lookse-xj.xyz/
200 OK 7.0 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9763)
Hash 4ab73042dc01bc35ff4e6468a7e1e680
ac3f4a982653d6fe22d76e439ec35ce0f43122c3
0117444be86330c42b2c7705e0931b2f44e0a753e01f3653f9fa1e58c2102dc9
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: lookse-xj.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Wed, 22 Feb 2023 22:58:54 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_TN10DLJH9lH7Pbt2lg1WbaE7OnV67oIhM1+KSNzsx8PBlqTAkccCI02qg7pADX0DVfLTd4GbhR9ESCvx4fwTZQ==
last-modified: Wed, 22 Feb 2023 22:58:54 GMT
x-cache-miss-from: parking-5544546577-l4b4v
server: NginX
content-encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6eb0a77aa4a20639a06d9621742007c2
d2d03beeb111049117b70d5f3dff3698a671ef8a
62c2da0800bf8efb6bb985b2eb046fa863e0b394681fb2ab187a9c4836fbd320
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62C2DA0800BF8EFB6BB985B2EB046FA863E0B394681FB2AB187A9C4836FBD320"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8690
Expires: Thu, 23 Feb 2023 01:23:45 GMT
Date: Wed, 22 Feb 2023 22:58:55 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bbe5e8dc913bdcab76f9fe8851ea2e77
9215fadd003873382ed2a4ace79ba337adadd692
e6094932dd4de52ea6360bdfbe8bb15951ebd76255766eee627c5de6f83fcea8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6094932DD4DE52EA6360BDFBE8BB15951EBD76255766EEE627C5DE6F83FCEA8"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11400
Expires: Thu, 23 Feb 2023 02:08:55 GMT
Date: Wed, 22 Feb 2023 22:58:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 22 Feb 2023 22:53:51 GMT
content-type: application/json
age: 304
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7fb59e5d3cdf08b94e5f41fdeb9aec6c
ff644039db3b9f74d7e2fab10f93581bea10614a
861573a00d75364e15783c5e448c4f8b4da48b38d9beba3ebd33a87f993489a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "861573A00D75364E15783C5E448C4F8B4DA48B38D9BEBA3EBD33A87F993489A5"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6176
Expires: Thu, 23 Feb 2023 00:41:51 GMT
Date: Wed, 22 Feb 2023 22:58:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: m+BsF8CTzzotM+X8BYJNeJ07vyJCK28LCIupv+7XLIsNVA36ZK6AgW/vU3DcXn2o4+faTQsLpfI=
x-amz-request-id: 33GN79D1FEXFXD7J
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 22 Feb 2023 22:48:48 GMT
age: 607
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
img.sedoparking.com/templates/bg/arrows-1-colors-3.png
200 OK 82 kB URL HTTP/1.1 img.sedoparking.com/templates/bg/arrows-1-colors-3.png
IP
File type PNG image data, 3024 x 2000, 8-bit/color RGBA, non-interlaced\012- data
Hash b68c0210cadb1e12efc4557d7e49e48e
ad24ed2b2d5d166d07fbf0680693c88fb56fcb4b
e7ff091c85669b175de49d629d7d77bd20cd08d2c16ae74deef2ab06aec5854d
GET /templates/bg/arrows-1-colors-3.png HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lookse-xj.xyz/
HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 22:58:55 GMT
Content-Type: image/png
Content-Length: 82231
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Wed, 01 Mar 2023 22:58:55 GMT
X-CFHash: "b68c0210cadb1e12efc4557d7e49e48e"
X-CFF: B
Last-Modified: Wed, 22 Apr 2020 09:38:21 GMT
X-CF3: M
CF4Age: 0
x-cf-tsc: 1668185124
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: 8560238310ebc03106d7cc386f2441ae
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
www.google.com/adsense/domains/caf.js
200 OK 53 kB URL HTTP/1.1 www.google.com/adsense/domains/caf.js
IP
File type ASCII text, with very long lines (1745)
Hash 35af82d47f8e9acf5e004eac28268d2b
ffff8ef29a29c1da6b3d3c9a8f66373138937186
6327df92286dbf9c5018418da57efea9d0c01600d42b5b769c59d5f602e2273c
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lookse-xj.xyz/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Wed, 22 Feb 2023 22:58:55 GMT
Expires: Wed, 22 Feb 2023 22:58:55 GMT
Cache-Control: private, max-age=3600
ETag: "3871216744224805149"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 22:58:55 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
lookse-xj.xyz/search/tsc.php?200=NDg0Mzc5NTAw&21=OTEuOTAuNDIuMTU0&681=MTY3NzEwNjczNGEwNjFiYjQ1NjIzOWU2ZDM3NzQ5MTk0MDFiYTczNzRh&crc=795f3aac6d13d5214cb2e07dabb99597ed9e801e&cv=1
200 OK 0 B URL HTTP/1.1 lookse-xj.xyz/search/tsc.php?200=NDg0Mzc5NTAw&21=OTEuOTAuNDIuMTU0&681=MTY3NzEwNjczNGEwNjFiYjQ1NjIzOWU2ZDM3NzQ5MTk0MDFiYTczNzRh&crc=795f3aac6d13d5214cb2e07dabb99597ed9e801e&cv=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/tsc.php?200=NDg0Mzc5NTAw&21=OTEuOTAuNDIuMTU0&681=MTY3NzEwNjczNGEwNjFiYjQ1NjIzOWU2ZDM3NzQ5MTk0MDFiYTczNzRh&crc=795f3aac6d13d5214cb2e07dabb99597ed9e801e&cv=1 HTTP/1.1
Host: lookse-xj.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lookse-xj.xyz/
HTTP/1.1 200 OK
date: Wed, 22 Feb 2023 22:58:55 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-5544546577-mzmnx
server: NginX
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 440beb93bc2481c500bed2c2719a96ab
8231c07a8cf345bf3b1e5ca5d7b4e8af60d72ae5
14182dbb3daa77650d97e07e0c567f73648720a4b06633200dd1846da8c5b0bb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 22:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.sedoparking.com/templates/logos/sedo_logo.png
200 OK 15 kB URL HTTP/1.1 img.sedoparking.com/templates/logos/sedo_logo.png
IP
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash def00c11b1596db4efee6a9fbe64fc27
bd298981e6d8d7e4ffa18abcf687041f4246672d
95c427fa3143b1896faf42a6406686ce7602cb39052081bb32d12b51c9e047e4
GET /templates/logos/sedo_logo.png HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lookse-xj.xyz/
HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 22:58:55 GMT
Content-Type: image/png
Content-Length: 15086
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Wed, 01 Mar 2023 22:58:55 GMT
X-CFHash: "def00c11b1596db4efee6a9fbe64fc27"
X-CFF: B
Last-Modified: Mon, 11 Jan 2021 07:44:34 GMT
X-CF3: H
CF4Age: 10
x-cf-tsc: 1665141939
CF4ttl: 31536000.000
X-CF2: M
Server: CFS 0215
X-CF-ReqID: 14aad9487041b3bf0dc1510f10d72360
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 52a08d5240e455734bd1b1b2b9a7f151
25024748c5b3a84fc509f1fd939de98767898ce1
ca673bcf13c36a73504dbc4ed586b54b6b11e926ba1cb4ce4d55d72f18d0970c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 22:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=lookse-xj.xyz&client=dp-sedo85_3ph&product=SAS&callback=__sasCookie
200 OK 241 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=lookse-xj.xyz&client=dp-sedo85_3ph&product=SAS&callback=__sasCookie
IP
File type ASCII text, with very long lines (366), with no line terminators
Hash 90df81a6aa5455870e4839090bb0ed3e
61cbfe4c58bbc3794011a98ec10c4843ec49d7c1
ee2bc0830003437f667b759c7d00bcba5d01c48f0bbdf355da84a8f9c52ec231
GET /gampad/cookie.js?domain=lookse-xj.xyz&client=dp-sedo85_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lookse-xj.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 22 Feb 2023 22:58:55 GMT
server: cafe
cache-control: private
content-length: 241
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/afs/ads?adsafe=low&adtest=off&psid=6267031743&channel=exp-0051%2Cauxa-control-1%2C8810114&client=dp-sedo85_3ph&r=m&hl=no&rpbu=http%3A%2F%2Flookse-xj.xyz%2Fcaf%2F%3Fses%3DY3JlPTE2NzcxMDY3MzQmdGNpZD1sb29rc2UteGoueHl6NjNmNjllMmVkNjM1NDEuOTE5Nzk3OTgmdGFzaz1zZWFyY2gmZG9tYWluPWxvb2tzZS14ai54eXomYV9pZD0zJnNlc3Npb249NVBJOGtUN2pyejlsR19QNG5QOEs%3D&type=3&uiopt=false&swp=as-drid-2383353299994854&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301140%2C17301141%2C17301143&format=r6&nocache=7361677106740071&num=0&output=afd_ads&domain_name=lookse-xj.xyz&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1677106740072&u_w=1280&u_h=1024&biw=1268&bih=939&psw=1268&psh=1043&frm=0&cl=507651520&uio=-&cont=rb-default&jsid=caf&jsv=507651520&rurl=http%3A%2F%2Flookse-xj.xyz%2F&adbw=master-1%3A342
200 OK 2.6 kB URL HTTP/2 www.google.com/afs/ads?adsafe=low&adtest=off&psid=6267031743&channel=exp-0051%2Cauxa-control-1%2C8810114&client=dp-sedo85_3ph&r=m&hl=no&rpbu=http%3A%2F%2Flookse-xj.xyz%2Fcaf%2F%3Fses%3DY3JlPTE2NzcxMDY3MzQmdGNpZD1sb29rc2UteGoueHl6NjNmNjllMmVkNjM1NDEuOTE5Nzk3OTgmdGFzaz1zZWFyY2gmZG9tYWluPWxvb2tzZS14ai54eXomYV9pZD0zJnNlc3Npb249NVBJOGtUN2pyejlsR19QNG5QOEs%3D&type=3&uiopt=false&swp=as-drid-2383353299994854&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301140%2C17301141%2C17301143&format=r6&nocache=7361677106740071&num=0&output=afd_ads&domain_name=lookse-xj.xyz&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1677106740072&u_w=1280&u_h=1024&biw=1268&bih=939&psw=1268&psh=1043&frm=0&cl=507651520&uio=-&cont=rb-default&jsid=caf&jsv=507651520&rurl=http%3A%2F%2Flookse-xj.xyz%2F&adbw=master-1%3A342
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6376)
Hash 8aeeea7f8eda93467659445672cce5d2
9a136719c0bce0f9634a5598d48e7fab4c7287f4
2c9eda6d20a6acda662656dbdb7961c20b3fce449dd92fe820c8b2fbd51c18aa
GET /afs/ads?adsafe=low&adtest=off&psid=6267031743&channel=exp-0051%2Cauxa-control-1%2C8810114&client=dp-sedo85_3ph&r=m&hl=no&rpbu=http%3A%2F%2Flookse-xj.xyz%2Fcaf%2F%3Fses%3DY3JlPTE2NzcxMDY3MzQmdGNpZD1sb29rc2UteGoueHl6NjNmNjllMmVkNjM1NDEuOTE5Nzk3OTgmdGFzaz1zZWFyY2gmZG9tYWluPWxvb2tzZS14ai54eXomYV9pZD0zJnNlc3Npb249NVBJOGtUN2pyejlsR19QNG5QOEs%3D&type=3&uiopt=false&swp=as-drid-2383353299994854&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301140%2C17301141%2C17301143&format=r6&nocache=7361677106740071&num=0&output=afd_ads&domain_name=lookse-xj.xyz&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1677106740072&u_w=1280&u_h=1024&biw=1268&bih=939&psw=1268&psh=1043&frm=0&cl=507651520&uio=-&cont=rb-default&jsid=caf&jsv=507651520&rurl=http%3A%2F%2Flookse-xj.xyz%2F&adbw=master-1%3A342 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lookse-xj.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Wed, 22 Feb 2023 22:58:55 GMT
expires: Wed, 22 Feb 2023 22:58:55 GMT
cache-control: private, max-age=3600
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2643
x-xss-protection: 0
set-cookie: CONSENT=PENDING+542; expires=Fri, 21-Feb-2025 22:58:55 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 52a08d5240e455734bd1b1b2b9a7f151
25024748c5b3a84fc509f1fd939de98767898ce1
ca673bcf13c36a73504dbc4ed586b54b6b11e926ba1cb4ce4d55d72f18d0970c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 22:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5a9e54f54243639a31020050bfc7fb55
c49766d67bea2ce07bd3c925d42897ab992f94e2
26b96bbdd02ca9498d5c7a4b970ebbec31039db95a2ce6e5a6ff665c73023a8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 22:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 87f67ad3a4076580fb6413c51123baf4
ef1d134043236916370db07e59d948dd60c74408
6a3a2fd13e8529e876e48640a8922bd4ec0a7ec23620c14dac49721d128f98a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 22:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 87f67ad3a4076580fb6413c51123baf4
ef1d134043236916370db07e59d948dd60c74408
6a3a2fd13e8529e876e48640a8922bd4ec0a7ec23620c14dac49721d128f98a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 22:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2
200 OK 272 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash bbbac37f0b6e29a6099e4aa7cb19d6ca
0acafe95e2141f0af6109203efeb2d98e6b926c6
a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 22 Feb 2023 05:50:19 GMT
expires: Thu, 23 Feb 2023 04:50:19 GMT
cache-control: public, max-age=82800
age: 61716
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
200 OK 174 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 22 Feb 2023 11:33:13 GMT
expires: Thu, 23 Feb 2023 10:33:13 GMT
cache-control: public, max-age=82800
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 41142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Content-Length, Content-Type, Cache-Control, Pragma, Retry-After, ETag, Expires, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 22 Feb 2023 22:20:35 GMT
age: 2300
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 87f67ad3a4076580fb6413c51123baf4
ef1d134043236916370db07e59d948dd60c74408
6a3a2fd13e8529e876e48640a8922bd4ec0a7ec23620c14dac49721d128f98a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 22:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5fa728a339ca32e616d483e61d0aebcd
6a63966de94d16390c8f1e47e5b67fe5bb67f7cd
7e83729d554404e59f1f1ff809ac776d3596487e2b062a1e38af8e29f33c0686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E83729D554404E59F1F1FF809AC776D3596487E2B062A1E38AF8E29F33C0686"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6052
Expires: Thu, 23 Feb 2023 00:39:47 GMT
Date: Wed, 22 Feb 2023 22:58:55 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NtIbLDU1vVgqZ6a3a/MrWQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PaorzKKDlBjGShJcpBNrJiNx9Gk=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4198
Expires: Thu, 23 Feb 2023 00:08:55 GMT
Date: Wed, 22 Feb 2023 22:58:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4198
Expires: Thu, 23 Feb 2023 00:08:55 GMT
Date: Wed, 22 Feb 2023 22:58:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4198
Expires: Thu, 23 Feb 2023 00:08:55 GMT
Date: Wed, 22 Feb 2023 22:58:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4198
Expires: Thu, 23 Feb 2023 00:08:55 GMT
Date: Wed, 22 Feb 2023 22:58:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a7f783-b830-48ee-af41-9e919bf61c16.jpeg
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a7f783-b830-48ee-af41-9e919bf61c16.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e767c4b566f75c2e5c384d79c874a982
3aa715f0e3a2fbc2a6be06a1284610be50685023
eb40b67d33ffb31a5acb809c4da06e3a82c49990b78f34407d56d22c444cf11c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a7f783-b830-48ee-af41-9e919bf61c16.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7286
x-amzn-requestid: 3c5826ab-c99d-41c0-8145-561cab4d1d01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqTQFtaIAMFW3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a7a-4e4d07a87e805c5c16837dfe;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: anJcs_dDaqQi_kTT67paSKY90nqjll-QXuFboe1wV_26pr5WK5iNtw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:45:02 GMT
age: 4435
etag: "3aa715f0e3a2fbc2a6be06a1284610be50685023"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff167ac5c-57c5-4503-9766-310cdc19cc19.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff167ac5c-57c5-4503-9766-310cdc19cc19.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 933622d515e6eaf5cf58d7727caa2303
3c92769139ec93bd5536fc1906a205814ff2a057
29d13d652407f6bc8b482645eece5e36c9cdb156d91665b59c9b5608b4cd4e79
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff167ac5c-57c5-4503-9766-310cdc19cc19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12496
x-amzn-requestid: e761dac9-c44f-4bd9-a514-665480f239ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqgrGHQIAMF3aQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68ad0-61c9fe5620f700af33b21c47;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nwIMINPeNum1IC5ETovTOKmRg7baiPoXJZ004rLB90ydLufaQDiKfA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:43:54 GMT
age: 4503
etag: "3c92769139ec93bd5536fc1906a205814ff2a057"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F967a89d3-06f9-41e5-a96b-891977904a13.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F967a89d3-06f9-41e5-a96b-891977904a13.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ebdd178addc400d9915852e569ca5bb
895ca9bea38c5d8a63249ba4d69141fad9b36d36
c3f7aadd4f33a54e2e079a3d11ecad137577ca034675e2346f764dbc7fae1ba7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F967a89d3-06f9-41e5-a96b-891977904a13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5881
x-amzn-requestid: 915df5b2-fdcb-4fdf-ae99-8e040be5e483
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AkyGtG_JIAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f1ca2a-4f85545b7c1064c97b49fbfa;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 07:05:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RNMdrXQHsF64Twl3S5zZ5xR0xEiKdamZ1Mud_rWS5tOzSyJqiKXtlQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 16:38:46 GMT
age: 22811
etag: "895ca9bea38c5d8a63249ba4d69141fad9b36d36"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9a6c075bf39141bbc7826d6969cf2ac8
8a3f71fea281d57261814a858c94fd11f083b9fe
dbd5fd07729dd569dd87128ba167ccccb2fa1c8e73f3eb6d64ac1c37f8294db7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6643
x-amzn-requestid: 326ed8fb-b228-4546-adf3-a188ce799089
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ArXwJG4OoAMFVZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f46ccd-74c2a8741928ad99733db89f;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 07:03:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Gu_G39ZXNYgyloJITQfAYavWjzrcB_sPNNOROrgBJW3BZtCVLpbxSQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 02:20:13 GMT
age: 74324
etag: "8a3f71fea281d57261814a858c94fd11f083b9fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04e67897-b0ef-4c04-a8de-f6f092510d32.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04e67897-b0ef-4c04-a8de-f6f092510d32.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b71d2b327e4b858ce631d4d3d7ebeb4a
d35b46e26cab53baf794abc95a9796fc681f8d6d
e69798f5c9b6b1e33b8e7b3dc2ea1c463f06d4ba4fbc3b08e1fdd13d19b4756b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04e67897-b0ef-4c04-a8de-f6f092510d32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5894
x-amzn-requestid: 70cc1517-7f08-4576-ba9a-2d049ce63647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqgqHB5oAMFcXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68ad0-7d8e36ec44432c5a69c0662c;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XjhltuUdm4owh8FuXWiT6hh0ov_GuQHpbMnDxm2cCaWrwq3rrvJZJw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:55:57 GMT
age: 3780
etag: "d35b46e26cab53baf794abc95a9796fc681f8d6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ad2ca47-ba50-4289-b8b4-788866129ce4.jpeg
200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ad2ca47-ba50-4289-b8b4-788866129ce4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bad634fdc193376aca920992acee39f5
953d4b4371b178ea2724559b19809a9958be7657
1bc7a0d46c27d959df93ef25754d0602c0b46399439b50d5937f9826f1d3d6ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ad2ca47-ba50-4289-b8b4-788866129ce4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4051
x-amzn-requestid: 4baa1266-08ab-4447-a40b-93d838673207
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AUDcgEtgIAMF6RQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eb191c-4d3ab6ab768a345b53c5891c;Sampled=0
x-amzn-remapped-date: Tue, 14 Feb 2023 05:16:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kBOzs4Gfb3bEStS1hg6OhUov4vL1tSfJr3X8afXnr2zaIAR8qSQolQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 20:10:16 GMT
age: 10121
etag: "953d4b4371b178ea2724559b19809a9958be7657"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/adsense/domains/caf.js
200 OK 0 B URL HTTP/2 www.google.com/adsense/domains/caf.js
IP
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Wed, 22 Feb 2023 22:58:55 GMT
expires: Wed, 22 Feb 2023 22:58:55 GMT
cache-control: private, max-age=3600
etag: "6362013342520952948"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
91.195.240.12
34.160.144.191
23.36.76.226