Report - goat.app.link/?$urlstring=airgoat://home&$desktop_url=staaperu.com/cache/auth//tnbnqy////geoff.dunn@slurpmail.net

Report Overview

Submitted URL
goat.app.link/?$urlstring=airgoat://home&$desktop_url=staaperu.com/cache/auth//tnbnqy////geoff.dunn@slurpmail.net
IP
54.230.111.102
ASN
#16509 AMAZON-02
Submitted
2023-03-29 08:48:51
Access
public
Website Title
Final URL
Tags
suspicious
urlquery detections
Suspicious - JavaScript obfusction

Detections

urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-29T18:25:22Z	409 B	75 kB	142.250.74.74
goat.app.link	899009	2017-07-01T07:09:26Z	2023-03-29T16:29:57Z	1.1 kB	1.8 kB	54.230.111.23
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T18:13:46Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T18:37:20Z	606 B	127 B	54.200.156.146
s3.amazonaws.com	unknown	2020-05-13T22:53:44Z	2023-03-29T14:43:31Z	932 B	798 kB	52.217.163.240
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T18:12:03Z	2.7 kB	7.1 kB	23.36.76.226
ocsp.r2m01.amazontrust.com	unknown	2022-10-12T22:43:53Z	2023-03-29T21:37:48Z	350 B	1.0 kB	54.230.80.227
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T22:30:19Z	3.2 kB	48 kB	34.120.237.76
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-29T23:40:59Z	392 B	31 kB	216.58.207.234
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-29T18:15:41Z	426 B	961 B	104.18.10.207
use.fontawesome.com	942	2017-01-30T05:43:25Z	2023-03-29T05:19:40Z	428 B	1.0 kB	172.64.132.15
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T18:24:36Z	413 B	5.9 kB	34.160.144.191
staaperu.com	unknown	2017-01-23T07:20:57Z	2023-03-29T04:38:03Z	779 B	271 B	192.185.87.94
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-29T05:16:53Z	432 B	7.2 kB	104.17.24.14
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-29T05:20:03Z	1.2 kB	136 kB	69.16.175.10
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
aadcdn.msauth.net	1421	2018-11-19T11:50:03Z	2023-03-29T18:12:39Z	450 B	18 kB	13.107.238.53
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T18:12:02Z	1.4 kB	2.8 kB	216.58.211.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	19 kB	2023-03-07	2024-04-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-18 18:06:49 Times Seen109799 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	code.jquery.com/jquery-3.2.1.slim.min.js	70 kB	2023-03-07	2024-04-18
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-04-18 18:04:17 Times Seen105476 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html#geoff.dunn@slurpmail.net	5.9 kB	2023-03-25	2023-04-05
Pretty URL s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html#geoff.dunn@slurpmail.net IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 23:41:30 Last Seen2023-04-05 01:50:08 Times Seen78 Hash 3ee00072ef4bc3b8a7d61cd8809cd76f b200b9b1d904673a5b92b8d707cd8e8b1d0ff4d3 d291aee6f3199b62366a8b1db03f56aacde156e5fe2d6737314530f77f90db2b Loading...

	code.jquery.com/jquery-3.3.1.js	272 kB	2023-03-07	2024-04-18
Pretty URL code.jquery.com/jquery-3.3.1.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-18 18:06:49 Times Seen57714 Hash 6a07da9fae934baf3f749e876bbfdd96 46a436eba01c79acdb225757ed80bf54bad6416b d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-04-18
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-18 18:07:03 Times Seen379820 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html#geoff.dunn@slurpmail.net	182 B	2023-03-25	2023-05-09
Pretty URL s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html#geoff.dunn@slurpmail.net IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 23:41:30 Last Seen2023-05-09 12:47:19 Times Seen92 Hash 0e37aad4c0785e948efcb0d50726818f 84ca31647aaa3efcd3c31e9c92339ed0eaf495eb 683180eb984e2456b48e47c88ee687f62547059fdac8b29289404d0253244751 Loading...

	s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html#geoff.dunn@slurpmail.net	797 kB	2023-03-25	2023-04-05
Pretty URL s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html#geoff.dunn@slurpmail.net IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 23:49:42 Last Seen2023-04-05 01:50:08 Times Seen74 Hash f58aadfefe628572ad2f0ab4f62304d8 3fd95de433f311f2aa6d5075de813a0c9b9483cf 19f89a7433b480ea1e0711c66ef08cf9d091f279f930005a6efef53a0fa4c7c3 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-04-18
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-18 18:06:49 Times Seen135160 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	code.jquery.com/jquery-3.1.1.min.js	87 kB	2023-03-07	2024-04-18
Pretty URL code.jquery.com/jquery-3.1.1.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-18 15:49:27 Times Seen262853 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

		Size	First Seen	Last Seen
	#1 Write - f16fb422f8ccdb860c1faa5540e85462	266 kB	2023-03-25	2023-04-05
Pretty Observations First Seen2023-03-25 23:49:42 Last Seen2023-04-05 01:50:08 Times Seen73 Hash f16fb422f8ccdb860c1faa5540e85462 3ded133e6342ac7897e8e545f090b4e71b0d6409 1d3e4d019925624a45aef63553abcf4b0add4120a27f1bad5bdf1acf926ba44f Loading...

HTTP Transactions (38)

	URL	IP	Response	Size
	goat.app.link/?$urlstring=airgoat://home&$desktop_url=https://staaperu.com/cache/auth//tnbnqy////geoff.dunn@slurpmail.net	54.230.111.23	307 Temporary Redirect	0 B
URL HTTP/1.1 goat.app.link/?$urlstring=airgoat://home&$desktop_url=https://staaperu.com/cache/auth//tnbnqy////geoff.dunn@slurpmail.net IP 54.230.111.23:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /?$urlstring=airgoat://home&$desktop_url=https://staaperu.com/cache/auth//tnbnqy////geoff.dunn@slurpmail.net HTTP/1.1 Host: goat.app.link User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 307 Temporary Redirect Transfer-Encoding: chunked Connection: keep-alive Server: openresty Date: Wed, 29 Mar 2023 08:48:40 GMT Set-Cookie: _s=gdnwQApQIh%2FZ88G8yWPOEI%2B0TwZjNKd%2BeyGI5HdddZf4IFezlWQwlNw6G7qYGL61; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Thu, 28 Mar 2024 08:48:40 GMT; Secure Location: https://goat.app.link/?$urlstring=airgoat://home&$desktop_url=https://staaperu.com/cache/auth//tnbnqy////geoff.dunn@slurpmail.net Strict-Transport-Security: max-age=31536000; includeSubDomains Accept-CH: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model X-Cache: Miss from cloudfront Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: J75e0R1vgG5Om7-Og5IFBeAmwICeGpZVrsnqGC74-BgO-7ngAenD3g==

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 93f633ce30c038eb581544323c5a971e 2f60526cb750c6babccc207f75fb5a8ae6f7598b 0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8" Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3593 Expires: Wed, 29 Mar 2023 09:48:33 GMT Date: Wed, 29 Mar 2023 08:48:40 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c83d39f350161ed2f5d20dcd68e47c92 2695a888e652cb314f8094cc6073c3364336d272 62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC" Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12298 Expires: Wed, 29 Mar 2023 12:13:38 GMT Date: Wed, 29 Mar 2023 08:48:40 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5ad3eec59bebbf969f175627757507c1 b176af3a70db378c9e1f219bab24d9d446070d6f 704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E" Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12192 Expires: Wed, 29 Mar 2023 12:11:52 GMT Date: Wed, 29 Mar 2023 08:48:40 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 7f03faaba3392caae6dae54467bfdf6d 57ea1f14e8bfbcca8190c706d708c9fda12442c1 02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Alert, Retry-After, Content-Length, Content-Type, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 29 Mar 2023 08:28:09 GMT content-type: application/json age: 1231 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: FtlF8h7kKB0MW+7Cn85a7iPpqMiiNK06QDUK9Rk3l9yzZdmhaFmMge12cE4IWCu+ewU7nj2VtcBdqk8VUnLuPA== x-amz-request-id: FZK0WQT744ENDE4D x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 29 Mar 2023 08:02:24 GMT age: 2776 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Wed, 29 Mar 2023 08:48:40 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Backoff, ETag, Expires, Alert, Pragma, Content-Type, Retry-After, Last-Modified, Content-Length, Cache-Control content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 29 Mar 2023 08:14:36 GMT age: 2044 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash da5340ee69a1000f751686df9e716663 a5da880a61ed119790a7990bbdcc0c97eecf04f2 d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560" Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5988 Expires: Wed, 29 Mar 2023 10:28:29 GMT Date: Wed, 29 Mar 2023 08:48:41 GMT Connection: keep-alive`

	push.services.mozilla.com/	54.200.156.146	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.200.156.146:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 4v+qO7uFYCSTkJkkFGpNjw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 80eH9imaSOcWujDnEPg+JQREYg4=`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 714bb66890d084c58e0d92d43b567e23 e02544d60e880edc0396bf6debf038ddb05eee3d 67551c148cca779461277870d2fb1a5b6b96833c8b7055a33d191ec0795b2749 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "67551C148CCA779461277870D2FB1A5B6B96833C8B7055A33D191EC0795B2749" Last-Modified: Tue, 28 Mar 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21600 Expires: Wed, 29 Mar 2023 14:48:41 GMT Date: Wed, 29 Mar 2023 08:48:41 GMT Connection: keep-alive`

	staaperu.com/cache/auth//tnbnqy////geoff.dunn@slurpmail.net?%24urlstring=airgoat%3A%2F%2Fhome&_branch_match_id=1062369509546216292&_branch_referrer=H4sIAAAAAAAAAz2MwQrDIBBEv8YetaQ5FULppb9RNmajEl23uh769zUIhYGZYR7jRbjejXEZRAOzjoEO81DT3EqsUgK5BUI5Z3V7qunV5XPCSyc2rIdkfndy8efPn6gCwFiatjn1asF67A5N%2FACEVvp8Rx5ymPddb41IzdcaW%2BEEIWpC%2BQFXjqiDowAAAA%3D%3D	192.185.87.94	200 OK	0 B
URL HTTP/2 staaperu.com/cache/auth//tnbnqy////geoff.dunn@slurpmail.net?%24urlstring=airgoat%3A%2F%2Fhome&_branch_match_id=1062369509546216292&_branch_referrer=H4sIAAAAAAAAAz2MwQrDIBBEv8YetaQ5FULppb9RNmajEl23uh769zUIhYGZYR7jRbjejXEZRAOzjoEO81DT3EqsUgK5BUI5Z3V7qunV5XPCSyc2rIdkfndy8efPn6gCwFiatjn1asF67A5N%2FACEVvp8Rx5ymPddb41IzdcaW%2BEEIWpC%2BQFXjqiDowAAAA%3D%3D IP 192.185.87.94:0 ASN #46606 UNIFIEDLAYER-AS-1 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /cache/auth//tnbnqy////geoff.dunn@slurpmail.net?%24urlstring=airgoat%3A%2F%2Fhome&_branch_match_id=1062369509546216292&_branch_referrer=H4sIAAAAAAAAAz2MwQrDIBBEv8YetaQ5FULppb9RNmajEl23uh769zUIhYGZYR7jRbjejXEZRAOzjoEO81DT3EqsUgK5BUI5Z3V7qunV5XPCSyc2rIdkfndy8efPn6gCwFiatjn1asF67A5N%2FACEVvp8Rx5ymPddb41IzdcaW%2BEEIWpC%2BQFXjqiDowAAAA%3D%3D HTTP/1.1 Host: staaperu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 `HTTP/2 200 OK refresh: 0;url=https://s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html#geoff.dunn@slurpmail.net content-length: 0 content-type: text/html; charset=UTF-8 date: Wed, 29 Mar 2023 08:48:41 GMT server: Apache X-Firefox-Spdy: h2`

	ocsp.r2m01.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m01.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 7b55716f4e18f664da474d597329c5c5 0a87979ff78b3120d5558f8dbccdc3698ce234d4 015ecbf7d6b555eb555d8544d2eddf86155b267c5d9a97bd5df2c4581261310e HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m01.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=141973 Date: Wed, 29 Mar 2023 08:48:41 GMT Etag: "642371bc-1d7" Expires: Fri, 31 Mar 2023 00:14:54 GMT Last-Modified: Tue, 28 Mar 2023 23:01:16 GMT Server: ECAcc (nya/1C3C) X-Cache: Miss from cloudfront Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: gjMtkUPiuzcTweBwKXzvzKVbRczgLjyJJ47o00StQuxzw_i5zv0ySg== Age: 4418

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11586 Expires: Wed, 29 Mar 2023 12:01:48 GMT Date: Wed, 29 Mar 2023 08:48:42 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11586 Expires: Wed, 29 Mar 2023 12:01:48 GMT Date: Wed, 29 Mar 2023 08:48:42 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11586 Expires: Wed, 29 Mar 2023 12:01:48 GMT Date: Wed, 29 Mar 2023 08:48:42 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg	34.120.237.76	200 OK	6.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.0 kB (6049 bytes) Hash 253f48aa7cbf667d52cb37fda10cdb1f e29478b866f90402b48d2b516d01d60a863c9cf9 b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6049 x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CgvBFFMGIAMFhCg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: bXiCIy2ZqOyLvougeQikdsmaIJ9BfMPpOO4oU-3nEGY33FQGCm0ZoQ== via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 21:44:35 GMT age: 39847 etag: "e29478b866f90402b48d2b516d01d60a863c9cf9" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg	34.120.237.76	200 OK	8.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.7 kB (8745 bytes) Hash ef54a1ed997cc09495edb102ccdf6803 f5637efb37b5eecff77e60e6bcf5f599991f334f fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8745 x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CguJ5Hy5oAMFyAg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: LAAUFZcFBIpdMUkaDQXGW1sdwLK9c_uhQQHLiJHGF7dEvfJ0KX7MaA== via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 21:37:00 GMT age: 40302 etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg	34.120.237.76	200 OK	9.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.9 kB (9859 bytes) Hash da174e6ccc9451c5071ba10eeb97f6f6 c38827a9ac1218768839877263e1f2984fbdc454 76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9859 x-amzn-requestid: 7571f483-0d57-4f3f-9d86-2f18175cc0b1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CRP5DG2BoAMFrdg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641d2d06-400180d700df598366b8b16f;Sampled=0 x-amzn-remapped-date: Fri, 24 Mar 2023 04:54:30 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: 8LzPrLvhUnXntYPNCg_QN2LFUvQ-4FL4SMyYBxPOwlGd1sgL3j-Znw== via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 23:09:21 GMT age: 34761 etag: "c38827a9ac1218768839877263e1f2984fbdc454" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg	34.120.237.76	200 OK	7.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.6 kB (7605 bytes) Hash fd1bc71c7e9eed7c086d752ea8b4b992 02a74cf88501d65b3dfcceb5adc79fd93ce785ed a9a423d347533322d4d3ba90ee5fca5ca32f8d540f744ea2621deeda46df89f3 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7605 x-amzn-requestid: b7628073-4eb3-4ef6-b7d0-0224e0a75601 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CguY8GFPoAMFebQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64235dd2-445041c74356c54053f772a1;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: npXnMYBUM1bcf7FQIJEHng73EkILWwM0Jvey0QDUvmln0kAJUG_Rpw== via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 21:43:57 GMT age: 39885 etag: "02a74cf88501d65b3dfcceb5adc79fd93ce785ed" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b49e5d7-941e-4eaa-8953-0ce30631f5ee.jpeg	34.120.237.76	200 OK	2.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b49e5d7-941e-4eaa-8953-0ce30631f5ee.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 2.4 kB (2423 bytes) Hash ef31e77467cccbf20aa2656ff50a0cbe f50b09779ce9b340ae3347e93ec2df33f7f8c73f 5c50ae61f57724446c927c12c4dbd9d5527ec9db8f33e5d521211e4b1f366c38 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b49e5d7-941e-4eaa-8953-0ce30631f5ee.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 2423 x-amzn-requestid: 8cf5179c-e011-405e-aa08-7b94b1cf81c8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CguI9HYHIAMFtVw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64235d6c-765e143b6730877b647f6de4;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:36 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: mMW3O50g-ueBhNFHn7HV21vJ-kCbEVe46RCbIsb0nPsCfSFwUP9rPQ== via: 1.1 17d76c2aee343249585a570f2d36d2ee.cloudfront.net (CloudFront), 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 21:36:54 GMT age: 40308 etag: "f50b09779ce9b340ae3347e93ec2df33f7f8c73f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp	34.120.237.76	200 OK	6.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.7 kB (6722 bytes) Hash d0a85ec27ed4f7910e26b4ff023ab1fb f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0 fc31409ba6db565d4861a35ee6f74b7436eea5e5169bc1283f63cf6dfdb03764 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6722 x-amzn-requestid: a6de82bd-5b03-4ffd-90dd-9bd03331d123 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CguY8GG2IAMFuzQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64235dd2-7cb1c8187fe3d2b0283fb3a0;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: lZBspmi0Dku2a7jY39WyiBC3wu5F4eAvbTwHF6_8pgHfw21XSW_NbA== via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 21:43:58 GMT age: 39884 etag: "f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html	52.217.163.240	200 OK	797 kB
URL HTTP/1.1 s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html IP 52.217.163.240:0 ASN #16509 AMAZON-02 File type HTML document, ASCII text, with very long lines (65505) Size 797 kB (797216 bytes) Hash dfa03637d4cf9db4b50f89ed060de298 d3b21907dc468d5b8b4150e68ad1c332671f780d e411cb9b8b171fee853baa0eaae71c6053f8ebff00cb55b45f142a0d0d6c8fe7 HTTP Headers `GET /appforest_uf/f1679291072179x882516342498883800/about.html HTTP/1.1 Host: s3.amazonaws.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK x-amz-id-2: fQTS1qggIEsry+TFR0tz6u6HobMXEhBW2qft03+VscVAlRzWKKMoyZNvoZybXRKVYoajEWsLSuk= x-amz-request-id: MBJGEHMB7KZM2XT2 Date: Wed, 29 Mar 2023 08:48:43 GMT Last-Modified: Mon, 20 Mar 2023 05:44:33 GMT ETag: "dfa03637d4cf9db4b50f89ed060de298" x-amz-storage-class: INTELLIGENT_TIERING x-amz-server-side-encryption: AES256 x-amz-meta-appname: customers-css Cache-Control: public,max-age=86400 x-amz-meta-app-version: test x-amz-version-id: cupHj5y1Kwo.hCBg6lH7EDUCFr3D5JSe Accept-Ranges: bytes Content-Type: text/html Server: AmazonS3 Content-Length: 797216

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	104.17.24.14	200 OK	6.2 kB
URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.24.14:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (19015) Size 6.2 kB (6157 bytes) Hash 7b4114faa411d059a9a5ac4b5b4d9dee 277da4486916fa3a4ab3375f47bc98f58dbf90f6 60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9 HTTP Headers `GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://s3.amazonaws.com Connection: keep-alive Referer: https://s3.amazonaws.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Wed, 29 Mar 2023 08:48:42 GMT content-type: application/javascript; charset=utf-8 content-length: 6157 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03fa9-4af4" last-modified: Mon, 04 May 2020 16:15:37 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 11892265 expires: Mon, 18 Mar 2024 08:48:42 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvNPAWaLF3jUfiBQJhojkhNdx0XiyF%2B%2BWd6opkMkn9plSPoUIg1%2B9n53VDn%2FSxJ3qY5hC7LbLUovN0m%2Bz0ImywQ3MfZapo7B36LJZYA8GMy5JR8Yp%2FC3nMI0D0Rz8YxKs1iJzAAd"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 7af6dafaee871c0a-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico	13.107.238.53	200 OK	17 kB
URL HTTP/2 aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico IP 13.107.238.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data Size 17 kB (17174 bytes) Hash 12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21 HTTP Headers `GET /ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://s3.amazonaws.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK cache-control: public, max-age=604800 content-length: 17174 content-type: image/x-icon content-md5: EuPayFgGHQiAI7K9SOL6lg== last-modified: Fri, 02 Nov 2018 20:25:25 GMT etag: 0x8D6410152A9D7E1 x-cache: TCP_HIT x-ms-request-id: aff85ac8-201e-0001-77c0-611c71000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref-originshield: 0aMojZAAAAACQL9pSVzbCSKZg5WNar1UzQU1TMDRFREdFMTkyMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= x-azure-ref: 0avsjZAAAAADoEjG3xjz9QqoAAKQcpTj6U1ZHMjBFREdFMDUyMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= date: Wed, 29 Mar 2023 08:48:42 GMT X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash bfa3fc96de14a80af0187a7c3ee285d4 e60c9b3124ec2a611286af0b777319cf10230c1b ccdfe9029ede4a2535fb88ed1d74b419cf65a63b204e7d28f215722c6fdd160b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 08:48:42 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash bfa3fc96de14a80af0187a7c3ee285d4 e60c9b3124ec2a611286af0b777319cf10230c1b ccdfe9029ede4a2535fb88ed1d74b419cf65a63b204e7d28f215722c6fdd160b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 08:48:42 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	code.jquery.com/jquery-3.1.1.min.js	69.16.175.10	200 OK	30 kB
URL HTTP/2 code.jquery.com/jquery-3.1.1.min.js IP 69.16.175.10:0 ASN #20446 STACKPATH-CDN File type ASCII text, with very long lines (32030) Size 30 kB (30070 bytes) Hash f7a4a283c6a5130b43ce8de3b7842078 ef243edbb67f9e50f8589885e4541f6c919ea8d7 aee9e5b2534ced87fe1e02a1a9e661468ba548e02edacbe9b68b3b247607dc4e HTTP Headers `GET /jquery-3.1.1.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://s3.amazonaws.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Wed, 29 Mar 2023 08:48:42 GMT content-encoding: gzip content-length: 30070 content-type: application/javascript; charset=utf-8 last-modified: Fri, 20 Aug 2021 17:47:53 GMT accept-ranges: bytes server: nginx etag: W/"611feac9-152b5" cache-control: max-age=315360000, public access-control-allow-origin: * vary: Accept-Encoding x-hw: 1680079722.dop232.sk1.t,1680079722.cds202.sk1.hn,1680079722.cds010.sk1.c X-Firefox-Spdy: h2`

	code.jquery.com/jquery-3.3.1.js	69.16.175.10	200 OK	80 kB
URL HTTP/2 code.jquery.com/jquery-3.3.1.js IP 69.16.175.10:0 ASN #20446 STACKPATH-CDN File type ASCII text Size 80 kB (80268 bytes) Hash 56a2feb49fe38b8ea4727d1f79c01ca3 b4853240a9b9c082060e7a40c4e6098f0ba03148 e34f47b26eab2b37ee8dab249d133b962ce02f862a6f5b30ed563a43c75f191b HTTP Headers `GET /jquery-3.3.1.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://s3.amazonaws.com Connection: keep-alive Referer: https://s3.amazonaws.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Wed, 29 Mar 2023 08:48:42 GMT content-encoding: gzip content-length: 80268 content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT accept-ranges: bytes server: nginx etag: W/"28feccc0-42587" cache-control: max-age=315360000, public access-control-allow-origin: * vary: Accept-Encoding x-hw: 1680079722.dop221.sk1.t,1680079722.cds026.sk1.hn,1680079722.cds214.sk1.c X-Firefox-Spdy: h2`

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	216.58.207.234	200 OK	30 kB
URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 216.58.207.234:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (32065) Size 30 kB (30028 bytes) Hash 6d973c8b7e2439d958e09c0a1ab9fe50 05ae0830200c20b9a2dfd5a825adc400481a60fb f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894 HTTP Headers `GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://s3.amazonaws.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 30028 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 28 Mar 2023 09:53:29 GMT expires: Wed, 27 Mar 2024 09:53:29 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 age: 82513 last-modified: Tue, 03 Mar 2020 19:15:00 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	code.jquery.com/jquery-3.2.1.slim.min.js	69.16.175.10	200 OK	24 kB
URL HTTP/2 code.jquery.com/jquery-3.2.1.slim.min.js IP 69.16.175.10:0 ASN #20446 STACKPATH-CDN File type ASCII text, with very long lines (32012) Size 24 kB (23856 bytes) Hash 30f5157a965bc792a83e9bacfe265f03 8330886371fe27f3cbac509e0ac9712207574c66 4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0 HTTP Headers `GET /jquery-3.2.1.slim.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://s3.amazonaws.com Connection: keep-alive Referer: https://s3.amazonaws.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Wed, 29 Mar 2023 08:48:42 GMT content-encoding: gzip content-length: 23856 content-type: application/javascript; charset=utf-8 last-modified: Fri, 12 Aug 2022 13:47:02 GMT accept-ranges: bytes server: nginx etag: W/"62f659d6-10fdd" cache-control: max-age=315360000, public access-control-allow-origin: * vary: Accept-Encoding x-hw: 1680079722.dop221.sk1.t,1680079722.cds026.sk1.hn,1680079722.cds235.sk1.c X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash bfa3fc96de14a80af0187a7c3ee285d4 e60c9b3124ec2a611286af0b777319cf10230c1b ccdfe9029ede4a2535fb88ed1d74b419cf65a63b204e7d28f215722c6fdd160b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 08:48:42 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash bfa3fc96de14a80af0187a7c3ee285d4 e60c9b3124ec2a611286af0b777319cf10230c1b ccdfe9029ede4a2535fb88ed1d74b419cf65a63b204e7d28f215722c6fdd160b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 08:48:42 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.googleapis.com/css?family=Archivo+Narrow&display=swap	142.250.74.74	200 OK	75 kB
URL HTTP/2 fonts.googleapis.com/css?family=Archivo+Narrow&display=swap IP 142.250.74.74:0 ASN #15169 GOOGLE File type data Size 75 kB (74753 bytes) Hash 0d37a9137904a66715ab623c462b5d4e c3075dfe483a1ca7feccf28da73b044079c39b1c f42458ef8475af93740d951d90dcb8be8b57dcfa9aa299057f2f04bc9d73d4a3 HTTP Headers `GET /css?family=Archivo+Narrow&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://s3.amazonaws.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 29 Mar 2023 08:48:42 GMT date: Wed, 29 Mar 2023 08:48:42 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	s3.amazonaws.com/favicon.ico	52.217.163.240	403 Forbidden	243 B
URL HTTP/1.1 s3.amazonaws.com/favicon.ico IP 52.217.163.240:0 ASN #16509 AMAZON-02 File type XML 1.0 document text\012- XML document, ASCII text Size 243 B (243 bytes) Hash a79b73ec2e2daf2b66b03e06b058f3fb 37a6b999ed45cef3ec84c882d23f21057d7e8dd8 a6addba57d19380383e7b7c5574235addcc8eedd5e6c5ba9510375e71117f32f HTTP Headers `GET /favicon.ico HTTP/1.1 Host: s3.amazonaws.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://s3.amazonaws.com/appforest_uf/f1679291072179x882516342498883800/about.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 403 Forbidden x-amz-request-id: QTFCWC5EHRKKHE4P x-amz-id-2: YbPrzKoY6xwpD6cCIWYRkHaBkbvwmZOowMnWCS51oF7PSPR45rGeDaleVm5GDIZ9YbC3g6w4VTI= Content-Type: application/xml Transfer-Encoding: chunked Date: Wed, 29 Mar 2023 08:48:42 GMT Server: AmazonS3`

	goat.app.link/?$urlstring=airgoat://home&$desktop_url=https://staaperu.com/cache/auth//tnbnqy////geoff.dunn@slurpmail.net	54.230.111.16	307 Temporary Redirect	0 B
URL HTTP/2 goat.app.link/?$urlstring=airgoat://home&$desktop_url=https://staaperu.com/cache/auth//tnbnqy////geoff.dunn@slurpmail.net IP 54.230.111.16:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers GET /?$urlstring=airgoat://home&$desktop_url=https://staaperu.com/cache/auth//tnbnqy////geoff.dunn@slurpmail.net HTTP/1.1 Host: goat.app.link User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: _s=%2F31SILt7P19jZ7KS8kYPQ1uvv6lIK49jS2sQqA846IjvTr%2Fva2wjaW9hs%2FuemTYW Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 307 Temporary Redirect location: https://staaperu.com/cache/auth//tnbnqy////geoff.dunn@slurpmail.net?%24urlstring=airgoat%3A%2F%2Fhome&_branch_match_id=1062369509546216292&_branch_referrer=H4sIAAAAAAAAAz2MwQrDIBBEv8YetaQ5FULppb9RNmajEl23uh769zUIhYGZYR7jRbjejXEZRAOzjoEO81DT3EqsUgK5BUI5Z3V7qunV5XPCSyc2rIdkfndy8efPn6gCwFiatjn1asF67A5N%2FACEVvp8Rx5ymPddb41IzdcaW%2BEEIWpC%2BQFXjqiDowAAAA%3D%3D server: openresty date: Wed, 29 Mar 2023 08:48:40 GMT set-cookie: _s=%2F31SILt7P19jZ7KS8kYPQ1uvv6lIK49jS2sQqA846IjvTr%2Fva2wjaW9hs%2FuemTYW; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Thu, 28 Mar 2024 08:48:40 GMT; Secure last-modified: Wed, 29 Mar 2023 08:48:40 GMT strict-transport-security: max-age=31536000; includeSubDomains accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model x-cache: Miss from cloudfront via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: ICT_7hDCqVbq01r6j_X4GmKENvep82Y6-WTuKL1hDn4K07TEVBDnXw== X-Firefox-Spdy: h2

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	104.18.10.207	200 OK	0 B
URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://s3.amazonaws.com Connection: keep-alive Referer: https://s3.amazonaws.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Wed, 29 Mar 2023 08:48:42 GMT content-type: application/javascript; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17" last-modified: Mon, 25 Jan 2021 22:04:04 GMT cdn-cachedat: 11/25/2022 23:23:38 cdn-proxyver: 1.03 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 865 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-requestid: 46509e75abe3e11c236834176491a404 cdn-cache: HIT cf-cache-status: HIT age: 1998222 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 7af6dafae9610b55-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	use.fontawesome.com/releases/v5.7.0/css/all.css	172.64.132.15	200 OK	0 B
URL HTTP/2 use.fontawesome.com/releases/v5.7.0/css/all.css IP 172.64.132.15:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /releases/v5.7.0/css/all.css HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://s3.amazonaws.com Connection: keep-alive Referer: https://s3.amazonaws.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Wed, 29 Mar 2023 08:48:42 GMT content-type: text/css x-amz-id-2: tIuRkx8kYVZxx+a0svQcCubVEtpjXcUt5rIh/mZfEcf/QMrN5dmOu/vriNlbEcc7r8qTJ5jm2B4= x-amz-request-id: 8RKV4CRPMMZAD4YH access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding last-modified: Wed, 30 Jun 2021 15:45:15 GMT etag: W/"251d28bd755f5269a4531df8a81d5664" cache-control: max-age=31556926 cf-cache-status: HIT age: 859321 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xa7pd%2FoNHzx7o%2FGrlmiTCtPAA4YdzBVi%2Fd5gvz%2BHRLlBlVMglWvsBKQhuJb%2FdWC4C2zSZofJz4G9rEMCnxJTZDBY4Ws3SYZRVn5TqAFfWUgqgzOXOHTI5NBmf8W2KQbSJC8ZQLKL"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7af6dafb6cc6417c-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML