r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 358212db02ecc7c1fa088906bd2dba14
091a0688da9de609d97349215ba9e452dfc346a4
7486e512e4de8172ac07f07f47da3a96dd3ac7cb054b335f3e4929261440e672
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7486E512E4DE8172AC07F07F47DA3A96DD3AC7CB054B335F3E4929261440E672"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17827
Expires: Wed, 14 Dec 2022 07:06:12 GMT
Date: Wed, 14 Dec 2022 02:09:05 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 555d8608594803d49eeb9581c6b70702
d01e0201e0ba0cf751ef97226620338a853bc635
2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10990
Expires: Wed, 14 Dec 2022 05:12:15 GMT
Date: Wed, 14 Dec 2022 02:09:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 14 Dec 2022 01:33:47 GMT
content-type: application/json
age: 2118
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dbd022fec0a71226daaf29b7563a8896
c37d14dc7b3849a4bb815fa325fb5e70fae54039
22da5e6e3f9507688fc8cb02183d52cf38f4adf8b2c6c52eaf5f88182471efeb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6293
Expires: Wed, 14 Dec 2022 03:53:58 GMT
Date: Wed, 14 Dec 2022 02:09:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ctUol9chiliAN2W6qod6bM37Ck3TZ1yT8i+kGvjZgildRbIvQPgenRQMbQ6yNj5x5nsdvUwaRVc=
x-amz-request-id: TT27HZNQXV6MYEQE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 14 Dec 2022 01:50:18 GMT
age: 1127
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ad3974.qptgbpxfkzdwm.com/
54.230.111.10307 Temporary Redirect 7.7 kB URL HTTP/1.1 ad3974.qptgbpxfkzdwm.com/
IP 54.230.111.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (517)
Hash 1ae75a2cdfbbdff223f787d318ea80e0
cfb9276c5165cc3dffeeb231061af437eaf2c764
fa9101fdceae6f9a070341673916670c0ebb0325dc91ad380599e1704d106a9f
GET / HTTP/1.1
Host: ad3974.qptgbpxfkzdwm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 307 Temporary Redirect
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 14 Dec 2022 02:09:05 GMT
Server: nginx
X-Status: OK
X-UID: Root=1-63993041-370c7fa55de231925998c183
Location: https://pr.heat-pumps-67037.com?backfill=0&KW1=Heat+Pump&KW2=Heat+Pump+Hot+Water&KW3=Heat+Pump+Hot+Water+System&KW4=Heat+Pump+Hot+Water+Prices&KW5=Sanden+Heat+Pump&KW6=Istore+Heat+Pump&domainname=0&searchbox=0&subid1=5f8821f0240f7f0aa2d4c1929e3b5ac281eec0cf9db9865ead9ea91646a91bfa&track_id=5f8821f0240f7f0aa2d4c1929e3b5ac281eec0cf9db9865ead9ea91646a91bfa&kcoptimize=1&theme=DoriPlus&vertical=Electronics&offer=Heat+Pumps+PR
Referrer-Policy: unsafe-url
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: a17yWxzWKWDNnEBBLgPzSBRHmW-rk9ViJAd8OCjnapD0ugD7Aonh_A==
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 02:09:05 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 14 Dec 2022 02:07:57 GMT
age: 69
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d618e03046913a8498b5065b904f9727
2c8d7f11dd0c44399ebe418842380075d2ef04ba
158223c608d67ac9c7236984fb26859d0197078d8414691d3c1fd9e8873066d6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "158223C608D67AC9C7236984FB26859D0197078D8414691D3C1FD9E8873066D6"
Last-Modified: Mon, 12 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 14 Dec 2022 08:09:06 GMT
Date: Wed, 14 Dec 2022 02:09:06 GMT
Connection: keep-alive
pr.heat-pumps-67037.com/?backfill=0&KW1=Heat+Pump&KW2=Heat+Pump+Hot+Water&KW3=Heat+Pump+Hot+Water+System&KW4=Heat+Pump+Hot+Water+Prices&KW5=Sanden+Heat+Pump&KW6=Istore+Heat+Pump&domainname=0&searchbox=0&subid1=5f8821f0240f7f0aa2d4c1929e3b5ac281eec0cf9db9865ead9ea91646a91bfa&track_id=5f8821f0240f7f0aa2d4c1929e3b5ac281eec0cf9db9865ead9ea91646a91bfa&kcoptimize=1&theme=DoriPlus&vertical=Electronics&offer=Heat+Pumps+PR
185.53.179.94200 OK 6.3 kB URL HTTP/1.1 pr.heat-pumps-67037.com/?backfill=0&KW1=Heat+Pump&KW2=Heat+Pump+Hot+Water&KW3=Heat+Pump+Hot+Water+System&KW4=Heat+Pump+Hot+Water+Prices&KW5=Sanden+Heat+Pump&KW6=Istore+Heat+Pump&domainname=0&searchbox=0&subid1=5f8821f0240f7f0aa2d4c1929e3b5ac281eec0cf9db9865ead9ea91646a91bfa&track_id=5f8821f0240f7f0aa2d4c1929e3b5ac281eec0cf9db9865ead9ea91646a91bfa&kcoptimize=1&theme=DoriPlus&vertical=Electronics&offer=Heat+Pumps+PR
IP 185.53.179.94:0
ASN #61969 Team Internet AG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4410)
Hash bcdf909eddab33cdfeb16abca5f5da30
fa07ceb6e83e0c57e962b3f7c869bdc9a87e369a
7262bc89194937f3d4c3072f9bc788c64f53a3d3d783b97933cff6598974cd34
Analyzer Verdict Alert quad9 Sinkholed
GET /?backfill=0&KW1=Heat+Pump&KW2=Heat+Pump+Hot+Water&KW3=Heat+Pump+Hot+Water+System&KW4=Heat+Pump+Hot+Water+Prices&KW5=Sanden+Heat+Pump&KW6=Istore+Heat+Pump&domainname=0&searchbox=0&subid1=5f8821f0240f7f0aa2d4c1929e3b5ac281eec0cf9db9865ead9ea91646a91bfa&track_id=5f8821f0240f7f0aa2d4c1929e3b5ac281eec0cf9db9865ead9ea91646a91bfa&kcoptimize=1&theme=DoriPlus&vertical=Electronics&offer=Heat+Pumps+PR HTTP/1.1
Host: pr.heat-pumps-67037.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-Ch-Lifetime: 30
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Dec 2022 02:09:06 GMT
Server: nginx
Vary: Accept-Encoding
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_ojnesvH7aLtHRwcjfiuZfHUZe2auIDIgGxKdX/ltZSOlUq6XZEdHkJEIiubu6VuKr4X7EoFjT/yyLG+iomDnGw==
X-Buckets: bucket077
X-Language: norwegian
X-Template: tpl_DoriPlus_twoclick
Transfer-Encoding: chunked
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de9e80c3bbe25e8623562110be8b8c9c
013f87db47c4ce3daf3380bc5e0ac3b1b496fe6f
792d587777c03d661a39a0593b71b3ec7611cb6e9d7a834bc79f28e6ace19692
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 390
Cache-Control: max-age=111856
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:09:06 GMT
Etag: "639840ac-1d7"
Expires: Thu, 15 Dec 2022 09:13:22 GMT
Last-Modified: Tue, 13 Dec 2022 09:06:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b9649509b14db5a889641078ccb05066
92c2224c6a970bf397d23a2fd37de759f74dd46c
6e7d750905e29196f6246744bb30b0ab0c5baa4a3909db5fabad7809b58aa825
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.43.61.95101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.61.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zPsLd3cEOkQ5ge6LrA4zKQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VmGE8fIZCSTZtzQ/lvXUi/8vnnE=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8bc1b4db769ee14aba872f3f93af10b1
f24c742805ff56d77d50924d60dabd2b6750c46e
35e6181045327df4b97bddff70ea1f9510e03d6896213b5f8473d8da771b15f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1t9jheyiyj1h6.cloudfront.net/themes/doriplus_40a0ff4d/img/arrows.png
54.230.245.229200 OK 11 kB URL HTTP/2 d1t9jheyiyj1h6.cloudfront.net/themes/doriplus_40a0ff4d/img/arrows.png
IP 54.230.245.229:0
File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Hash 0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
GET /themes/doriplus_40a0ff4d/img/arrows.png HTTP/1.1
Host: d1t9jheyiyj1h6.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.heat-pumps-67037.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 11375
server: nginx
last-modified: Thu, 23 Jun 2022 10:44:43 GMT
accept-ranges: bytes
front_end_https: on
date: Tue, 13 Dec 2022 07:40:02 GMT
etag: "62b4441b-2c6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wZhQS4XNij-2FbzJsqB0IdvYQe2c9JNtp_pElUInjWAo559A-p350g==
age: 66551
X-Firefox-Spdy: h2
pr.heat-pumps-67037.com/track.php?domain=heat-pumps-67037.com&toggle=browserjs&uid=MTY3MDk4Mzc0Ni4yNTE4OjU0YjI2NWEyMTlkZjkyZjZiYjg0Yzk4ZTI5Nzg3MDM0ZWEzNmYyZWMzYWE5ODZhMTIyMTk3MDBmMTI2YWYzODk6NjM5OTMwNDIzZDc5Nw%3D%3D
185.53.179.94200 OK 20 B URL HTTP/1.1 pr.heat-pumps-67037.com/track.php?domain=heat-pumps-67037.com&toggle=browserjs&uid=MTY3MDk4Mzc0Ni4yNTE4OjU0YjI2NWEyMTlkZjkyZjZiYjg0Yzk4ZTI5Nzg3MDM0ZWEzNmYyZWMzYWE5ODZhMTIyMTk3MDBmMTI2YWYzODk6NjM5OTMwNDIzZDc5Nw%3D%3D
IP 185.53.179.94:0
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
Analyzer Verdict Alert quad9 Sinkholed
GET /track.php?domain=heat-pumps-67037.com&toggle=browserjs&uid=MTY3MDk4Mzc0Ni4yNTE4OjU0YjI2NWEyMTlkZjkyZjZiYjg0Yzk4ZTI5Nzg3MDM0ZWEzNmYyZWMzYWE5ODZhMTIyMTk3MDBmMTI2YWYzODk6NjM5OTMwNDIzZDc5Nw%3D%3D HTTP/1.1
Host: pr.heat-pumps-67037.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.heat-pumps-67037.com/?backfill=0&KW1=Heat+Pump&KW2=Heat+Pump+Hot+Water&KW3=Heat+Pump+Hot+Water+System&KW4=Heat+Pump+Hot+Water+Prices&KW5=Sanden+Heat+Pump&KW6=Istore+Heat+Pump&domainname=0&searchbox=0&subid1=5f8821f0240f7f0aa2d4c1929e3b5ac281eec0cf9db9865ead9ea91646a91bfa&track_id=5f8821f0240f7f0aa2d4c1929e3b5ac281eec0cf9db9865ead9ea91646a91bfa&kcoptimize=1&theme=DoriPlus&vertical=Electronics&offer=Heat+Pumps+PR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-Ch-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Dec 2022 02:09:07 GMT
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Content-Length: 20
pr.heat-pumps-67037.com/favicon.ico
185.53.179.94200 OK 0 B URL HTTP/1.1 pr.heat-pumps-67037.com/favicon.ico
IP 185.53.179.94:0
ASN #61969 Team Internet AG
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: pr.heat-pumps-67037.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.heat-pumps-67037.com/?backfill=0&KW1=Heat+Pump&KW2=Heat+Pump+Hot+Water&KW3=Heat+Pump+Hot+Water+System&KW4=Heat+Pump+Hot+Water+Prices&KW5=Sanden+Heat+Pump&KW6=Istore+Heat+Pump&domainname=0&searchbox=0&subid1=5f8821f0240f7f0aa2d4c1929e3b5ac281eec0cf9db9865ead9ea91646a91bfa&track_id=5f8821f0240f7f0aa2d4c1929e3b5ac281eec0cf9db9865ead9ea91646a91bfa&kcoptimize=1&theme=DoriPlus&vertical=Electronics&offer=Heat+Pumps+PR
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 0
Content-Type: image/x-icon
Date: Wed, 14 Dec 2022 02:09:07 GMT
Etag: "5ebab1f0-0"
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Server: nginx
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 83ce713d18d47b8d1691bcc17caee1d7
e9576a0ad1bdc7b24b9825adf4265a88ab6f3adc
cdf50240829d2b7166a4f925b030fc4e17efe49f50f70e2ec8c11cac27dad583
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:09:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=pr.heat-pumps-67037.com&client=dp-mobile-teaminternet12_3ph&product=SAS&callback=__sasCookie
216.58.207.226200 OK 248 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=pr.heat-pumps-67037.com&client=dp-mobile-teaminternet12_3ph&product=SAS&callback=__sasCookie
IP 216.58.207.226:0
File type ASCII text, with very long lines (380), with no line terminators
Hash 4d3bf60a5649fa2cd24e80c85995d3f4
36e7f19e402922d09e3346a7af693ecb7283146c
18dba95b4638c9ada2c36ec66d4c5808c8b5da376932d10a2a6f1127712af6fd
GET /gampad/cookie.js?domain=pr.heat-pumps-67037.com&client=dp-mobile-teaminternet12_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.heat-pumps-67037.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 14 Dec 2022 02:09:07 GMT
server: cafe
cache-control: private
content-length: 248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 83ce713d18d47b8d1691bcc17caee1d7
e9576a0ad1bdc7b24b9825adf4265a88ab6f3adc
cdf50240829d2b7166a4f925b030fc4e17efe49f50f70e2ec8c11cac27dad583
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:09:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c4bdd6ef3e0ef2c33868d96eacf07dec
e37067aed86afe6d61372f325d5485dfcd35a350
56b8dc4555085a686f9cad922e1dc169140ae8d6475e24524096ca6f05576073
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:09:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 23b92920e9ad09cdeabe3f51c10652c6
574d077eb61c84d57f6478f63816dfed1af83aeb
b128dddccab1de7e2589b38697887b18ea1297911cce834bdf50fd506f284b90
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:09:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
142.250.74.97200 OK 270 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
IP 142.250.74.97:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash 5100391430a00e10ce60aa159f525b5c
231a4492d73b225f441b1e9028dc33c89862e498
52b1432a6e3002e41ed1d8f4c84b258fdc4c6dac863e3c0e5c06360c81be6067
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 13:41:41 GMT
expires: Wed, 14 Dec 2022 12:41:41 GMT
cache-control: public, max-age=82800
age: 44846
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
142.250.74.97200 OK 174 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP 142.250.74.97:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 13:51:44 GMT
expires: Wed, 14 Dec 2022 12:51:44 GMT
cache-control: public, max-age=82800
age: 44243
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pr.heat-pumps-67037.com/ls.php
185.53.179.94201 Created 0 B URL HTTP/1.1 pr.heat-pumps-67037.com/ls.php
IP 185.53.179.94:0
ASN #61969 Team Internet AG
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /ls.php HTTP/1.1
Host: pr.heat-pumps-67037.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 4362
Origin: https://pr.heat-pumps-67037.com
Connection: keep-alive
Referer: https://pr.heat-pumps-67037.com/?backfill=0&KW1=Heat+Pump&KW2=Heat+Pump+Hot+Water&KW3=Heat+Pump+Hot+Water+System&KW4=Heat+Pump+Hot+Water+Prices&KW5=Sanden+Heat+Pump&KW6=Istore+Heat+Pump&domainname=0&searchbox=0&subid1=5f8821f0240f7f0aa2d4c1929e3b5ac281eec0cf9db9865ead9ea91646a91bfa&track_id=5f8821f0240f7f0aa2d4c1929e3b5ac281eec0cf9db9865ead9ea91646a91bfa&kcoptimize=1&theme=DoriPlus&vertical=Electronics&offer=Heat+Pumps+PR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 201 Created
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-Ch-Lifetime: 30
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: https://pr.heat-pumps-67037.com
Access-Control-Max-Age: 86400
Charset: utf-8
Content-Type: text/javascript;charset=UTF-8
Date: Wed, 14 Dec 2022 02:09:07 GMT
Server: nginx
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_jFPDT+DGzJWjR1INd0KR9oW8GXKXLAawyFh89QGWDCDrTXrRoTs7w5EHkfh0p4aY2nj7Xw9kjC2+yyYmPeA+7g==
X-Log-Success: 63993043f3eacd513f6bbcc4
Content-Length: 0
pr.heat-pumps-67037.com/track.php?domain=heat-pumps-67037.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3MDk4Mzc0Ni4yNTE4OjU0YjI2NWEyMTlkZjkyZjZiYjg0Yzk4ZTI5Nzg3MDM0ZWEzNmYyZWMzYWE5ODZhMTIyMTk3MDBmMTI2YWYzODk6NjM5OTMwNDIzZDc5Nw%3D%3D
185.53.179.94200 OK 20 B URL HTTP/1.1 pr.heat-pumps-67037.com/track.php?domain=heat-pumps-67037.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3MDk4Mzc0Ni4yNTE4OjU0YjI2NWEyMTlkZjkyZjZiYjg0Yzk4ZTI5Nzg3MDM0ZWEzNmYyZWMzYWE5ODZhMTIyMTk3MDBmMTI2YWYzODk6NjM5OTMwNDIzZDc5Nw%3D%3D
IP 185.53.179.94:0
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
Analyzer Verdict Alert quad9 Sinkholed
GET /track.php?domain=heat-pumps-67037.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3MDk4Mzc0Ni4yNTE4OjU0YjI2NWEyMTlkZjkyZjZiYjg0Yzk4ZTI5Nzg3MDM0ZWEzNmYyZWMzYWE5ODZhMTIyMTk3MDBmMTI2YWYzODk6NjM5OTMwNDIzZDc5Nw%3D%3D HTTP/1.1
Host: pr.heat-pumps-67037.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.heat-pumps-67037.com/?backfill=0&KW1=Heat+Pump&KW2=Heat+Pump+Hot+Water&KW3=Heat+Pump+Hot+Water+System&KW4=Heat+Pump+Hot+Water+Prices&KW5=Sanden+Heat+Pump&KW6=Istore+Heat+Pump&domainname=0&searchbox=0&subid1=5f8821f0240f7f0aa2d4c1929e3b5ac281eec0cf9db9865ead9ea91646a91bfa&track_id=5f8821f0240f7f0aa2d4c1929e3b5ac281eec0cf9db9865ead9ea91646a91bfa&kcoptimize=1&theme=DoriPlus&vertical=Electronics&offer=Heat+Pumps+PR
Cookie: __gsas=ID=1ac1a2d0bbcf0d45:T=1670983747:S=ALNI_MYFh_6PakaXvX-LNwQYB2cvzqdKrA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-Ch-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Dec 2022 02:09:07 GMT
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: answercheck
Content-Length: 20
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 23b92920e9ad09cdeabe3f51c10652c6
574d077eb61c84d57f6478f63816dfed1af83aeb
b128dddccab1de7e2589b38697887b18ea1297911cce834bdf50fd506f284b90
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 02:09:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pr.heat-pumps-67037.com/track.php?toggle=adloaded&uid=MTY3MDk4Mzc0Ni4yNTE4OjU0YjI2NWEyMTlkZjkyZjZiYjg0Yzk4ZTI5Nzg3MDM0ZWEzNmYyZWMzYWE5ODZhMTIyMTk3MDBmMTI2YWYzODk6NjM5OTMwNDIzZDc5Nw%3D%3D&domain=heat-pumps-67037.com&data=%7B%22containerName%22%3A%22tc%22%2C%22adsLoaded%22%3Atrue%2C%22callbackOptions%22%3A%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-mobile-teaminternet12_3ph%22%2C%22adult%22%3Afalse%7D%2C%22termPositions%22%3A%7B%22Heat%20Pump%20Hot%20Water%20Prices%22%3A4%7D%7D%2C%22terms%22%3A%22Heat%20Pump%2CHeat%20Pump%20Hot%20Water%2CHeat%20Pump%20Hot%20Water%20System%2CHeat%20Pump%20Hot%20Water%20Prices%2CSanden%20Heat%20Pump%2CIstore%20Heat%20Pump%22%7D
185.53.179.94200 OK 20 B URL HTTP/1.1 pr.heat-pumps-67037.com/track.php?toggle=adloaded&uid=MTY3MDk4Mzc0Ni4yNTE4OjU0YjI2NWEyMTlkZjkyZjZiYjg0Yzk4ZTI5Nzg3MDM0ZWEzNmYyZWMzYWE5ODZhMTIyMTk3MDBmMTI2YWYzODk6NjM5OTMwNDIzZDc5Nw%3D%3D&domain=heat-pumps-67037.com&data=%7B%22containerName%22%3A%22tc%22%2C%22adsLoaded%22%3Atrue%2C%22callbackOptions%22%3A%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-mobile-teaminternet12_3ph%22%2C%22adult%22%3Afalse%7D%2C%22termPositions%22%3A%7B%22Heat%20Pump%20Hot%20Water%20Prices%22%3A4%7D%7D%2C%22terms%22%3A%22Heat%20Pump%2CHeat%20Pump%20Hot%20Water%2CHeat%20Pump%20Hot%20Water%20System%2CHeat%20Pump%20Hot%20Water%20Prices%2CSanden%20Heat%20Pump%2CIstore%20Heat%20Pump%22%7D
IP 185.53.179.94:0
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
Analyzer Verdict Alert quad9 Sinkholed
GET /track.php?toggle=adloaded&uid=MTY3MDk4Mzc0Ni4yNTE4OjU0YjI2NWEyMTlkZjkyZjZiYjg0Yzk4ZTI5Nzg3MDM0ZWEzNmYyZWMzYWE5ODZhMTIyMTk3MDBmMTI2YWYzODk6NjM5OTMwNDIzZDc5Nw%3D%3D&domain=heat-pumps-67037.com&data=%7B%22containerName%22%3A%22tc%22%2C%22adsLoaded%22%3Atrue%2C%22callbackOptions%22%3A%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-mobile-teaminternet12_3ph%22%2C%22adult%22%3Afalse%7D%2C%22termPositions%22%3A%7B%22Heat%20Pump%20Hot%20Water%20Prices%22%3A4%7D%7D%2C%22terms%22%3A%22Heat%20Pump%2CHeat%20Pump%20Hot%20Water%2CHeat%20Pump%20Hot%20Water%20System%2CHeat%20Pump%20Hot%20Water%20Prices%2CSanden%20Heat%20Pump%2CIstore%20Heat%20Pump%22%7D HTTP/1.1
Host: pr.heat-pumps-67037.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.heat-pumps-67037.com/?backfill=0&KW1=Heat+Pump&KW2=Heat+Pump+Hot+Water&KW3=Heat+Pump+Hot+Water+System&KW4=Heat+Pump+Hot+Water+Prices&KW5=Sanden+Heat+Pump&KW6=Istore+Heat+Pump&domainname=0&searchbox=0&subid1=5f8821f0240f7f0aa2d4c1929e3b5ac281eec0cf9db9865ead9ea91646a91bfa&track_id=5f8821f0240f7f0aa2d4c1929e3b5ac281eec0cf9db9865ead9ea91646a91bfa&kcoptimize=1&theme=DoriPlus&vertical=Electronics&offer=Heat+Pumps+PR
Cookie: __gsas=ID=1ac1a2d0bbcf0d45:T=1670983747:S=ALNI_MYFh_6PakaXvX-LNwQYB2cvzqdKrA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-Ch-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Dec 2022 02:09:07 GMT
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: adloaded
Content-Length: 20
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6596
Expires: Wed, 14 Dec 2022 03:59:03 GMT
Date: Wed, 14 Dec 2022 02:09:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6596
Expires: Wed, 14 Dec 2022 03:59:03 GMT
Date: Wed, 14 Dec 2022 02:09:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6596
Expires: Wed, 14 Dec 2022 03:59:03 GMT
Date: Wed, 14 Dec 2022 02:09:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6596
Expires: Wed, 14 Dec 2022 03:59:03 GMT
Date: Wed, 14 Dec 2022 02:09:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86bce3d677c0dd541440ebf38920020d
f11e21b6ad97e07b1d7103ad40a2e158e06fda73
9e23bc16cd1402d9124ebb9e625a5580f677ca9e008d3e04dc95080072fd1df4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7104
x-amzn-requestid: b1117224-be51-4e21-8b3b-01e5485f0af0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD2yH4loAMFuWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cf8-1382e1a6710239ec629eedb8;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Qd7ZLBasMl-7gVScLfJ4kxx2fbcyeL21COqu3913iENoLFvK8wkEvA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 22:16:33 GMT
age: 13954
etag: "f11e21b6ad97e07b1d7103ad40a2e158e06fda73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93bcca38-7c2d-411f-bd36-ee26cd918273.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93bcca38-7c2d-411f-bd36-ee26cd918273.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 66558e752ec27c5528fa1b50f7692840
e2fe03a05d3912da484543fc1b06f5ace7df890b
06391670bf28e4d9dda9a9c271916db17642cee9460999c376c48086d7740591
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93bcca38-7c2d-411f-bd36-ee26cd918273.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8280
x-amzn-requestid: d5e45ab4-efab-4667-b05b-a9d5cd9c78af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dDipCHO_oAMFxMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6397b16c-6056a0b71f7158195b569aec;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 22:55:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YWwg_k0lAlasjBzEcTP-EBAKQjFEFyqzGw3I9p9JtRA2UVCDy8n0AA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 06:06:55 GMT
age: 72132
etag: "e2fe03a05d3912da484543fc1b06f5ace7df890b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0ca3741-7de7-489c-9d32-963748da31ce.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0ca3741-7de7-489c-9d32-963748da31ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a1cf68fc0b78db85fd7e6f08cb74233
7374f9065239670ef563fee52f973cc23dd19833
e4493b517b402d9ea4f239d2913cbd9f316ae3f1e0c5e79c62c457c060f18b27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0ca3741-7de7-489c-9d32-963748da31ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7250
x-amzn-requestid: 8211d14a-d8fa-4f4c-a14f-60e830199a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpKqHw7IAMFiwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef10-392d8f374cafe054471d1ff6;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:30:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rkKcDnbranYxXDZ2cN8ABILj8WH1q_6HHVRWrYRMsLh5WbkbXamKNw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:53:16 GMT
age: 15351
etag: "7374f9065239670ef563fee52f973cc23dd19833"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027a9fc390a10242c7389ac20d8be93a
9bc06ec4c13fd3f14bde06387d56814f2a886a88
8ef7b73d6657c8d5cfd26fcad97b82f0acd21637d7ee8af84688295ffca85093
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4041
x-amzn-requestid: 5f92302c-f41f-46a4-9283-2c5d49c3c282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpc2Gl5IAMFzUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef85-54bd3ad3579e0d081e17b206;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:32:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RuZ47uh2aq0Ib0ZGmC7gBooDauMtzuzRZspYkVePk5lFecEIrgTqFw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:57:03 GMT
age: 15124
etag: "9bc06ec4c13fd3f14bde06387d56814f2a886a88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/adsense/domains/caf.js
216.58.211.4200 OK 62 kB URL HTTP/2 www.google.com/adsense/domains/caf.js
IP 216.58.211.4:0
Hash a0f6e59a5ad0ccb5727be964a8ec8346
8ba5bca91982b695ce97a828f8465b41ae875b50
14b172b83d6a7eab2994eb0040e4136584eb6ffe7fe0dad9e1534f7115e3ce4c
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.heat-pumps-67037.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Wed, 14 Dec 2022 02:09:06 GMT
expires: Wed, 14 Dec 2022 02:09:06 GMT
cache-control: private, max-age=3600
etag: "9096543464630205400"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F654e7722-a3eb-46c4-b652-ed202ea6f8d1.webp
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F654e7722-a3eb-46c4-b652-ed202ea6f8d1.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25e5932a6449b859223367ce1e67e59c
5d2ea71d4f0d952d665586bdf32ed0e88c605af6
160021eb4b65b4720d90337bf46bfc3c5b317b2ec406ba377c9368a11c56f629
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F654e7722-a3eb-46c4-b652-ed202ea6f8d1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12046
x-amzn-requestid: 53e890e7-eaa7-434d-bcde-4a1e60b5b6b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGqNWEhooAMFZxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398f0bb-0282299f7b644bbd2b65c079;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:38:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XJelUmwr6ECrVewxG3xTG9Zfvy0dUgxkP6FhPndIJ43i3iK6yrJZsw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:56:34 GMT
age: 15153
etag: "5d2ea71d4f0d952d665586bdf32ed0e88c605af6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d1t9jheyiyj1h6.cloudfront.net/scripts/maincaf.js
54.230.245.229200 OK 0 B URL HTTP/2 d1t9jheyiyj1h6.cloudfront.net/scripts/maincaf.js
IP 54.230.245.229:0
GET /scripts/maincaf.js HTTP/1.1
Host: d1t9jheyiyj1h6.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pr.heat-pumps-67037.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
last-modified: Tue, 15 Nov 2022 15:10:24 GMT
front_end_https: on
content-encoding: br
date: Wed, 14 Dec 2022 02:07:45 GMT
etag: W/"6373abe0-1b5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _a3VqMbZMsLv7sKFAQEjufSKQVsqK259m2wu1FXCyi7QaaI3lhhEEQ==
age: 159
X-Firefox-Spdy: h2