Report - ww38.gurardiananytime.com

Report Overview

Submitted URL
ww38.gurardiananytime.com
IP
76.223.26.96
ASN
#16509 AMAZON-02
Submitted
2023-02-07 19:46:56
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
d38psrni17bvxu.cloudfront.net	unknown	2022-09-22T18:48:38Z	2023-03-13T08:42:29Z	366 B	12 kB	54.230.245.138
ww38.gurardiananytime.com	unknown			2.2 kB	10 kB	13.248.148.254
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.0 kB	5.3 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	2.2 kB	58 kB	216.58.207.228
c.parkingcrew.net	70582	2017-01-29T20:17:16Z	2023-03-13T05:45:41Z	301 B	1.0 kB	185.53.178.30
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.4 kB	4.9 kB	216.58.211.3
afs.googleusercontent.com	12123	2013-05-06T21:11:00Z	2023-03-13T05:21:41Z	885 B	2.1 kB	142.250.74.97
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	44.241.148.153
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
partner.googleadservices.com	798	2012-10-03T03:04:21Z	2023-03-13T08:39:17Z	484 B	794 B	142.250.74.34
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	62 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 15:12:20 Times Seen37093917 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ww38.gurardiananytime.com/	656 B	2023-03-13	2023-03-13
Pretty URL ww38.gurardiananytime.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:13:53 Last Seen2023-03-13 19:13:53 Times Seen1 Hash e75fda40d575f196a3888011d6224371 932d6989b07aeb69aa43cea6b991f0d8a74e6760 de2bfa9238f8d584469ee927df7bbfbb9b21ceb10288bab31686f42f97513417 Loading...

	ww38.gurardiananytime.com/	71 B	2023-03-08	2024-01-04
Pretty URL ww38.gurardiananytime.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:23:53 Last Seen2024-01-04 08:38:22 Times Seen25410 Hash 1a5a5e1b6a26f57b95e3dd42f60612f4 b62a27e55a59b49084e682bd3c1588f6a40881ab 4066da16910907c7962da8e7011bf0cd62b6f2dcddb1911e3ea2de03ce3e1dc7 Loading...

	www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.gurardiananytime.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2M2UyYWFhNWM5MjRlfHx8MTY3NTc5OTIwNS44Mjg4fDM2YmUxOWUzMjFiODQ3MTM4M2YzNTMwOGRlOGRlOWIzNjZmZTY4YTB8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw1MjJiZmNmM2E0ZWNlZDgwNTU1ZDY1YzM5Yjk2NjY4MDg3ZGQyOGRifDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&terms=Log%20In%2CGuardian%20Dental%2CDental%20Providers&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2997733908933946&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r3%7Cs&nocache=5951675799257410&num=0&output=afd_ads&domain_name=ww38.gurardiananytime.com&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1675799257411&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=795&frm=0&cl=505790017&uio=--&cont=tc&jsid=caf&jsv=505790017&rurl=http%3A%2F%2Fww38.gurardiananytime.com%2F&adbw=master-1%3A530	6.2 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.gurardiananytime.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2M2UyYWFhNWM5MjRlfHx8MTY3NTc5OTIwNS44Mjg4fDM2YmUxOWUzMjFiODQ3MTM4M2YzNTMwOGRlOGRlOWIzNjZmZTY4YTB8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw1MjJiZmNmM2E0ZWNlZDgwNTU1ZDY1YzM5Yjk2NjY4MDg3ZGQyOGRifDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&terms=Log%20In%2CGuardian%20Dental%2CDental%20Providers&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2997733908933946&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r3%7Cs&nocache=5951675799257410&num=0&output=afd_ads&domain_name=ww38.gurardiananytime.com&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1675799257411&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=795&frm=0&cl=505790017&uio=--&cont=tc&jsid=caf&jsv=505790017&rurl=http%3A%2F%2Fww38.gurardiananytime.com%2F&adbw=master-1%3A530 IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:13:54 Last Seen2023-03-13 19:13:54 Times Seen1 Hash 5488bf1478b01712e3145ef8d9c816f0 ecdb8569f8e79da3d16d06c8a4bebcdc1fd20215 4cbe9e68e1ffcba1283c003ae583878a32aa1a43cee56ec5e08ea1486e0b2cd6 Loading...

	c.parkingcrew.net/scripts/sale_form.js	761 B	2023-03-07	2024-04-26
Pretty URL c.parkingcrew.net/scripts/sale_form.js IP 185.53.178.30 ASN #19905 NEUSTAR-AS6 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:27 Last Seen2024-04-26 07:02:15 Times Seen10875 Hash 64f809e06446647e192fce8d1ec34e09 5b7ced07da42e205067afa88615317a277a4a82c f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3 Loading...

	ww38.gurardiananytime.com/	968 B	2023-03-08	2024-04-26
Pretty URL ww38.gurardiananytime.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:24:08 Last Seen2024-04-26 14:33:42 Times Seen27737 Hash c77554570ae0fa8e4fb31747dc213058 e989fbde07e6a68975c7a31e1d4df76afd90b96f c3f831fe1717c6d76a8950ac5e7dc88ceee7440d079b11584be5c6c5b3269e77 Loading...

	ww38.gurardiananytime.com/	1.2 kB	2023-03-13	2023-03-13
Pretty URL ww38.gurardiananytime.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:13:54 Last Seen2023-03-13 19:13:54 Times Seen1 Hash f1eeab680a8a86ac515c8e248dff15cb a4ba5ece404a3db80ed7d2502c3149a243172aa3 7ce74fd72ebb80564e829a6e6c1945c21721bd88f936480e115002b995f46324 Loading...

	ww38.gurardiananytime.com/	472 B	2023-03-13	2024-01-03
Pretty URL ww38.gurardiananytime.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:13:46 Last Seen2024-01-03 14:22:39 Times Seen25251 Hash d31eefc1e54bdae9204297e4ae5b9cce fc49bf319586a623670a81c01d43bbd93b477fbb 2683a6247a15433dd269eaefbc7131b1326c7bc0146361913ea10ad8fa23bb14 Loading...

	ww38.gurardiananytime.com/	2.9 kB	2023-03-13	2023-03-13
Pretty URL ww38.gurardiananytime.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:13:54 Last Seen2023-03-13 19:13:54 Times Seen1 Hash 27cf8b86bc36ffd92f1e764125cd9cb1 136eff11a5674334e430664ddb9b4ffde7423b48 baf003e30b355b6fbd4c2a5c38b087bf80cf9e9acfbc5ee118b7f75b92adad9e Loading...

	ww38.gurardiananytime.com/	40 B	2023-03-08	2023-05-23
Pretty URL ww38.gurardiananytime.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:24:08 Last Seen2023-05-23 17:14:04 Times Seen4695 Hash bbf1d9896eb3544c767d965a657e142c 5df55c7669b87f414501ffc91de02e4756141a83 f73cb6aef53ef853b780335ddf7d4cb319edcf02c8c050f270639a91226a09bc Loading...

	ww38.gurardiananytime.com/	20 B	2023-03-12	2024-01-03
Pretty URL ww38.gurardiananytime.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:00:05 Last Seen2024-01-03 14:22:39 Times Seen13851 Hash bb9472ed191ad69435d630c50e139a17 4efa10c70dbfe37ec4c8bb5a04b907c549de7e3d eec645c8d410f4d6accc5c4c3326bbff80fdd9d105e423ad50c5c87b22845492 Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/adsense/domains/caf.js IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:36:48 Last Seen2023-03-13 20:49:08 Times Seen1 Hash 73b9ca6792438a758fcfc12516e8c2ef ff64bec9d87c21137846a6ef21bfff551ed30174 4555524547f44ee99433684f2f89b642b85f4604ac8e977a61497b42e37e3e9d Loading...

	ww38.gurardiananytime.com/	246 B	2023-03-13	2023-03-13
Pretty URL ww38.gurardiananytime.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:13:54 Last Seen2023-03-13 19:13:54 Times Seen1 Hash 646231d05135009a9059f27832e13f7a 7ce9220e73eca988ffdb13b34f836d6b551ffd59 95bce616fa55ec789d24ccea95ad3a3f85b0ccee2c77ee145b7baeb66033a993 Loading...

	ww38.gurardiananytime.com/	7.0 kB	2023-03-13	2024-01-03
Pretty URL ww38.gurardiananytime.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:10:31 Last Seen2024-01-03 14:22:39 Times Seen25920 Hash 04b2b624f94797c26d17a57f399d9356 3143986e839c47a5c1eff03bd9df63ecc54dca9c 233b1cbfb295a0629bcf68a2a4198a62132f02ee1f061ada2ce7143bd5d2dabb Loading...

	ww38.gurardiananytime.com/	65 B	2023-03-13	2023-05-19
Pretty URL ww38.gurardiananytime.com/ IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:16:05 Last Seen2023-05-19 19:44:36 Times Seen3 Hash 66f851dfc2ebad7ccdd247e2e2416f64 8ecf0e88fb1cec844b433317395bf989c11af4be eb9119dafa797397e286d0ed2391a097f8647982271c2b73b3c79837554c03f8 Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=ww38.gurardiananytime.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie	380 B	2023-03-13	2023-03-13
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=ww38.gurardiananytime.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:13:54 Last Seen2023-03-13 19:13:54 Times Seen1 Hash 2723c3d608afee016026bbec2a6b0a6c 1f5b9230c8671a5b2e69e9dfd42d334f6c9bee92 cf6a1a98318ef2e1e58cbe09ae641d3aef09367ecae3d41fb55df8f092af2a40 Loading...

HTTP Transactions (37)

	URL	IP	Response	Size
	ww38.gurardiananytime.com/	13.248.148.254	200 OK	7.3 kB
URL HTTP/1.1 ww38.gurardiananytime.com/ IP 13.248.148.254:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2642) Size 7.3 kB (7300 bytes) Hash bd50fc8e8c62b3a2baca9995c5132b94 40d4e465cd71f9e610d8f696705593bbb8e49aa8 ba05ecaae6eb6334171b5ad3b861b37b3ef6ee7eed38e464972ea65ce15e4e49 HTTP Headers `GET / HTTP/1.1 Host: ww38.gurardiananytime.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 200 OK Date: Tue, 07 Feb 2023 19:46:45 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Buckets: bucket102 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Y/yIZayDv8FxBv0TrRhBy0N0IqeEJPmrw64imI1LvXsLwVPqtSSIWPKsgInUeXuY8xZ/1yxBpmJLCmD/5lH6Dg== X-Template: tpl_CleanPeppermintBlack_twoclick X-Language: norwegian Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 X-Domain: gurardiananytime.com X-Subdomain: ww38 Content-Encoding: gzip

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 507011ccb9124dcd57e84a90a0965cc4 1a6575d0ac979c7184490cc9836ac4812ad2afd1 01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE" Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20721 Expires: Wed, 08 Feb 2023 01:32:06 GMT Date: Tue, 07 Feb 2023 19:46:45 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a cfdba5bc597130461dd67bf6cda53183be592493 60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D" Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8689 Expires: Tue, 07 Feb 2023 22:11:34 GMT Date: Tue, 07 Feb 2023 19:46:45 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash bf0c602d32b3c14606f22a86183b5e3c 6eabd8d83475eba731968abe1a05a8bfd272f160 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 07 Feb 2023 19:36:32 GMT content-type: application/json age: 613 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash cc14b0d2f7c451f6431dc87ba54d1d60 bab8bfda6fa3e2f17125353f5147211787dc25d0 b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD" Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3864 Expires: Tue, 07 Feb 2023 20:51:09 GMT Date: Tue, 07 Feb 2023 19:46:45 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e76071a28ee566dababb3834f46d68ed aebb4e68c1ba2de0f90025283e8ed8470944fde0 78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: QtvIDmGZ0mcC74+QtghSaFrHLf0tuZ+Eqy31k5OrDPABI2P4/GEr8CvwNay71kEIMOdAB3odGHFiBVwhFizUww== x-amz-request-id: T5DPK7KFKACHFYD9 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 07 Feb 2023 19:45:41 GMT age: 64 last-modified: Sun, 29 Jan 2023 18:44:47 GMT etag: "e76071a28ee566dababb3834f46d68ed" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	www.google.com/adsense/domains/caf.js?abp=1	216.58.207.228	200 OK	53 kB
URL HTTP/1.1 www.google.com/adsense/domains/caf.js?abp=1 IP 216.58.207.228:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1745) Size 53 kB (53259 bytes) Hash 2401ef5f5cf17b0dfe830b62a423c5c5 45e06ca2c2194fdb6d1ff6ddaff209896d43ce32 fa5f281bf91bd6820de4d7031b8854635fdb5fafe8a9fa98a217b26340ecee6c HTTP Headers `GET /adsense/domains/caf.js?abp=1 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww38.gurardiananytime.com/` HTTP/1.1 200 OK Accept-Ranges: bytes Vary: Accept-Encoding Content-Type: text/javascript; charset=UTF-8 Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui" Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} Date: Tue, 07 Feb 2023 19:46:46 GMT Expires: Tue, 07 Feb 2023 19:46:46 GMT Cache-Control: private, max-age=3600 ETag: "7764465575640781777" X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Server: sffe X-XSS-Protection: 0

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Tue, 07 Feb 2023 19:46:45 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	c.parkingcrew.net/scripts/sale_form.js	185.53.178.30	200 OK	761 B
URL HTTP/1.1 c.parkingcrew.net/scripts/sale_form.js IP 185.53.178.30:0 ASN #19905 NEUSTAR-AS6 File type ASCII text Size 761 B (761 bytes) Hash 64f809e06446647e192fce8d1ec34e09 5b7ced07da42e205067afa88615317a277a4a82c f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3 HTTP Headers `GET /scripts/sale_form.js HTTP/1.1 Host: c.parkingcrew.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww38.gurardiananytime.com/` `HTTP/1.1 200 OK Server: nginx Date: Tue, 07 Feb 2023 19:46:46 GMT Content-Type: application/javascript Content-Length: 761 Connection: keep-alive Last-Modified: Tue, 12 May 2020 14:25:52 GMT ETag: "5ebab1f0-2f9" Accept-Ranges: bytes`

	ww38.gurardiananytime.com/track.php?domain=gurardiananytime.com&toggle=browserjs&uid=MTY3NTc5OTIwNS44MjM5OjM1ZWRlZDk3OTY2NTVhYzFlMmRhY2EzMmRhY2NkNTY2MGQ1OTA2OTE0ZjczZjNmMDlhYmNiNWFmOWQ4ZmU5ZTI6NjNlMmFhYTVjOTI2Yg%3D%3D	13.248.148.254	200 OK	20 B
URL HTTP/1.1 ww38.gurardiananytime.com/track.php?domain=gurardiananytime.com&toggle=browserjs&uid=MTY3NTc5OTIwNS44MjM5OjM1ZWRlZDk3OTY2NTVhYzFlMmRhY2EzMmRhY2NkNTY2MGQ1OTA2OTE0ZjczZjNmMDlhYmNiNWFmOWQ4ZmU5ZTI6NjNlMmFhYTVjOTI2Yg%3D%3D IP 13.248.148.254:0 ASN #16509 AMAZON-02 File type data Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers `GET /track.php?domain=gurardiananytime.com&toggle=browserjs&uid=MTY3NTc5OTIwNS44MjM5OjM1ZWRlZDk3OTY2NTVhYzFlMmRhY2EzMmRhY2NkNTY2MGQ1OTA2OTE0ZjczZjNmMDlhYmNiNWFmOWQ4ZmU5ZTI6NjNlMmFhYTVjOTI2Yg%3D%3D HTTP/1.1 Host: ww38.gurardiananytime.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww38.gurardiananytime.com/` `HTTP/1.1 200 OK Date: Tue, 07 Feb 2023 19:46:46 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Custom-Track: browserjs Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 07 Feb 2023 18:51:19 GMT age: 3327 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 5bcb9125c18e4ed3562ceb950dc6eaad a6c6944804b772de3a487723e3e866c0219de230 94947430d745a6648a2e87f163bf474b4fd4513519360bf4bfecfabc141e5ff1 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 07 Feb 2023 19:46:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png	54.230.245.138	200 OK	11 kB
URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png IP 54.230.245.138:0 ASN #16509 AMAZON-02 File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data Size 11 kB (11375 bytes) Hash 0cb2e5165dc9324eb462199f04e1ffa9 9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8 67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865 HTTP Headers `GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1 Host: d38psrni17bvxu.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww38.gurardiananytime.com/` `HTTP/1.1 200 OK Content-Type: image/png Content-Length: 11375 Connection: keep-alive Server: nginx Date: Tue, 07 Feb 2023 01:21:39 GMT Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT Accept-Ranges: bytes ETag: "62b4441b-2c6f" X-Cache: Hit from cloudfront Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: pw24PKpwnqKbLWuWSMdgRmxVBMzuL_eZ7FVg0NqXdcvoVFGngCu66g== Age: 66307`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 5d1925325e512c8be92578a182ae6f82 154f013b79c99a816c0ad8034ee6501abdc7b4bb 8651879751a40a558cf5245fb94971490ffa3575955f4c867d6b4e240651dea2 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 07 Feb 2023 19:46:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	partner.googleadservices.com/gampad/cookie.js?domain=ww38.gurardiananytime.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie	142.250.74.34	200 OK	247 B
URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=ww38.gurardiananytime.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie IP 142.250.74.34:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (380), with no line terminators Size 247 B (247 bytes) Hash 338af8e8ab0e3c25e0f0d5dd2d98e843 df5ecfe687b1a901e6cf4f17abe8f923feb7eb65 2b50f3c6d3f2de84c1673b283cb39a32248b8004432e73a6bb8ac99342a715a0 HTTP Headers `GET /gampad/cookie.js?domain=ww38.gurardiananytime.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie HTTP/1.1 Host: partner.googleadservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://ww38.gurardiananytime.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin content-type: text/javascript; charset=UTF-8 x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: gzip date: Tue, 07 Feb 2023 19:46:46 GMT server: cafe cache-control: private content-length: 247 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.gurardiananytime.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2M2UyYWFhNWM5MjRlfHx8MTY3NTc5OTIwNS44Mjg4fDM2YmUxOWUzMjFiODQ3MTM4M2YzNTMwOGRlOGRlOWIzNjZmZTY4YTB8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw1MjJiZmNmM2E0ZWNlZDgwNTU1ZDY1YzM5Yjk2NjY4MDg3ZGQyOGRifDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&terms=Log%20In%2CGuardian%20Dental%2CDental%20Providers&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2997733908933946&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r3%7Cs&nocache=5951675799257410&num=0&output=afd_ads&domain_name=ww38.gurardiananytime.com&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1675799257411&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=795&frm=0&cl=505790017&uio=--&cont=tc&jsid=caf&jsv=505790017&rurl=http%3A%2F%2Fww38.gurardiananytime.com%2F&adbw=master-1%3A530	216.58.207.228	200 OK	2.2 kB
URL HTTP/2 www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.gurardiananytime.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2M2UyYWFhNWM5MjRlfHx8MTY3NTc5OTIwNS44Mjg4fDM2YmUxOWUzMjFiODQ3MTM4M2YzNTMwOGRlOGRlOWIzNjZmZTY4YTB8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw1MjJiZmNmM2E0ZWNlZDgwNTU1ZDY1YzM5Yjk2NjY4MDg3ZGQyOGRifDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&terms=Log%20In%2CGuardian%20Dental%2CDental%20Providers&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2997733908933946&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r3%7Cs&nocache=5951675799257410&num=0&output=afd_ads&domain_name=ww38.gurardiananytime.com&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1675799257411&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=795&frm=0&cl=505790017&uio=--&cont=tc&jsid=caf&jsv=505790017&rurl=http%3A%2F%2Fww38.gurardiananytime.com%2F&adbw=master-1%3A530 IP 216.58.207.228:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6115) Size 2.2 kB (2245 bytes) Hash af3b7c32346c550905304ce97b2dcb43 d1f4fa2c01cd03bec82be062a7c8c753693032e5 89d327a0c3c7ec3f90b9af827b23d24d3bebe10a718ef01615da5585eff4f6b7 HTTP Headers GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket102&client=dp-teaminternet09_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fww38.gurardiananytime.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2M2UyYWFhNWM5MjRlfHx8MTY3NTc5OTIwNS44Mjg4fDM2YmUxOWUzMjFiODQ3MTM4M2YzNTMwOGRlOGRlOWIzNjZmZTY4YTB8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw1MjJiZmNmM2E0ZWNlZDgwNTU1ZDY1YzM5Yjk2NjY4MDg3ZGQyOGRifDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&terms=Log%20In%2CGuardian%20Dental%2CDental%20Providers&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2997733908933946&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002&format=r3%7Cs&nocache=5951675799257410&num=0&output=afd_ads&domain_name=ww38.gurardiananytime.com&v=3&bsl=8&pac=2&u_his=1&u_tz=0&dt=1675799257411&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=795&frm=0&cl=505790017&uio=--&cont=tc&jsid=caf&jsv=505790017&rurl=http%3A%2F%2Fww38.gurardiananytime.com%2F&adbw=master-1%3A530 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://ww38.gurardiananytime.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK content-type: text/html; charset=UTF-8 content-disposition: inline date: Tue, 07 Feb 2023 19:46:46 GMT expires: Tue, 07 Feb 2023 19:46:46 GMT cache-control: private, max-age=3600 cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." content-encoding: br server: gws content-length: 2245 x-xss-protection: 0 set-cookie: NID=511=vobdiyp-7sDNQ4izy9S0iGjZquxAc4GqP_2TVcxaGsvhjdvrfAE5-beyvkc97SyZyJeOB0umled1NUboUjLaQ0WFcCP0y07mHtKuDr96AgGrVURiAcoO7GrbD8RYAf_HdiKkHQz8aYYO7lv4H9FRHWsLRlveGosoufd_5lcd7EE; expires=Wed, 09-Aug-2023 19:46:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=PENDING+955; expires=Thu, 06-Feb-2025 19:46:46 GMT; path=/; domain=.google.com; Secure alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 5d1925325e512c8be92578a182ae6f82 154f013b79c99a816c0ad8034ee6501abdc7b4bb 8651879751a40a558cf5245fb94971490ffa3575955f4c867d6b4e240651dea2 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 07 Feb 2023 19:46:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ww38.gurardiananytime.com/favicon.ico	13.248.148.254	200 OK	0 B
URL HTTP/1.1 ww38.gurardiananytime.com/favicon.ico IP 13.248.148.254:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: ww38.gurardiananytime.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww38.gurardiananytime.com/` `HTTP/1.1 200 OK Date: Tue, 07 Feb 2023 19:46:46 GMT Content-Type: image/x-icon Content-Length: 0 Connection: keep-alive Server: nginx Last-Modified: Tue, 12 May 2020 14:25:52 GMT ETag: "5ebab1f0-0" Accept-Ranges: bytes`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 9b88bae61bca33aba8aa99f6128db8d9 a07b61fb2458917699613fcae68710941b595416 54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA" Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3177 Expires: Tue, 07 Feb 2023 20:39:43 GMT Date: Tue, 07 Feb 2023 19:46:46 GMT Connection: keep-alive`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ed3f32fef9b843f5511bb882c0a38358 a1a60921f7cb6ab14b645c77bb7d77c20b8201ef 9a4b9e269aa66258c1d9b10fb1af899a3e669de3e244dcfd843a0bce87646f8e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 07 Feb 2023 19:46:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 4fe8a46e4fe7c971a068b163b275e25a 5ca9fb282e652f18298c755e61c5e38665ddc7b1 c4639e8bacf773e2ad7c0256587dcabb3db19ceda949ffd365358091e1eef0f3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 07 Feb 2023 19:46:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 4fe8a46e4fe7c971a068b163b275e25a 5ca9fb282e652f18298c755e61c5e38665ddc7b1 c4639e8bacf773e2ad7c0256587dcabb3db19ceda949ffd365358091e1eef0f3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 07 Feb 2023 19:46:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ww38.gurardiananytime.com/ls.php	13.248.148.254	201 Created	0 B
URL HTTP/1.1 ww38.gurardiananytime.com/ls.php IP 13.248.148.254:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /ls.php HTTP/1.1 Host: ww38.gurardiananytime.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Content-Length: 2594 Origin: http://ww38.gurardiananytime.com Connection: keep-alive Referer: http://ww38.gurardiananytime.com/ Cookie: GoogleAdServingTest=Good` HTTP/1.1 201 Created Date: Tue, 07 Feb 2023 19:46:46 GMT Content-Type: text/javascript;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 X-Log-Success: 63e2aaa69493ee3c522324f7 Charset: utf-8 Access-Control-Allow-Origin: http://ww38.gurardiananytime.com Access-Control-Allow-Methods: POST, OPTIONS Access-Control-Max-Age: 86400 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Q4XXrx5yOm0MlWFZMgGgjRKUOwBt+F2pJZG5mP7VkYGs5aQJ9+yGgWlHdMDk7Sv6XmOyWxkHHEkcRnQSgsS8xA==

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff	142.250.74.97	200 OK	270 B
URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff IP 142.250.74.97:0 ASN #15169 GOOGLE File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390) Size 270 B (270 bytes) Hash 5100391430a00e10ce60aa159f525b5c 231a4492d73b225f441b1e9028dc33c89862e498 52b1432a6e3002e41ed1d8f4c84b258fdc4c6dac863e3c0e5c06360c81be6067 HTTP Headers `GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 270 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Tue, 07 Feb 2023 14:27:14 GMT expires: Wed, 08 Feb 2023 13:27:14 GMT cache-control: public, max-age=82800 age: 19172 last-modified: Thu, 19 Dec 2019 14:15:00 GMT content-type: image/svg+xml alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff	142.250.74.97	200 OK	174 B
URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff IP 142.250.74.97:0 ASN #15169 GOOGLE File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size 174 B (174 bytes) Hash 4de8b85c8915995b571bde50e231be7c 29c226ca7b9cbe1d44e5480ce95bbb42727b2d99 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a HTTP Headers `GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Tue, 07 Feb 2023 02:28:31 GMT expires: Wed, 08 Feb 2023 01:28:31 GMT cache-control: public, max-age=82800 age: 62295 last-modified: Thu, 22 Oct 2020 21:45:00 GMT content-type: image/svg+xml alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 4fe8a46e4fe7c971a068b163b275e25a 5ca9fb282e652f18298c755e61c5e38665ddc7b1 c4639e8bacf773e2ad7c0256587dcabb3db19ceda949ffd365358091e1eef0f3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 07 Feb 2023 19:46:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ww38.gurardiananytime.com/track.php?domain=gurardiananytime.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3NTc5OTIwNS44MjM5OjM1ZWRlZDk3OTY2NTVhYzFlMmRhY2EzMmRhY2NkNTY2MGQ1OTA2OTE0ZjczZjNmMDlhYmNiNWFmOWQ4ZmU5ZTI6NjNlMmFhYTVjOTI2Yg%3D%3D	13.248.148.254	200 OK	20 B
URL HTTP/1.1 ww38.gurardiananytime.com/track.php?domain=gurardiananytime.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3NTc5OTIwNS44MjM5OjM1ZWRlZDk3OTY2NTVhYzFlMmRhY2EzMmRhY2NkNTY2MGQ1OTA2OTE0ZjczZjNmMDlhYmNiNWFmOWQ4ZmU5ZTI6NjNlMmFhYTVjOTI2Yg%3D%3D IP 13.248.148.254:0 ASN #16509 AMAZON-02 File type data Size 20 B (20 bytes) Hash a4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf HTTP Headers GET /track.php?domain=gurardiananytime.com&caf=1&toggle=answercheck&answer=yes&uid=MTY3NTc5OTIwNS44MjM5OjM1ZWRlZDk3OTY2NTVhYzFlMmRhY2EzMmRhY2NkNTY2MGQ1OTA2OTE0ZjczZjNmMDlhYmNiNWFmOWQ4ZmU5ZTI6NjNlMmFhYTVjOTI2Yg%3D%3D HTTP/1.1 Host: ww38.gurardiananytime.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww38.gurardiananytime.com/ Cookie: __gsas=ID=184e2fde4dedefed:T=1675799206:S=ALNI_MaX4dzkGmqqdzNP9Tm6PISpYOdTQw `HTTP/1.1 200 OK Date: Tue, 07 Feb 2023 19:46:46 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Custom-Track: answercheck Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip`

	push.services.mozilla.com/	44.241.148.153	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 44.241.148.153:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: m5kendnNtjwrD3SN7HYePQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: cpeJ1MkfvQi1z/wGJQWbONOvjWM=`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 68273225f74fbf7493f395610d7a73fc 5a8779ef5656aeeba23b365aad60b7901c5dd7fc c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4480 Expires: Tue, 07 Feb 2023 21:01:28 GMT Date: Tue, 07 Feb 2023 19:46:48 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 68273225f74fbf7493f395610d7a73fc 5a8779ef5656aeeba23b365aad60b7901c5dd7fc c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4480 Expires: Tue, 07 Feb 2023 21:01:28 GMT Date: Tue, 07 Feb 2023 19:46:48 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg	34.120.237.76	200 OK	4.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.2 kB (4227 bytes) Hash eedb4de12585c70ddb5b8f94fe6a59e2 83c9437e71a0a03b3e8ff652155a85eafa76cdda d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4227 x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f77sTH4jIAMFnsQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0 x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: ovhdLaEGaDSC8X0F9VamLw0KyBPWkxfYg5pssOT8NOZP4IBtNk6Gfw== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google date: Mon, 06 Feb 2023 21:55:19 GMT etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda" content-type: image/jpeg age: 78689 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg	34.120.237.76	200 OK	4.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.4 kB (4442 bytes) Hash 7d8c3ebd17a435401c7f9fe3b8f842be f2106be148fea23bf961fcdb69ea4cb127aa5f3e ee708e68414539c75ddc077e0be7b75a86fd4fc9b6c1ddd1da86d0b9aca35558 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4442 x-amzn-requestid: 1bb3d1b3-ff58-4b0d-9a2b-c25797530c5d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f4oiQG1JoAMFRtg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e02141-1bb478453ececa9613e7e4a2;Sampled=0 x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: a6qwcT9sfonMVlyq2ZX6CSXWeW2upfeAWqqNEgVI2sqq7280sCfolw== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google date: Mon, 06 Feb 2023 21:50:14 GMT age: 78994 etag: "f2106be148fea23bf961fcdb69ea4cb127aa5f3e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg	34.120.237.76	200 OK	7.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.2 kB (7183 bytes) Hash 92008e687831334af1cdbf4b8a57579f e6ff750f12836637adf5b253d64c2102fdf3c180 39af3e630e0271b54139849c1b596efbdc69a23ce943e5330341d49f77798c7c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7183 x-amzn-requestid: 02695a8d-2ab8-4d77-bfbe-f99418d8ef00 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f78YOGsyoAMF5wA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e17434-2614cef4059e7fd5009cb46d;Sampled=0 x-amzn-remapped-date: Mon, 06 Feb 2023 21:42:12 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: qbUWAiTEzfmIOkYgKdBEYxEnRky5wA7ajMWumei7fXeIqLN9B-riBw== via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Mon, 06 Feb 2023 21:55:27 GMT age: 78681 etag: "e6ff750f12836637adf5b253d64c2102fdf3c180" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c86a61b-07c3-45f6-b564-e556eb788d04.jpeg	34.120.237.76	200 OK	13 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c86a61b-07c3-45f6-b564-e556eb788d04.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 13 kB (12682 bytes) Hash 59419fb1cf4689bed183d0e9a6aed782 47d4a4bb26fafff0c6aebfe3dc7ddfa4970f8e9a e6009407bd61bee1ae16ec30ea5914be77c56ee65dfb30595b10a1cedc6798c9 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c86a61b-07c3-45f6-b564-e556eb788d04.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 12682 x-amzn-requestid: d858d90a-b1ca-401c-8e00-8ccd9c0a7504 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f78mUEsfIAMFreg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e1748e-2783de3e3de9c520246bf06e;Sampled=0 x-amzn-remapped-date: Mon, 06 Feb 2023 21:43:42 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: _D5bI_flPN8fUn6aTGqO76FRSDwwC379nkVCBptmZkALErIVFCZfpA== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google date: Mon, 06 Feb 2023 21:55:19 GMT age: 78689 etag: "47d4a4bb26fafff0c6aebfe3dc7ddfa4970f8e9a" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg	34.120.237.76	200 OK	13 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 13 kB (13390 bytes) Hash 75b0935816ca54d5d20a9fffa5531e0d bd8374980c16b7d5a28e55b8bef2215713b1ebb2 4ab6f49d22d029681754b617001f93467d63035acdaf12905c2314cab77991af HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 13390 x-amzn-requestid: e7653b49-3160-42e3-8292-8ae32604f775 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fpc8KEoPoAMFrUg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63da0eb4-68fd76a95ffa656318bedff6;Sampled=0 x-amzn-remapped-date: Wed, 01 Feb 2023 07:03:16 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: KaitXsesZ9mJducJ54ChzQGfb-2-hEN4W_QojGMKXYEji4xsjNdWCA== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google date: Tue, 07 Feb 2023 09:07:41 GMT age: 38347 etag: "bd8374980c16b7d5a28e55b8bef2215713b1ebb2" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png	34.120.237.76	200 OK	13 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 13 kB (13230 bytes) Hash a24cf7b2db6d65c3fe5daf78b3309ced a3653a9a7baea412808dd91572ff21e1a505c26f f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 13230 x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f4oiTH8GoAMFYLA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0 x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: MmO3oxbCoPs-WdN8SL9AuudkfErRRcTp6mkr2LRIfS6YPVe6UGBDFQ== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google date: Tue, 07 Feb 2023 03:01:24 GMT age: 60324 etag: "a3653a9a7baea412808dd91572ff21e1a505c26f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	www.google.com/adsense/domains/caf.js	216.58.207.228	200 OK	0 B
URL HTTP/2 www.google.com/adsense/domains/caf.js IP 216.58.207.228:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /adsense/domains/caf.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/javascript; charset=UTF-8 content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Tue, 07 Feb 2023 19:46:46 GMT expires: Tue, 07 Feb 2023 19:46:46 GMT cache-control: private, max-age=3600 etag: "11944001053284498645" x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL