Report - final.essentialstocare.com/ga/click/2-47401622-160-799-1551-1041-a7832a4b81-obd9122d8e

Report Overview

Submitted URL
final.essentialstocare.com/ga/click/2-47401622-160-799-1551-1041-a7832a4b81-obd9122d8e
IP
154.12.254.169
ASN
#174 COGENT-174
Submitted
2022-09-12 19:53:17
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	95.101.11.115
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	67 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	345 B	1.9 kB	104.18.20.226
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	984 B	6.9 kB	192.124.249.41
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	7.7 kB	142.250.74.3
licensing.bitmovin.com	19299	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	927 B	1.0 kB	35.227.229.24
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	104.18.32.68
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
final.essentialstocare.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	725 B	154.12.254.169
mwebnice.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	458 B	956 B	172.67.146.245
5hardeningfruits.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	46 kB	155.138.203.162
ocsp.starfieldtech.com	6616	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	668 B	4.7 kB	192.124.249.24
dev.visualwebsiteoptimizer.com	5085	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	600 B	427 B	34.96.102.137
stats.vidalytics.com	153185	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	2.0 kB	34.107.158.93
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	600 B	715 B	142.251.1.154
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.212.13.96
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	11 kB	104.17.25.14
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	54.230.245.118
quick.vidalytics.com	193746	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	962 kB	192.229.220.49
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
s3.amazonaws.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	795 B	40 kB	52.216.44.152
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	506 B	694 B	142.250.74.164
analytics-ingress-global.bitmovin.com	47119	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.2 kB	4.6 kB	35.190.27.197
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	505 B	694 B	142.250.74.3
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	50 kB	142.250.74.72
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	839 B	82 kB	142.250.74.10
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	21 kB	142.250.74.174

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-12	medium	final.essentialstocare.com/ga/click/2-47401622-160-799-1551-1041-a7832a4b81-obd9122d8e	Phishing
2022-09-12	medium	mwebnice.com/5771/1458/2/?subid=XMkdtrvqq	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	dev.visualwebsiteoptimizer.com/settings.js?a=2887&settings_type=1&vn=7.0	65 kB	2023-03-07	2023-03-07
Pretty URL dev.visualwebsiteoptimizer.com/settings.js?a=2887&settings_type=1&vn=7.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:23:31 Last Seen2023-03-07 15:23:31 Times Seen1 Hash 7bc76e615572bbc2a5bb1a01949a516e 63e735a8dc024bce09f14ed280bb85e226ea3d81 a93bc23745dc4af93d590cb15a4b8746a57f2d834a76e17d968aef2dbbdc51ab Loading...

	www.googletagmanager.com/gtm.js?id=GTM-MGDHMZC	139 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-MGDHMZC IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:23:31 Last Seen2023-03-07 15:23:31 Times Seen1 Hash 415acd466bba4214e60f6a073f85277f 8b28cd1c8b624c36ea8f58e1d811963d5dc6f757 f40471e776ee49bc5c33e8352c85d76e4452a34ad7f93ab7fc7882e5ac3d6c72 Loading...

	5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458	1.2 kB	2023-03-07	2023-03-10
Pretty URL 5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458 IP 155.138.203.162 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:29:27 Last Seen2023-03-10 22:36:26 Times Seen1 Hash 271d5ee5a57064fba5eddf79f1acdf15 65e669eadd36cc7feeb57910c558041becbc384b 2c60bb79c24849260c4ec835d28b2961d5cd4bdb57cd704ca0641972e3f32fa9 Loading...

	5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458	819 B	2023-03-07	2023-09-19
Pretty URL 5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458 IP 155.138.203.162 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:29:27 Last Seen2023-09-19 16:05:43 Times Seen130 Hash 61c0a19f649856fd7953abe24e2dad6e e4bd4b5865d314b0b02ff4b67138430e4b34d41d c7e02e36ab5162ef3c737d2d7af8fe20769e7ce0ad0af19c7cce670ccabf9d14 Loading...

	5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458	2.0 MB	2023-03-07	2023-03-07
Pretty URL 5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458 IP 155.138.203.162 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:29:27 Last Seen2023-03-07 15:23:31 Times Seen1 Hash de5e865e44b589a5b4694dedcd0cc1c1 918dca9784dbea1c33ef553dccff65c82c147007 66f479d927191aa35de1b5e590b23351b6efb9f677ee4b47ea465b6f3a804d06 Loading...

	dev.visualwebsiteoptimizer.com/7.0/va-3a8c03cc83fd9c554b5af6e1cc1ffa80.js	231 kB	2023-03-07	2023-03-07
Pretty URL dev.visualwebsiteoptimizer.com/7.0/va-3a8c03cc83fd9c554b5af6e1cc1ffa80.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:08:04 Last Seen2023-03-07 22:52:54 Times Seen1 Hash 70ba2846624179831a92de6ee8e8eb14 11208aa7c1bcd054b64367b03d26af8fe2621d63 b2505465a07043632b33e384c3939b763c515585bf38fb4b3778bb9d714d8c7f Loading...

	5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458	341 B	2023-03-07	2023-03-10
Pretty URL 5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458 IP 155.138.203.162 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:29:27 Last Seen2023-03-10 22:36:26 Times Seen1 Hash 6f46fffe6bb94c2943067de76a762db5 247feba031116d7a20fddfa2c8a8d98a75456cac f9619730f210de216b0132ac90ec4ec4d4a7f7153279f0c4c1f401a0c1af59e4 Loading...

	5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458	998 B	2023-03-07	2023-03-10
Pretty URL 5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458 IP 155.138.203.162 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:29:27 Last Seen2023-03-10 22:36:26 Times Seen1 Hash fb85ab1dc455f0452606cb6d92fbfc0d 9b0eef3c3c9a74158c9243ddd5942ff5a6e8429b 46d332e24d842958857c7730443a755661abcf904a3769b16911eaaae84c5d69 Loading...

	5hardeningfruits.com/shared/js/ouibounce.min.js	1.6 kB	2023-03-07	2024-05-01
Pretty URL 5hardeningfruits.com/shared/js/ouibounce.min.js IP 155.138.203.162 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:16 Last Seen2024-05-01 02:22:55 Times Seen419 Hash 0067986dd93b7869e9dd229ff44251ac 3e89404238b959ac1d3c113b21cde64ac95ad267 b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea Loading...

	5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458	2.0 kB	2023-03-07	2023-03-10
Pretty URL 5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458 IP 155.138.203.162 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:29:27 Last Seen2023-03-10 22:36:26 Times Seen1 Hash 9fd63290e2b3bf30f940f228ffc32aa6 dd574068fce9032a94bfb39195ddef218057f2ca 11979fa8982d4c0e847d9dfc4168d144926c8d520186cb8e4d6a85049f4730b4 Loading...

	quick.vidalytics.com/embeds/KwmJQD4K/hDkHksg7N0hKkPkI/loader.min.js	40 kB	2023-03-07	2023-03-08
Pretty URL quick.vidalytics.com/embeds/KwmJQD4K/hDkHksg7N0hKkPkI/loader.min.js IP 192.229.220.49 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:16 Last Seen2023-03-08 03:22:08 Times Seen1 Hash 1e619dd735e8755ce105b90ccdd6b02f e789b2e32afba49f1cc2c67713c70ed42d59747e e633458cf56f5243aacbf54f90aff9c7d2cd0b4b93f26b4ec9bfb51bb5ea9b4d Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-05-01
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-01 17:51:21 Times Seen850 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	dev.visualwebsiteoptimizer.com/j.php?a=2887&u=https%3A%2F%2F5hardeningfruits.com%2Fv%2Fdlandvsl.php%3Fa%3D1171%26s1%3D1458%26s2%3D5771_sessid20220912195312092%26s3%3D%26s4%3D%26s5%3D%26o%3D84%26r%3D59503859%26utm_medium%3D1171%26utm_source%3D1458&f=1&r=0.08967176429976986	6.4 kB	2023-03-07	2023-03-07
Pretty URL dev.visualwebsiteoptimizer.com/j.php?a=2887&u=https%3A%2F%2F5hardeningfruits.com%2Fv%2Fdlandvsl.php%3Fa%3D1171%26s1%3D1458%26s2%3D5771_sessid20220912195312092%26s3%3D%26s4%3D%26s5%3D%26o%3D84%26r%3D59503859%26utm_medium%3D1171%26utm_source%3D1458&f=1&r=0.08967176429976986 IP 34.96.102.137 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:23:31 Last Seen2023-03-07 15:23:31 Times Seen1 Hash c805cbab2ad396d9112385abfb9ccc98 b55094e99ba857894a78a7faf4c0e9fdc0646425 149b37e8916a7b0d16153b7e5190ccfd4a74a25a0847d75b1485b6f6c954c032 Loading...

	5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458	1.4 kB	2023-03-07	2023-09-19
Pretty URL 5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458 IP 155.138.203.162 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:29:27 Last Seen2023-09-19 16:05:43 Times Seen130 Hash e911963a9b615264c0614ded1e02a158 3a8af99064025a86ea5289bf69e4f201ed166938 655fe2097bd235aa2edd98dcdd7a662582e563ab297f18d48e7c2d8577e32e18 Loading...

	5hardeningfruits.com/shared/js/jquery.3.4.1.min.js	88 kB	2023-03-07	2024-05-01
Pretty URL 5hardeningfruits.com/shared/js/jquery.3.4.1.min.js IP 155.138.203.162 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-01 23:39:19 Times Seen96390 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458	930 B	2023-03-07	2023-03-07
Pretty URL 5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458 IP 155.138.203.162 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:23:31 Last Seen2023-03-07 15:23:31 Times Seen1 Hash b836574cf448019cfe56b963fde87087 5afd63308c5e345f43a87ac7a53fe424b049c32a 753880b6fff36e3d5a239f8e95c00c099c9f12f70dfdfce2303862e5ae362d78 Loading...

	5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458	186 B	2023-03-07	2023-09-19
Pretty URL 5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458 IP 155.138.203.162 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:29:27 Last Seen2023-09-19 16:05:43 Times Seen123 Hash c4794a42c09a78a6d670250278c785ad da2f6de00ffafa3f45397ee01e604fb74039edbd 8af04b1a1f290e922e543c5586a6f8b9156606a04c741daf785c367293bce532 Loading...

	5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458	29 B	2023-03-07	2023-03-07
Pretty URL 5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458 IP 155.138.203.162 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:23:31 Last Seen2023-03-07 15:23:31 Times Seen1 Hash 3b795ad38a68b6f64b93edf237cd1b26 e5afdd440ec06b84124f40be0ed75469d3e1f3c5 5f8f376435e9538b8ad9ab07add1a07998bb1cf9e13c1bebf4e102edad63b018 Loading...

HTTP Transactions (81)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 19:08:18 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IkxnibVZQso3tg_rMSacGY3Cu_ab6EfaCBXax2bPprVZmXVc662faQ==
Age: 2687

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4780
Expires: Mon, 12 Sep 2022 21:12:45 GMT
Date: Mon, 12 Sep 2022 19:53:05 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LioW3amRWGdSKTJJcVj6PS6GJl_2fMP2KMag0BzdXG7S4D8KQrgB7w==
age: 45353
X-Firefox-Spdy: h2

final.essentialstocare.com/ga/click/2-47401622-160-799-1551-1041-a7832a4b81-obd9122d8e

154.12.254.169

302 Found

115 B

URL HTTP/1.1
final.essentialstocare.com/ga/click/2-47401622-160-799-1551-1041-a7832a4b81-obd9122d8e
IP
154.12.254.169:0
ASN
#174 COGENT-174

File type
HTML document text\012- HTML document, ASCII text, with no line terminators
Size
115 B (115 bytes)
Hash
94d50afd1db69a4dbf5179c9fde19c2c
c7987b157df80ca122fd76c5d11ff800a1f25ab0
71b5ddba508f3d8c304149f7cca9940d1de49b9236fc99387fde57158cf9aa63

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ga/click/2-47401622-160-799-1551-1041-a7832a4b81-obd9122d8e HTTP/1.1
Host: final.essentialstocare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Mon, 12 Sep 2022 19:53:05 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.33
Status: 302 Found
X-Rack-Cache: miss
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Request-Id: 780f06daf371d6dce08aa94d6c508386
Location: https://mwebnice.com/5771/1458/2/?subid=XMkdtrvqq
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.027784
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Powered-By: Phusion Passenger(R) 6.0.12
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 19:53:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 18:56:07 GMT
Expires: Mon, 12 Sep 2022 19:52:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1twUsUtKfnBVZ-0zJXk-ehxESw5VbhTR_LSQSKt2AdxyQwUvTbK9TA==
Age: 3419

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4762
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 19:53:06 GMT
Last-Modified: Mon, 12 Sep 2022 18:33:44 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
4b8eea863d71ae75fa174a6e489f3d19
9da5248028c55d926243ed214ba07782649e85bb
b77c0e6b4ba1af01c79b65e7f4e022f0b96e97e257f78ea8c5edbfb29ae1e228

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 19:53:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 16 Sep 2022 19:07:51 GMT
ETag: "9da5248028c55d926243ed214ba07782649e85bb"
Last-Modified: Mon, 12 Sep 2022 19:07:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749b2ff95f6bb4f7-OSL

push.services.mozilla.com/

34.212.13.96

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.212.13.96:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A2eDnf7jftHl9l5Jyfv8zA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HhZuoZitE3ws1WNYvcmZJxdD0io=

mwebnice.com/5771/1458/2/?subid=XMkdtrvqq

172.67.146.245

302 Found

303 B

URL HTTP/2
mwebnice.com/5771/1458/2/?subid=XMkdtrvqq
IP
172.67.146.245:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
303 B (303 bytes)
Hash
d12df2c7d4ea3dcea26719a961ec4381
fbdd3858c5e89a4166c359ec348c8d6b5f00017f
354e28646655973c844997178c2ddcc97709af0368ae5eb7cf7c5d1e12a53c44

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /5771/1458/2/?subid=XMkdtrvqq HTTP/1.1
Host: mwebnice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Mon, 12 Sep 2022 19:53:06 GMT
content-type: text/html; charset=UTF-8
location: https://safetrkpro3.com/?E=szJlxxrvDPbwWci3Dt2dTUIWO1ngp8g1&s2=5771_sessid20220912195312092&s1=1458
cache-control: max-age=3600, private
pragma: no-cache
expires: Mon, 12 Sep 2022 20:53:06 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749b2ff53c490b59-OSL
X-Firefox-Spdy: h2

5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458

155.138.203.162

200 OK

5.9 kB

URL HTTP/2
5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458
IP
155.138.203.162:0
ASN
#20473 AS-CHOOPA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (659)
Size
5.9 kB (5929 bytes)
Hash
d7e5ffa5e6cef3e294c7ab7774f0583c
a8419c557553ddc21b933787e4406d0c271903ec
792338a65d11539a75377783fa2d111f84d1cb7ab61bc93c38c8746cdde8713a

HTTP Headers

GET /v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458 HTTP/1.1
Host: 5hardeningfruits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx-rc
date: Mon, 12 Sep 2022 19:53:07 GMT
content-type: text/html; charset=UTF-8
content-length: 5929
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: max-age=300, must-revalidate
set-cookie: PHPSESSID=j6okdt8bs6ncc71vbe5augc6mr; path=/
affid=1171; expires=Thu, 27-Oct-2022 19:53:07 GMT; Max-Age=3888000; path=/
beenhere1=beenhere; expires=Sun, 11-Dec-2022 19:53:07 GMT; Max-Age=7776000; path=/
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css?ver=5.13.0

104.17.25.14

200 OK

10 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css?ver=5.13.0
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (58392)
Size
10 kB (10301 bytes)
Hash
536b6de3113d2c4762be5f5fa6d4b11e
6819ef5f5338f8c86f42dc6ecf5e6a17679e0dab
a0bd64b9dfc97e8ac4ccd97e7dd54209901dcffef8a5cabf701750746201c5ac

HTTP Headers

GET /ajax/libs/font-awesome/5.13.0/css/all.min.css?ver=5.13.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:53:07 GMT
content-type: text/css; charset=utf-8
content-length: 10301
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-e4d2"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8461852
expires: Sat, 02 Sep 2023 19:53:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qr7Ox7hdHPn38dcR%2Fvlzg6nalTkUIYgyrsH0j3NidRJytoe1ueuA1B0AB8Dlsi15wpCfo3IxEpG53RUSDTtSP7TxdZnuwvWtLeHb7TRLDbIitZ0KjN6l%2FiEsmSztMn0UL5BrQdm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 749b30000e120b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 19:53:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 19:53:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c3d8032059a24d14d00c2ee5d8840c01
62efae1ea6aaea612a12d42b6e5b65d24be11437
2319fe90c8b4d3cc41ec9cce275c82d19fb764015196bd1c52dfb9c5d85b9b0b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 19:53:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-MGDHMZC

142.250.74.72

200 OK

49 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-MGDHMZC
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (12851)
Size
49 kB (48917 bytes)
Hash
e6849aa7aca4690c63bd288844e97fd8
9890c7c418cb60b5c2bc452c73de5e119db1e84c
aedfdb6ee411883b6672923ac5941f27d7c008ed0320b763722375614df997d7

HTTP Headers

GET /gtm.js?id=GTM-MGDHMZC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 12 Sep 2022 19:53:07 GMT
expires: Mon, 12 Sep 2022 19:53:07 GMT
cache-control: private, max-age=900
last-modified: Mon, 12 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48917
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 19:53:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec7a5bb8e310f5c9c992cf85832d5445
e32b8e200a79da9008985e8e6c272f35b02581c5
6391e4c68631e272509ade559b8f568b03dd88be1956906332ae584f9faee00a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 19:53:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Open+Sans:300,400,400i,700,700i|Ramaraja

142.250.74.10

200 OK

80 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,400,400i,700,700i|Ramaraja
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
80 kB (80381 bytes)
Hash
bebddf802992b5a0e5335afbb7ca3d06
a6c4cde8f649e25ddcafa526838fe1677b589fdb
dbbe771bdf04385da7fdd634def3dbe443fc7561c789ea0e942e8eba1df60877

HTTP Headers

GET /css?family=Open+Sans:300,400,400i,700,700i|Ramaraja HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 12 Sep 2022 19:53:07 GMT
date: Mon, 12 Sep 2022 19:53:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19528
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 19:53:08 GMT
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
1f46f0beb2b26d8c253f95d670ed4502
04e6c1e12f88659b6261e7b5dc32a3104b14835c
da1f85339b34c54cbfa07b9676c2259d41e922046ff772a0673bd0678f8e2acb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 19:53:08 GMT
Last-Modified: Mon, 12 Sep 2022 18:32:30 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: T59zrcYZOlFantQLEFxpkG3wXwQkr9Wnkdsp65plGQhKRIiPGQNlDQ==
Age: 4838

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19528
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 19:53:08 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19528
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 19:53:08 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19528
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 19:53:08 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8485 bytes)
Hash
e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2jR7F56GE_qqbRBWjNDiDBgWbCYv-Ac6kvC1LI0HciQkKGTeNDYlyw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:57:43 GMT
age: 78925
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8799 bytes)
Hash
c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 79877
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13568 bytes)
Hash
8625e0707046e7a3715a8dbb40b1cae2
0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78
abc4c12561be08897341d9c8104c30a289357c0907e55c46895f7fb6afb2f75d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13568
x-amzn-requestid: a2fadcbe-350b-4a06-9f9c-ee2da40bb285
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEESeHA_oAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317e742-4740aa3f4ebd479e7a4886ed;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 00:35:14 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: jbF2ZaJUhIoJV-o4f6iviFyUnoDW4R0KHTfC5NySmITnsLbD5iJrPQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 14:22:45 GMT
age: 19823
etag: "0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9815 bytes)
Hash
239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:55:40 GMT
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
age: 79048
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9466 bytes)
Hash
6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: u_jETr8miiFyuhq7R09yb0lAP-hUv_6eTRV81Xzd9gSqU31VXwC9CQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:15:48 GMT
age: 59840
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

5hardeningfruits.com/shared/js/jquery.3.4.1.min.js

155.138.203.162

200 OK

37 kB

URL HTTP/2
5hardeningfruits.com/shared/js/jquery.3.4.1.min.js
IP
155.138.203.162:0
ASN
#20473 AS-CHOOPA

File type
ASCII text, with very long lines (65451)
Size
37 kB (37089 bytes)
Hash
05224061513706b299476876f57a059b
4d1352813dafaa1558e417a4cc94ec0ba361c02c
ba275499f641109c56cc4e7b9165ad587444dace0a7c76bfcf0f8596ac9ddcfd

HTTP Headers

GET /shared/js/jquery.3.4.1.min.js HTTP/1.1
Host: 5hardeningfruits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458
Cookie: PHPSESSID=j6okdt8bs6ncc71vbe5augc6mr; affid=1171; beenhere1=beenhere
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx-rc
date: Mon, 12 Sep 2022 19:53:07 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 17:49:24 GMT
vary: Accept-Encoding
etag: W/"628d1aa4-15851"
expires: Wed, 12 Oct 2022 19:53:07 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

s3.amazonaws.com/flora-spring/animated-button.gif

52.216.44.152

200 OK

31 kB

URL HTTP/1.1
s3.amazonaws.com/flora-spring/animated-button.gif
IP
52.216.44.152:0
ASN
#0

File type
GIF image data, version 89a, 518 x 184\012- data
Size
31 kB (31419 bytes)
Hash
92a21f7cace8422fcd95e5fca547ceb1
90cd6495fd1a57b69ad1584bc26fc85e43da209f
c42dc7cb24b560ef4d979f5ff7ab11d61ff2bb13ce7d78b7eb21ed8d15c4e4bd

HTTP Headers

GET /flora-spring/animated-button.gif HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: ixV10gcrZN6uq2I/LhOVebPWuBEqcW4isI99xIIMpzg3qoti1gOP9bv+bbpvczGyL7Va3kMgF/4=
x-amz-request-id: Q30SYAY3A7ZF48KE
Date: Mon, 12 Sep 2022 19:53:09 GMT
Last-Modified: Fri, 19 Jun 2020 14:28:38 GMT
ETag: "92a21f7cace8422fcd95e5fca547ceb1"
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 31419

quick.vidalytics.com/embeds/KwmJQD4K/hDkHksg7N0hKkPkI/loader.min.js

192.229.220.49

200 OK

9.7 kB

URL HTTP/2
quick.vidalytics.com/embeds/KwmJQD4K/hDkHksg7N0hKkPkI/loader.min.js
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (40367), with no line terminators
Size
9.7 kB (9740 bytes)
Hash
4531414b85a3c054437c2c3d1d2d5f5d
224749701b80d2cc47a0c48d77b20f24f8500935
fe0ce1e65c04eec591ca94f13b56fdd8d975c1a356e62461cec1c0091999bdf4

HTTP Headers

GET /embeds/KwmJQD4K/hDkHksg7N0hKkPkI/loader.min.js HTTP/1.1
Host: quick.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-cdn, x-cdn-info
age: 526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=300, s-maxage=2592000
content-type: application/javascript
date: Mon, 12 Sep 2022 19:44:22 GMT
etag: "4531414b85a3c054437c2c3d1d2d5f5d"
expires: Wed, 12 Oct 2022 19:44:22 GMT
last-modified: Wed, 17 Aug 2022 11:13:42 GMT
server: UploadServer
vary: Accept-Encoding
x-cdn: 3
x-cdn-info: loader
x-goog-generation: 1660734822185683
x-goog-hash: crc32c=UGf3Sg==, md5=RTFBS4WjwFRDfCw9HS1fXQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 9740
x-guploader-uploadid: ADPycdsDoirKG8YxvDYan7My0iEbHn05RTyMYNGBP9EGsUrb1T-h87SJAo4cGoXEgWjO43LkEyEmqslY5u0lfPyxsaUQ33eXbmtC
content-length: 9740
X-Firefox-Spdy: h2

quick.vidalytics.com/embeds/KwmJQD4K/hDkHksg7N0hKkPkI/player-dash-mse.min.js

192.229.220.49

200 OK

494 kB

URL HTTP/2
quick.vidalytics.com/embeds/KwmJQD4K/hDkHksg7N0hKkPkI/player-dash-mse.min.js
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (65399)
Size
494 kB (493953 bytes)
Hash
c99eadad1e5bf2fe6dccaeefba89aef6
da710fb78b9a030929574180f1a2e98881e71fb2
3ace30e4e2f82e3ec9b50b70a3055d4dea9468624b14caafbe6d3484b359bfa3

HTTP Headers

GET /embeds/KwmJQD4K/hDkHksg7N0hKkPkI/player-dash-mse.min.js HTTP/1.1
Host: quick.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-cdn, x-cdn-info
age: 2267213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=300, s-maxage=2592000
content-type: application/javascript
date: Mon, 12 Sep 2022 19:53:08 GMT
etag: "c99eadad1e5bf2fe6dccaeefba89aef6"
expires: Wed, 12 Oct 2022 19:53:08 GMT
last-modified: Wed, 17 Aug 2022 11:13:43 GMT
server: ECAcc (ska/F779)
vary: Accept-Encoding
x-cache: HIT
x-cdn: 3
x-goog-generation: 1660734823280708
x-goog-hash: crc32c=6VadJg==, md5=yZ6trR5b8v5tzK7vuomu9g==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 493953
x-guploader-uploadid: ADPycdvEyjegy_nYM4gSVswBDDhO1EhGk45geygafJmo9mNKBmdrRSxqd9jA1cmhWB7HDPMCQfUvDKJinaKNty99585r
content-length: 493953
X-Firefox-Spdy: h2

quick.vidalytics.com/embeds/KwmJQD4K/_8_bKgAC4KfKEukf/player.settings.json?ac=1663012375858

192.229.220.49

200 OK

2.6 kB

URL HTTP/2
quick.vidalytics.com/embeds/KwmJQD4K/_8_bKgAC4KfKEukf/player.settings.json?ac=1663012375858
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
JSON data\012- , ASCII text, with very long lines (2597), with no line terminators
Size
2.6 kB (2597 bytes)
Hash
56778402f68d18ed8102271842df9aa6
a21a22bad58cb58eac04ce5b2d10be8f9d0ec6e5
40df5dab4aea03299632e56933837aa13801a123fdcc6e8eb047e4bf756dc497

HTTP Headers

GET /embeds/KwmJQD4K/_8_bKgAC4KfKEukf/player.settings.json?ac=1663012375858 HTTP/1.1
Host: quick.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-cdn, x-cdn-info
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=300, s-maxage=2592000
content-type: application/json
date: Mon, 12 Sep 2022 19:53:08 GMT
etag: "56778402f68d18ed8102271842df9aa6"
expires: Wed, 12 Oct 2022 19:53:08 GMT
last-modified: Wed, 17 Aug 2022 12:00:34 GMT
server: UploadServer
x-cdn: 3
x-goog-generation: 1660737634198197
x-goog-hash: crc32c=zafLIw==, md5=VneEAvaNGO2BAicYQt+apg==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2597
x-guploader-uploadid: ADPycdtJjN9iRTPbYRAFGpJ0cSvCLox_ZTvJyuSYoDOE0wVHkCLjjysxETQg3URbG1QeKHIIyvCD8jUVum07w7G8ixVrat9WcAWj
content-length: 2597
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 12 Sep 2022 18:41:12 GMT
expires: Mon, 12 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 4316
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j96&a=478768380&t=pageview&_s=1&dl=https%3A%2F%2F5hardeningfruits.com%2Fv%2Fdlandvsl.php%3Fa%3D1171%26s1%3D1458%26s2%3D5771_sessid20220912195312092%26s3%3D%26s4%3D%26s5%3D%26o%3D84%26r%3D59503859%26utm_medium%3D1171%26utm_source%3D1458&ul=en-us&de=UTF-8&dt=5%20Hardening%20Fruits&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAAC~&jid=346232221&gjid=2032619049&cid=616409210.1663012376&tid=UA-164718397-1&_gid=1589458624.1663012376&_r=1&gtm=2wg970MGDHMZC&z=397151215

142.250.74.174

200 OK

2 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j96&a=478768380&t=pageview&_s=1&dl=https%3A%2F%2F5hardeningfruits.com%2Fv%2Fdlandvsl.php%3Fa%3D1171%26s1%3D1458%26s2%3D5771_sessid20220912195312092%26s3%3D%26s4%3D%26s5%3D%26o%3D84%26r%3D59503859%26utm_medium%3D1171%26utm_source%3D1458&ul=en-us&de=UTF-8&dt=5%20Hardening%20Fruits&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAAC~&jid=346232221&gjid=2032619049&cid=616409210.1663012376&tid=UA-164718397-1&_gid=1589458624.1663012376&_r=1&gtm=2wg970MGDHMZC&z=397151215
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

HTTP Headers

POST /j/collect?v=1&_v=j96&a=478768380&t=pageview&_s=1&dl=https%3A%2F%2F5hardeningfruits.com%2Fv%2Fdlandvsl.php%3Fa%3D1171%26s1%3D1458%26s2%3D5771_sessid20220912195312092%26s3%3D%26s4%3D%26s5%3D%26o%3D84%26r%3D59503859%26utm_medium%3D1171%26utm_source%3D1458&ul=en-us&de=UTF-8&dt=5%20Hardening%20Fruits&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAAC~&jid=346232221&gjid=2032619049&cid=616409210.1663012376&tid=UA-164718397-1&_gid=1589458624.1663012376&_r=1&gtm=2wg970MGDHMZC&z=397151215 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://5hardeningfruits.com
date: Mon, 12 Sep 2022 19:53:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

s3.amazonaws.com/5hardeningfruits/favicon.png?v1

52.216.44.152

200 OK

7.5 kB

URL HTTP/1.1
s3.amazonaws.com/5hardeningfruits/favicon.png?v1
IP
52.216.44.152:0
ASN
#0

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
7.5 kB (7505 bytes)
Hash
38e432dea39b78bb4da8f0f632de7a90
a440f4ceb7137bd05f7a503da212edefcb0bce08
5cdd0ec4a9ecfd5477eeef0d377a38b5b59bdc51e9b6af85dfa95abfc5766d0e

HTTP Headers

GET /5hardeningfruits/favicon.png?v1 HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 4ld6twtKGK5JNkZtyLIHpmPQTGgx4jFPCJHo7TlHRvdinkgzWrnH4S57rDJpg3VQfBbzNvJP/74=
x-amz-request-id: Q30N8JQRQTK3PJP9
Date: Mon, 12 Sep 2022 19:53:09 GMT
Last-Modified: Sun, 03 May 2020 02:29:15 GMT
ETag: "38e432dea39b78bb4da8f0f632de7a90"
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 7505

ocsp.starfieldtech.com/

192.124.249.24

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
5653c118bf55234a5e53089b842adc27
262d555b83315c5adca74bd85f9f3d7a160dfd9f
903c0dcd039d4dd7b03b7b5cc80a1d82df16f44119aa0c7abfee33d68f25d4a7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 12 Sep 2022 19:53:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 12 Sep 2022 15:03:55 GMT
Expires: Tue, 13 Sep 2022 15:03:55 GMT
ETag: "262d555b83315c5adca74bd85f9f3d7a160dfd9f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.starfieldtech.com/

192.124.249.24

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
5653c118bf55234a5e53089b842adc27
262d555b83315c5adca74bd85f9f3d7a160dfd9f
903c0dcd039d4dd7b03b7b5cc80a1d82df16f44119aa0c7abfee33d68f25d4a7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 12 Sep 2022 19:53:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 12 Sep 2022 15:03:55 GMT
Expires: Tue, 13 Sep 2022 15:03:55 GMT
ETag: "262d555b83315c5adca74bd85f9f3d7a160dfd9f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

quick.vidalytics.com/video/KwmJQD4K/hN9XOCdsSJa_3C81/30338/24040/stream.mpd

192.229.220.49

200 OK

4.7 kB

URL HTTP/2
quick.vidalytics.com/video/KwmJQD4K/hN9XOCdsSJa_3C81/30338/24040/stream.mpd
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
XML 1.0 document text\012- XML document, ASCII text
Size
4.7 kB (4677 bytes)
Hash
6a2f32a52327dd85e57a41549f4be3cf
ba73b4388f183e23cfbb390b501f05c569c7ade7
e28d2c24e6e7cf8b718b466b8e4a51cb33c3bcf113661f0e6a6a7d38d8e887d7

HTTP Headers

GET /video/KwmJQD4K/hN9XOCdsSJa_3C81/30338/24040/stream.mpd HTTP/1.1
Host: quick.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-cdn, x-cdn-info
age: 23516938
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
content-type: application/dash+xml
date: Mon, 12 Sep 2022 19:53:09 GMT
etag: "6a2f32a52327dd85e57a41549f4be3cf"
expires: Thu, 07 Sep 2023 19:53:09 GMT
last-modified: Thu, 18 Feb 2021 14:05:35 GMT
server: ECAcc (ska/F79A)
x-cache: HIT
x-cdn: 3
x-goog-generation: 1613657135576277
x-goog-hash: crc32c=M83nuA==, md5=ai8ypSMn3YXlekFUn0vjzw==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4677
x-guploader-uploadid: ADPycdvwDsMpmwnQwBi9A4xUUhuRZVKZQtqR8Gx5VXPtJBRlalHw5t8w5EZxuYwmsZHxje9KahT1qGe-0UudxUr9Jcg
content-length: 4677
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.41

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.41:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
10fd4512a399d46daed91968e476438f
5756e8ad0df6b98779606b1e325b71cc3e8760c3
c130d4b1a415528060712e45854b8397fffb588686c13ce8b89a6e12d2ce95e3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 12 Sep 2022 19:53:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 12 Sep 2022 07:37:00 GMT
Expires: Tue, 13 Sep 2022 07:37:00 GMT
ETag: "5756e8ad0df6b98779606b1e325b71cc3e8760c3"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

quick.vidalytics.com/video/KwmJQD4K/hN9XOCdsSJa_3C81/30338/24040/webm/video/640x360_vp9_280624/init.mp4

192.229.220.49

200 OK

459 B

URL HTTP/2
quick.vidalytics.com/video/KwmJQD4K/hN9XOCdsSJa_3C81/30338/24040/webm/video/640x360_vp9_280624/init.mp4
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
459 B (459 bytes)
Hash
ba624a7024d5fa608c6d131674fc3e00
11bf1529d665f0cf9c31aebc1e6f34b313f9e5aa
3907f3ed039d3a30b92803585d27e31bd0d1d8d5902a7b3d882a59befcddadeb

HTTP Headers

GET /video/KwmJQD4K/hN9XOCdsSJa_3C81/30338/24040/webm/video/640x360_vp9_280624/init.mp4 HTTP/1.1
Host: quick.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-cdn, x-cdn-info
age: 27136185
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
content-type: video/mp4
date: Mon, 12 Sep 2022 19:53:09 GMT
etag: "ba624a7024d5fa608c6d131674fc3e00"
expires: Thu, 07 Sep 2023 19:53:09 GMT
last-modified: Thu, 18 Feb 2021 14:03:33 GMT
server: ECAcc (ska/F68F)
x-cache: HIT
x-cdn: 3
x-goog-generation: 1613657013469351
x-goog-hash: crc32c=34nc8Q==, md5=umJKcCTV+mCMbRMWdPw+AA==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 459
x-guploader-uploadid: ADPycdv7GB3bex8DdNk7Z2tpLUcC8JhgRZBk1-nei7milWyMk03lxazFIDLUbZHXNHOTrZSzDqAj9j27XkSeOGs1RSYfr9yymg
content-length: 459
X-Firefox-Spdy: h2

licensing.bitmovin.com/licensing

35.227.229.24

200 OK

165 B

URL HTTP/2
licensing.bitmovin.com/licensing
IP
35.227.229.24:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
165 B (165 bytes)
Hash
bad32d07dc1ad9e3d334785067afbf34
653f8f612c6646daae0122b3b27e2c11486f86a4
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638

HTTP Headers

POST /licensing HTTP/1.1
Host: licensing.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 151
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Mon, 12 Sep 2022 19:53:09 GMT
content-length: 165
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/licensing

35.190.27.197

200 OK

117 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/licensing
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
117 B (117 bytes)
Hash
f90d2c53623621471228392bf3047e2a
b9f0bb5e8fd5fd97cb47a25edb9b6950ad51627e
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700

HTTP Headers

POST /licensing HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 107
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: v1.53.0
date: Mon, 12 Sep 2022 19:53:09 GMT
content-type: application/json
content-length: 117
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1250
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.53.0
date: Mon, 12 Sep 2022 19:53:08 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

quick.vidalytics.com/video/KwmJQD4K/hN9XOCdsSJa_3C81/30338/24040/webm/video/640x360_vp9_280624/s_0.webm

192.229.220.49

200 OK

123 kB

URL HTTP/2
quick.vidalytics.com/video/KwmJQD4K/hN9XOCdsSJa_3C81/30338/24040/webm/video/640x360_vp9_280624/s_0.webm
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
data
Size
123 kB (122865 bytes)
Hash
e5fc252a396ff976092592c4191e2fe3
99ea65ad67d1d7e8a68ffde4d3f322415ad5ad26
d631a276d553cb282df46aa172298e227e55d84b61f6c982ca4b3ef8dc30e5f7

HTTP Headers

GET /video/KwmJQD4K/hN9XOCdsSJa_3C81/30338/24040/webm/video/640x360_vp9_280624/s_0.webm HTTP/1.1
Host: quick.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-cdn, x-cdn-info
age: 27136185
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
content-type: video/mp4
date: Mon, 12 Sep 2022 19:53:09 GMT
etag: "e5fc252a396ff976092592c4191e2fe3"
expires: Thu, 07 Sep 2023 19:53:09 GMT
last-modified: Thu, 18 Feb 2021 14:03:53 GMT
server: ECAcc (ska/F74C)
x-cache: HIT
x-cdn: 3
x-goog-generation: 1613657033332610
x-goog-hash: crc32c=sV9wXw==, md5=5fwlKjlv+XYJJZLEGR4v4w==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 122865
x-guploader-uploadid: ADPycduXEwtddneT6IAumwuSYnsCXJUuxZ8yKOoxtbs4-c_SLWKbwGeYb-CZPkbzBfYKMXsEfQNXfcngUz8EhLk1Bmc
content-length: 122865
X-Firefox-Spdy: h2

quick.vidalytics.com/video/KwmJQD4K/hN9XOCdsSJa_3C81/30338/24040/webm/video/1280x720_vp9_1000000/init.mp4

192.229.220.49

200 OK

459 B

URL HTTP/2
quick.vidalytics.com/video/KwmJQD4K/hN9XOCdsSJa_3C81/30338/24040/webm/video/1280x720_vp9_1000000/init.mp4
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
459 B (459 bytes)
Hash
9a2b5f4f419ac2cc9aa4bb0b21922f77
46212fc6dc2a1f89d6977db2f60cca005a1e9d58
a2faff7809f5c2ea6fce9a591deb24c68ea36b61f1c7916926a6dcb1c5698dda

HTTP Headers

GET /video/KwmJQD4K/hN9XOCdsSJa_3C81/30338/24040/webm/video/1280x720_vp9_1000000/init.mp4 HTTP/1.1
Host: quick.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-cdn, x-cdn-info
age: 23512193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
content-type: video/mp4
date: Mon, 12 Sep 2022 19:53:09 GMT
etag: "9a2b5f4f419ac2cc9aa4bb0b21922f77"
expires: Thu, 07 Sep 2023 19:53:09 GMT
last-modified: Thu, 18 Feb 2021 14:03:37 GMT
server: ECAcc (ska/F74A)
x-cache: HIT
x-cdn: 3
x-goog-generation: 1613657017741138
x-goog-hash: crc32c=CJMs4Q==, md5=mitfT0GawsyapLsLIZIvdw==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 459
x-guploader-uploadid: ADPycdtKQlTVB4CU45nHm1VjTw62jaR1-L9QB9nNNprMpF9cIfO3pDnbdupuwECIxgkfi7NERGwH4D1rT_lfgODEjO8
content-length: 459
X-Firefox-Spdy: h2

licensing.bitmovin.com/impression

35.227.229.24

204 No Content

0 B

URL HTTP/2
licensing.bitmovin.com/impression
IP
35.227.229.24:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /impression HTTP/1.1
Host: licensing.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Mon, 12 Sep 2022 19:53:09 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

quick.vidalytics.com/video/KwmJQD4K/hN9XOCdsSJa_3C81/30338/24040/webm/video/1280x720_vp9_1000000/s_1.webm

192.229.220.49

200 OK

319 kB

URL HTTP/2
quick.vidalytics.com/video/KwmJQD4K/hN9XOCdsSJa_3C81/30338/24040/webm/video/1280x720_vp9_1000000/s_1.webm
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
data
Size
319 kB (318988 bytes)
Hash
a4307b8a95814d8bb7296d0230ab9021
9ca148e4a11fb1264a4707b0eadc1b7aad020ad8
8f0c593d4dabdab2674b03dec5be329945296b42b7a4ca2fa2c109432a2b342e

HTTP Headers

GET /video/KwmJQD4K/hN9XOCdsSJa_3C81/30338/24040/webm/video/1280x720_vp9_1000000/s_1.webm HTTP/1.1
Host: quick.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-cdn, x-cdn-info
age: 23532800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
content-type: video/mp4
date: Mon, 12 Sep 2022 19:53:10 GMT
etag: "a4307b8a95814d8bb7296d0230ab9021"
expires: Thu, 07 Sep 2023 19:53:10 GMT
last-modified: Thu, 18 Feb 2021 14:03:37 GMT
server: ECAcc (ska/F6A5)
x-cache: HIT
x-cdn: 3
x-goog-generation: 1613657017902975
x-goog-hash: crc32c=BhVehw==, md5=pDB7ipWBTYu3KW0CMKuQIQ==
x-goog-metageneration: 3
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 318988
x-guploader-uploadid: ADPycdsZVzEm3mSejdkkE5UZX-uF60NySGpAhfewikKNM-1x9VUGX1cIoC46D0kEYI-e7J3VpuQ5Ev3wZf6WXRwuvZ2OMoUHpQ
content-length: 318988
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/licensing

35.190.27.197

200 OK

117 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/licensing
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
117 B (117 bytes)
Hash
f90d2c53623621471228392bf3047e2a
b9f0bb5e8fd5fd97cb47a25edb9b6950ad51627e
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700

HTTP Headers

POST /licensing HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 107
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: v1.53.0
date: Mon, 12 Sep 2022 19:53:09 GMT
content-type: application/json
content-length: 117
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1252
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.53.0
date: Mon, 12 Sep 2022 19:53:09 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1829
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.53.0
date: Mon, 12 Sep 2022 19:53:09 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1800
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.53.0
date: Mon, 12 Sep 2022 19:53:10 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1792
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.53.0
date: Mon, 12 Sep 2022 19:53:10 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

stats.vidalytics.com/awesome-log?cid=KwmJQD4K

34.107.158.93

200 OK

43 B

URL HTTP/2
stats.vidalytics.com/awesome-log?cid=KwmJQD4K
IP
34.107.158.93:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

HTTP Headers

GET /awesome-log?cid=KwmJQD4K HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: istio-envoy
date: Mon, 12 Sep 2022 19:53:10 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, public, max-age=2592000
etag: "KwmJQD4K/1LIRzNXsvp_LicRb"
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
x-envoy-upstream-service-time: 1273
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
48edf2e08784806dfe70f3f972c5e0c7
07ab5052df19a2f509c5f188ab674533fa9838a3
7f1e3c903d2792e7ff18d66e78201627cd0488ea24fddbe6e449598eb11c354e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 19:53:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 12:14:57 GMT
Expires: Mon, 19 Sep 2022 12:14:56 GMT
Etag: "07ab5052df19a2f509c5f188ab674533fa9838a3"
Cache-Control: max-age=576705,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749b30116c79b51d-OSL

stats.vidalytics.com/scribe

34.107.158.93

200 OK

16 B

URL HTTP/2
stats.vidalytics.com/scribe
IP
34.107.158.93:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 457
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Mon, 12 Sep 2022 19:53:10 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stats.vidalytics.com/awesome-log?cid=KwmJQD4K

34.107.158.93

200 OK

43 B

URL HTTP/2
stats.vidalytics.com/awesome-log?cid=KwmJQD4K
IP
34.107.158.93:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

HTTP Headers

GET /awesome-log?cid=KwmJQD4K HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: istio-envoy
date: Mon, 12 Sep 2022 19:53:10 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, public, max-age=2592000
etag: "KwmJQD4K/kHYssDMjhZMxWyrk"
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
x-envoy-upstream-service-time: 1312
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

34.107.158.93

200 OK

16 B

URL HTTP/2
stats.vidalytics.com/scribe
IP
34.107.158.93:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 590
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Mon, 12 Sep 2022 19:53:10 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7c85e22b75dd559a6c65736bae63c5bd
eb57470991666108a01b8ee0adf707e1c1dc8642
bd05cc5dfc5ddd554cc9ac5395035ce302b0b74343d199a64b2dbdcac0070944

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 19:53:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-164718397-1&cid=616409210.1663012376&jid=346232221&gjid=2032619049&_gid=1589458624.1663012376&_u=YEBAAEAAAAAAAC~&z=844739447

142.251.1.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-164718397-1&cid=616409210.1663012376&jid=346232221&gjid=2032619049&_gid=1589458624.1663012376&_u=YEBAAEAAAAAAAC~&z=844739447
IP
142.251.1.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-164718397-1&cid=616409210.1663012376&jid=346232221&gjid=2032619049&_gid=1589458624.1663012376&_u=YEBAAEAAAAAAAC~&z=844739447 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://5hardeningfruits.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Sep 2022 19:53:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7c85e22b75dd559a6c65736bae63c5bd
eb57470991666108a01b8ee0adf707e1c1dc8642
bd05cc5dfc5ddd554cc9ac5395035ce302b0b74343d199a64b2dbdcac0070944

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 19:53:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
45b55c678e2944a30a6d8160bb6e4a94
a1ac0c9681902e7d64e49bd9e146820ce2c60f4f
5a89db56a9b47aa3e426799671db9b25a42d7dd7d6881c66eca7ed37facf6bd9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 19:53:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4fd53df42280409cd83e9f2cbd753bb6
c7879abb078bdc6dfd363f72509d1f36e5a8a622
c6eecc725ec5cf4376f99fafaf029eaa6f207dceefb09c09f1e8aaaa1fa1b5f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 19:53:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-164718397-1&cid=616409210.1663012376&jid=346232221&_u=YEBAAEAAAAAAAC~&z=1561680582

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-164718397-1&cid=616409210.1663012376&jid=346232221&_u=YEBAAEAAAAAAAC~&z=1561680582
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-164718397-1&cid=616409210.1663012376&jid=346232221&_u=YEBAAEAAAAAAAC~&z=1561680582 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 19:53:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-164718397-1&cid=616409210.1663012376&jid=346232221&_u=YEBAAEAAAAAAAC~&z=1561680582

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-164718397-1&cid=616409210.1663012376&jid=346232221&_u=YEBAAEAAAAAAAC~&z=1561680582
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-164718397-1&cid=616409210.1663012376&jid=346232221&_u=YEBAAEAAAAAAAC~&z=1561680582 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 19:53:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4fd53df42280409cd83e9f2cbd753bb6
c7879abb078bdc6dfd363f72509d1f36e5a8a622
c6eecc725ec5cf4376f99fafaf029eaa6f207dceefb09c09f1e8aaaa1fa1b5f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 19:53:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
437c7ccd2c357dd83d6b9a5118d4b402
e0002389b286a960b454a92aeb3d1a1e08317ff2
9a5b3bdb7765ea21d7147a0c8022198a1be6c8256fa594b53732cf59e86532b9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 19:53:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.godaddy.com/

192.124.249.41

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.41:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
10fd4512a399d46daed91968e476438f
5756e8ad0df6b98779606b1e325b71cc3e8760c3
c130d4b1a415528060712e45854b8397fffb588686c13ce8b89a6e12d2ce95e3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 12 Sep 2022 19:53:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 12 Sep 2022 07:37:00 GMT
Expires: Tue, 13 Sep 2022 07:37:00 GMT
ETag: "5756e8ad0df6b98779606b1e325b71cc3e8760c3"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.godaddy.com/

192.124.249.41

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.41:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
10fd4512a399d46daed91968e476438f
5756e8ad0df6b98779606b1e325b71cc3e8760c3
c130d4b1a415528060712e45854b8397fffb588686c13ce8b89a6e12d2ce95e3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 12 Sep 2022 19:53:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 12 Sep 2022 07:37:00 GMT
Expires: Tue, 13 Sep 2022 07:37:00 GMT
ETag: "5756e8ad0df6b98779606b1e325b71cc3e8760c3"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1841
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.53.0
date: Mon, 12 Sep 2022 19:53:13 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1812
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.53.0
date: Mon, 12 Sep 2022 19:53:14 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1843
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.53.0
date: Mon, 12 Sep 2022 19:53:14 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1806
Origin: https://5hardeningfruits.com
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.53.0
date: Mon, 12 Sep 2022 19:53:14 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7b5d084-5c6a-4cec-9577-bb8c3a155234.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10363 bytes)
Hash
5bdaf9b909a8b8fd2f02eeb8930e2d19
3df316da4ed46403a50a0cdc688613cb1334da0b
177e68bddbfdafe455c5aa1aad9c0654c83ab91500043cbc366d1397aea53e22

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7b5d084-5c6a-4cec-9577-bb8c3a155234.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10363
x-amzn-requestid: ce8239d7-9838-4fd9-9a2a-d788b2d4205b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUKcpGepIAMFvuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e5783-38cb8ddf79347e4e7fbb1041;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:47:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cms2j1USzEq1FpNcXq9W_i3WirZXI0ElxYjQYEznccjmNhGDblVVbw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:55:55 GMT
age: 79040
etag: "3df316da4ed46403a50a0cdc688613cb1334da0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

5hardeningfruits.com/shared/js/ouibounce.min.js

155.138.203.162

200 OK

0 B

URL HTTP/2
5hardeningfruits.com/shared/js/ouibounce.min.js
IP
155.138.203.162:0
ASN
#20473 AS-CHOOPA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /shared/js/ouibounce.min.js HTTP/1.1
Host: 5hardeningfruits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458
Cookie: PHPSESSID=j6okdt8bs6ncc71vbe5augc6mr; affid=1171; beenhere1=beenhere
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx-rc
date: Mon, 12 Sep 2022 19:53:07 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 17:49:24 GMT
vary: Accept-Encoding
etag: W/"628d1aa4-658"
expires: Wed, 12 Oct 2022 19:53:07 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 12 Sep 2022 19:53:07 GMT
date: Mon, 12 Sep 2022 19:53:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

dev.visualwebsiteoptimizer.com/j.php?a=2887&u=https%3A%2F%2F5hardeningfruits.com%2Fv%2Fdlandvsl.php%3Fa%3D1171%26s1%3D1458%26s2%3D5771_sessid20220912195312092%26s3%3D%26s4%3D%26s5%3D%26o%3D84%26r%3D59503859%26utm_medium%3D1171%26utm_source%3D1458&f=1&r=0.08967176429976986

34.96.102.137

200 OK

0 B

URL HTTP/2
dev.visualwebsiteoptimizer.com/j.php?a=2887&u=https%3A%2F%2F5hardeningfruits.com%2Fv%2Fdlandvsl.php%3Fa%3D1171%26s1%3D1458%26s2%3D5771_sessid20220912195312092%26s3%3D%26s4%3D%26s5%3D%26o%3D84%26r%3D59503859%26utm_medium%3D1171%26utm_source%3D1458&f=1&r=0.08967176429976986
IP
34.96.102.137:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /j.php?a=2887&u=https%3A%2F%2F5hardeningfruits.com%2Fv%2Fdlandvsl.php%3Fa%3D1171%26s1%3D1458%26s2%3D5771_sessid20220912195312092%26s3%3D%26s4%3D%26s5%3D%26o%3D84%26r%3D59503859%26utm_medium%3D1171%26utm_source%3D1458&f=1&r=0.08967176429976986 HTTP/1.1
Host: dev.visualwebsiteoptimizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5hardeningfruits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Sep 2022 19:53:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache,max-age=0
etag: W/"1662998467"
server: gams1
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

5hardeningfruits.com/v/css/dlandvsl-hf92.css?v=1.3

155.138.203.162

200 OK

0 B

URL HTTP/2
5hardeningfruits.com/v/css/dlandvsl-hf92.css?v=1.3
IP
155.138.203.162:0
ASN
#20473 AS-CHOOPA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v/css/dlandvsl-hf92.css?v=1.3 HTTP/1.1
Host: 5hardeningfruits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458
Cookie: PHPSESSID=j6okdt8bs6ncc71vbe5augc6mr; affid=1171; beenhere1=beenhere
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx-rc
date: Mon, 12 Sep 2022 19:53:07 GMT
content-type: text/css
last-modified: Tue, 24 May 2022 17:49:24 GMT
vary: Accept-Encoding
etag: W/"628d1aa4-1ad2"
expires: Wed, 12 Oct 2022 19:53:07 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

5hardeningfruits.com/v/css/app-modal.css?v=1.2

155.138.203.162

200 OK

0 B

URL HTTP/2
5hardeningfruits.com/v/css/app-modal.css?v=1.2
IP
155.138.203.162:0
ASN
#20473 AS-CHOOPA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v/css/app-modal.css?v=1.2 HTTP/1.1
Host: 5hardeningfruits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458
Cookie: PHPSESSID=j6okdt8bs6ncc71vbe5augc6mr; affid=1171; beenhere1=beenhere
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx-rc
date: Mon, 12 Sep 2022 19:53:07 GMT
content-type: text/css
last-modified: Tue, 24 May 2022 17:49:24 GMT
vary: Accept-Encoding
etag: W/"628d1aa4-6e3"
expires: Wed, 12 Oct 2022 19:53:07 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

5hardeningfruits.com/v/css/ouibounce.min.css?v=1.2

155.138.203.162

200 OK

0 B

URL HTTP/2
5hardeningfruits.com/v/css/ouibounce.min.css?v=1.2
IP
155.138.203.162:0
ASN
#20473 AS-CHOOPA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v/css/ouibounce.min.css?v=1.2 HTTP/1.1
Host: 5hardeningfruits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5hardeningfruits.com/v/dlandvsl.php?a=1171&s1=1458&s2=5771_sessid20220912195312092&s3=&s4=&s5=&o=84&r=59503859&utm_medium=1171&utm_source=1458
Cookie: PHPSESSID=j6okdt8bs6ncc71vbe5augc6mr; affid=1171; beenhere1=beenhere
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx-rc
date: Mon, 12 Sep 2022 19:53:07 GMT
content-type: text/css
last-modified: Tue, 24 May 2022 17:49:24 GMT
vary: Accept-Encoding
etag: W/"628d1aa4-98c"
expires: Wed, 12 Oct 2022 19:53:07 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations