df3578 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 17 Sep 2022 15:11:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 1ed5276ce78dd7ec3e5d5612db66d478 Sha1: b76defb0ef2cb1a47f7b7064b7ed7008eb219cbb Sha256: d7a41bc16c6193d184e995f54247002cfe75a74ff174810f18a4dc5384df3578
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 94d47fc76a001b3e76effab981170a0557e39318ef44e44c9a8969feaa29f29f 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 17 Sep 2022 15:11:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: be2418b1c907ea5c5c118ea04110c05c Sha1: bfccdff59bf12183d944919222a3a5cc06bb55d0 Sha256: 94d47fc76a001b3e76effab981170a0557e39318ef44e44c9a8969feaa29f29f
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: afs.googleusercontent.com/ad_icons/standard/publisher_i (...) FQDN: afs.googleusercontent.com IP: 142.250.74.1 HASH: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a 142.250.74.1 HTTP/2 200 OK content-type: image/svg+xml accept-ranges: bytes vary: Accept-Encoding content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Sat, 17 Sep 2022 11:02:43 GMT expires: Sun, 18 Sep 2022 10:02:43 GMT cache-control: public, max-age=82800 age: 14899 last-modified: Thu, 22 Oct 2020 21:45:00 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size: 174 Md5: 4de8b85c8915995b571bde50e231be7c Sha1: 29c226ca7b9cbe1d44e5480ce95bbb42727b2d99 Sha256: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: afs.googleusercontent.com/ad_icons/standard/publisher_i (...) FQDN: afs.googleusercontent.com IP: 142.250.74.1 HASH: a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2 142.250.74.1 HTTP/2 200 OK content-type: image/svg+xml accept-ranges: bytes vary: Accept-Encoding content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 272 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Fri, 16 Sep 2022 22:38:24 GMT expires: Sat, 17 Sep 2022 21:38:24 GMT cache-control: public, max-age=82800 age: 59558 last-modified: Thu, 19 Dec 2019 14:15:00 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390) Size: 272 Md5: bbbac37f0b6e29a6099e4aa7cb19d6ca Sha1: 0acafe95e2141f0af6109203efeb2d98e6b926c6 Sha256: a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: d7a41bc16c6193d184e995f54247002cfe75a74ff174810f18a4dc5384df3578 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 17 Sep 2022 15:11:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 1ed5276ce78dd7ec3e5d5612db66d478 Sha1: b76defb0ef2cb1a47f7b7064b7ed7008eb219cbb Sha256: d7a41bc16c6193d184e995f54247002cfe75a74ff174810f18a4dc5384df3578
GET /track.php?domain=doitmediajo.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2MzQyNzQ2MS4xOTc4OjNjZDYwNWVkYmVhNzU0NzQ2ZTJkZmQ4NzViYWE3ZGJkMTg1MzFjOWJmNjlkYzNmMjI1MTdkNDk3N2M4MmIwNjM6NjMyNWUzODUzMDRkMg%3D%3D HTTP/1.1 Host: ww11.doitmediajo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww11.doitmediajo.com/ Cookie: __gsas=ID=ffa1eeffe935536d:T=1663427462:S=ALNI_Mb197Xwdv7ciIkVCK3k6rsKAY_PmA	URL: ww11.doitmediajo.com/track.php?domain=doitmediajo.com&c (...) FQDN: ww11.doitmediajo.com IP: 75.2.122.238 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 75.2.122.238 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Sat, 17 Sep 2022 15:11:02 GMT Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Custom-Track: answercheck Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /adsense/domains/caf.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: www.google.com/adsense/domains/caf.js FQDN: www.google.com IP: 142.250.74.164 142.250.74.164 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Sat, 17 Sep 2022 15:11:02 GMT expires: Sat, 17 Sep 2022 15:11:02 GMT cache-control: private, max-age=3600 etag: "16952286182092875056" x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 939 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Date: Sat, 17 Sep 2022 14:11:25 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: RJEA5ZXf7wggtQUFcBACO8-8FCB8P55LRDwCDOPT64PfUGFHGp7w4g== 

                                        
                                            
Age: 3573 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    99b7d23c1748d0526782b9ff9ea45f09

                                                Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f

                                                Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.49

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
content-length: 5348 

                                        
                                            
last-modified: Sat, 20 Aug 2022 23:18:05 GMT 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
date: Sat, 17 Sep 2022 04:35:16 GMT 

                                        
                                            
etag: "742edb4038f38bc533514982f3d2e861" 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-C1 

                                        
                                            
x-amz-cf-id: UldH4p0IOFOmcQ8QEAeLTQoycY_ovtBTFq22cEvC_ftE_GGUsSfsIg== 

                                        
                                            
age: 42017 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    742edb4038f38bc533514982f3d2e861

                                                Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1

                                                Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 329 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Date: Sat, 17 Sep 2022 15:03:22 GMT 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Expires: Sat, 17 Sep 2022 15:17:46 GMT 

                                        
                                            
ETag: "1648230346554" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: z37nVaLyGLFhjIvRxt9KQq_LMPkZoG5a1vyBEVVa86V-fqKyieOfow== 

                                        
                                            
Age: 457 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: fUx0GmMBfqPrQ4Ux4vPbNg== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         44.240.140.78

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: 7Bf47jQfPWu9oUy2tgva2T1U8ho= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02" 

                                        
                                            
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=9972 

                                        
                                            
Expires: Sat, 17 Sep 2022 17:57:13 GMT 

                                        
                                            
Date: Sat, 17 Sep 2022 15:11:01 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    4abe181b1d086cd7e122d7de32f63fb6

                                                Sha1:   e3482d4df0d59c247109ff7fb97f20ec6f142c4d

                                                Sha256: 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02" 

                                        
                                            
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=9972 

                                        
                                            
Expires: Sat, 17 Sep 2022 17:57:13 GMT 

                                        
                                            
Date: Sat, 17 Sep 2022 15:11:01 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    4abe181b1d086cd7e122d7de32f63fb6

                                                Sha1:   e3482d4df0d59c247109ff7fb97f20ec6f142c4d

                                                Sha256: 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf888ee-3a5f-426b-9b83-8ea161780db3.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 5234 

                                        
                                            
x-amzn-requestid: 55e23e9a-f85c-42f2-87b6-aff3646bf1fc 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: Yknn_EFzoAMF2Ag= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6324ec99-62f023426230c7b46116d4b7;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Fri, 16 Sep 2022 21:37:29 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P2, SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: fb2wN0gTI9OKgDghf1u4DKwrADkYcS5_7LIxaLxmbo0OciwezGh_LA== 

                                        
                                            
via: 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 16 Sep 2022 21:41:22 GMT 

                                        
                                            
etag: "428fe80d3f35758433a6b2cf25e6bcb5f63a6a63" 

                                        
                                            
age: 62979 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   5234

                                                Md5:    9c807387d303abb2bca1ef14b14c9e26

                                                Sha1:   428fe80d3f35758433a6b2cf25e6bcb5f63a6a63

                                                Sha256: 277a74204dc8bec8a227ca43cdb840b5dda71f74e8aec56606e862e70a5ba19c

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8500 

                                        
                                            
x-amzn-requestid: e1ca6cef-c033-4887-80cf-2014ab8e620c 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: Ykn5cEnLIAMFrzA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6324ed09-3afc16cf66fef0e62dd6f3cc;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Fri, 16 Sep 2022 21:39:21 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: BaRpWB_XOMxTJPufnSjd4KSfecRwLe9U5W7uEoXy7pgAa4KSC0n7eg== 

                                        
                                            
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 16 Sep 2022 22:03:28 GMT 

                                        
                                            
age: 61653 

                                        
                                            
etag: "28ac45ef155c66dd79a306f14d3b38f597b6a32e" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8500

                                                Md5:    d46a910081eb782408f1a2fa3c6aabba

                                                Sha1:   28ac45ef155c66dd79a306f14d3b38f597b6a32e

                                                Sha256: d5787a6a12d275555c627e3245b37d4e751148345a09d5671b343cfebe7173b4

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6109 

                                        
                                            
x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: YQ2AhHZgIAMFlSg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: CIWYkrbRUTWVmy3JC5GbpBN1i30fwtYqGDyoA9ehbPANY7gw7al9ow== 

                                        
                                            
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 17 Sep 2022 00:42:42 GMT 

                                        
                                            
age: 52099 

                                        
                                            
etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6109

                                                Md5:    8c35b7f5f8e1b0b24570a41b7d18533a

                                                Sha1:   c5b82c9d77851820b8d206573d5c03cd36d27a20

                                                Sha256: bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7

                                        
                                            GET /themes/assets/style.css HTTP/1.1 

                                        
                                            
Host: d1lxhc4jvstzrp.cloudfront.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ww11.doitmediajo.com/

                                         143.204.42.17

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/css

                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sat, 17 Sep 2022 01:32:23 GMT 

                                        
                                            
Last-Modified: Tue, 12 May 2020 14:25:52 GMT 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
ETag: W/"5ebab1f0-33d" 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: fLJ6CA1HmqGv1G1JOWy8ZvxzEX-e-mF41GdqnkX1eRjH2mrnSRHHMQ== 

                                        
                                            
Age: 49117 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   343

                                                Md5:    03a4a8c322fc0c99b0ee7cbbcc9eabcd

                                                Sha1:   6fc193276de2a3458cd853c474cb9269b900e00d

                                                Sha256: a535d2296792cb37a2bbad1d9d0546e3383a8a5bfac0d9edda15795c226bddf7

                                        
                                            GET /themes/cleanPeppermintBlack_657d9013/style.css HTTP/1.1 

                                        
                                            
Host: d1lxhc4jvstzrp.cloudfront.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ww11.doitmediajo.com/

                                         143.204.42.17

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/css

                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sat, 17 Sep 2022 08:06:00 GMT 

                                        
                                            
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
ETag: W/"62b4441b-555" 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: lDFVxIS_t4AoEVz0e60Sa0JAUs2-xtGeHAMR3hR4D-Eb88Or-ICTBw== 

                                        
                                            
Age: 25501 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   580

                                                Md5:    b9f539b0058b3916aad60a6b50a6b662

                                                Sha1:   1a28bfde5267b2ac4c6de028c3d01ff4d84dbf29

                                                Sha256: 35cc39ab61d8326d0b0105a4420b11f4106685a0d67d609454ef4ef252c48b7b

                                        
                                            GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1 

                                        
                                            
Host: d1lxhc4jvstzrp.cloudfront.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://d1lxhc4jvstzrp.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css

                                         143.204.42.17

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/png

                                        

                                        
                                            
Content-Length: 11375 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sat, 17 Sep 2022 02:16:56 GMT 

                                        
                                            
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
ETag: "62b4441b-2c6f" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: KCnH_ST4RieNwdZyBI_Z19SPNvpsivJkQ8SRk-FX9cw1eOaCl72x7A== 

                                        
                                            
Age: 46446 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data

                                                Size:   11375

                                                Md5:    0cb2e5165dc9324eb462199f04e1ffa9

                                                Sha1:   9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8

                                                Sha256: 67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865

                                        
                                            GET /track.php?domain=doitmediajo.com&toggle=browserjs&uid=MTY2MzQyNzQ2MS4xOTc4OjNjZDYwNWVkYmVhNzU0NzQ2ZTJkZmQ4NzViYWE3ZGJkMTg1MzFjOWJmNjlkYzNmMjI1MTdkNDk3N2M4MmIwNjM6NjMyNWUzODUzMDRkMg%3D%3D HTTP/1.1 

                                        
                                            
Host: ww11.doitmediajo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ww11.doitmediajo.com/

                                         75.2.122.238

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Date: Sat, 17 Sep 2022 15:11:02 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: nginx 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Custom-Track: browserjs 

                                        
                                            
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile 

                                        
                                            
Accept-CH-Lifetime: 30 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   20

                                                Md5:    a4745abc5e7fdb89cc6df3069f3c6e69

                                                Sha1:   74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed

                                                Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

                                        
                                            POST /ls.php HTTP/1.1 

                                        
                                            
Host: ww11.doitmediajo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/x-www-form-urlencoded; charset=UTF-8 

                                        
                                            
Content-Length: 2230 

                                        
                                            
Origin: http://ww11.doitmediajo.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ww11.doitmediajo.com/ 

                                        
                                            
Cookie: GoogleAdServingTest=Good

                                         75.2.122.238

                                        
                                            HTTP/1.1 201 Created 

                                        
                                            
Content-Type: text/javascript;charset=UTF-8

                                        

                                        
                                            
Date: Sat, 17 Sep 2022 15:11:02 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: nginx 

                                        
                                            
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile 

                                        
                                            
Accept-CH-Lifetime: 30 

                                        
                                            
X-Log-Success: 6325e386c4821b40a21d42c8 

                                        
                                            
Charset: utf-8 

                                        
                                            
Access-Control-Allow-Origin: http://ww11.doitmediajo.com 

                                        
                                            
Access-Control-Allow-Methods: POST, OPTIONS 

                                        
                                            
Access-Control-Max-Age: 86400 

                                        
                                            
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_YRlPIJCkdmVgDU2ucaoJV+h6Z3eNu616hKlTxPT8ewM4L3fWPG2tsHj54u6QnFCd5MzSOrR1pH8ck5l5aPTJzw== 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket103&client=dp-teaminternet09_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2160757494758488&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956%2C17301094%2C17301097&format=r3%7Cs&nocache=3811663427444877&num=0&output=afd_ads&domain_name=ww11.doitmediajo.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1663427444878&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&uio=--&cont=tc&jsid=caf&jsv=473734947&rurl=http%3A%2F%2Fww11.doitmediajo.com%2F&adbw=master-1%3A530 HTTP/1.1 

                                        
                                            
Host: www.google.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ww11.doitmediajo.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.164

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
content-disposition: inline 

                                        
                                            
date: Sat, 17 Sep 2022 15:11:02 GMT 

                                        
                                            
expires: Sat, 17 Sep 2022 15:11:02 GMT 

                                        
                                            
cache-control: private, max-age=3600 

                                        
                                            
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." 

                                        
                                            
content-encoding: br 

                                        
                                            
server: gws 

                                        
                                            
content-length: 1926 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
set-cookie: NID=511=hkM5uTjOHDtSsV8E0jwusIKoJettFbdJbyRLyWBYn21jjF18u3_SHMUiy8Yusy61fniZ_D19sX-bs2jcDy1jjO614Cb05odvTxbR3hflVlTDy8DRl7nvTRC4mZ9R8TZmd9OvkzKeyYGUmUvGDX3y4_pp2rcg692T8yw1YL3_0Kk; expires=Sun, 19-Mar-2023 15:11:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+423; expires=Mon, 16-Sep-2024 15:11:02 GMT; path=/; domain=.google.com; Secure 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5087)

                                                Size:   1926

                                                Md5:    a98dbf428dddc45e9579d19f13116c35

                                                Sha1:   93e62d227d5b73d9b525e74c84357fd2513b7017

                                                Sha256: aa81bf5d58e5bacdb39e0beb279deddc5b9d2c23d1d4fe1a3b096b4d735f092a

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 17 Sep 2022 15:11:02 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    9730b7d7d5f0481f65712991a899f4b8

                                                Sha1:   facb4df5e4a4ac98b9bdd126c7dbb531cf0fe1e7

                                                Sha256: 15d7d8acbcd94d9ca8579cc31a9ec621e76408663bc4b047e5e127acb14334a6

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 17 Sep 2022 15:11:02 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    1ed5276ce78dd7ec3e5d5612db66d478

                                                Sha1:   b76defb0ef2cb1a47f7b7064b7ed7008eb219cbb

                                                Sha256: d7a41bc16c6193d184e995f54247002cfe75a74ff174810f18a4dc5384df3578

                                        
                                            GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 

                                        
                                            
Host: afs.googleusercontent.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://www.google.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.1

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" 

                                        
                                            
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} 

                                        
                                            
content-length: 174 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Sat, 17 Sep 2022 11:02:43 GMT 

                                        
                                            
expires: Sun, 18 Sep 2022 10:02:43 GMT 

                                        
                                            
cache-control: public, max-age=82800 

                                        
                                            
age: 14899 

                                        
                                            
last-modified: Thu, 22 Oct 2020 21:45:00 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators

                                                Size:   174

                                                Md5:    4de8b85c8915995b571bde50e231be7c

                                                Sha1:   29c226ca7b9cbe1d44e5480ce95bbb42727b2d99

                                                Sha256: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 17 Sep 2022 15:11:02 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    1ed5276ce78dd7ec3e5d5612db66d478

                                                Sha1:   b76defb0ef2cb1a47f7b7064b7ed7008eb219cbb

                                                Sha256: d7a41bc16c6193d184e995f54247002cfe75a74ff174810f18a4dc5384df3578

                                        
                                            GET /adsense/domains/caf.js HTTP/1.1 

                                        
                                            
Host: www.google.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://www.google.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         142.250.74.164

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=UTF-8

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" 

                                        
                                            
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} 

                                        
                                            
date: Sat, 17 Sep 2022 15:11:02 GMT 

                                        
                                            
expires: Sat, 17 Sep 2022 15:11:02 GMT 

                                        
                                            
cache-control: private, max-age=3600 

                                        
                                            
etag: "16952286182092875056" 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	doitmediajo.com/ddd/DHL/becu.org_update/becu.org/login.php?IwQwyOIEgT7cDGRP1i9OIyP5K4Vh05QXSej2ksLVE3ZVhxuz7kkWuJCtmyNSABKIpHZpR7uPH48LDO5BbnJjEXHGOj0gnhSyLr2EmnmIP2hoieuiM17yrjvUhNWcb6rEJ2rJnpPj3pAph4NiW1Gy9zNBNRF250DH9bWb4DIgkfP7jOt45a8I0JuPDkvtNRTjBhmxXH9j
IP	146.148.34.125 (United States)
ASN	#396982 GOOGLE-CLOUD-PLATFORM
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-09-17 15:11:09 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (14)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 146.148.34.125

Last 5 reports on ASN: GOOGLE-CLOUD-PLATFORM

Last 2 reports on domain: doitmediajo.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (19)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (39)

Overview

Domain Summary (14)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 146.148.34.125

Last 5 reports on ASN: GOOGLE-CLOUD-PLATFORM

Last 2 reports on domain: doitmediajo.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (19)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (39)

Network Intrusion Detection Systems