Report - berkshireinvestments.biz/

Report Overview

Submitted URL
berkshireinvestments.biz/
IP
208.91.197.27
ASN
#40034 CONFLUENCE-NETWORK-INC
Submitted
2023-01-27 10:16:11
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	8.4 kB	142.250.74.131
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	630 B	142.250.74.106
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
berkshireinvestments.biz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	4.6 kB	208.91.197.27
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	60 kB	216.58.207.228
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	45 kB	34.120.237.76
partner.googleadservices.com	798	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	482 B	798 B	216.58.207.194
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
js.parkingcrew.net	94546	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	64 kB	185.53.178.30
d38psrni17bvxu.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	31 kB	54.230.245.8
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.164.47.95
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
i.cdnpark.com	93792	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	616 B	4.1 kB	54.230.111.34
afs.googleusercontent.com	12123	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	885 B	2.1 kB	142.250.74.97
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	95.101.11.115
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	989 B	17 kB	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-27 10:15:59	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-01-27 10:15:59	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	berkshireinvestments.biz/px.js?ch=1	346 B	2023-03-07	2024-04-19
Pretty URL berkshireinvestments.biz/px.js?ch=1 IP 208.91.197.27 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-19 22:57:50 Times Seen43392 Hash f84f931c0dd37448e03f0dabf4e4ca9f 9c2c50edcf576453ccc07bf65668bd23c76e8663 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584 Loading...

	berkshireinvestments.biz/	77 B	2023-03-07	2024-04-17
Pretty URL berkshireinvestments.biz/ IP 208.91.197.27 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:26 Last Seen2024-04-17 04:25:09 Times Seen346 Hash d5630c59e7893a1368ebb34a973c8956 fdb0bc9c507522a0b946c99bae6bda6fa96a690e 01d9b1f2503cb005dbd83ba5643ca5ab30c7c6a2abe967ab704873d62aabc0e3 Loading...

	berkshireinvestments.biz/	516 B	2023-03-13	2023-03-13
Pretty URL berkshireinvestments.biz/ IP 208.91.197.27 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:22:56 Last Seen2023-03-13 08:22:56 Times Seen1 Hash 7fa7b9093c3a512ca7c38fe0f6c86996 d7e5b1a8aad32773a59d9d6ec1bf11f680b0021c a6776c7679d7e0d49f62c2b2ee02a09846872f65a0dba04d7ff9067dacd53ed6 Loading...

	js.parkingcrew.net/assets/scripts/registrar-caf/401543.js	2.3 kB	2023-03-07	2023-08-09
Pretty URL js.parkingcrew.net/assets/scripts/registrar-caf/401543.js IP 185.53.178.30 ASN #19905 NEUSTAR-AS6 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:02 Last Seen2023-08-09 09:58:34 Times Seen296 Hash 10c5efa6881cd919a596b4cf6e4e2a32 4861e817ed211e50461802fc9381306e3850c3f2 2480146df67cf549768f1f3e6acd33716562fd5bd6286978b026a85e0f624944 Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=berkshireinvestments.biz&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie	388 B	2023-03-13	2023-03-13
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=berkshireinvestments.biz&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie IP 216.58.207.194 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:22:56 Last Seen2023-03-13 08:22:56 Times Seen1 Hash 1a58617fe2519d8e47cb30e46f6035af 7903d1c7456b81fa3281a0195c1259cdd3c989c0 0b95c79fd57604ff57f612c9addc909412907a319866dfc9ac127e15d1958061 Loading...

	www.google.com/afs/ads/i/iframe.html	1.3 kB	2023-03-07	2023-04-05
Pretty URL www.google.com/afs/ads/i/iframe.html IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2023-04-05 02:11:22 Times Seen1911 Hash 53a557946308585635eb80aec5326b9e 544b125203bfbb516566a63c9ef3dc57e9c06df9 eff95f5e15f8aa8c8b8c0f3aaeedba0091c1ec9732d78b6594c9ceb26c8eff28 Loading...

	d38psrni17bvxu.cloudfront.net/registrar/v3/content/401543	2.9 kB	2023-03-07	2023-07-25
Pretty URL d38psrni17bvxu.cloudfront.net/registrar/v3/content/401543 IP 54.230.245.8 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:35:28 Last Seen2023-07-25 21:45:42 Times Seen230 Hash c5a7fc92817bc1fdcd0e7ba01f9d1dc8 5368bf74f0b18c4db6f375d2105fd08a2a1d94b6 7a90b10f1abaef9b9d9a3ccf71bcf1b999742d75df174927c66b57be8747c839 Loading...

	berkshireinvestments.biz/	200 B	2023-03-07	2023-04-01
Pretty URL berkshireinvestments.biz/ IP 208.91.197.27 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:02 Last Seen2023-04-01 11:18:24 Times Seen6 Hash 83d6fa76bf8baf74a5f8942096c3b563 da9bfd017a760a89f80ad6513d23d2caca62d08f f87ba116ab4eba732d014d1361f515299e60808dd14b5a5d198aab2639a3dbb4 Loading...

	js.parkingcrew.net/jsparkcaf.php?_v=3&regcn=401543&_h=berkshireinvestments.biz&_t=1674814561176&_qs=	5.5 kB	2023-03-13	2023-03-13
Pretty URL js.parkingcrew.net/jsparkcaf.php?_v=3&regcn=401543&_h=berkshireinvestments.biz&_t=1674814561176&_qs= IP 185.53.178.30 ASN #19905 NEUSTAR-AS6 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:22:56 Last Seen2023-03-13 08:22:56 Times Seen1 Hash d816bfd9dbf031dc9b285da56e5f9847 4e3a884348778365a8033cf740d0a287e3e5ff98 727fe6ca98077596bba0056bff0461f4d263832416e8ce8a7609216f156fe2d9 Loading...

	www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fberkshireinvestments.biz%2F%3Fcaf%26skrghlp%3DghevcQl%252Bb6F4wruPU6KHejtKRaLZY%252FjXh3%252BgJMpSZ%252BuVwI6dxHqxDRVWbP2AduYq&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2217778716944488&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r5%7Cs&nocache=111674814562512&num=0&output=afd_ads&domain_name=berkshireinvestments.biz&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1674814562518&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=771&frm=0&cl=503972142&uio=--&cont=tc&jsid=caf&jsv=503972142&rurl=http%3A%2F%2Fberkshireinvestments.biz%2F&adbw=slave-1-1%3A465%2Cmaster-1%3A466	6.1 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fberkshireinvestments.biz%2F%3Fcaf%26skrghlp%3DghevcQl%252Bb6F4wruPU6KHejtKRaLZY%252FjXh3%252BgJMpSZ%252BuVwI6dxHqxDRVWbP2AduYq&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2217778716944488&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r5%7Cs&nocache=111674814562512&num=0&output=afd_ads&domain_name=berkshireinvestments.biz&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1674814562518&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=771&frm=0&cl=503972142&uio=--&cont=tc&jsid=caf&jsv=503972142&rurl=http%3A%2F%2Fberkshireinvestments.biz%2F&adbw=slave-1-1%3A465%2Cmaster-1%3A466 IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:22:56 Last Seen2023-03-13 08:22:56 Times Seen1 Hash 54c81c539f4c306d06da24d504c1cead 512c81fcb5ff458e9fa63c293b26bd22b872b57d 25a4a9145bb4f6e5fd21888b1b10387d46690b488badcdc8496eff09229ba088 Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/adsense/domains/caf.js IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:07:20 Last Seen2023-03-13 15:05:04 Times Seen1 Hash 5407943731d9adcf782bdacf31145be3 dae7ffed9c7279b16d1d0145b683f74bf1d029ca abfc56cae5f5f477155be8158b729b0fa3d6ce0ddc53f3a6d249de0ad429d4d9 Loading...

	berkshireinvestments.biz/	8 B	2023-03-07	2024-04-19
Pretty URL berkshireinvestments.biz/ IP 208.91.197.27 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-19 22:57:49 Times Seen10757 Hash 883fa82f6169ed5ddd95e0c34cf36450 52fcfe1e375b542d4847a9c963bff266b98bfbc2 dca6253c1f2bdadb922b559c83bee52fbe1411e3a159adcb922ff3b45c623185 Loading...

	berkshireinvestments.biz/	134 B	2023-03-08	2023-04-01
Pretty URL berkshireinvestments.biz/ IP 208.91.197.27 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:03:04 Last Seen2023-04-01 11:18:24 Times Seen2 Hash d280e36c41d65cee155bd1ee363aee84 c313cf2b15d9d3591d6f19e3f07904748e8db6df 003c3767fde61f946b8738e7c49026215ed1531646f61b250e17fe369093b0cb Loading...

	i.cdnpark.com/registrar/v3/loader.js	2.2 kB	2023-03-07	2023-09-27
Pretty URL i.cdnpark.com/registrar/v3/loader.js IP 54.230.111.34 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:34:15 Last Seen2023-09-27 00:44:23 Times Seen918 Hash 6a8a5ac701875e082ba567dc1e31dc47 270e11322a98d1f93377df4da2db08e3907db01c ccc86bccd7817aaa981c28c56fa002ec8f305d81433312e8299ce70fc8d70c7e Loading...

	berkshireinvestments.biz/	200 B	2023-03-07	2023-04-05
Pretty URL berkshireinvestments.biz/ IP 208.91.197.27 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:23 Last Seen2023-04-05 02:03:50 Times Seen166 Hash c429efc5787431634ecb929d6e4b8602 59b6c748ad6bfd673ea5a50542a7f1849ead0700 5c04aa5569f70ca0c1c9a1bcad0146729297cf2dbac755415c04576e7b95faad Loading...

	d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js	5.6 kB	2023-03-07	2023-09-26
Pretty URL d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js IP 54.230.245.8 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:07 Last Seen2023-09-26 11:43:53 Times Seen10069 Hash 6f95d346f97b06c2d81a5cb147d35de0 c591eaa19ed0d227b4555f5e699b668b05aa40b0 35ca990c39f9194a5a17ff664a0fdcc7dfb6cb433ea6844e2960d9744bd9b9b6 Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/adsense/domains/caf.js IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:07:20 Last Seen2023-03-13 15:01:36 Times Seen1 Hash cb44849da73c76f1badc262b2e2a2ae0 4dc54f00fd6eef7cfb87de1cdfadf5b1b24711e7 7dcc146b1b5b726e769011f4d3d88c737323d57d5e05a617b64cf275a75feaba Loading...

		Size	First Seen	Last Seen
	#1 Write - b2c982747f7cd6b15fc1566f39e6afa1	88 B	2023-03-07	2023-07-25
Pretty Observations First Seen2023-03-07 13:00:02 Last Seen2023-07-25 21:45:42 Times Seen126 Hash b2c982747f7cd6b15fc1566f39e6afa1 d264d43f99e89a1653ef2c2fe83997c81c9993f6 5bebf1cb27ecfc2bfac314df7a17d2f227c395bf4bd3c90cb470d49141444a4f Loading...

	#2 Write - 7c19e7894df90e34ce5b464559d5e0db	83 B	2023-03-07	2023-07-25
Pretty Observations First Seen2023-03-07 22:35:28 Last Seen2023-07-25 21:45:42 Times Seen126 Hash 7c19e7894df90e34ce5b464559d5e0db 109dc2618926ccb91536daf245ecf3534a96bf7b 1fe9ecaa99a880f47c6e2ce39f134fde32f7fcc55d18f2df8bece0097feb50a9 Loading...

	#3 Write - d9f0a73f0789a2f62a8f0ddb0a9e9b4d	131 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 08:22:56 Last Seen2023-03-13 08:22:56 Times Seen1 Hash d9f0a73f0789a2f62a8f0ddb0a9e9b4d c7f3c3d791f2aee9635ac658ab7369ce2a3abfab 17f6d508e7b7b292fc8182564a9cb8b958d143edcc11bacb367977121233dc33 Loading...

	#4 Write - 6e176d2c0274c39178c0d7a2e8b884b8	2.9 kB	2023-03-07	2023-07-25
Pretty Observations First Seen2023-03-07 22:35:28 Last Seen2023-07-25 21:45:42 Times Seen126 Hash 6e176d2c0274c39178c0d7a2e8b884b8 f001325c84bfe1dca67781cfc29f38a4d714272e 58b6d4c81d5b2f41fc0a664170b752a6150f18198968ad34bbe80c3aa4937dbd Loading...

	#5 Write - d4f1abd4601ad02d2cfd3cc1994939b5	182 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 08:22:56 Last Seen2023-03-13 08:22:56 Times Seen1 Hash d4f1abd4601ad02d2cfd3cc1994939b5 836e11ba5fd6443157a0a6d60be2f26df2148029 336172a19259351af0bc20b5f81be15104776acc6797d73a6aed6fc32e0d83a8 Loading...

	#6 Write - 82a8b760663bb9276c20e6e2fef34570	63 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:07:07 Last Seen2023-03-17 12:55:38 Times Seen1 Hash 82a8b760663bb9276c20e6e2fef34570 a705f58c061610bec84d2473b30012d8f58e382b 5d09a3a9ce42629afa1801c2b93b2074999848ef1a950422a05c9a6173a06b00 Loading...

	#7 Write - 38cd9463cfd81c97218fd596f4a5ede1	76 B	2023-03-07	2023-09-26
Pretty Observations First Seen2023-03-07 18:52:18 Last Seen2023-09-26 11:43:53 Times Seen5434 Hash 38cd9463cfd81c97218fd596f4a5ede1 7e4a49ebcc195fc07468badbee81aea7d4c14c8f 6f9c01bfa9404b8a13f98b0befe67694ae9e479f6b1066c1779d1c737af78231 Loading...

HTTP Transactions (55)

	URL	IP	Response	Size
	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5fe582397f3003b225cb9058e02c2190 68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f 238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D" Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12046 Expires: Fri, 27 Jan 2023 13:36:46 GMT Date: Fri, 27 Jan 2023 10:16:00 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 58ffdcb539c3b250fdf31ed761627fc1 5b55b1522ef84c39b5c42f9bbfbc62b806c1269f eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63" Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14668 Expires: Fri, 27 Jan 2023 14:20:28 GMT Date: Fri, 27 Jan 2023 10:16:00 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash dcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 27 Jan 2023 09:35:20 GMT content-type: application/json age: 2440 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 69f73ac59327cd9ad7d99816ccfcc03e c54844f82dbee0d5ee4c8ce344eb0139373e6c6b e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3" Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8000 Expires: Fri, 27 Jan 2023 12:29:20 GMT Date: Fri, 27 Jan 2023 10:16:00 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: 3BTOmu/bpD3NSfH09YxU+E2bCZARbkJxyUi5mLFGi9ORd4Y/hJMSem8Ymurlc759IS0GGTbwI8c= x-amz-request-id: 4SH6BJD4PTCCZG9N content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 27 Jan 2023 09:20:29 GMT age: 3331 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Fri, 27 Jan 2023 10:16:00 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 27 Jan 2023 09:41:40 GMT age: 2060 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 16a7b6a7128312e2f985d30df18c4487 6017bff79ffb525d9c7f9f32b999b74b5dc69602 663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16" Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13856 Expires: Fri, 27 Jan 2023 14:06:57 GMT Date: Fri, 27 Jan 2023 10:16:01 GMT Connection: keep-alive`

	berkshireinvestments.biz/	208.91.197.27	200 OK	1.2 kB
URL HTTP/1.1 berkshireinvestments.biz/ IP 208.91.197.27:0 ASN #40034 CONFLUENCE-NETWORK-INC File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (793), with CRLF, LF line terminators Size 1.2 kB (1188 bytes) Hash fe92765e74000b925a5549d74b813fa8 5fcee4661af30999d1aed0f3ce1c05aa902acd8b 805943c790bdb18ece0fe880baba1fde2f6b380bb7733059cdb6fb7671181875 HTTP Headers `GET / HTTP/1.1 Host: berkshireinvestments.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 200 OK Date: Fri, 27 Jan 2023 10:16:00 GMT Server: Apache Referrer-Policy: no-referrer-when-downgrade Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com") X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_PHHFPZ9MiHGquL5luPt6uTxaKNKn31MZGUFlTgFVe5v7bCGTklLhteuiFOG6lx1/qHO9j0JLeKcVHf0dBQgroQ== Cteonnt-Length: 2124 Keep-Alive: timeout=5, max=128 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Cache-Control: private Content-Encoding: gzip Content-Length: 1188

	i.cdnpark.com/registrar/v3/loader.js	54.230.111.34	200 OK	2.2 kB
URL HTTP/1.1 i.cdnpark.com/registrar/v3/loader.js IP 54.230.111.34:0 ASN #16509 AMAZON-02 File type HTML document, ASCII text Size 2.2 kB (2195 bytes) Hash 6a8a5ac701875e082ba567dc1e31dc47 270e11322a98d1f93377df4da2db08e3907db01c ccc86bccd7817aaa981c28c56fa002ec8f305d81433312e8299ce70fc8d70c7e HTTP Headers `GET /registrar/v3/loader.js HTTP/1.1 Host: i.cdnpark.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://berkshireinvestments.biz/` `HTTP/1.1 200 OK Content-Type: text/javascript;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Fri, 27 Jan 2023 00:51:24 GMT X-Cache: Hit from cloudfront Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: bIPZ0IL8I16qcmFxIFd3-LgI-2qW_5vaev9ru1Ou8gMm7ncLFHifAw== Age: 33877`

	i.cdnpark.com/themes/registrar/401543.css	54.230.111.34	200 OK	1.1 kB
URL HTTP/1.1 i.cdnpark.com/themes/registrar/401543.css IP 54.230.111.34:0 ASN #16509 AMAZON-02 File type ASCII text Size 1.1 kB (1058 bytes) Hash 69d88c7ebc8bb3c25a4705df68359443 279d4fc997ad44f8091439166b5a255ef0e3d666 ad5dc13a24b57ff9b82b1d3d3d9892998944aa331fb85816fc6039b5a6941203 HTTP Headers `GET /themes/registrar/401543.css HTTP/1.1 Host: i.cdnpark.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://berkshireinvestments.biz/` `HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Last-Modified: Mon, 28 Nov 2022 10:41:35 GMT Content-Encoding: gzip Date: Fri, 27 Jan 2023 09:47:09 GMT ETag: W/"6384905f-bc6" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 0H_Tl0lRZvcFntwshsNO09zn4oZVrxNCHmJofW_3BewSLAH4ETuSGw== Age: 12836`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 2ebcc7cd4c50e87a984668828c1e612e f693d36335f333e3647f9fb2460e34dd73e17421 27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 27 Jan 2023 10:16:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 2ebcc7cd4c50e87a984668828c1e612e f693d36335f333e3647f9fb2460e34dd73e17421 27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 27 Jan 2023 10:16:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	berkshireinvestments.biz/px.js?ch=1	208.91.197.27	200 OK	346 B
URL HTTP/1.1 berkshireinvestments.biz/px.js?ch=1 IP 208.91.197.27:0 ASN #40034 CONFLUENCE-NETWORK-INC File type ASCII text, with very long lines (346), with no line terminators Size 346 B (346 bytes) Hash f84f931c0dd37448e03f0dabf4e4ca9f 9c2c50edcf576453ccc07bf65668bd23c76e8663 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584 HTTP Headers `GET /px.js?ch=1 HTTP/1.1 Host: berkshireinvestments.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://berkshireinvestments.biz/ Connection: keep-alive` HTTP/1.1 200 OK Date: Fri, 27 Jan 2023 10:16:01 GMT Server: Apache Referrer-Policy: no-referrer-when-downgrade Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com") Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT ETag: "15a-5b952a63b81f1" Accept-Ranges: bytes Content-Length: 346 Keep-Alive: timeout=5, max=108 Connection: Keep-Alive Content-Type: application/javascript

	berkshireinvestments.biz/px.js?ch=2	208.91.197.27	200 OK	346 B
URL HTTP/1.1 berkshireinvestments.biz/px.js?ch=2 IP 208.91.197.27:0 ASN #40034 CONFLUENCE-NETWORK-INC File type ASCII text, with very long lines (346), with no line terminators Size 346 B (346 bytes) Hash f84f931c0dd37448e03f0dabf4e4ca9f 9c2c50edcf576453ccc07bf65668bd23c76e8663 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584 HTTP Headers `GET /px.js?ch=2 HTTP/1.1 Host: berkshireinvestments.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://berkshireinvestments.biz/ Connection: keep-alive` HTTP/1.1 200 OK Date: Fri, 27 Jan 2023 10:16:01 GMT Server: Apache Referrer-Policy: no-referrer-when-downgrade Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com") Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT ETag: "15a-5b952a63b81f1" Accept-Ranges: bytes Content-Length: 346 Keep-Alive: timeout=5, max=20 Connection: Keep-Alive Content-Type: application/javascript

	d38psrni17bvxu.cloudfront.net/registrar/v3/content/401543	54.230.245.8	200 OK	2.9 kB
URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/registrar/v3/content/401543 IP 54.230.245.8:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2899) Size 2.9 kB (2942 bytes) Hash c5a7fc92817bc1fdcd0e7ba01f9d1dc8 5368bf74f0b18c4db6f375d2105fd08a2a1d94b6 7a90b10f1abaef9b9d9a3ccf71bcf1b999742d75df174927c66b57be8747c839 HTTP Headers `GET /registrar/v3/content/401543 HTTP/1.1 Host: d38psrni17bvxu.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://berkshireinvestments.biz/` `HTTP/1.1 200 OK Content-Type: text/javascript;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Fri, 27 Jan 2023 06:16:05 GMT X-Cache: Hit from cloudfront Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 87wreuZXymlh6y0ZsTHc3UXuv04-nt4mUe853yolQbu071vrbOid-A== Age: 14396`

	push.services.mozilla.com/	35.164.47.95	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.164.47.95:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: dnme4QOHxQFZGNpzmX2A4Q== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: rc/DMpFEI1kuJkqut4+q80zStDs=`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash c6c64fc014f993e296f124e4b2f0f175 68d3e62fcd25c05d19894a28f4490cf1d04a44c1 7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 27 Jan 2023 10:16:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2	142.250.74.163	200 OK	7.8 kB
URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data Size 7.8 kB (7840 bytes) Hash 8d91ec1ca2d8b56640a47117e313a3e9 a9e9bafe64666f4595051a0e895b47a5fa39e67e 78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb HTTP Headers `GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://berkshireinvestments.biz Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 7840 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 26 Jan 2023 03:13:04 GMT expires: Fri, 26 Jan 2024 03:13:04 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 16:51:55 GMT content-type: font/woff2 age: 111777 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash c6c64fc014f993e296f124e4b2f0f175 68d3e62fcd25c05d19894a28f4490cf1d04a44c1 7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 27 Jan 2023 10:16:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	js.parkingcrew.net/jsparkcaf.php?_v=3&regcn=401543&_h=berkshireinvestments.biz&_t=1674814561176&_qs=	185.53.178.30	200 OK	5.5 kB
URL HTTP/1.1 js.parkingcrew.net/jsparkcaf.php?_v=3&regcn=401543&_h=berkshireinvestments.biz&_t=1674814561176&_qs= IP 185.53.178.30:0 ASN #19905 NEUSTAR-AS6 File type HTML document, ASCII text, with very long lines (3004) Size 5.5 kB (5524 bytes) Hash d816bfd9dbf031dc9b285da56e5f9847 4e3a884348778365a8033cf740d0a287e3e5ff98 727fe6ca98077596bba0056bff0461f4d263832416e8ce8a7609216f156fe2d9 HTTP Headers `GET /jsparkcaf.php?_v=3&regcn=401543&_h=berkshireinvestments.biz&_t=1674814561176&_qs= HTTP/1.1 Host: js.parkingcrew.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://berkshireinvestments.biz/` `HTTP/1.1 200 OK Server: nginx Date: Fri, 27 Jan 2023 10:16:01 GMT Content-Type: text/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive X-Language: norwegian X-Template: tpl_CleanPeppermintBlack_twoclick`

	d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js	54.230.245.8	200 OK	5.6 kB
URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/jsparkcaf.js IP 54.230.245.8:0 ASN #16509 AMAZON-02 File type ASCII text Size 5.6 kB (5638 bytes) Hash 6f95d346f97b06c2d81a5cb147d35de0 c591eaa19ed0d227b4555f5e699b668b05aa40b0 35ca990c39f9194a5a17ff664a0fdcc7dfb6cb433ea6844e2960d9744bd9b9b6 HTTP Headers `GET /scripts/jsparkcaf.js HTTP/1.1 Host: d38psrni17bvxu.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://berkshireinvestments.biz/` `HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 5638 Connection: keep-alive Server: nginx Date: Fri, 27 Jan 2023 00:58:32 GMT Last-Modified: Tue, 12 May 2020 14:25:52 GMT Accept-Ranges: bytes ETag: "5ebab1f0-1606" X-Cache: Hit from cloudfront Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: JSjUq7iOmbvBAlMqOlqj0PmoY8v-KbF8KBx_XOVuvdPGK_FYKhbfiQ== Age: 33449`

	www.google.com/adsense/domains/caf.js	216.58.207.228	200 OK	54 kB
URL HTTP/1.1 www.google.com/adsense/domains/caf.js IP 216.58.207.228:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1743) Size 54 kB (53832 bytes) Hash e3dd0c55d773603395cfd990e39110fe edeecff8f4ec7fe49ee68f8996c01aa645d81506 9d86127cd813c25ca4f9fd5e037c6755842fe3aafb3cd84f9e663e193e868eb8 HTTP Headers `GET /adsense/domains/caf.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://berkshireinvestments.biz/` HTTP/1.1 200 OK Accept-Ranges: bytes Vary: Accept-Encoding Content-Type: text/javascript; charset=UTF-8 Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui" Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} Date: Fri, 27 Jan 2023 10:16:01 GMT Expires: Fri, 27 Jan 2023 10:16:01 GMT Cache-Control: private, max-age=3600 ETag: "10121701696141887220" X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Server: sffe X-XSS-Protection: 0

	js.parkingcrew.net/ls.php	185.53.178.30	201 Created	0 B
URL HTTP/1.1 js.parkingcrew.net/ls.php IP 185.53.178.30:0 ASN #19905 NEUSTAR-AS6 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /ls.php HTTP/1.1 Host: js.parkingcrew.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Content-Length: 2302 Origin: http://berkshireinvestments.biz Connection: keep-alive Referer: http://berkshireinvestments.biz/` HTTP/1.1 201 Created Server: nginx Date: Fri, 27 Jan 2023 10:16:01 GMT Content-Type: text/javascript;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 X-Log-Success: 63d3a461f1d179797b335304 Charset: utf-8 Access-Control-Allow-Origin: http://berkshireinvestments.biz Access-Control-Allow-Methods: POST, OPTIONS Access-Control-Max-Age: 86400 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_qIcRaOf8tXaSjtnmOLzpSTpIqkRSo7lxRRD7rfXN3nDDxPnr3Dyd3yJGJmvEqVyORpde3NXQPZ/xwADw4p7fsA==

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1" Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7191 Expires: Fri, 27 Jan 2023 12:15:53 GMT Date: Fri, 27 Jan 2023 10:16:02 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1" Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7191 Expires: Fri, 27 Jan 2023 12:15:53 GMT Date: Fri, 27 Jan 2023 10:16:02 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1" Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7191 Expires: Fri, 27 Jan 2023 12:15:53 GMT Date: Fri, 27 Jan 2023 10:16:02 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79e7a1af-509a-45ff-b555-be64fdc37799.jpeg	34.120.237.76	200 OK	6.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79e7a1af-509a-45ff-b555-be64fdc37799.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.5 kB (6458 bytes) Hash 48b1ab8b3b5ef11d8f03e1fe8e1b629e 5541c3151d1bd9c36bcdb9012a00a8eb8b7201ee ad5b13fc77b03f74c5708ec7b5122673dc00190df81d32bf3a69bfdf7b0c78e1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79e7a1af-509a-45ff-b555-be64fdc37799.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6458 x-amzn-requestid: ad9df8b8-80ff-46d7-bdc4-208aa9d2e215 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fUXwqFR0oAMFm3A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d1a004-0e1d43687a9e913828fd9056;Sampled=0 x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:52 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: Ir2__35_iQWvTKtHdJxidmBh4LqUucCuEHiCPfJwC-_AxWsRc4Rakg== via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google date: Thu, 26 Jan 2023 21:53:35 GMT age: 44547 etag: "5541c3151d1bd9c36bcdb9012a00a8eb8b7201ee" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg	34.120.237.76	200 OK	5.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.7 kB (5737 bytes) Hash 5e7158416f60576804ccff03307319fe a342f94625e913fa6b8d862a59979f1e3ad80dd1 5c525df7d169cc7e033d920c11f4a0163a781c025a22b70530882b56964a9a52 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5737 x-amzn-requestid: cc977ea9-c418-4a5a-a13b-c86e16bbe6ba x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fRGPFGL5oAMFiSg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d050c6-2d540cac5ca7d4e64cfdb8bc;Sampled=0 x-amzn-remapped-date: Tue, 24 Jan 2023 21:42:30 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: uZnA5gkRlZyqamh_n3992G9PlMJa4gJ-mjSOQEysII73dDKLXmeXsg== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google date: Thu, 26 Jan 2023 12:26:22 GMT age: 78580 etag: "a342f94625e913fa6b8d862a59979f1e3ad80dd1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b8fa26c-af88-46ea-a5c6-1122db65d6d4.jpeg	34.120.237.76	200 OK	9.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b8fa26c-af88-46ea-a5c6-1122db65d6d4.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.1 kB (9063 bytes) Hash f3605538118d3aaef721a03d482b0f9a 2e2e770d552a05a0f24f4bbb1110266440b2bf76 1011d275125968599a8dd082810deca07e82770efad760b3f1ebf7f74ebab78e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b8fa26c-af88-46ea-a5c6-1122db65d6d4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9063 x-amzn-requestid: 8eb82d16-63f8-4e6e-b9fe-1795c7703c03 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fIgq2EbSoAMFUwQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cce178-67a0958d7cd1f132605d93be;Sampled=0 x-amzn-remapped-date: Sun, 22 Jan 2023 07:10:48 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: fEX2-oiOwaU7l9OQzljVzFI-CQOwn4yQjUJ_fv0pmjc6C8evz1LDbQ== via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google date: Thu, 26 Jan 2023 11:12:36 GMT age: 83006 etag: "2e2e770d552a05a0f24f4bbb1110266440b2bf76" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg	34.120.237.76	200 OK	5.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.9 kB (5943 bytes) Hash ba0a42dadf6a976df148f652e9cc1844 4d825b74865effa4a858ddcad1d0969671facc07 7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5943 x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fUXxNF2UIAMFlYw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0 x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: MeE0Qrn_yZvUApGQTbOKQ14Z2ipPLbPFPyVqkKTk0Bs7ETn0UU6yMg== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google date: Thu, 26 Jan 2023 21:48:43 GMT age: 44839 etag: "4d825b74865effa4a858ddcad1d0969671facc07" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg	34.120.237.76	200 OK	7.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.5 kB (7538 bytes) Hash 131eb343c5abd61939457d69bd371348 ffb2035cf64fc83f01db5c6f26ffa264b6aac95b 8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7538 x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e3fobF-ZoAMFjjA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0 x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA== via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google date: Thu, 26 Jan 2023 21:59:56 GMT age: 44166 etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg	34.120.237.76	200 OK	4.3 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.3 kB (4272 bytes) Hash 6e96f3ea585b5fa8ed6446ed16e2b4b2 f90c205f370a2426dffe3c21b24bfa551b385556 6967ba25887f87200fcb39a3e6f065fd27596b2ebcf0d33a2751c655d6e724f2 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4272 x-amzn-requestid: e051c22b-c2ec-4e59-b29b-ba1464d8015b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fRz28G13oAMFeeQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d099c5-48b013ff34b9702a6d2fd560;Sampled=0 x-amzn-remapped-date: Wed, 25 Jan 2023 02:53:57 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: X4SfAYS0JvW4sUNqSuBERNBwaI_xgKugxZ76_fsih_LSnImMC7Pnzg== via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 03:37:14 GMT age: 85438 etag: "f90c205f370a2426dffe3c21b24bfa551b385556" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	d38psrni17bvxu.cloudfront.net/themes/registrar/images/logo_netsol.gif	54.230.245.8	200 OK	3.2 kB
URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/registrar/images/logo_netsol.gif IP 54.230.245.8:0 ASN #16509 AMAZON-02 File type GIF image data, version 89a, 109 x 31\012- data Size 3.2 kB (3245 bytes) Hash 3f1d1a5754772fa3109d47f1a3ec8da4 19483553c2413bfbbeee73644f991a9e7123add0 9572e3ec056ce723f2a980a44358e9040e7c8f03f238109a5b260cd81c584f62 HTTP Headers `GET /themes/registrar/images/logo_netsol.gif HTTP/1.1 Host: d38psrni17bvxu.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://berkshireinvestments.biz/` `HTTP/1.1 200 OK Content-Type: image/gif Content-Length: 3245 Connection: keep-alive Server: nginx Date: Fri, 27 Jan 2023 02:38:53 GMT Last-Modified: Thu, 14 Jan 2021 10:54:01 GMT ETag: "600022c9-cad" Accept-Ranges: bytes X-Cache: Hit from cloudfront Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: G551naF0imEtBPHnvCKiOmgLaSKynXVfFs6DEyZ4sezkQyMiIsraUw== Age: 27429`

	d38psrni17bvxu.cloudfront.net/themes/registrar/images/logo_netsol_icon.gif	54.230.245.8	200 OK	4.0 kB
URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/registrar/images/logo_netsol_icon.gif IP 54.230.245.8:0 ASN #16509 AMAZON-02 File type GIF image data, version 89a, 58 x 55\012- data Size 4.0 kB (4023 bytes) Hash ca5fa546488d6996c87716f3d6a0e892 a5536547da5034b1c9ca065471d256d94ae971b2 69a76f86743d2926937de3826f9fbf26fc99f4c67e495228ddefb8f05956518b HTTP Headers `GET /themes/registrar/images/logo_netsol_icon.gif HTTP/1.1 Host: d38psrni17bvxu.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://berkshireinvestments.biz/` `HTTP/1.1 200 OK Content-Type: image/gif Content-Length: 4023 Connection: keep-alive Server: nginx Date: Fri, 27 Jan 2023 01:55:09 GMT Last-Modified: Tue, 12 May 2020 14:25:52 GMT Accept-Ranges: bytes ETag: "5ebab1f0-fb7" X-Cache: Hit from cloudfront Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: SBb9C3XHWU6wdWad9MLwnvVQgdOtEmXR40WiIZZyXpF13gz0oclYvA== Age: 30053`

	js.parkingcrew.net/track.php?domain=berkshireinvestments.biz&toggle=browserjs&uid=MTY3NDgxNDU2MS41NTAzOjI3ODJiZGQyYmZjMGE2Mzk5NjdmMmY4YzlhNTZkMjYzZDZjYWU1ZTIyM2Y1YjI4ZDQ4ZWE3ODljMDgxNTc4MTM6NjNkM2E0NjE4NjU3OA%3D%3D	185.53.178.30	200 OK	20 B
URL HTTP/1.1 js.parkingcrew.net/track.php?domain=berkshireinvestments.biz&toggle=browserjs&uid=MTY3NDgxNDU2MS41NTAzOjI3ODJiZGQyYmZjMGE2Mzk5NjdmMmY4YzlhNTZkMjYzZDZjYWU1ZTIyM2Y1YjI4ZDQ4ZWE3ODljMDgxNTc4MTM6NjNkM2E0NjE4NjU3OA%3D%3D IP 185.53.178.30:0 ASN #19905 NEUSTAR-AS6 File type data Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers GET /track.php?domain=berkshireinvestments.biz&toggle=browserjs&uid=MTY3NDgxNDU2MS41NTAzOjI3ODJiZGQyYmZjMGE2Mzk5NjdmMmY4YzlhNTZkMjYzZDZjYWU1ZTIyM2Y1YjI4ZDQ4ZWE3ODljMDgxNTc4MTM6NjNkM2E0NjE4NjU3OA%3D%3D HTTP/1.1 Host: js.parkingcrew.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Origin: http://berkshireinvestments.biz Connection: keep-alive Referer: http://berkshireinvestments.biz/ `HTTP/1.1 200 OK Server: nginx Date: Fri, 27 Jan 2023 10:16:02 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Custom-Track: browserjs Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip`

	js.parkingcrew.net/assets/scripts/registrar-caf/401543.js	185.53.178.30	200 OK	2.3 kB
URL HTTP/1.1 js.parkingcrew.net/assets/scripts/registrar-caf/401543.js IP 185.53.178.30:0 ASN #19905 NEUSTAR-AS6 File type ASCII text Size 2.3 kB (2307 bytes) Hash 10c5efa6881cd919a596b4cf6e4e2a32 4861e817ed211e50461802fc9381306e3850c3f2 2480146df67cf549768f1f3e6acd33716562fd5bd6286978b026a85e0f624944 HTTP Headers `GET /assets/scripts/registrar-caf/401543.js HTTP/1.1 Host: js.parkingcrew.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://berkshireinvestments.biz/` `HTTP/1.1 200 OK Server: nginx Date: Fri, 27 Jan 2023 10:16:02 GMT Content-Type: application/javascript Content-Length: 2307 Connection: keep-alive Last-Modified: Tue, 12 May 2020 14:25:52 GMT ETag: "5ebab1f0-903" Accept-Ranges: bytes`

	berkshireinvestments.biz/favicon.ico	208.91.197.27	404 Not Found	30 B
URL HTTP/1.1 berkshireinvestments.biz/favicon.ico IP 208.91.197.27:0 ASN #40034 CONFLUENCE-NETWORK-INC File type ASCII text, with no line terminators Size 30 B (30 bytes) Hash c4609c83d6054d974c265b208bdc2a21 7e963e7185900347babd1f2797312c0ca21fa4ae 6cd85e3008758f2e06eeff9efdf9b4ad2981f6654f87918d155b0aced68d959a HTTP Headers `GET /favicon.ico HTTP/1.1 Host: berkshireinvestments.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://berkshireinvestments.biz/ Connection: keep-alive` `HTTP/1.1 404 Not Found Date: Fri, 27 Jan 2023 10:16:02 GMT Server: Apache Cteonnt-Length: 10 Keep-Alive: timeout=5, max=92 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 Cache-Control: private Content-Encoding: gzip Content-Length: 30`

	d38psrni17bvxu.cloudfront.net/themes/registrar/images/colored-pointers_arrows.png	54.230.245.8	200 OK	13 kB
URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/registrar/images/colored-pointers_arrows.png IP 54.230.245.8:0 ASN #16509 AMAZON-02 File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data Size 13 kB (13234 bytes) Hash 48a0af9c74f0de453e7d868c1d3174e2 708e2a89317302ba67e65d84b855f7aeb0cc113e c9c53c9ea6a1565e7d7a382d60c95f2dec6add1ca5d66b1ec2db33184a12a0bc HTTP Headers `GET /themes/registrar/images/colored-pointers_arrows.png HTTP/1.1 Host: d38psrni17bvxu.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://i.cdnpark.com/` `HTTP/1.1 200 OK Content-Type: image/png Content-Length: 13234 Connection: keep-alive Server: nginx Date: Fri, 27 Jan 2023 05:25:58 GMT Last-Modified: Tue, 12 May 2020 14:25:52 GMT ETag: "5ebab1f0-33b2" Accept-Ranges: bytes X-Cache: Hit from cloudfront Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: f9YnSlWP-KsvN5IbpzXH_jC_-h4uhksl8FR3asem2TXuj82xiR-fig== Age: 17404`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash f81040a7968ce165969470fbd7d30abf 3dc4f93e036c42bd4f226e265962a92da5ac2751 5a5f5d6cf739216d40d837b0cc514c0f91a14e9cd1d0abfbcf8884ad55ca42d9 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 27 Jan 2023 10:16:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 9a156f9e1eec43fbfc3ea11e27aa3091 280292e0c5a0896c45598aa00e3fb607edf0b3a7 419b77a2c7ed19e8d086c82e3c9096d6ed2ab3032bba31afce0499ee83bc233a HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 27 Jan 2023 10:16:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 9a156f9e1eec43fbfc3ea11e27aa3091 280292e0c5a0896c45598aa00e3fb607edf0b3a7 419b77a2c7ed19e8d086c82e3c9096d6ed2ab3032bba31afce0499ee83bc233a HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 27 Jan 2023 10:16:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	partner.googleadservices.com/gampad/cookie.js?domain=berkshireinvestments.biz&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie	216.58.207.194	200 OK	251 B
URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=berkshireinvestments.biz&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie IP 216.58.207.194:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (388), with no line terminators Size 251 B (251 bytes) Hash 753d1b950faa1b71fff940117e18031d 309c40cd47d1726fa7fddfc11fa92f1532469e79 0cfae250047a5258dce368454de2307af5de9a997e29cf31e312f844c6e1ff1c HTTP Headers `GET /gampad/cookie.js?domain=berkshireinvestments.biz&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie HTTP/1.1 Host: partner.googleadservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://berkshireinvestments.biz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin content-type: text/javascript; charset=UTF-8 x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: gzip date: Fri, 27 Jan 2023 10:16:02 GMT server: cafe cache-control: private content-length: 251 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.google.com/afs/ads/i/iframe.html	216.58.207.228	200 OK	727 B
URL HTTP/2 www.google.com/afs/ads/i/iframe.html IP 216.58.207.228:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1559) Size 727 B (727 bytes) Hash 86c63672f61d654c394b86a29740531d c5c1958238562dd40ee3efcdd231beb24cb073c6 d785752c9103f237544f307ed98cbd2291e4bd4655c491e0574f23f176b3d8c8 HTTP Headers `GET /afs/ads/i/iframe.html HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://berkshireinvestments.biz/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/html content-security-policy: script-src 'nonce-8YXlrvrcc2b4RfwRcoKL_A' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none' content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} content-length: 727 date: Fri, 27 Jan 2023 10:16:02 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, must-revalidate last-modified: Mon, 18 Oct 2021 14:30:00 GMT x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash f81040a7968ce165969470fbd7d30abf 3dc4f93e036c42bd4f226e265962a92da5ac2751 5a5f5d6cf739216d40d837b0cc514c0f91a14e9cd1d0abfbcf8884ad55ca42d9 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 27 Jan 2023 10:16:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fberkshireinvestments.biz%2F%3Fcaf%26skrghlp%3DghevcQl%252Bb6F4wruPU6KHejtKRaLZY%252FjXh3%252BgJMpSZ%252BuVwI6dxHqxDRVWbP2AduYq&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2217778716944488&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r5%7Cs&nocache=111674814562512&num=0&output=afd_ads&domain_name=berkshireinvestments.biz&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1674814562518&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=771&frm=0&cl=503972142&uio=--&cont=tc&jsid=caf&jsv=503972142&rurl=http%3A%2F%2Fberkshireinvestments.biz%2F&adbw=slave-1-1%3A465%2Cmaster-1%3A466	216.58.207.228	200 OK	2.5 kB
URL HTTP/2 www.google.com/afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fberkshireinvestments.biz%2F%3Fcaf%26skrghlp%3DghevcQl%252Bb6F4wruPU6KHejtKRaLZY%252FjXh3%252BgJMpSZ%252BuVwI6dxHqxDRVWbP2AduYq&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2217778716944488&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r5%7Cs&nocache=111674814562512&num=0&output=afd_ads&domain_name=berkshireinvestments.biz&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1674814562518&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=771&frm=0&cl=503972142&uio=--&cont=tc&jsid=caf&jsv=503972142&rurl=http%3A%2F%2Fberkshireinvestments.biz%2F&adbw=slave-1-1%3A465%2Cmaster-1%3A466 IP 216.58.207.228:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6016) Size 2.5 kB (2483 bytes) Hash 97c02c71417069393650dece70b6817e 0ec66420400185599ccba280be29d80ab0932c03 3586ced5cc3190f9423fe016998468bff6dc105eb68799b8bab28d4cdb69a27e HTTP Headers GET /afs/ads?pcsa=false&channel=000001&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fberkshireinvestments.biz%2F%3Fcaf%26skrghlp%3DghevcQl%252Bb6F4wruPU6KHejtKRaLZY%252FjXh3%252BgJMpSZ%252BuVwI6dxHqxDRVWbP2AduYq&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2217778716944488&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r5%7Cs&nocache=111674814562512&num=0&output=afd_ads&domain_name=berkshireinvestments.biz&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1674814562518&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=771&frm=0&cl=503972142&uio=--&cont=tc&jsid=caf&jsv=503972142&rurl=http%3A%2F%2Fberkshireinvestments.biz%2F&adbw=slave-1-1%3A465%2Cmaster-1%3A466 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://berkshireinvestments.biz/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK content-type: text/html; charset=UTF-8 content-disposition: inline date: Fri, 27 Jan 2023 10:16:02 GMT expires: Fri, 27 Jan 2023 10:16:02 GMT cache-control: private, max-age=3600 cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." content-encoding: br server: gws content-length: 2483 x-xss-protection: 0 set-cookie: NID=511=QPjjOdObYoLOUMY2XHWAGKjyoPsT_TpnmScB57QaAL0L6Jjp6hBNHuLXMS-wTqhTCxYOyf4LsHrQgnCfEyDUZW9rwAKLmBzl9PEpdkvuszI0TIFSGoljCHGIZFpOyDmpQPFspbku9xtwtF5R5gbnzEN8OTdV2EYIJxtqO7ay6-E; expires=Sat, 29-Jul-2023 10:16:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=PENDING+436; expires=Sun, 26-Jan-2025 10:16:02 GMT; path=/; domain=.google.com; Secure alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 61f119c4b6311c87501f54da9ad62e7e 479c65a3be3e77ff0af6f26118389cac97852c74 e00fa0353240654d541e2aee878c14feb77837a1b5a4a12fa326ec2cc5a92e59 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 27 Jan 2023 10:16:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2	142.250.74.163	200 OK	7.9 kB
URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data Size 7.9 kB (7884 bytes) Hash 9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f HTTP Headers `GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.google.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 7884 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 26 Jan 2023 10:05:57 GMT expires: Fri, 26 Jan 2024 10:05:57 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 17:03:52 GMT content-type: font/woff2 age: 87006 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	js.parkingcrew.net/track.php?domain=berkshireinvestments.biz&caf=1&toggle=answercheck&answer=yes&uid=MTY3NDgxNDU2MS41NTAzOjI3ODJiZGQyYmZjMGE2Mzk5NjdmMmY4YzlhNTZkMjYzZDZjYWU1ZTIyM2Y1YjI4ZDQ4ZWE3ODljMDgxNTc4MTM6NjNkM2E0NjE4NjU3OA%3D%3D	185.53.178.30	200 OK	54 kB
URL HTTP/1.1 js.parkingcrew.net/track.php?domain=berkshireinvestments.biz&caf=1&toggle=answercheck&answer=yes&uid=MTY3NDgxNDU2MS41NTAzOjI3ODJiZGQyYmZjMGE2Mzk5NjdmMmY4YzlhNTZkMjYzZDZjYWU1ZTIyM2Y1YjI4ZDQ4ZWE3ODljMDgxNTc4MTM6NjNkM2E0NjE4NjU3OA%3D%3D IP 185.53.178.30:0 ASN #19905 NEUSTAR-AS6 File type ASCII text, with very long lines (1743) Size 54 kB (54230 bytes) Hash c0fd2a9a9229caf1e9c8059941bf2c33 2fe819110d258cc445c4ca7b067a4bc584165859 cbcc538b56760f660456a5be46b7bf60368b8c7752101660f057c83571adb86d HTTP Headers GET /track.php?domain=berkshireinvestments.biz&caf=1&toggle=answercheck&answer=yes&uid=MTY3NDgxNDU2MS41NTAzOjI3ODJiZGQyYmZjMGE2Mzk5NjdmMmY4YzlhNTZkMjYzZDZjYWU1ZTIyM2Y1YjI4ZDQ4ZWE3ODljMDgxNTc4MTM6NjNkM2E0NjE4NjU3OA%3D%3D HTTP/1.1 Host: js.parkingcrew.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Origin: http://berkshireinvestments.biz Connection: keep-alive Referer: http://berkshireinvestments.biz/ `HTTP/1.1 200 OK Server: nginx Date: Fri, 27 Jan 2023 10:16:03 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Custom-Track: answercheck Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 5f57a83befb5510821576265e691190f 136d15f2cbbc6416d808afcb8f48a19b346937fc b3d3b78aaea9273c95224d6242a3817bac9be7fc46800e741da32bba13db5fa6 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 27 Jan 2023 10:16:03 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 5f57a83befb5510821576265e691190f 136d15f2cbbc6416d808afcb8f48a19b346937fc b3d3b78aaea9273c95224d6242a3817bac9be7fc46800e741da32bba13db5fa6 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 27 Jan 2023 10:16:03 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2	142.250.74.97	200 OK	273 B
URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2 IP 142.250.74.97:0 ASN #15169 GOOGLE File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390) Size 273 B (273 bytes) Hash 4879b4bfc581cab5b5c803866211a36e e1705c1fa9103a1a9f82a1bb5cd44c8e45bd520a 6ad1ffb79c80d41ec978dd45defe97ee70d0e2efd01bfe678198248819d1b98a HTTP Headers `GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2 HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 273 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Thu, 26 Jan 2023 18:26:02 GMT expires: Fri, 27 Jan 2023 17:26:02 GMT cache-control: public, max-age=82800 age: 57001 last-modified: Thu, 19 Dec 2019 14:15:00 GMT content-type: image/svg+xml alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2	142.250.74.97	200 OK	174 B
URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2 IP 142.250.74.97:0 ASN #15169 GOOGLE File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size 174 B (174 bytes) Hash aa3a2f86d22121bff6d29639ccf1a157 bb7bbcdc7c5391dd50b78233fefd3216df8b452e 867d889f103b1a4ce8d5d9dc67d027656ecb34002ca254a290e8ff7d64c8ee6d HTTP Headers `GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2 HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Thu, 26 Jan 2023 11:55:28 GMT expires: Fri, 27 Jan 2023 10:55:28 GMT cache-control: public, max-age=82800 age: 80435 last-modified: Thu, 22 Oct 2020 21:45:00 GMT content-type: image/svg+xml alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 5f57a83befb5510821576265e691190f 136d15f2cbbc6416d808afcb8f48a19b346937fc b3d3b78aaea9273c95224d6242a3817bac9be7fc46800e741da32bba13db5fa6 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 27 Jan 2023 10:16:03 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.googleapis.com/css?family=Poppins:300	142.250.74.106	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300 IP 142.250.74.106:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Poppins:300 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://berkshireinvestments.biz/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 27 Jan 2023 10:16:01 GMT date: Fri, 27 Jan 2023 10:16:01 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML